From: paul.moore@hp.com
To: netdev@vger.kernel.org, selinux@tycho.nsa.gov
Subject: [PATCH 0/3] NetLabel: add the remaining CIPSO tag types from the IETF draft
Date: Wed, 29 Nov 2006 13:18:17 -0500 [thread overview]
Message-ID: <20061129181817.505281000@hp.com> (raw)
This patchset consists of three patches that add support for the remaining two
tag types from the CIPSO draft specification, the enumerated and range tags.
The most significant part about adding these two tags is that NetLabel now has
the ability to represent more than 240 categories (limitation imposed by the
current restricted bitmap tag).
In addition, the first patch in the set converts NetLabel's contiguous char
string category bitmap stored in network friendly bit/byte order into a sparse
bitmap stored in host friendly bit/byte order. While this change was not
required to support the new CIPSO tags, it should make life much easier as the
old category bitmap would have proven problematic as the number of usable
categories increases with the new tag types. It also has a side effect of
making the LSM specific code much less ugly.
During testing I have not seen any regressions with this patchset; please
consider this for net-2.6.20. Thanks.
--
paul moore
linux security @ hp
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
WARNING: multiple messages have this Message-ID (diff)
From: paul.moore@hp.com
To: netdev@vger.kernel.org, selinux@tycho.nsa.gov
Subject: [PATCH 0/3] NetLabel: add the remaining CIPSO tag types from the IETF draft
Date: Wed, 29 Nov 2006 13:18:17 -0500 [thread overview]
Message-ID: <20061129181817.505281000@hp.com> (raw)
This patchset consists of three patches that add support for the remaining two
tag types from the CIPSO draft specification, the enumerated and range tags.
The most significant part about adding these two tags is that NetLabel now has
the ability to represent more than 240 categories (limitation imposed by the
current restricted bitmap tag).
In addition, the first patch in the set converts NetLabel's contiguous char
string category bitmap stored in network friendly bit/byte order into a sparse
bitmap stored in host friendly bit/byte order. While this change was not
required to support the new CIPSO tags, it should make life much easier as the
old category bitmap would have proven problematic as the number of usable
categories increases with the new tag types. It also has a side effect of
making the LSM specific code much less ugly.
During testing I have not seen any regressions with this patchset; please
consider this for net-2.6.20. Thanks.
--
paul moore
linux security @ hp
next reply other threads:[~2006-11-29 18:28 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-11-29 18:18 paul.moore [this message]
2006-11-29 18:18 ` [PATCH 0/3] NetLabel: add the remaining CIPSO tag types from the IETF draft paul.moore
2006-11-29 18:18 ` [PATCH 1/3] NetLabel: convert to an extensibile/sparse category bitmap paul.moore
2006-11-29 18:18 ` paul.moore
2006-11-29 18:18 ` [PATCH 2/3] NetLabel: add the enumerated tag to the CIPSOv4 protocol paul.moore
2006-11-29 18:18 ` paul.moore
2006-11-29 18:18 ` [PATCH 3/3] NetLabel: add the ranged " paul.moore
2006-11-29 18:18 ` paul.moore
2006-11-29 21:01 ` James Morris
2006-11-29 21:01 ` James Morris
2006-11-29 18:55 ` [PATCH 0/3] NetLabel: add the remaining CIPSO tag types from the IETF draft Casey Schaufler
2006-11-29 18:55 ` Casey Schaufler
2006-11-29 22:06 ` James Morris
2006-11-29 22:06 ` James Morris
2006-11-29 22:11 ` Paul Moore
2006-11-29 22:11 ` Paul Moore
2006-11-29 23:42 ` James Morris
2006-11-29 23:42 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20061129181817.505281000@hp.com \
--to=paul.moore@hp.com \
--cc=netdev@vger.kernel.org \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.