mirror of
https://github.com/edk2-porting/linux-next.git
synced 2024-12-30 08:04:13 +08:00
65881e1db4
These ioctls are equivalent to fcntl(fd, F_SETFD, flags), which SELinux always allows too. Furthermore, a failed FIOCLEX could result in a file descriptor being leaked to a process that should not have access to it. As this patch removes access controls, a policy capability needs to be enabled in policy to always allow these ioctls. Based-on-patch-by: Demi Marie Obenour <demiobenour@gmail.com> Signed-off-by: Richard Haines <richard_c_haines@btinternet.com> [PM: subject line tweak] Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
---|---|---|
.. | ||
include | ||
ss | ||
.gitignore | ||
avc.c | ||
hooks.c | ||
ibpkey.c | ||
ima.c | ||
Kconfig | ||
Makefile | ||
netif.c | ||
netlabel.c | ||
netlink.c | ||
netnode.c | ||
netport.c | ||
nlmsgtab.c | ||
selinuxfs.c | ||
status.c | ||
xfrm.c |