[PATCH] SELinux: enhanced MLS support
This patch replaces the original experimental Multi-Level Security (MLS) implementation in SELinux with an enhanced MLS implementation contributed by Trusted Computer Solutions (TCS). The enhanced MLS implementation replaces the hardcoded MLS logic with a flexible constraint-based system and replaces the compile-time option for MLS support with a policy load-time enable based on whether MLS support was enabled in the policy when it was built. The latter change allows a single kernel and policy toolchain to support both MLS and non-MLS policies. Compatibility is still provided as usual for existing policies. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Showing
This diff is collapsed.
This diff is collapsed.
Please register or sign in to comment