Age | Commit message (Collapse) | Author |
|
With dynamic function tracer, by default, _mcount is defined as an
"empty" function, it returns directly without any more action. When
enabling it in user-space, it will jump to a real tracing
function(ftrace_caller), and do the real job for us.
Differ from the static function tracer, dynamic function tracer provides
two functions ftrace_make_call()/ftrace_make_nop() to enable/disable the
tracing of some indicated kernel functions(set_ftrace_filter).
In the kernel version, there is only one "_mcount" string for every
kernel function, so, we just need to match this one in mcount_regex of
scripts/recordmcount.pl.
For more information please look at code and Documentation/trace folder.
Steven ACK that scripts/recordmcount.pl part.
Acked-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Michal Simek <monstr@monstr.eu>
|
|
This patch fixes a bug when incrementing/decrementing on a BCD formatted
integer (i.e. 0x09++ should be 0x10 not 0x0A). It just adds a function
for incrementing/decrementing BCD integers by converting to decimal,
doing the increment/decrement and then converting back to BCD.
Signed-off-by: Nathaniel McCallum <nathaniel@natemccallum.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
|
The current code to generate usb modaliases from usb_device_id assumes
that the device's bcdDevice descriptor will actually be in BCD format.
While this should be a sane assumption, some devices don't follow spec
and just use plain old hex. This causes drivers for these devices to
generate invalid modalias lines which will never actually match for the
hardware.
The following patch adds hex support for bcdDevice in file2alias.c by
detecting when a driver uses a hex formatted bcdDevice_(lo|hi) and
adjusts the output to hex format accordingly.
Drivers for devices which have bcdDevice conforming to BCD will have no
change in modalias output. Drivers for devices which don't conform
(i.e. ibmcam) should now generate valid modaliases.
EXAMPLE OUTPUT (ibmcam; space added to highlight change)
Old: usb:v0545p800D d030[10-9] dc*dsc*dp*ic*isc*ip*
New: usb:v0545p800D d030a dc*dsc*dp*ic*isc*ip*
Signed-off-by: Nathaniel McCallum <nathaniel@natemccallum.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
|
Conflicts:
kernel/irq/chip.c
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
* 'perf-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: (470 commits)
x86: Fix comments of register/stack access functions
perf tools: Replace %m with %a in sscanf
hw-breakpoints: Keep track of user disabled breakpoints
tracing/syscalls: Make syscall events print callbacks static
tracing: Add DEFINE_EVENT(), DEFINE_SINGLE_EVENT() support to docbook
perf: Don't free perf_mmap_data until work has been done
perf_event: Fix compile error
perf tools: Fix _GNU_SOURCE macro related strndup() build error
trace_syscalls: Remove unused syscall_name_to_nr()
trace_syscalls: Simplify syscall profile
trace_syscalls: Remove duplicate init_enter_##sname()
trace_syscalls: Add syscall_nr field to struct syscall_metadata
trace_syscalls: Remove enter_id exit_id
trace_syscalls: Set event_enter_##sname->data to its metadata
trace_syscalls: Remove unused event_syscall_enter and event_syscall_exit
perf_event: Initialize data.period in perf_swevent_hrtimer()
perf probe: Simplify event naming
perf probe: Add --list option for listing current probe events
perf probe: Add argv_split() from lib/argv_split.c
perf probe: Move probe event utility functions to probe-event.c
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
* 'tracing-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: (40 commits)
tracing: Separate raw syscall from syscall tracer
ring-buffer-benchmark: Add parameters to set produce/consumer priorities
tracing, function tracer: Clean up strstrip() usage
ring-buffer benchmark: Run producer/consumer threads at nice +19
tracing: Remove the stale include/trace/power.h
tracing: Only print objcopy version warning once from recordmcount
tracing: Prevent build warning: 'ftrace_graph_buf' defined but not used
ring-buffer: Move access to commit_page up into function used
tracing: do not disable interrupts for trace_clock_local
ring-buffer: Add multiple iterations between benchmark timestamps
kprobes: Sanitize struct kretprobe_instance allocations
tracing: Fix to use __always_unused attribute
compiler: Introduce __always_unused
tracing: Exit with error if a weak function is used in recordmcount.pl
tracing: Move conditional into update_funcs() in recordmcount.pl
tracing: Add regex for weak functions in recordmcount.pl
tracing: Move mcount section search to front of loop in recordmcount.pl
tracing: Fix objcopy revision check in recordmcount.pl
tracing: Check absolute path of input file in recordmcount.pl
tracing: Correct the check for number of arguments in recordmcount.pl
...
|
|
That is "success", "unknown", "through", "performance", "[re|un]mapping"
, "access", "default", "reasonable", "[con]currently", "temperature"
, "channel", "[un]used", "application", "example","hierarchy", "therefore"
, "[over|under]flow", "contiguous", "threshold", "enough" and others.
Signed-off-by: André Goddard Rosa <andre.goddard@gmail.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
|
|
|
|
The introduction of the new 'DECLARE_EVENT_CLASS()' obviates the
need for the 'TRACE_EVENT()' macro in some cases. Thus, docbook
style comments that used to live with 'TRACE_EVENT()' are now
moved to 'DEFINE_EVENT()'. Thus, we need to make the docbook
system understand the new 'DEFINE_EVENT()' macro. In addition
I've tried to futureproof the patch, by also adding support for
'DEFINE_SINGLE_EVENT()', since there has been discussion about
renaming: TRACE_EVENT() -> DEFINE_SINGLE_EVENT().
Without this patch the tracepoint docbook fails to build.
I've verified that this patch correctly builds the tracepoint
docbook which currently covers signals, and irqs.
Changes in v2:
- properly indent perl 'if' statements
Signed-off-by: Jason Baron <jbaron@redhat.com>
Acked-by: Steven Rostedt <rostedt@goodmis.org>
Acked-by: Randy Dunlap <randy.dunlap@oracle.com>
Cc: William Cohen <wcohen@redhat.com>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca>
Cc: Masami Hiramatsu <mhiramat@redhat.com>
LKML-Reference: <200912011718.nB1HIn7t011371@int-mx04.intmail.prod.int.phx2.redhat.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
|
|
If a permission name is long enough the selinux class definition generation
tool will go into a infinite loop. This is because it's macro max() is
fooled into thinking it is dealing with unsigned numbers. This patch makes
sure the macro always uses signed number so 1 > -1.
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
|
|
When the output directory is something other than the kernel source,
the streamline_config script gets confused. This patch passes in the
source directory to the script so that it can find the proper files.
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
|
|
scripts/selinux/genheaders/genheaders.c:20: warning: no previous prototype
for ?usage?
scripts/selinux/genheaders/genheaders.c:26: warning: no previous prototype
for ?stoupperx?
Signed-off-by: Alan Cox <alan@linux.intel.com>
Acked-by: WANG Cong <xiyou.wangcong@gmail.com>
Signed-off-by: James Morris <jmorris@namei.org>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/josh/linux-misc
* 'hostprogs-wmissing-prototypes' of git://git.kernel.org/pub/scm/linux/kernel/git/josh/linux-misc:
Makefile: Add -Wmising-prototypes to HOSTCFLAGS
oss: Mark loadhex static in hex2hex.c
dtc: Mark various internal functions static
dtc: Set "noinput" in the lexer to avoid an unused function
drm: radeon: Mark several functions static in mkregtable
arch/sparc/boot/*.c: Mark various internal functions static
arch/powerpc/boot/addRamDisk.c: Mark several internal functions static
arch/alpha/boot/tools/objstrip.c: Mark "usage" static
Documentation/vm/page-types.c: Declare checked_open static
genksyms: Mark is_reserved_word static
kconfig: Mark various internal functions static
kconfig: Make zconf.y work with current bison
|
|
If the user has an older version of objcopy, that can not handle
converting local symbols to global and vice versa, then some
functions will not be part of the dynamic function tracer. The current
code in recordmcount.pl will print a warning in this case. Unfortunately,
there exists lots of files that may have this issue with older objcopys
and this will cause a warning for every file compiled with this
issue.
This patch solves this overwhelming output by creating a
.tmp_quiet_recordmcount file on the first instance the warning is
encountered. The warning will not print if this file exists.
The temp file is deleted at the beginning of the compile to ensure that
the warning will happen once again on new compiles (because the issue
is still present).
Reported-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
|
|
Signed-off-by: Josh Triplett <josh@joshtriplett.org>
|
|
Regenerate the corresponding generated lexer.
Regenerating the lexer with current flex also provides prototypes for
various yy* functions, making some -Wmissing-prototypes warnings go away
as well.
Signed-off-by: Josh Triplett <josh@joshtriplett.org>
|
|
The genksyms keyword gperf hash provides a function is_reserved_word.
genksyms #includes the resulting generated file keywords.c, so the
function gets used only in the same source file that defines it. Mark
is_reserved_word static, and regenerate the corresponding generated
file.
Signed-off-by: Josh Triplett <josh@joshtriplett.org>
|
|
kconfig's keyword hash, lexer, and parser define various functions used
only locally. Declare these functions as static, and regenerate the
corresponding generated files.
Signed-off-by: Josh Triplett <josh@joshtriplett.org>
|
|
Merge reason: pick up perf fixlets
Signed-off-by: Ingo Molnar <mingo@elte.hu>
|
|
With the `s' it just won't work.
Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Acked-by: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Conflicts:
tools/perf/Makefile
Merge reason: Resolve the conflict, merge to upstream and merge in
perf fixes so we can add a dependent patch.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
|
|
If a weak function is used as a relocation reference for mcount callers
and that function is overridden, it will cause ftrace to fail at run time.
The current code should prevent a weak function from being used, but if
one is, the code should exit with an error to fail at compile time.
Signed-off-by: Li Hong <lihong.hi@gmail.com>
LKML-Reference: <20091028050743.GH30758@uhli>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
|
|
Move all the condition validations into the function update_funcs().
Also update_funcs should not die if $ref_func is undefined for there may be
more than one valid section in an object file.
Signed-off-by: Li Hong <lihong.hi@gmail.com>
LKML-Reference: <20091028050703.GG30758@uhli>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
|
|
Add a variable to contain the regex needed to find weak functions
in the 'nm' output. This will allow other archs to easily override it.
Also rename the regex variable $nm_regex to $local_regex to be more
descriptive.
Signed-off-by: Li Hong <lihong.hi@gmail.com>
LKML-Reference: <20091028050619.GF30758@uhli>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
|
|
Move the mcount section check to the beginning of the objdump read loop.
This makes the code easier to follow since the search for the mcount
section is performed first before the mcount callers are processed.
Signed-off-by: Li Hong <lihong.hi@gmail.com>
LKML-Reference: <20091028050523.GE30758@uhli>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
|
|
The current logic to check objcopy's version is incorrect. This patch
fixes the algorithm and disables the use of local functions as a reference
if the objcopy version does not support static to global conversions.
Also remove some usused variables.
Signed-off-by: Li Hong <lihong.hi@gmail.com>
LKML-Reference: <20091028050421.GD30758@uhli>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
|
|
The ftrace.c file may reference the mcount function and this may interfere
with the recordmcount.pl processing. To avoid this, the code does not
process the kernel/trace/ftrace.o. But currently the check is against
a relative path. This patch modifies the check to succeed if the path
is an absolute path.
Signed-off-by: Li Hong <lihong.hi@gmail.com>
LKML-Reference: <20091028050332.GC30758@uhli>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
|
|
The number of arguments passed into recordmcount.pl is 10, but the code
checks if only 7 are passed in.
Signed-off-by: Li Hong <lihong.hi@gmail.com>
LKML-Reference: <20091027065733.GB22032@uhli>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
|
|
The documentation currently says we will use the first function in a section
as a reference. The actual algorithm is: choose the first global function we
meet as a reference. If there is none, choose the first local one.
Change the documentation to be consistent with the code.
Also add several other clarifications.
Signed-off-by: Li Hong <lihong.hi@gmail.com>
LKML-Reference: <20091028050138.GA30758@uhli>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
|
|
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Ingo reported that the following lines triggered a false warning,
static struct lock_class_key rcu_lock_key;
struct lockdep_map rcu_lock_map =
STATIC_LOCKDEP_MAP_INIT("rcu_read_lock", &rcu_lock_key);
EXPORT_SYMBOL_GPL(rcu_lock_map);
from kernel/rcutree.c , and the false warning looked like this,
WARNING: EXPORT_SYMBOL(foo); should immediately follow its
function/variable
+EXPORT_SYMBOL_GPL(rcu_lock_map);
We actually should be checking the statement before the EXPORT_* for a
mention of the exported object, and complain where it is not there.
[akpm@linux-foundation.org: coding-style fixes]
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Reported-by: Daniel Walker <dwalker@fifo99.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
In the following code,
union thread_union init_thread_union
__attribute__((__section__(".data.init_task"))) =
{ INIT_THREAD_INFO(init_task) };
There is a non-conforming declaration. It should really be like the
following,
union thread_union init_thread_union
__attribute__((__section__(".data.init_task"))) = {
INIT_THREAD_INFO(init_task)
};
However, checkpatch doesn't catch this right now because it doesn't
correctly evaluate the "__attribute__".
It is not at all clear that we care what preceeds an assignment style
attribute when we find the open brace. Relax the test so we do not need
to check the __attribute__.
Reported-by: Daniel Walker <dwalker@fifo99.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
The macro concatenation (##) sequence can cause false errors when checking
macro's. Checkpatch doesn't currently know about the operator.
For example this line,
+ entry = (struct ftrace_raw_##call *)raw_data; \
is correct but it produces the following error,
ERROR: need consistent spacing around '*' (ctx:WxB)
+ entry = (struct ftrace_raw_##call *)raw_data;\
^
The line above doesn't have any spacing problems, and if you remove the
macro concatenation sequence checkpatch doesn't give any errors.
Extend identifier handling to include ## concatenation within the
definition of an identifier.
Reported-by: Daniel Walker <dwalker@fifo99.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
We are allowing context scanning checks to apply against the first line of
context outside at the end of the hunk. This can lead to false matches to
patch names leading to various perl warnings. Correctly stop at the
bottom of the hunk.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Prevent known non types being detected as modifiers. Ensure we do not
look at any type which starts with a keyword.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Based on an idea from Wolfram Sang.
Add search for MAINTAINERS line "K:" regex pattern match in a patch or file
Matches are added after file pattern matches
Add --keywords command line switch (default 1, on)
Change version to 0.21
Signed-off-by: Joe Perches <joe@perches.com>
Cc: Wolfram Sang <w.sang@pengutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Merge reason: Pick up fixes and move base from -rc1 to -rc5.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
|
|
The SELinux dynamic class work in c6d3aaa4e35c71a32a86ececacd4eea7ecfc316c
creates a number of dynamic header files and scripts. Add .gitignore files
so git doesn't complain about these.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen D. Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
|
|
zconf.y includes zconf.hash.c from the initial code section.
zconf.hash.c references the token constants from zconf.y. However,
current bison defines the token constants after the initial code
section, making zconf.hash.c fail to compile. Move the include of
zconf.hash.c later in zconf.y, so bison puts it after the token
constants.
Signed-off-by: Josh Triplett <josh@joshtriplett.org>
|
|
Merge reason: to add event filter support we need the following
commits from the tracing tree:
3f6fe06: tracing/filters: Unify the regex parsing helpers
1889d20: tracing/filters: Provide basic regex support
737f453: tracing/filters: Cleanup useless headers
Signed-off-by: Ingo Molnar <mingo@elte.hu>
|
|
Based on the commit:
a586df06 "x86: Support __attribute__((__cold__)) in gcc 4.3"
some of the functions goes to the ".text.unlikely" section.
Looks like there's not many of them (I found printk, panic,
__ssb_dma_not_implemented, fat_fs_error), but still worth to
include I think.
Signed-off-by: Jiri Olsa <jolsa@redhat.com>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
LKML-Reference: <20091013203426.175845614@goodmis.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
|
|
User applications frequently hit problems when they try to use
the kernel headers directly, rather than the exported headers.
This adds an explicit warning for this case, and points to
a URL holding an explanation of why this is wrong and what
to do about it.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
|
|
UTS_TRUNCATTE is simpler this way, and now editors idetify this as a
shell script.
Signed-off-by: Felipe Contreras <felipe.contreras@gmail.com>
Acked-by: WANG Cong <xiyou.wangcong@gmail.com>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
|
|
Otherwise we get:
"dnsdomainname: Unknown host"
Signed-off-by: Felipe Contreras <felipe.contreras@gmail.com>
Acked-by: WANG Cong <xiyou.wangcong@gmail.com>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
|
|
The Makefile.lib will call "echo -ne" to append uncompressed kernel size to
bzip2/lzma kernel image.
The "echo" here depends on the shell that /bin/sh pointing to.
On Ubuntu system, the /bin/sh is pointing to dash, which does not support
"echo -e" at all. Use /bin/echo instead of shell echo should always be safe.
Signed-off-by: Alek Du <alek.du@intel.com>
Acked-by: WANG Cong <xiyou.wangcong@gmail.com>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
|
|
Alek reported that on Ubuntu, where dash is used, 'echo -e'
can't work, so let's use non-builtin echo in this case.
Reported-by: Alek Du <alek.du@intel.com>
Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
|
|
The binrpm-pkg target (binary RPM only) fails when called with
KBUILD_OUTPUT set. This patch makes it work.
For the rpm-pkg target (source + binary RPM), building with
KBUILD_OUTPUT set is not possible and also not needed as the
actual build is done in a temporary directory anyway, so check
that KBUILD_OUTPUT is not set in that case to avoid later errors.
Signed-off-by: Frans Pop <elendil@planet.nl>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
|
|
Add a simple utility (scripts/selinux/genheaders) and invoke it to
generate the kernel-private class and permission indices in flask.h
and av_permissions.h automatically during the kernel build from the
security class mapping definitions in classmap.h. Adding new kernel
classes and permissions can then be done just by adding them to classmap.h.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
|
|
Modify SELinux to dynamically discover class and permission values
upon policy load, based on the dynamic object class/perm discovery
logic from libselinux. A mapping is created between kernel-private
class and permission indices used outside the security server and the
policy values used within the security server.
The mappings are only applied upon kernel-internal computations;
similar mappings for the private indices of userspace object managers
is handled on a per-object manager basis by the userspace AVC. The
interfaces for compute_av and transition_sid are split for kernel
vs. userspace; the userspace functions are distinguished by a _user
suffix.
The kernel-private class indices are no longer tied to the policy
values and thus do not need to skip indices for userspace classes;
thus the kernel class index values are compressed. The flask.h
definitions were regenerated by deleting the userspace classes from
refpolicy's definitions and then regenerating the headers. Going
forward, we can just maintain the flask.h, av_permissions.h, and
classmap.h definitions separately from policy as they are no longer
tied to the policy values. The next patch introduces a utility to
automate generation of flask.h and av_permissions.h from the
classmap.h definitions.
The older kernel class and permission string tables are removed and
replaced by a single security class mapping table that is walked at
policy load to generate the mapping. The old kernel class validation
logic is completely replaced by the mapping logic.
The handle unknown logic is reworked. reject_unknown=1 is handled
when the mappings are computed at policy load time, similar to the old
handling by the class validation logic. allow_unknown=1 is handled
when computing and mapping decisions - if the permission was not able
to be mapped (i.e. undefined, mapped to zero), then it is
automatically added to the allowed vector. If the class was not able
to be mapped (i.e. undefined, mapped to zero), then all permissions
are allowed for it if allow_unknown=1.
avc_audit leverages the new security class mapping table to lookup the
class and permission names from the kernel-private indices.
The mdp program is updated to use the new table when generating the
class definitions and allow rules for a minimal boot policy for the
kernel. It should be noted that this policy will not include any
userspace classes, nor will its policy index values for the kernel
classes correspond with the ones in refpolicy (they will instead match
the kernel-private indices).
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
|