linux/security
Paul Moore 03e1ad7b5d LSM: Make the Labeled IPsec hooks more stack friendly
The xfrm_get_policy() and xfrm_add_pol_expire() put some rather large structs
on the stack to work around the LSM API.  This patch attempts to fix that
problem by changing the LSM API to require only the relevant "security"
pointers instead of the entire SPD entry; we do this for all of the
security_xfrm_policy*() functions to keep things consistent.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12 19:07:52 -07:00
..
keys Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p) 2008-02-07 08:42:26 -08:00
selinux LSM: Make the Labeled IPsec hooks more stack friendly 2008-04-12 19:07:52 -07:00
smack NetLabel: Allow passing the LSM domain as a shared pointer 2008-04-12 19:06:42 -07:00
capability.c file capabilities: remove cap_task_kill() 2008-03-20 09:46:36 -07:00
commoncap.c file capabilities: remove cap_task_kill() 2008-03-20 09:46:36 -07:00
dummy.c LSM: Make the Labeled IPsec hooks more stack friendly 2008-04-12 19:07:52 -07:00
inode.c Kobject: convert remaining kobject_unregister() to kobject_put() 2008-01-24 20:40:40 -08:00
Kconfig security: allow Kconfig to set default mmap_min_addr protection 2008-02-06 21:39:46 +08:00
Makefile Smack: Simplified Mandatory Access Control Kernel 2008-02-05 09:44:20 -08:00
root_plug.c security: Convert LSM into a static interface 2007-10-17 08:43:07 -07:00
security.c LSM: Make the Labeled IPsec hooks more stack friendly 2008-04-12 19:07:52 -07:00