selinux January 2010 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Allowing MLS->non-MLS and vice versa upon policy rel

Allowing MLS->non-MLS and vice versa upon policy reload (Was: Re: Building MLS/MCS policy)

From: Stephen Smalley <sds_at_nospam>
Date: Tue Jan 26 2010 - 19:18:12 GMT
To: Guido Trentalancia <guido@trentalancia.com>


On Tue, 2010-01-26 at 12:52 -0500, Stephen Smalley wrote:
> Alternatively to spending time on documenting the current limitation, it
> might be more interesting to try removing the restriction from the
> SELinux kernel code and investigating what needs to be done within the
> kernel to enable it to be done safely. Primarily this would mean:
> - pushing the selinux_mls_enabled flag inside the policydb so that it
> could be per-policydb (this is already the case in libsepol),
> - in the non-MLS to MLS case, ensuring that the MLS fields of the
> context for all existing entries in the sidtab are filled in with a
> suitable default value, likely taken from one of the initial SIDs,
> - in the MLS to non-MLS case, freeing any storage used by the MLS fields
> in the context for all existing entries in the sidtab.

FYI, both of the latter two items would be handled inside of ss/services.c:convert_context(). -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.