search for: tsec

...b/xen/xsm/flask/hooks.c @@ -664,42 +664,47 @@ static int irq_has_perm(struct domain *d, uint8_t pirq, uint8_t access) return rc; } -static int iomem_has_perm(struct domain *d, unsigned long mfn, uint8_t access) -{ +struct iomem_has_perm_data { + struct domain_security_struct *ssec, *tsec; u32 perm; - u32 rsid; - int rc = -EPERM; +}; - struct domain_security_struct *ssec, *tsec; +static int _iomem_has_perm(void *v, u32 sid, unsigned long start, unsigned long end) +{ + struct iomem_has_perm_data *data = v; struct avc_audit_data ad; + int rc = -EPERM; -...

...rocess. It also has references to 691 workers! In case there might be some problems with my worker here''s its full code: class DrillReminderWorker < BackgrounDRb::Worker::RailsBase def do_work(args) logger.info "DrillReminderSender started" t = Time.now.gmtime tsec = t.sec + t.min*60 + t.hour*60*60 logger.info "utc seconds: #{tsec}" User.find_all_to_send_drill_reminder(tsec).each do |u| Notification.deliver_drill_reminder(u) u.update_attributes!( :drill_notification_last_send => TimeUtils.nowf ) end lo...

Add some warnings. Well, the first patch is a miscellaneous change, but patches 2-5 add some warnings. Rich.

...gt; > - const char **name, > > > - void **value, size_t *len) > > > + struct xattr *xattrs) > > > { > > > const struct task_security_struct *tsec = selinux_cred(current_cred()); > > > struct superblock_security_struct *sbsec; > > > + struct xattr *xattr = NULL; > > > u32 newsid, clen; > > > int rc; > > > char *context; > > > @@ -2899,16 +2901,18 @@ st...

...io_log { local($name) = @_; # do not buffer io select((select(STDOUT), $| = 1)[0]); select((select(STDERR), $| = 1)[0]); # redirect stdout and stderr open(STDOUT, ">>$LOGDIR/tinc.log"); open(STDERR, ">&STDOUT"); } sub print_log { ($tsec,$tmin,$thour,$mday, $mon,$year,$rest) = localtime(time()); $monno = $mon + 1; if ($monno<10) { $monno = "0$monno"; } if ($mday<10) { $mday = "0$mday"; } if ($year > 99) { $yearno = "20" . $year; } else { $yearno = "19&quot...

This patch set adds XSM security labels to useful debugging output locations, and fixes some assumptions that all interrupts behaved like GSI interrupts (which had useful non-dynamic IDs). It also cleans up the policy build process and adds an example of how to use the user field in the security context. Debug output: [PATCH 01/10] xsm: Add security labels to event-channel dump [PATCH 02/10] xsm:

From: Roberto Sassu <roberto.sassu at huawei.com> One of the major goals of LSM stacking is to run multiple LSMs side by side without interfering with each other. The ultimate decision will depend on individual LSM decision. Several changes need to be made to the LSM infrastructure to be able to support that. This patch set tackles one of them: gives to each LSM the ability to specify one

We just had a security application vendor come in. We asked about Linux support and he said that putting a security application on top of an insecure OS was useless. When I asked what he meant by insecure he replied that Linux does not have a true Auditing capability - as opposed to HP-UX & Solaris which they do support. Can anyone explain to me what he was talking about? Thanks, Marty

From: Roberto Sassu <roberto.sassu at huawei.com> One of the major goals of LSM stacking is to run multiple LSMs side by side without interfering with each other. The ultimate decision will depend on individual LSM decision. Several changes need to be made to the LSM infrastructure to be able to support that. This patch set tackles one of them: gives to each LSM the ability to specify one