projects / linux-2.6-microblaze.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6ae0042) | patch
selinux: support wildcard network interface names
authorChristian Göttsche <cgzones@googlemail.com>
Sun, 2 Mar 2025 15:40:45 +0000 (16:40 +0100)
committerPaul Moore <paul@paul-moore.com>
Fri, 7 Mar 2025 20:11:10 +0000 (15:11 -0500)
commit8af43b61c17e9a18b06fd6ab26370543f21eb4e4
treef620c28b45f540f01d9870b62a580436dc11d04etree
parent6ae0042f4d3f331e841495eb0a3d51598e593ec2commit | diff
selinux: support wildcard network interface names

Add support for wildcard matching of network interface names.  This is
useful for auto-generated interfaces, for example podman creates network
interfaces for containers with the naming scheme podman0, podman1,
podman2, ...

To maintain backward compatibility guard this feature with a new policy
capability 'netif_wildcard'.

Netifcon definitions are compared against in the order given by the
policy, so userspace tools should sort them in a reasonable order.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
security/selinux/include/policycap.h diff | blob | history
security/selinux/include/policycap_names.h diff | blob | history
security/selinux/include/security.h diff | blob | history
security/selinux/ss/services.c diff | blob | history
MicroBlaze GIT Repository