summaryrefslogtreecommitdiffstats
path: root/meta-app-framework/recipes-kernel
AgeCommit message (Collapse)AuthorFilesLines
2016-11-09Smack: add audit when smack is activeJosé Bollo2-0/+5
It is important for developement process and for monitoring hacking to track violations and to monitor wrong uses or problems. By activating audit with Smack we ensure that detection and reporting of hazardous or malicious violations will be possible. Change-Id: I7808ff17b5b8ba1fb09742fd273f46f06917d26b Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-11-04Smack: fixup of bluetooth socket labellingJosé Bollo10-0/+413
The sockets created by kernel thread will now be tagged @ instead of _. This problem was occuring during creation of AF_BLUETOOTH (but is also latent AF_ALG, AF_IUCV, AF_SCTP, AF_TIPC as they don't go through the normal socket creation process within linux). Having the tag @ allows read/write to sockets without special rules and tus solve the problem. This solution from upstream linux patches backported and from a patch made by Samsung for Tizen and that is currently discussed within kernel lists. Also add some improvements of the LSM Smack (valid caching and signal 0). These improvements are backports of patches already available for linux 4.9-rc3. AGL-bug: SPEC-293 (https://jira.automotivelinux.org/browse/SPEC-293) Change-Id: I5999a951a4bbeba7947ebfe5df091de07d59e57e Signed-off-by: José Bollo <jose.bollo@iot.bzh>