mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
synced 2025-01-01 10:42:11 +00:00
5ceecb301e
Currently IPE accepts an update that has the same version as the policy being updated, but it doesn't make it a no-op nor it checks that the old and new policyes are the same. So it is possible to change the content of a policy, without changing its version. This is very confusing from userspace when managing policies. Instead change the update logic to reject updates that have the same version with ESTALE, as that is much clearer and intuitive behaviour. Signed-off-by: Luca Boccassi <bluca@debian.org> Reviewed-by: Serge Hallyn <serge@hallyn.com> Signed-off-by: Fan Wu <wufan@kernel.org> |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| audit.c | ||
| audit.h | ||
| digest.c | ||
| digest.h | ||
| eval.c | ||
| eval.h | ||
| fs.c | ||
| fs.h | ||
| hooks.c | ||
| hooks.h | ||
| ipe.c | ||
| ipe.h | ||
| Kconfig | ||
| Makefile | ||
| policy_fs.c | ||
| policy_parser.c | ||
| policy_parser.h | ||
| policy_tests.c | ||
| policy.c | ||
| policy.h | ||