path: root/Documentation
diff options
authorPaul Moore <paul.moore@hp.com>2009-03-27 17:10:41 -0400
committerJames Morris <jmorris@namei.org>2009-03-28 15:01:37 +1100
commit58bfbb51ff2b0fdc6c732ff3d72f50aa632b67a2 (patch)
tree41132587adbb6816b56b9d28105826b8ef0fd7b9 /Documentation
parent389fb800ac8be2832efedd19978a2b8ced37eb61 (diff)
selinux: Remove the "compat_net" compatibility code
The SELinux "compat_net" is marked as deprecated, the time has come to finally remove it from the kernel. Further code simplifications are likely in the future, but this patch was intended to be a simple, straight-up removal of the compat_net code. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'Documentation')
2 files changed, 0 insertions, 20 deletions
diff --git a/Documentation/feature-removal-schedule.txt b/Documentation/feature-removal-schedule.txt
index 02ea3773535..049a96247f5 100644
--- a/Documentation/feature-removal-schedule.txt
+++ b/Documentation/feature-removal-schedule.txt
@@ -355,17 +355,6 @@ Who: Hans de Goede <hdegoede@redhat.com>
-What: SELinux "compat_net" functionality
-When: 2.6.30 at the earliest
-Why: In 2.6.18 the Secmark concept was introduced to replace the "compat_net"
- network access control functionality of SELinux. Secmark offers both
- better performance and greater flexibility than the "compat_net"
- mechanism. Now that the major Linux distributions have moved to
- Secmark, it is time to deprecate the older mechanism and start the
- process of removing the old code.
-Who: Paul Moore <paul.moore@hp.com>
What: sysfs ui for changing p4-clockmod parameters
When: September 2009
Why: See commits 129f8ae9b1b5be94517da76009ea956e89104ce8 and
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index fa4e1239a8f..d1b082772e3 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -2019,15 +2019,6 @@ and is between 256 and 4096 characters. It is defined in the file
If enabled at boot time, /selinux/disable can be used
later to disable prior to initial policy load.
- selinux_compat_net =
- [SELINUX] Set initial selinux_compat_net flag value.
- Format: { "0" | "1" }
- 0 -- use new secmark-based packet controls
- 1 -- use legacy packet controls
- Default value is 0 (preferred).
- Value can be changed at runtime via
- /selinux/compat_net.
serialnumber [BUGS=X86-32]
shapers= [NET]