aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2010-10-21selinux: include vmalloc.h for vmalloc_userStephen Rothwell1-0/+1
2010-10-21selinux: implement mmap on /selinux/policyEric Paris2-1/+45
2010-10-21SELinux: allow userspace to read policy back out of the kernelEric Paris12-3/+1256
2010-10-21SELinux: drop useless (and incorrect) AVTAB_MAX_SIZEEric Paris2-3/+2
2010-10-21SELinux: deterministic ordering of range transition rulesEric Paris1-3/+13
2010-10-21security: secid_to_secctx returns len when data is NULLEric Paris2-3/+11
2010-10-21secmark: make secmark object handling genericEric Paris5-50/+59
2010-10-21AppArmor: Ensure the size of the copy is < the buffer allocated to hold itJohn Johansen1-1/+3
2010-10-21TOMOYO: Print URL information before panic().Tetsuo Handa1-1/+10
2010-10-21security: remove unused parameter from security_task_setscheduler()KOSAKI Motohiro4-12/+7
2010-10-21selinux: fix up style problem on /selinux/statusKaiGai Kohei2-11/+7
2010-10-21selinux: change to new flag variablematt mooney1-1/+1
2010-10-21selinux: really fix dependency causing parallel compile failure.Paul Gortmaker2-20/+6
2010-10-21selinux: fix parallel compile errorPaul Gortmaker1-1/+1
2010-10-21selinux: fast status update interface (/selinux/status)KaiGai Kohei5-1/+210
2010-10-21.gitignore: ignore apparmor/rlim_names.hYong Zhang1-0/+1
2010-10-21LSM: Fix security_module_enable() error.Tetsuo Handa1-10/+2
2010-10-21selinux: type_bounds_sanity_check has a meaningless variable declarationEric Paris1-2/+2
2010-10-21tomoyo: cleanup. don't store bogus pointerDan Carpenter1-2/+4
2010-09-27TOMOYO: Don't abuse sys_getpid(), sys_getppid()Ben Hutchings2-4/+5
2010-09-10KEYS: Fix bug in keyctl_session_to_parent() if parent has no session keyringDavid Howells1-1/+2
2010-09-10KEYS: Fix RCU no-lock warning in keyctl_session_to_parent()David Howells1-0/+3
2010-09-08ima: always maintain countersMimi Zohar3-4/+9
2010-09-08AppArmor: Fix locking from removal of profile namespaceJohn Johansen1-2/+4
2010-09-08AppArmor: Fix splitting an fqname into separate namespace and profile namesJohn Johansen1-1/+1
2010-09-08AppArmor: Fix security_task_setrlimit logic for 2.6.36 changesJohn Johansen3-11/+15
2010-09-08AppArmor: Drop hack to remove appended " (deleted)" stringJohn Johansen1-27/+11
2010-08-18Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds2-10/+8
2010-08-18tty: fix fu_list abuseNick Piggin1-1/+4
2010-08-18fs: cleanup files_lock lockingNick Piggin1-2/+2
2010-08-18apparmor: use task path helpersNick Piggin1-7/+2
2010-08-17Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds1-2/+2
2010-08-17Make do_execve() take a const filename pointerDavid Howells1-1/+1
2010-08-17AppArmor: fix task_setrlimit prototypeJiri Slaby1-2/+2
2010-08-12Merge branch 'params' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/...Linus Torvalds1-12/+24
2010-08-12Add a dummy printk function for the maintenance of unused printksDavid Howells1-5/+0
2010-08-11AppArmor: update for module_param_named API changeStephen Rothwell1-12/+24
2010-08-10Merge branch 'writable_limits' of git://decibel.fi.muni.cz/~xslaby/linuxLinus Torvalds3-7/+13
2010-08-10Merge branch 'for-linus' of git://git.infradead.org/users/eparis/notifyLinus Torvalds1-2/+14
2010-08-07Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds1-1/+1
2010-08-06SELINUX: Fix build error.Ralf Baechle1-1/+1
2010-08-06KEYS: request_key() should return -ENOKEY if the constructed key is negativeDavid Howells1-0/+2
2010-08-05apparmor: depends on NETRandy Dunlap1-1/+1
2010-08-04Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jiko...Linus Torvalds1-1/+1
2010-08-04Merge branch 'master' into for-nextJiri Kosina1-2/+2
2010-08-02AppArmor: fix build warnings for non-const use of get_task_credJames Morris2-2/+2
2010-08-02selinux: convert the policy type_attr_map to flex_arrayEric Paris3-13/+39
2010-08-02AppArmor: Enable configuring and building of the AppArmor security moduleJohn Johansen3-0/+60
2010-08-02TOMOYO: Use pathname specified by policy rather than execve()Tetsuo Handa5-23/+48
2010-08-02AppArmor: update path_truncate method to latest versionJames Morris1-2/+1
2010-08-02AppArmor: core policy routinesJohn Johansen4-0/+1568
2010-08-02AppArmor: policy routines for loading and unpacking policyJohn Johansen2-0/+723
2010-08-02AppArmor: mediation of non file objectsJohn Johansen6-0/+508
2010-08-02AppArmor: LSM interface, and security module initializationJohn Johansen1-0/+939
2010-08-02AppArmor: Enable configuring and building of the AppArmor security moduleJohn Johansen2-0/+8
2010-08-02AppArmor: functions for domain transitionsJohn Johansen2-0/+859
2010-08-02AppArmor: file enforcement routinesJohn Johansen2-0/+674
2010-08-02AppArmor: userspace interfacesJohn Johansen4-0/+455
2010-08-02AppArmor: dfa match engineJohn Johansen2-0/+485
2010-08-02AppArmor: contexts used in attaching policy to system objectsJohn Johansen2-0/+370
2010-08-02AppArmor: basic auditing infrastructure.John Johansen2-0/+338
2010-08-02AppArmor: misc. base functions and definesJohn Johansen4-0/+491
2010-08-02TOMOYO: Update version to 2.3.0Tetsuo Handa1-2/+2
2010-08-02TOMOYO: Fix quota check.Tetsuo Handa1-1/+1
2010-08-02SELinux: Move execmod to the common permsEric Paris1-4/+3
2010-08-02selinux: place open in the common file permsEric Paris2-28/+11
2010-08-02SELinux: special dontaudit for access checksEric Paris3-8/+38
2010-08-02security: make LSMs explicitly mask off permissionsEric Paris2-0/+4
2010-08-02SELinux: break ocontext reading into a separate functionEric Paris1-111/+133
2010-08-02SELinux: move genfs read to a separate functionEric Paris1-105/+133
2010-08-02selinux: fix error codes in symtab_init()Dan Carpenter1-1/+1
2010-08-02selinux: fix error codes in cond_read_bool()Dan Carpenter1-5/+8
2010-08-02selinux: fix error codes in cond_policydb_init()Dan Carpenter1-2/+6
2010-08-02selinux: fix error codes in cond_read_node()Dan Carpenter1-8/+12
2010-08-02selinux: fix error codes in cond_read_av_list()Dan Carpenter1-6/+8
2010-08-02selinux: propagate error codes in cond_read_list()Dan Carpenter1-4/+6
2010-08-02selinux: cleanup return codes in avtab_read_item()Dan Carpenter1-20/+19
2010-08-02Security: capability: code style issueChihau Chau1-1/+1
2010-08-02securityfs: Drop dentry reference count when mknod failsTvrtko Ursulin1-1/+3
2010-08-02selinux: use generic_file_llseekArnd Bergmann1-0/+16
2010-08-02ima: use generic_file_llseek for securityfsArnd Bergmann1-3/+6
2010-08-02TOMOYO: Explicitly set file_operations->llseek pointer.Tetsuo Handa1-0/+1
2010-08-02security: move LSM xattrnames to xattr.hMimi Zohar2-13/+0
2010-08-02KEYS: Reinstate lost passing of process keyring ID in call_sbin_request_key()Justin P. Mattock1-0/+1
2010-08-02KEYS: Use the variable 'key' in keyctl_describe_key()David Howells1-7/+5
2010-08-02TOMOYO: Add missing poll() hook.Tetsuo Handa3-0/+33
2010-08-02TOMOYO: Rename symbols.Tetsuo Handa8-240/+199
2010-08-02TOMOYO: Small cleanup.Tetsuo Handa1-74/+121
2010-08-02TOMOYO: Copy directly to userspace buffer.Tetsuo Handa3-459/+499
2010-08-02TOMOYO: Use common code for policy reading.Tetsuo Handa1-178/+82
2010-08-02TOMOYO: Allow reading only execute permission.Tetsuo Handa2-0/+10
2010-08-02TOMOYO: Change list iterator.Tetsuo Handa2-57/+34
2010-08-02TOMOYO: Use common code for domain transition control.Tetsuo Handa6-305/+159
2010-08-02TOMOYO: Remove alias keyword.Tetsuo Handa5-164/+8
2010-08-02TOMOYO: Merge path_group and number_group.Tetsuo Handa9-282/+199
2010-08-02TOMOYO: Aggregate reader functions.Tetsuo Handa6-384/+200
2010-08-02TOMOYO: Use array of "struct list_head".Tetsuo Handa8-383/+98
2010-08-02TOMOYO: Merge tomoyo_path_group and tomoyo_number_groupTetsuo Handa5-84/+59
2010-08-02selinux: Use current_security() when possiblePaul Moore1-11/+6
2010-08-02selinux: Convert socket related access controls to use socket labelsPaul Moore1-74/+45
2010-08-02selinux: Shuffle the sk_security_struct alloc and free routinesPaul Moore1-28/+17
2010-08-02selinux: Consolidate sockcreate_sid logicPaul Moore1-20/+12
2010-08-02selinux: Set the peer label correctly on connected UNIX domain socketsPaul Moore1-16/+14
2010-08-02TOMOYO: Pass "struct list_head" rather than "void *".Tetsuo Handa1-58/+72
2010-08-02TOMOYO: Make read function to void.Tetsuo Handa3-42/+20
2010-08-02TOMOYO: Merge functions.Tetsuo Handa1-41/+9
2010-08-02TOMOYO: Remove wrapper function for reading keyword.Tetsuo Handa3-70/+14
2010-08-02TOMOYO: Loosen parameter check for mount operation.Tetsuo Handa1-91/+33
2010-08-02TOMOYO: Rename symbols.Tetsuo Handa10-157/+157
2010-08-02TOMOYO: Use callback for permission check.Tetsuo Handa4-258/+230
2010-08-02TOMOYO: Pass parameters via structure.Tetsuo Handa3-1/+58
2010-08-02TOMOYO: Use common code for open and mkdir etc.Tetsuo Handa3-84/+22
2010-08-02SELinux: seperate range transition rules to a seperate functionEric Paris1-64/+75
2010-08-02TOMOYO: Use common code for garbage collection.Tetsuo Handa1-146/+66
2010-08-02TOMOYO: Use callback for updating entries.Tetsuo Handa6-252/+190
2010-08-02TOMOYO: Use common structure for list element.Tetsuo Handa7-164/+167
2010-08-02TOMOYO: Use callback for updating entries.Tetsuo Handa7-312/+253
2010-08-02KEYS: Make /proc/keys check to see if a key is possessed before security checkDavid Howells3-23/+66
2010-08-02KEYS: Authorise keyctl_set_timeout() on a key if we have its authorisation keyDavid Howells1-1/+16
2010-08-02TOMOYO: Update profile structure.Tetsuo Handa6-248/+486
2010-08-02TOMOYO: Add pathname aggregation support.Tetsuo Handa4-0/+204
2010-08-02TOMOYO: Allow wildcard for execute permission.Tetsuo Handa7-151/+90
2010-08-02TOMOYO: Support longer pathname.Tetsuo Handa6-318/+208
2010-08-02TOMOYO: Several fixes for TOMOYO's management programs.Tetsuo Handa3-6/+23
2010-08-02LSM: Remove unused arguments from security_path_truncate().Tetsuo Handa3-7/+4
2010-08-02smack: opt_dentry is never null in in smack_d_instantiate()Dan Carpenter1-12/+2
2010-08-02TOMOYO: Split files into some pieces.Tetsuo Handa11-1416/+1469
2010-08-02TOMOYO: Add interactive enforcing mode.Tetsuo Handa6-120/+564
2010-08-02TOMOYO: Add mount restriction.Tetsuo Handa7-11/+469
2010-08-02TOMOYO: Split file access control functions by type of parameters.Tetsuo Handa5-123/+752
2010-08-02TOMOYO: Use structure for passing common arguments.Tetsuo Handa5-206/+162
2010-08-02TOMOYO: Add numeric values grouping support.Tetsuo Handa6-1/+454
2010-08-02selinux: remove all rcu head initializationsPaul E. McKenney2-3/+0
2010-07-28fsnotify: new fsnotify hooks and events types for access decisionsEric Paris1-2/+14
2010-07-16rlimits: selinux, do rlimits changes under task_lockOleg Nesterov1-2/+4
2010-07-16rlimits: add task_struct to update_rlimit_cpuJiri Slaby1-1/+2
2010-07-16rlimits: security, add task_struct to setrlimitJiri Slaby3-6/+9
2010-06-27KEYS: Propagate error code instead of returning -EINVALDan Carpenter1-2/+2
2010-06-16Merge branch 'master' into for-nextJiri Kosina7-54/+46
2010-06-16fix typos concerning "initiali[zs]e"Uwe Kleine-König1-1/+1
2010-05-27keyctl_session_to_parent(): use thread_group_empty() to check singlethreadnessOleg Nesterov1-1/+1
2010-05-27umh: creds: convert call_usermodehelper_keys() to use subprocess_info->init()Oleg Nesterov3-2/+34
2010-05-25kernel-wide: replace USHORT_MAX, SHORT_MAX and SHORT_MIN with USHRT_MAX, SHRT...Alexey Dobriyan1-3/+3
2010-05-21switch selinux delayed superblock handling to iterate_supers()Al Viro2-48/+8
2010-05-21kref: remove kref_setNeilBrown1-2/+2
2010-05-18KEYS: Return more accurate error codesDan Carpenter1-3/+3
2010-05-17LSM: Add __init to fixup function.Tetsuo Handa2-3/+3
2010-05-17TOMOYO: Add pathname grouping support.Tetsuo Handa6-54/+433
2010-05-17ima: remove ACPI dependencyMimi Zohar1-3/+2
2010-05-17security/selinux/ss: Use kstrdupJulia Lawall1-2/+1
2010-05-10TOMOYO: Use stack memory for pending entry.Tetsuo Handa5-192/+190
2010-05-07Revert "ima: remove ACPI dependency"James Morris1-2/+3
2010-05-06KEYS: Do preallocation for __key_link()David Howells4-130/+215
2010-05-06Merge branch 'master' into nextJames Morris2-20/+23
2010-05-06TOMOYO: Use mutex_lock_interruptible.Tetsuo Handa6-24/+37
2010-05-06KEYS: Better handling of errors from construct_alloc_key()David Howells1-2/+22
2010-05-06KEYS: keyring_serialise_link_sem is only needed for keyring->keyring linksDavid Howells1-7/+9
2010-05-06Merge branch 'master' into nextJames Morris32-15/+52
2010-05-06TOMOYO: Use GFP_NOFS rather than GFP_KERNEL.Tetsuo Handa4-18/+18
2010-05-05KEYS: call_sbin_request_key() must write lock keyrings before modifying themDavid Howells1-1/+1
2010-05-05KEYS: Use RCU dereference wrappers in keyring key type codeDavid Howells1-10/+13
2010-05-05KEYS: find_keyring_by_name() can gain access to a freed keyringToshiyuki Okajima1-9/+9
2010-05-05KEYS: Fix RCU handling in key_gc_keyring()David Howells1-3/+6
2010-05-05KEYS: Fix an RCU warning in the reading of user keysDavid Howells1-1/+2
2010-05-05ima: remove ACPI dependencyMimi Zohar1-3/+2
2010-04-29selinux: generalize disabling of execmem for plt-in-heap archsStephen Smalley1-6/+8
2010-04-27Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds1-1/+1
2010-04-27keys: the request_key() syscall should link an existing key to the dest keyringDavid Howells1-1/+8
2010-04-28LSM Audit: rename LSM_AUDIT_NO_AUDIT to LSM_AUDIT_DATA_NONEEric Paris2-3/+2
2010-04-28keys: don't need to use RCU in keyring_read() as semaphore is heldDavid Howells1-1/+1
2010-04-27SMACK: Don't #include Ext2 headersDavid Howells1-1/+0
2010-04-24keys: fix an RCU warningDavid Howells1-5/+8
2010-04-23security: whitespace coding style fixesJustin P. Mattock7-45/+45
2010-04-23mmap_min_addr check CAP_SYS_RAWIO only for writeKees Cook1-1/+1
2010-04-23IMA: include the word IMA in printk messagesEric Paris3-5/+5
2010-04-22security: testing the wrong variable in create_by_name()Dan Carpenter1-2/+2
2010-04-21IMA: drop the word integrity in the audit messageEric Paris1-1/+1
2010-04-21IMA: use audit_log_untrusted_string rather than %sEric Paris1-13/+20
2010-04-21IMA: handle comments in policyEric Paris1-7/+14
2010-04-21IMA: handle whitespace betterEric Paris1-3/+3
2010-04-21IMA: reject policies with unknown entriesEric Paris1-0/+1
2010-04-21IMA: set entry->action to UNKNOWN rather than hard codingEric Paris1-1/+1
2010-04-21IMA: do not allow the same rule to specify the same thing twiceEric Paris1-1/+33
2010-04-21ima: handle multiple rules per writeEric Paris3-26/+32
2010-04-21SELinux: return error codes on policy load failureEric Paris1-15/+22
2010-04-20Security: Fix the comment of cap_file_mmap()wzt.wzt@gmail.com1-1/+1
2010-04-15SELinux: Reduce max avtab size to avoid page allocation failuresStephen Smalley1-1/+1
2010-04-12security: remove dead hook acctEric Paris2-11/+0
2010-04-12security: remove dead hook key_session_to_parentEric Paris3-22/+0
2010-04-12security: remove dead hook task_setgroupsEric Paris2-11/+0
2010-04-12security: remove dead hook task_setgidEric Paris2-11/+0
2010-04-12security: remove dead hook task_setuidEric Paris2-11/+0
2010-04-12security: remove dead hook cred_commitEric Paris2-10/+0
2010-04-12security: remove dead hook inode_deleteEric Paris2-12/+0
2010-04-12security: remove dead hook sb_post_pivotrootEric Paris2-10/+0
2010-04-12security: remove dead hook sb_post_addmountEric Paris2-10/+0
2010-04-12security: remove dead hook sb_post_remountEric Paris2-11/+0
2010-04-12security: remove dead hook sb_umount_busyEric Paris2-10/+0
2010-04-12security: remove dead hook sb_umount_closeEric Paris2-10/+0
2010-04-12security: remove sb_check_sb hooksEric Paris2-11/+0
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-17 23:44:19 +0000