Age | Commit message (Expand) | Author | Files | Lines |
2008-08-14 | security: Fix setting of PF_SUPERPRIV by __capable() | David Howells | 6 | -34/+80 |
2008-07-30 | SELinux: /proc/mounts should show what it can | Eric Paris | 1 | -1/+5 |
2008-07-26 | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir... | Linus Torvalds | 4 | -9/+7 |
2008-07-26 | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 | Linus Torvalds | 1 | -19/+8 |
2008-07-26 | [patch 3/4] fat: dont call notify_change | Miklos Szeredi | 1 | -0/+1 |
2008-07-26 | [PATCH] pass MAY_OPEN to vfs_permission() explicitly | Al Viro | 4 | -9/+6 |
2008-07-26 | selinux: use nf_register_hooks() | Alexey Dobriyan | 1 | -19/+8 |
2008-07-26 | tracehook: tracehook_tracer_task | Roland McGrath | 1 | -19/+3 |
2008-07-25 | devcgroup: code cleanup | Li Zefan | 1 | -14/+8 |
2008-07-25 | devcgroup: relax white-list protection down to RCU | Pavel Emelyanov | 1 | -13/+22 |
2008-07-25 | cgroup files: convert devcgroup_access_write() into a cgroup write_string() h... | Paul Menage | 1 | -63/+38 |
2008-07-24 | security: filesystem capabilities no longer experimental | Andrew G. Morgan | 1 | -2/+1 |
2008-07-24 | security: protect legacy applications from executing with insufficient privilege | Andrew G. Morgan | 1 | -49/+59 |
2008-07-15 | Revert "SELinux: allow fstype unknown to policy to use xattrs if present" | James Morris | 3 | -37/+14 |
2008-07-14 | security: remove register_security hook | James Morris | 5 | -95/+5 |
2008-07-14 | security: remove dummy module fix | Miklos Szeredi | 1 | -1/+1 |
2008-07-14 | security: remove dummy module | Miklos Szeredi | 5 | -1340/+996 |
2008-07-14 | security: remove unused sb_get_mnt_opts hook | Miklos Szeredi | 3 | -15/+0 |
2008-07-14 | LSM/SELinux: show LSM mount options in /proc/mounts | Eric Paris | 3 | -1/+65 |
2008-07-14 | SELinux: allow fstype unknown to policy to use xattrs if present | Eric Paris | 3 | -14/+37 |
2008-07-14 | security: fix return of void-valued expressions | James Morris | 1 | -3/+3 |
2008-07-14 | SELinux: use do_each_thread as a proper do/while block | James Morris | 1 | -2/+2 |
2008-07-14 | SELinux: remove unused and shadowed addrlen variable | James Morris | 1 | -3/+1 |
2008-07-14 | SELinux: more user friendly unknown handling printk | Eric Paris | 2 | -5/+7 |
2008-07-14 | selinux: change handling of invalid classes (Was: Re: 2.6.26-rc5-mm1 selinux ... | Stephen Smalley | 1 | -3/+13 |
2008-07-14 | SELinux: drop load_mutex in security_load_policy | Eric Paris | 1 | -13/+1 |
2008-07-14 | SELinux: fix off by 1 reference of class_to_string in context_struct_compute_av | Eric Paris | 1 | -1/+1 |
2008-07-14 | SELinux: open code sidtab lock | James Morris | 1 | -11/+7 |
2008-07-14 | SELinux: open code load_mutex | James Morris | 1 | -12/+9 |
2008-07-14 | SELinux: open code policy_rwlock | James Morris | 1 | -56/+52 |
2008-07-14 | selinux: fix endianness bug in network node address handling | Stephen Smalley | 1 | -7/+8 |
2008-07-14 | selinux: simplify ioctl checking | Stephen Smalley | 1 | -40/+8 |
2008-07-14 | SELinux: enable processes with mac_admin to get the raw inode contexts | Stephen Smalley | 1 | -4/+23 |
2008-07-14 | Security: split proc ptrace checking into read vs. attach | Stephen Smalley | 5 | -8/+21 |
2008-07-14 | SELinux: remove inherit field from inode_security_struct | James Morris | 1 | -1/+0 |
2008-07-14 | SELinux: reorder inode_security_struct to increase objs/slab on 64bit | Richard Kennedy | 1 | -1/+1 |
2008-07-14 | SELinux: keep the code clean formating and syntax | Eric Paris | 9 | -30/+35 |
2008-07-14 | SELinux: fix sleeping allocation in security_context_to_sid | Stephen Smalley | 1 | -30/+40 |
2008-07-14 | selinux: support deferred mapping of contexts | Stephen Smalley | 8 | -128/+248 |
2008-07-13 | devcgroup: fix permission check when adding entry to child cgroup | Li Zefan | 1 | -1/+1 |
2008-07-13 | devcgroup: always show positive major/minor num | Li Zefan | 1 | -2/+2 |
2008-07-04 | devcgroup: fix odd behaviour when writing 'a' to devices.allow | Li Zefan | 1 | -0/+2 |
2008-07-04 | security: filesystem capabilities: fix CAP_SETPCAP handling | Andrew G. Morgan | 1 | -3/+10 |
2008-06-12 | capabilities: add (back) dummy support for KEEPCAPS | Andrew G. Morgan | 1 | -1/+23 |
2008-06-06 | keys: remove unused key_alloc_sem | Daniel Walker | 1 | -1/+0 |
2008-06-06 | devscgroup: make white list more compact in some cases | Pavel Emelyanov | 1 | -2/+16 |
2008-06-06 | devscgroup: relax task to dev_cgroup conversion | Pavel Emelyanov | 1 | -6/+4 |
2008-06-06 | devcgroup: make a helper to convert cgroup_subsys_state to devs_cgroup | Pavel Emelyanov | 1 | -2/+6 |
2008-06-04 | Smack: fuse mount hang fix | Casey Schaufler | 1 | -0/+12 |
2008-05-01 | [PATCH] split linux/file.h | Al Viro | 1 | -0/+1 |
2008-04-30 | signals: cleanup security_task_kill() usage/implementation | Oleg Nesterov | 2 | -12/+0 |
2008-04-30 | Smack: Integrate Smack with Audit | Ahmed S. Darwish | 1 | -0/+155 |
2008-04-30 | Security: Make secctx_to_secid() take const secdata | David Howells | 6 | -7/+7 |
2008-04-29 | Merge branch 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/vir... | Linus Torvalds | 2 | -1/+3 |
2008-04-29 | keys: explicitly include required slab.h header file. | Robert P. J. Day | 2 | -0/+2 |
2008-04-29 | keys: make the keyring quotas controllable through /proc/sys | David Howells | 6 | -15/+94 |
2008-04-29 | keys: don't generate user and user session keyrings unless they're accessed | David Howells | 5 | -126/+92 |
2008-04-29 | keys: allow clients to set key perms in key_create_or_update() | Arun Raghavan | 2 | -9/+12 |
2008-04-29 | keys: switch to proc_create() | Alexey Dobriyan | 1 | -6/+2 |
2008-04-29 | keys: add keyctl function to get a security label | David Howells | 6 | -1/+99 |
2008-04-29 | keys: allow the callout data to be passed as a blob rather than a string | David Howells | 4 | -29/+48 |
2008-04-29 | keys: check starting keyring as part of search | Kevin Coffman | 1 | -4/+31 |
2008-04-29 | keys: increase the payload size when instantiating a key | David Howells | 1 | -8/+30 |
2008-04-29 | cgroups: introduce cft->read_seq() | Serge E. Hallyn | 1 | -51/+23 |
2008-04-29 | cgroups: implement device whitelist | Serge E. Hallyn | 2 | -0/+604 |
2008-04-29 | xattr: add missing consts to function arguments | David Howells | 7 | -30/+33 |
2008-04-28 | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo... | Linus Torvalds | 12 | -134/+121 |
2008-04-28 | smack: use cap_task_prctl | Serge E. Hallyn | 1 | -0/+1 |
2008-04-28 | smack: make smk_cipso_doi() and smk_unlbl_ambient() | Casey Schaufler | 1 | -2/+2 |
2008-04-28 | root_plug: use cap_task_prctl | Serge E. Hallyn | 1 | -0/+1 |
2008-04-28 | smack: fix integer as NULL pointer warning in smack_lsm.c | Harvey Harrison | 1 | -1/+1 |
2008-04-28 | capabilities: implement per-process securebits | Andrew G. Morgan | 5 | -14/+101 |
2008-04-28 | Audit: standardize string audit interfaces | Eric Paris | 1 | -1/+1 |
2008-04-28 | Audit: collect sessionid in netlink messages | Eric Paris | 1 | -0/+2 |
2008-04-28 | SELinux: Fix a RCU free problem with the netport cache | Paul Moore | 1 | -22/+18 |
2008-04-28 | SELinux: Made netnode cache adds faster | Paul Moore | 1 | -55/+49 |
2008-04-28 | SELinux: policydb.h whitespace, syntax, and other cleanups | Eric Paris | 1 | -5/+5 |
2008-04-28 | SELinux: mls_types.h whitespace, syntax, and other cleanups | Eric Paris | 1 | -2/+2 |
2008-04-28 | SELinux: mls.h whitespace, syntax, and other cleanups | Eric Paris | 1 | -3/+3 |
2008-04-28 | SELinux: hashtab.h whitespace, syntax, and other cleanups | Eric Paris | 1 | -3/+3 |
2008-04-28 | SELinux: context.h whitespace, syntax, and other cleanups | Eric Paris | 1 | -2/+2 |
2008-04-28 | SELinux: ss/conditional.h whitespace, syntax, and other cleanups | Eric Paris | 1 | -3/+3 |
2008-04-28 | SELinux: selinux/include/security.h whitespace, syntax, and other cleanups | Eric Paris | 1 | -2/+2 |
2008-04-28 | SELinux: objsec.h whitespace, syntax, and other cleanups | Eric Paris | 1 | -30/+30 |
2008-04-28 | SELinux: netlabel.h whitespace, syntax, and other cleanups | Eric Paris | 1 | -1/+1 |
2008-04-28 | SELinux: avc_ss.h whitespace, syntax, and other cleanups | Eric Paris | 1 | -6/+3 |
2008-04-22 | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir... | Linus Torvalds | 4 | -21/+21 |
2008-04-22 | SELinux fixups needed for preemptable RCU from -rt | Paul E. McKenney | 2 | -0/+11 |
2008-04-21 | [PATCH] switch a bunch of LSM hooks from nameidata to path | Al Viro | 4 | -21/+21 |
2008-04-22 | SELinux: no BUG_ON(!ss_initialized) in selinux_clone_mnt_opts | Eric Paris | 1 | -3/+12 |
2008-04-21 | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo... | Linus Torvalds | 17 | -634/+609 |
2008-04-21 | SELinux: one little, two little, three little whitespaces, the avc.c saga. | Eric Paris | 1 | -28/+28 |
2008-04-21 | SELinux: cleanup on isle selinuxfs.c | Eric Paris | 1 | -55/+57 |
2008-04-21 | changing whitespace for fun and profit: policydb.c | Eric Paris | 1 | -68/+63 |
2008-04-21 | SELinux: whitespace and formating fixes for hooks.c | Eric Paris | 1 | -250/+245 |
2008-04-21 | SELinux: clean up printks | Eric Paris | 7 | -77/+78 |
2008-04-21 | SELinux: sidtab.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -4/+2 |
2008-04-21 | SELinux: services.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -60/+55 |
2008-04-21 | SELinux: mls.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -13/+14 |
2008-04-21 | SELinux: hashtab.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -2/+2 |
2008-04-21 | SELinux: ebitmap.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -3/+2 |
2008-04-21 | SELinux: conditional.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -33/+26 |
2008-04-21 | SELinux: avtab.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -10/+11 |
2008-04-21 | SELinux: xfrm.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -6/+3 |
2008-04-21 | SELinux: nlmsgtab.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -3/+2 |
2008-04-21 | SELinux: netnode.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -1/+1 |
2008-04-21 | SELinux: netlink.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -10/+10 |
2008-04-21 | SELinux: netlabel.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -1/+1 |
2008-04-21 | SELinux: netif.c whitespace, syntax, and static declaraction cleanups | Eric Paris | 1 | -10/+9 |
2008-04-18 | security: Remove unnecessary inclusions of asm/semaphore.h | Matthew Wilcox | 3 | -3/+0 |
2008-04-18 | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo... | Linus Torvalds | 9 | -61/+269 |
2008-04-18 | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.26 | Linus Torvalds | 7 | -48/+45 |
2008-04-19 | security: fix up documentation for security_module_enable | James Morris | 1 | -1/+1 |
2008-04-19 | Security: Introduce security= boot parameter | Ahmed S. Darwish | 6 | -4/+65 |
2008-04-19 | Audit: Final renamings and cleanup | Ahmed S. Darwish | 1 | -0/+65 |
2008-04-19 | SELinux: use new audit hooks, remove redundant exports | Ahmed S. Darwish | 2 | -11/+42 |
2008-04-19 | LSM/Audit: Introduce generic Audit LSM hooks | Ahmed S. Darwish | 2 | -1/+55 |
2008-04-19 | SELinux: remove redundant exports | Ahmed S. Darwish | 1 | -42/+0 |
2008-04-19 | SELinux: setup new inode/ipc getsecid hooks | Ahmed S. Darwish | 1 | -2/+17 |
2008-04-19 | LSM: Introduce inode_getsecid and ipc_getsecid hooks | Ahmed S. Darwish | 2 | -1/+25 |
2008-04-18 | security: enhance DEFAULT_MMAP_MIN_ADDR description | maximilian attems | 1 | -4/+6 |
2008-04-18 | SELinux: add netport.[ch] | James Morris | 2 | -0/+317 |
2008-04-18 | SELinux: Add network port SID cache | Paul Moore | 5 | -21/+17 |
2008-04-18 | SELinux: turn mount options strings into defines | Eric Paris | 2 | -8/+13 |
2008-04-18 | selinux/ss/services.c should #include <linux/selinux.h> | Adrian Bunk | 1 | -0/+1 |
2008-04-18 | selinux: introduce permissive types | Eric Paris | 6 | -6/+48 |
2008-04-18 | selinux: remove ptrace_sid | Roland McGrath | 2 | -25/+47 |
2008-04-18 | SELinux: requesting no permissions in avc_has_perm_noaudit is a BUG() | Eric Paris | 1 | -1/+3 |
2008-04-18 | security: code cleanup | Andrew Morton | 1 | -1/+1 |
2008-04-18 | security: replace remaining __FUNCTION__ occurrences | Harvey Harrison | 8 | -26/+26 |
2008-04-18 | SELinux: create new open permission | Eric Paris | 6 | -2/+47 |
2008-04-18 | selinux: selinux/netlabel.c should #include "netlabel.h" | Adrian Bunk | 1 | -0/+1 |
2008-04-18 | SELinux: unify printk messages | James Morris | 5 | -76/+76 |
2008-04-18 | SELinux: remove unused backpointers from security objects | James Morris | 2 | -14/+0 |
2008-04-18 | SELinux: Correct the NetLabel locking for the sk_security_struct | Paul Moore | 4 | -87/+15 |
2008-04-17 | Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/torvalds... | David S. Miller | 3 | -15/+19 |
2008-04-12 | LSM: Make the Labeled IPsec hooks more stack friendly | Paul Moore | 4 | -45/+42 |
2008-04-12 | NetLabel: Allow passing the LSM domain as a shared pointer | Paul Moore | 2 | -2/+2 |
2008-04-10 | SELinux: don't BUG if fs reuses a superblock | Eric Paris | 1 | -4/+4 |
2008-04-08 | SELinux: more GFP_NOFS fixups to prevent selinux from re-entering the fs code | Stephen Smalley | 3 | -9/+13 |
2008-04-04 | selinux: prevent rentry into the FS | Josef Bacik | 1 | -2/+2 |
2008-04-03 | Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/... | David S. Miller | 5 | -83/+16 |
2008-04-02 | selinux: handle files opened with flags 3 by checking ioctl permission | Stephen Smalley | 1 | -0/+6 |
2008-03-26 | [NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS. | YOSHIFUJI Hideaki | 1 | -1/+1 |
2008-03-24 | smackfs: remove redundant lock, fix open(,O_RDWR) | Ahmed S. Darwish | 1 | -33/+2 |
2008-03-20 | file capabilities: remove cap_task_kill() | Serge Hallyn | 3 | -46/+0 |
2008-03-19 | smack: do not dereference NULL ipc object | Ahmed S. Darwish | 1 | -3/+6 |
2008-03-18 | make selinux_parse_opts_str() static | Adrian Bunk | 1 | -1/+2 |
2008-03-13 | smackfs: do not trust `count' in inodes write()s | Ahmed S. Darwish | 2 | -19/+20 |
2008-03-06 | LSM/SELinux: Interfaces to allow FS to control mount options | Eric Paris | 5 | -107/+128 |
2008-02-23 | Smack: update for file capabilities | Casey Schaufler | 1 | -13/+74 |
2008-02-23 | file capabilities: simplify signal check | Serge E. Hallyn | 1 | -1/+1 |
2008-02-19 | Smack: unlabeled outgoing ambient packets | Casey Schaufler | 2 | -23/+74 |
2008-02-14 | d_path: Use struct path in struct avc_audit_data | Jan Blunck | 3 | -25/+24 |
2008-02-14 | Embed a struct path into struct nameidata instead of nd->{dentry,mnt} | Jan Blunck | 2 | -3/+3 |
2008-02-13 | Smack: check for 'struct socket' with NULL sk | Ahmed S. Darwish | 1 | -4/+5 |
2008-02-11 | selinux: support 64-bit capabilities | Stephen Smalley | 5 | -2/+27 |
2008-02-07 | Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p) | David Howells | 4 | -4/+4 |
2008-02-06 | SELinux: Remove security_get_policycaps() | Paul Moore | 2 | -34/+0 |
2008-02-06 | security: allow Kconfig to set default mmap_min_addr protection | Eric Paris | 2 | -1/+21 |
2008-02-05 | Smack: Simplified Mandatory Access Control Kernel | Casey Schaufler | 8 | -0/+4095 |
2008-02-05 | capabilities: introduce per-process capability bounding set | Serge E. Hallyn | 1 | -17/+27 |
2008-02-05 | Add 64-bit capability support to the kernel | Andrew Morgan | 2 | -36/+68 |
2008-02-05 | revert "capabilities: clean up file capability reading" | Andrew Morton | 1 | -15/+8 |
2008-02-05 | VFS/Security: Rework inode_getsecurity and callers to return resulting buffer | David P. Quigley | 3 | -31/+18 |
2008-02-01 | [AUDIT] add session id to audit messages | Eric Paris | 2 | -9/+13 |
2008-02-01 | [PATCH] switch audit_get_loginuid() to task_struct * | Al Viro | 2 | -4/+4 |
2008-01-31 | [SELinux]: Fix double free in selinux_netlbl_sock_setsid() | Paul Moore | 1 | -1/+0 |
2008-01-30 | security: compile capabilities by default | sergeh@us.ibm.com | 1 | -0/+1 |
2008-01-30 | selinux: make selinux_set_mnt_opts() static | Adrian Bunk | 1 | -2/+2 |
2008-01-30 | SELinux: Add warning messages on network denial due to error | Paul Moore | 3 | -8/+40 |
2008-01-30 | SELinux: Add network ingress and egress control permission checks | Paul Moore | 1 | -122/+280 |
2008-01-30 | SELinux: Allow NetLabel to directly cache SIDs | Paul Moore | 5 | -134/+55 |
2008-01-30 | SELinux: Enable dynamic enable/disable of the network access checks | Paul Moore | 4 | -13/+83 |
2008-01-30 | SELinux: Better integration between peer labeling subsystems | Paul Moore | 6 | -100/+208 |
2008-01-30 | SELinux: Add a new peer class and permissions to the Flask definitions | Paul Moore | 4 | -0/+26 |
2008-01-30 | SELinux: Add a capabilities bitmap to SELinux policy version 22 | Paul Moore | 6 | -8/+185 |
2008-01-30 | SELinux: Add a network node caching mechanism similar to the sel_netif_*() fu... | Paul Moore | 5 | -17/+416 |
2008-01-30 | SELinux: Only store the network interface's ifindex | Paul Moore | 3 | -6/+15 |
2008-01-30 | SELinux: Convert the netif code to use ifindex values | Paul Moore | 6 | -125/+155 |
2008-01-30 | NetLabel: Add IP address family information to the netlbl_skbuff_getattr() fu... | Paul Moore | 3 | -15/+38 |
2008-01-30 | NetLabel: Add secid token support to the NetLabel secattr struct | Paul Moore | 2 | -6/+9 |
2008-01-28 | [NETFILTER]: Introduce NF_INET_ hook values | Patrick McHardy | 1 | -2/+2 |
2008-01-26 | selinux: fix labeling of /proc/net inodes | Stephen Smalley | 1 | -0/+3 |
2008-01-25 | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo... | Linus Torvalds | 8 | -277/+564 |
2008-01-24 | Kobject: convert remaining kobject_unregister() to kobject_put() | Greg Kroah-Hartman | 1 | -1/+1 |
2008-01-24 | kobject: convert kernel_kset to be a kobject | Greg Kroah-Hartman | 1 | -1/+1 |
2008-01-24 | kset: convert kernel_subsys to use kset_create | Greg Kroah-Hartman | 1 | -1/+1 |
2008-01-24 | kobject: convert securityfs to use kobject_create | Greg Kroah-Hartman | 1 | -6/+5 |
2008-01-24 | kobject: remove struct kobj_type from struct kset | Greg Kroah-Hartman | 1 | -2/+2 |
2008-01-25 | selinux: make mls_compute_sid always polyinstantiate | Eamon Walsh | 1 | -9/+2 |
2008-01-25 | security/selinux: constify function pointer tables and fields | Jan Engelhardt | 2 | -3/+3 |
2008-01-25 | security: add a secctx_to_secid() hook | David Howells | 3 | -0/+18 |
2008-01-25 | security: remove security_sb_post_mountroot hook | H. Peter Anvin | 2 | -11/+0 |
2008-01-25 | Security: add get, set, and cloning of superblock security information | Eric Paris | 4 | -254/+541 |
2008-01-25 | security/selinux: Add missing "space" | Joe Perches | 1 | -1/+1 |
2008-01-21 | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo... | Linus Torvalds | 2 | -4/+5 |
2008-01-21 | Fix filesystem capability support | Andrew G. Morgan | 1 | -3/+10 |
2008-01-22 | selinux: fix memory leak in netlabel code | Paul Moore | 2 | -4/+5 |
2007-12-06 | Security: allow capable check to permit mmap or low vm space | Eric Paris | 1 | -1/+1 |