aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2008-08-14security: Fix setting of PF_SUPERPRIV by __capable()David Howells6-34/+80
2008-07-30SELinux: /proc/mounts should show what it canEric Paris1-1/+5
2008-07-26Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds4-9/+7
2008-07-26Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds1-19/+8
2008-07-26[patch 3/4] fat: dont call notify_changeMiklos Szeredi1-0/+1
2008-07-26[PATCH] pass MAY_OPEN to vfs_permission() explicitlyAl Viro4-9/+6
2008-07-26selinux: use nf_register_hooks()Alexey Dobriyan1-19/+8
2008-07-26tracehook: tracehook_tracer_taskRoland McGrath1-19/+3
2008-07-25devcgroup: code cleanupLi Zefan1-14/+8
2008-07-25devcgroup: relax white-list protection down to RCUPavel Emelyanov1-13/+22
2008-07-25cgroup files: convert devcgroup_access_write() into a cgroup write_string() h...Paul Menage1-63/+38
2008-07-24security: filesystem capabilities no longer experimentalAndrew G. Morgan1-2/+1
2008-07-24security: protect legacy applications from executing with insufficient privilegeAndrew G. Morgan1-49/+59
2008-07-15Revert "SELinux: allow fstype unknown to policy to use xattrs if present"James Morris3-37/+14
2008-07-14security: remove register_security hookJames Morris5-95/+5
2008-07-14security: remove dummy module fixMiklos Szeredi1-1/+1
2008-07-14security: remove dummy moduleMiklos Szeredi5-1340/+996
2008-07-14security: remove unused sb_get_mnt_opts hookMiklos Szeredi3-15/+0
2008-07-14LSM/SELinux: show LSM mount options in /proc/mountsEric Paris3-1/+65
2008-07-14SELinux: allow fstype unknown to policy to use xattrs if presentEric Paris3-14/+37
2008-07-14security: fix return of void-valued expressionsJames Morris1-3/+3
2008-07-14SELinux: use do_each_thread as a proper do/while blockJames Morris1-2/+2
2008-07-14SELinux: remove unused and shadowed addrlen variableJames Morris1-3/+1
2008-07-14SELinux: more user friendly unknown handling printkEric Paris2-5/+7
2008-07-14selinux: change handling of invalid classes (Was: Re: 2.6.26-rc5-mm1 selinux ...Stephen Smalley1-3/+13
2008-07-14SELinux: drop load_mutex in security_load_policyEric Paris1-13/+1
2008-07-14SELinux: fix off by 1 reference of class_to_string in context_struct_compute_avEric Paris1-1/+1
2008-07-14SELinux: open code sidtab lockJames Morris1-11/+7
2008-07-14SELinux: open code load_mutexJames Morris1-12/+9
2008-07-14SELinux: open code policy_rwlockJames Morris1-56/+52
2008-07-14selinux: fix endianness bug in network node address handlingStephen Smalley1-7/+8
2008-07-14selinux: simplify ioctl checkingStephen Smalley1-40/+8
2008-07-14SELinux: enable processes with mac_admin to get the raw inode contextsStephen Smalley1-4/+23
2008-07-14Security: split proc ptrace checking into read vs. attachStephen Smalley5-8/+21
2008-07-14SELinux: remove inherit field from inode_security_structJames Morris1-1/+0
2008-07-14SELinux: reorder inode_security_struct to increase objs/slab on 64bitRichard Kennedy1-1/+1
2008-07-14SELinux: keep the code clean formating and syntaxEric Paris9-30/+35
2008-07-14SELinux: fix sleeping allocation in security_context_to_sidStephen Smalley1-30/+40
2008-07-14selinux: support deferred mapping of contextsStephen Smalley8-128/+248
2008-07-13devcgroup: fix permission check when adding entry to child cgroupLi Zefan1-1/+1
2008-07-13devcgroup: always show positive major/minor numLi Zefan1-2/+2
2008-07-04devcgroup: fix odd behaviour when writing 'a' to devices.allowLi Zefan1-0/+2
2008-07-04security: filesystem capabilities: fix CAP_SETPCAP handlingAndrew G. Morgan1-3/+10
2008-06-12capabilities: add (back) dummy support for KEEPCAPSAndrew G. Morgan1-1/+23
2008-06-06keys: remove unused key_alloc_semDaniel Walker1-1/+0
2008-06-06devscgroup: make white list more compact in some casesPavel Emelyanov1-2/+16
2008-06-06devscgroup: relax task to dev_cgroup conversionPavel Emelyanov1-6/+4
2008-06-06devcgroup: make a helper to convert cgroup_subsys_state to devs_cgroupPavel Emelyanov1-2/+6
2008-06-04Smack: fuse mount hang fixCasey Schaufler1-0/+12
2008-05-01[PATCH] split linux/file.hAl Viro1-0/+1
2008-04-30signals: cleanup security_task_kill() usage/implementationOleg Nesterov2-12/+0
2008-04-30Smack: Integrate Smack with AuditAhmed S. Darwish1-0/+155
2008-04-30Security: Make secctx_to_secid() take const secdataDavid Howells6-7/+7
2008-04-29Merge branch 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds2-1/+3
2008-04-29keys: explicitly include required slab.h header file.Robert P. J. Day2-0/+2
2008-04-29keys: make the keyring quotas controllable through /proc/sysDavid Howells6-15/+94
2008-04-29keys: don't generate user and user session keyrings unless they're accessedDavid Howells5-126/+92
2008-04-29keys: allow clients to set key perms in key_create_or_update()Arun Raghavan2-9/+12
2008-04-29keys: switch to proc_create()Alexey Dobriyan1-6/+2
2008-04-29keys: add keyctl function to get a security labelDavid Howells6-1/+99
2008-04-29keys: allow the callout data to be passed as a blob rather than a stringDavid Howells4-29/+48
2008-04-29keys: check starting keyring as part of searchKevin Coffman1-4/+31
2008-04-29keys: increase the payload size when instantiating a keyDavid Howells1-8/+30
2008-04-29cgroups: introduce cft->read_seq()Serge E. Hallyn1-51/+23
2008-04-29cgroups: implement device whitelistSerge E. Hallyn2-0/+604
2008-04-29xattr: add missing consts to function argumentsDavid Howells7-30/+33
2008-04-28Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds12-134/+121
2008-04-28smack: use cap_task_prctlSerge E. Hallyn1-0/+1
2008-04-28smack: make smk_cipso_doi() and smk_unlbl_ambient()Casey Schaufler1-2/+2
2008-04-28root_plug: use cap_task_prctlSerge E. Hallyn1-0/+1
2008-04-28smack: fix integer as NULL pointer warning in smack_lsm.cHarvey Harrison1-1/+1
2008-04-28capabilities: implement per-process securebitsAndrew G. Morgan5-14/+101
2008-04-28Audit: standardize string audit interfacesEric Paris1-1/+1
2008-04-28Audit: collect sessionid in netlink messagesEric Paris1-0/+2
2008-04-28SELinux: Fix a RCU free problem with the netport cachePaul Moore1-22/+18
2008-04-28SELinux: Made netnode cache adds fasterPaul Moore1-55/+49
2008-04-28SELinux: policydb.h whitespace, syntax, and other cleanupsEric Paris1-5/+5
2008-04-28SELinux: mls_types.h whitespace, syntax, and other cleanupsEric Paris1-2/+2
2008-04-28SELinux: mls.h whitespace, syntax, and other cleanupsEric Paris1-3/+3
2008-04-28SELinux: hashtab.h whitespace, syntax, and other cleanupsEric Paris1-3/+3
2008-04-28SELinux: context.h whitespace, syntax, and other cleanupsEric Paris1-2/+2
2008-04-28SELinux: ss/conditional.h whitespace, syntax, and other cleanupsEric Paris1-3/+3
2008-04-28SELinux: selinux/include/security.h whitespace, syntax, and other cleanupsEric Paris1-2/+2
2008-04-28SELinux: objsec.h whitespace, syntax, and other cleanupsEric Paris1-30/+30
2008-04-28SELinux: netlabel.h whitespace, syntax, and other cleanupsEric Paris1-1/+1
2008-04-28SELinux: avc_ss.h whitespace, syntax, and other cleanupsEric Paris1-6/+3
2008-04-22Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds4-21/+21
2008-04-22SELinux fixups needed for preemptable RCU from -rtPaul E. McKenney2-0/+11
2008-04-21[PATCH] switch a bunch of LSM hooks from nameidata to pathAl Viro4-21/+21
2008-04-22SELinux: no BUG_ON(!ss_initialized) in selinux_clone_mnt_optsEric Paris1-3/+12
2008-04-21Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds17-634/+609
2008-04-21SELinux: one little, two little, three little whitespaces, the avc.c saga.Eric Paris1-28/+28
2008-04-21SELinux: cleanup on isle selinuxfs.cEric Paris1-55/+57
2008-04-21changing whitespace for fun and profit: policydb.cEric Paris1-68/+63
2008-04-21SELinux: whitespace and formating fixes for hooks.cEric Paris1-250/+245
2008-04-21SELinux: clean up printksEric Paris7-77/+78
2008-04-21SELinux: sidtab.c whitespace, syntax, and static declaraction cleanupsEric Paris1-4/+2
2008-04-21SELinux: services.c whitespace, syntax, and static declaraction cleanupsEric Paris1-60/+55
2008-04-21SELinux: mls.c whitespace, syntax, and static declaraction cleanupsEric Paris1-13/+14
2008-04-21SELinux: hashtab.c whitespace, syntax, and static declaraction cleanupsEric Paris1-2/+2
2008-04-21SELinux: ebitmap.c whitespace, syntax, and static declaraction cleanupsEric Paris1-3/+2
2008-04-21SELinux: conditional.c whitespace, syntax, and static declaraction cleanupsEric Paris1-33/+26
2008-04-21SELinux: avtab.c whitespace, syntax, and static declaraction cleanupsEric Paris1-10/+11
2008-04-21SELinux: xfrm.c whitespace, syntax, and static declaraction cleanupsEric Paris1-6/+3
2008-04-21SELinux: nlmsgtab.c whitespace, syntax, and static declaraction cleanupsEric Paris1-3/+2
2008-04-21SELinux: netnode.c whitespace, syntax, and static declaraction cleanupsEric Paris1-1/+1
2008-04-21SELinux: netlink.c whitespace, syntax, and static declaraction cleanupsEric Paris1-10/+10
2008-04-21SELinux: netlabel.c whitespace, syntax, and static declaraction cleanupsEric Paris1-1/+1
2008-04-21SELinux: netif.c whitespace, syntax, and static declaraction cleanupsEric Paris1-10/+9
2008-04-18security: Remove unnecessary inclusions of asm/semaphore.hMatthew Wilcox3-3/+0
2008-04-18Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds9-61/+269
2008-04-18Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.26Linus Torvalds7-48/+45
2008-04-19security: fix up documentation for security_module_enableJames Morris1-1/+1
2008-04-19Security: Introduce security= boot parameterAhmed S. Darwish6-4/+65
2008-04-19Audit: Final renamings and cleanupAhmed S. Darwish1-0/+65
2008-04-19SELinux: use new audit hooks, remove redundant exportsAhmed S. Darwish2-11/+42
2008-04-19LSM/Audit: Introduce generic Audit LSM hooksAhmed S. Darwish2-1/+55
2008-04-19SELinux: remove redundant exportsAhmed S. Darwish1-42/+0
2008-04-19SELinux: setup new inode/ipc getsecid hooksAhmed S. Darwish1-2/+17
2008-04-19LSM: Introduce inode_getsecid and ipc_getsecid hooksAhmed S. Darwish2-1/+25
2008-04-18security: enhance DEFAULT_MMAP_MIN_ADDR descriptionmaximilian attems1-4/+6
2008-04-18SELinux: add netport.[ch]James Morris2-0/+317
2008-04-18SELinux: Add network port SID cachePaul Moore5-21/+17
2008-04-18SELinux: turn mount options strings into definesEric Paris2-8/+13
2008-04-18selinux/ss/services.c should #include <linux/selinux.h>Adrian Bunk1-0/+1
2008-04-18selinux: introduce permissive typesEric Paris6-6/+48
2008-04-18selinux: remove ptrace_sidRoland McGrath2-25/+47
2008-04-18SELinux: requesting no permissions in avc_has_perm_noaudit is a BUG()Eric Paris1-1/+3
2008-04-18security: code cleanupAndrew Morton1-1/+1
2008-04-18security: replace remaining __FUNCTION__ occurrencesHarvey Harrison8-26/+26
2008-04-18SELinux: create new open permissionEric Paris6-2/+47
2008-04-18selinux: selinux/netlabel.c should #include "netlabel.h"Adrian Bunk1-0/+1
2008-04-18SELinux: unify printk messagesJames Morris5-76/+76
2008-04-18SELinux: remove unused backpointers from security objectsJames Morris2-14/+0
2008-04-18SELinux: Correct the NetLabel locking for the sk_security_structPaul Moore4-87/+15
2008-04-17Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/torvalds...David S. Miller3-15/+19
2008-04-12LSM: Make the Labeled IPsec hooks more stack friendlyPaul Moore4-45/+42
2008-04-12NetLabel: Allow passing the LSM domain as a shared pointerPaul Moore2-2/+2
2008-04-10SELinux: don't BUG if fs reuses a superblockEric Paris1-4/+4
2008-04-08SELinux: more GFP_NOFS fixups to prevent selinux from re-entering the fs codeStephen Smalley3-9/+13
2008-04-04selinux: prevent rentry into the FSJosef Bacik1-2/+2
2008-04-03Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/...David S. Miller5-83/+16
2008-04-02selinux: handle files opened with flags 3 by checking ioctl permissionStephen Smalley1-0/+6
2008-03-26[NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS.YOSHIFUJI Hideaki1-1/+1
2008-03-24smackfs: remove redundant lock, fix open(,O_RDWR)Ahmed S. Darwish1-33/+2
2008-03-20file capabilities: remove cap_task_kill()Serge Hallyn3-46/+0
2008-03-19smack: do not dereference NULL ipc objectAhmed S. Darwish1-3/+6
2008-03-18make selinux_parse_opts_str() staticAdrian Bunk1-1/+2
2008-03-13smackfs: do not trust `count' in inodes write()sAhmed S. Darwish2-19/+20
2008-03-06LSM/SELinux: Interfaces to allow FS to control mount optionsEric Paris5-107/+128
2008-02-23Smack: update for file capabilitiesCasey Schaufler1-13/+74
2008-02-23file capabilities: simplify signal checkSerge E. Hallyn1-1/+1
2008-02-19Smack: unlabeled outgoing ambient packetsCasey Schaufler2-23/+74
2008-02-14d_path: Use struct path in struct avc_audit_dataJan Blunck3-25/+24
2008-02-14Embed a struct path into struct nameidata instead of nd->{dentry,mnt}Jan Blunck2-3/+3
2008-02-13Smack: check for 'struct socket' with NULL skAhmed S. Darwish1-4/+5
2008-02-11selinux: support 64-bit capabilitiesStephen Smalley5-2/+27
2008-02-07Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p)David Howells4-4/+4
2008-02-06SELinux: Remove security_get_policycaps()Paul Moore2-34/+0
2008-02-06security: allow Kconfig to set default mmap_min_addr protectionEric Paris2-1/+21
2008-02-05Smack: Simplified Mandatory Access Control KernelCasey Schaufler8-0/+4095
2008-02-05capabilities: introduce per-process capability bounding setSerge E. Hallyn1-17/+27
2008-02-05Add 64-bit capability support to the kernelAndrew Morgan2-36/+68
2008-02-05revert "capabilities: clean up file capability reading"Andrew Morton1-15/+8
2008-02-05VFS/Security: Rework inode_getsecurity and callers to return resulting bufferDavid P. Quigley3-31/+18
2008-02-01[AUDIT] add session id to audit messagesEric Paris2-9/+13
2008-02-01[PATCH] switch audit_get_loginuid() to task_struct *Al Viro2-4/+4
2008-01-31[SELinux]: Fix double free in selinux_netlbl_sock_setsid()Paul Moore1-1/+0
2008-01-30security: compile capabilities by defaultsergeh@us.ibm.com1-0/+1
2008-01-30selinux: make selinux_set_mnt_opts() staticAdrian Bunk1-2/+2
2008-01-30SELinux: Add warning messages on network denial due to errorPaul Moore3-8/+40
2008-01-30SELinux: Add network ingress and egress control permission checksPaul Moore1-122/+280
2008-01-30SELinux: Allow NetLabel to directly cache SIDsPaul Moore5-134/+55
2008-01-30SELinux: Enable dynamic enable/disable of the network access checksPaul Moore4-13/+83
2008-01-30SELinux: Better integration between peer labeling subsystemsPaul Moore6-100/+208
2008-01-30SELinux: Add a new peer class and permissions to the Flask definitionsPaul Moore4-0/+26
2008-01-30SELinux: Add a capabilities bitmap to SELinux policy version 22Paul Moore6-8/+185
2008-01-30SELinux: Add a network node caching mechanism similar to the sel_netif_*() fu...Paul Moore5-17/+416
2008-01-30SELinux: Only store the network interface's ifindexPaul Moore3-6/+15
2008-01-30SELinux: Convert the netif code to use ifindex valuesPaul Moore6-125/+155
2008-01-30NetLabel: Add IP address family information to the netlbl_skbuff_getattr() fu...Paul Moore3-15/+38
2008-01-30NetLabel: Add secid token support to the NetLabel secattr structPaul Moore2-6/+9
2008-01-28[NETFILTER]: Introduce NF_INET_ hook valuesPatrick McHardy1-2/+2
2008-01-26selinux: fix labeling of /proc/net inodesStephen Smalley1-0/+3
2008-01-25Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds8-277/+564
2008-01-24Kobject: convert remaining kobject_unregister() to kobject_put()Greg Kroah-Hartman1-1/+1
2008-01-24kobject: convert kernel_kset to be a kobjectGreg Kroah-Hartman1-1/+1
2008-01-24kset: convert kernel_subsys to use kset_createGreg Kroah-Hartman1-1/+1
2008-01-24kobject: convert securityfs to use kobject_createGreg Kroah-Hartman1-6/+5
2008-01-24kobject: remove struct kobj_type from struct ksetGreg Kroah-Hartman1-2/+2
2008-01-25selinux: make mls_compute_sid always polyinstantiateEamon Walsh1-9/+2
2008-01-25security/selinux: constify function pointer tables and fieldsJan Engelhardt2-3/+3
2008-01-25security: add a secctx_to_secid() hookDavid Howells3-0/+18
2008-01-25security: remove security_sb_post_mountroot hookH. Peter Anvin2-11/+0
2008-01-25Security: add get, set, and cloning of superblock security informationEric Paris4-254/+541
2008-01-25security/selinux: Add missing "space"Joe Perches1-1/+1
2008-01-21Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds2-4/+5
2008-01-21Fix filesystem capability supportAndrew G. Morgan1-3/+10
2008-01-22selinux: fix memory leak in netlabel codePaul Moore2-4/+5
2007-12-06Security: allow capable check to permit mmap or low vm spaceEric Paris1-1/+1
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-17 23:47:59 +0000