Age | Commit message (Expand) | Author | Files | Lines |
2012-05-14 | gfp flags for security_inode_alloc()? | Tetsuo Handa | 1 | -4/+4 |
2012-05-14 | Smack: recursive tramsmute | Casey Schaufler | 2 | -9/+36 |
2012-05-15 | Yama: replace capable() with ns_capable() | Kees Cook | 1 | -2/+2 |
2012-05-15 | TOMOYO: Accept manager programs which do not start with / . | Tetsuo Handa | 2 | -21/+6 |
2012-05-11 | KEYS: Add invalidation support | David Howells | 8 | -28/+110 |
2012-05-11 | KEYS: Do LRU discard in full keyrings | David Howells | 2 | -7/+42 |
2012-05-11 | KEYS: Permit in-place link replacement in keyring list | David Howells | 2 | -40/+57 |
2012-05-11 | KEYS: Perform RCU synchronisation on keys prior to key destruction | David Howells | 1 | -29/+44 |
2012-05-11 | KEYS: Announce key type (un)registration | David Howells | 1 | -0/+3 |
2012-05-11 | KEYS: Reorganise keys Makefile | David Howells | 1 | -3/+9 |
2012-05-11 | KEYS: Move the key config into security/keys/Kconfig | David Howells | 2 | -67/+72 |
2012-05-08 | netfilter: remove ip_queue support | Pablo Neira Ayuso | 1 | -13/+0 |
2012-05-04 | Merge tag 'v3.4-rc5' into next | James Morris | 3 | -29/+54 |
2012-05-03 | userns: Convert capabilities related permsion checks | Eric W. Biederman | 1 | -15/+26 |
2012-05-03 | userns: Store uid and gid values in struct cred with kuid_t and kgid_t types | Eric W. Biederman | 1 | -2/+1 |
2012-05-03 | userns: Convert group_info values from gid_t to kgid_t. | Eric W. Biederman | 1 | -1/+2 |
2012-04-26 | userns: Simplify the user_namespace by making userns->creator a kuid. | Eric W. Biederman | 1 | -2/+3 |
2012-04-23 | Yama: remove an unused variable | Dan Carpenter | 1 | -1/+0 |
2012-04-19 | Yama: add additional ptrace scopes | Kees Cook | 1 | -11/+51 |
2012-04-19 | security: fix compile error in commoncap.c | Jonghwan Choi | 1 | -0/+1 |
2012-04-18 | fcaps: clear the same personality flags as suid when fcaps are used | Eric Paris | 1 | -0/+5 |
2012-04-18 | Smack: move label list initialization | Casey Schaufler | 2 | -25/+33 |
2012-04-14 | Fix execve behavior apparmor for PR_{GET,SET}_NO_NEW_PRIVS | John Johansen | 1 | -4/+35 |
2012-04-14 | Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs | Andy Lutomirski | 3 | -3/+18 |
2012-04-10 | Smack: build when CONFIG_AUDIT not defined | Kees Cook | 1 | -4/+15 |
2012-04-09 | SELinux: remove unused common_audit_data in flush_unauthorized_files | Eric Paris | 1 | -4/+0 |
2012-04-09 | SELinux: avc: remove the useless fields in avc_add_callback | Wanlong Gao | 6 | -47/+15 |
2012-04-09 | SELinux: replace weak GFP_ATOMIC to GFP_KERNEL in avc_add_callback | Wanlong Gao | 1 | -2/+2 |
2012-04-09 | SELinux: unify the selinux_audit_data and selinux_late_audit_data | Eric Paris | 3 | -91/+16 |
2012-04-09 | SELinux: remove auditdeny from selinux_audit_data | Eric Paris | 1 | -8/+1 |
2012-04-09 | LSM: do not initialize common_audit_data to 0 | Eric Paris | 11 | -44/+44 |
2012-04-09 | LSM: BUILD_BUG_ON if the common_audit_data union ever grows | Eric Paris | 1 | -0/+7 |
2012-04-09 | LSM: remove the task field from common_audit_data | Eric Paris | 2 | -7/+2 |
2012-04-09 | apparmor: move task from common_audit_data to apparmor_audit_data | Eric Paris | 3 | -3/+11 |
2012-04-09 | LSM: remove the COMMON_AUDIT_DATA_INIT type expansion | Eric Paris | 10 | -43/+43 |
2012-04-09 | SELinux: move common_audit_data to a noinline slow path function | Eric Paris | 1 | -11/+21 |
2012-04-09 | SELinux: remove inode_has_perm_noadp | Eric Paris | 1 | -24/+4 |
2012-04-09 | SELinux: delay initialization of audit data in selinux_inode_permission | Eric Paris | 3 | -70/+105 |
2012-04-09 | SELinux: if sel_make_bools errors don't leave inconsistent state | Eric Paris | 1 | -0/+1 |
2012-04-09 | SELinux: remove needless sel_div function | Eric Paris | 1 | -6/+1 |
2012-04-09 | SELinux: possible NULL deref in context_struct_to_string | Eric Paris | 1 | -3/+5 |
2012-04-09 | SELinux: audit failed attempts to set invalid labels | Eric Paris | 1 | -2/+34 |
2012-04-09 | SELinux: rename dentry_open to file_open | Eric Paris | 6 | -15/+15 |
2012-04-09 | SELinux: check OPEN on truncate calls | Eric Paris | 1 | -1/+5 |
2012-04-09 | SELinux: add default_type statements | Eric Paris | 4 | -6/+33 |
2012-04-09 | SELinux: allow default source/target selectors for user/role/range | Eric Paris | 6 | -8/+109 |
2012-04-09 | SELinux: loosen DAC perms on reading policy | Eric Paris | 1 | -1/+1 |
2012-04-09 | SELinux: allow seek operations on the file exposing policy | Eric Paris | 1 | -0/+1 |
2012-04-07 | userns: Add an explicit reference to the parent user namespace | Eric W. Biederman | 1 | -1/+1 |
2012-04-07 | cred: Refcount the user_ns pointed to by the cred. | Eric W. Biederman | 1 | -1/+1 |
2012-04-07 | userns: Use cred->user_ns instead of cred->user->user_ns | Eric W. Biederman | 4 | -10/+10 |
2012-04-03 | lsm_audit: don't specify the audit pre/post callbacks in 'struct common_audit... | Linus Torvalds | 4 | -13/+12 |
2012-04-03 | SELinux: do not allocate stack space for AVC data unless needed | Eric Paris | 2 | -14/+27 |
2012-04-03 | SELinux: remove avd from slow_avc_audit() | Eric Paris | 1 | -2/+2 |
2012-04-03 | SELinux: remove avd from selinux_audit_data | Eric Paris | 1 | -1/+0 |
2012-04-03 | LSM: shrink the common_audit_data data union | Eric Paris | 4 | -88/+122 |
2012-04-03 | LSM: shrink sizeof LSM specific portion of common_audit_data | Eric Paris | 15 | -97/+238 |
2012-04-01 | cgroup: convert all non-memcg controllers to the new cftype interface | Tejun Heo | 1 | -8/+2 |
2012-03-31 | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir... | Linus Torvalds | 2 | -71/+48 |
2012-03-31 | get rid of pointless includes of ext2_fs.h | Al Viro | 1 | -5/+4 |
2012-03-31 | selinuxfs: merge dentry allocation into sel_make_dir() | Al Viro | 1 | -66/+44 |
2012-03-31 | selinux: inline avc_audit() and avc_has_perm_noaudit() into caller | Linus Torvalds | 1 | -2/+2 |
2012-03-31 | selinux: don't inline slow-path code into avc_has_perm_noaudit() | Linus Torvalds | 1 | -14/+38 |
2012-03-29 | Merge branch 'x86-x32-for-linus' of git://git.kernel.org/pub/scm/linux/kernel... | Linus Torvalds | 1 | -1/+1 |
2012-03-28 | Merge tag 'split-asm_system_h-for-linus-20120328' of git://git.kernel.org/pub... | Linus Torvalds | 2 | -1/+2 |
2012-03-28 | Remove all #inclusions of asm/system.h | David Howells | 1 | -1/+0 |
2012-03-28 | apparmor: Fix change_onexec when called from a confined task | John Johansen | 2 | -1/+4 |
2012-03-26 | SELinux: selinux/xfrm.h needs net/flow.h | David Howells | 1 | -0/+2 |
2012-03-23 | usermodehelper: kill umh_wait, renumber UMH_* constants | Oleg Nesterov | 1 | -1/+1 |
2012-03-23 | usermodehelper: use UMH_WAIT_PROC consistently | Oleg Nesterov | 1 | -1/+1 |
2012-03-23 | Merge tag 'nfs-for-3.4-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs | Linus Torvalds | 2 | -16/+22 |
2012-03-22 | security: optimize avc_audit() common path | Linus Torvalds | 1 | -29/+41 |
2012-03-21 | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir... | Linus Torvalds | 1 | -6/+2 |
2012-03-21 | Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/... | Linus Torvalds | 38 | -191/+856 |
2012-03-21 | Merge branch 'kmap_atomic' of git://github.com/congwang/linux | Linus Torvalds | 1 | -2/+2 |
2012-03-20 | switch unix_sock to struct path | Al Viro | 1 | -6/+2 |
2012-03-20 | Merge branch 'for-3.4' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cg... | Linus Torvalds | 1 | -6/+4 |
2012-03-20 | tomoyo: remove the second argument of k[un]map_atomic() | Cong Wang | 1 | -2/+2 |
2012-03-20 | Merge branch 'for-security' of git://git.kernel.org/pub/scm/linux/kernel/git/... | James Morris | 1 | -2/+2 |
2012-03-19 | AppArmor: Fix location of const qualifier on generated string tables | Tetsuo Handa | 1 | -2/+2 |
2012-03-20 | TOMOYO: Return error if fails to delete a domain | Tetsuo Handa | 1 | -4/+5 |
2012-03-15 | Merge branch 'for-security' of git://git.kernel.org/pub/scm/linux/kernel/git/... | James Morris | 13 | -52/+189 |
2012-03-14 | AppArmor: add const qualifiers to string arrays | Jan Engelhardt | 4 | -7/+7 |
2012-03-14 | AppArmor: Add ability to load extended policy | John Johansen | 4 | -1/+50 |
2012-03-15 | TOMOYO: Return appropriate value to poll(). | Tetsuo Handa | 4 | -43/+26 |
2012-03-14 | AppArmor: Move path failure information into aa_get_name and rename | John Johansen | 4 | -19/+29 |
2012-03-14 | AppArmor: Update dfa matching routines. | John Johansen | 3 | -4/+81 |
2012-03-14 | AppArmor: Minor cleanup of d_namespace_path to consolidate error handling | John Johansen | 1 | -10/+6 |
2012-03-14 | AppArmor: Retrieve the dentry_path for error reporting when path lookup fails | John Johansen | 1 | -6/+9 |
2012-03-14 | AppArmor: Add const qualifiers to generated string tables | John Johansen | 1 | -2/+3 |
2012-03-14 | AppArmor: Fix oops in policy unpack auditing | John Johansen | 1 | -2/+3 |
2012-03-14 | AppArmor: Fix error returned when a path lookup is disconnected | John Johansen | 1 | -1/+1 |
2012-03-07 | KEYS: testing wrong bit for KEY_FLAG_REVOKED | Dan Carpenter | 1 | -1/+2 |
2012-03-01 | Created a function for setting timeouts on keys | Bryan Schumaker | 2 | -16/+22 |
2012-03-01 | TOMOYO: Fix mount flags checking order. | Tetsuo Handa | 1 | -18/+20 |
2012-02-28 | security: fix ima kconfig warning | Randy Dunlap | 1 | -1/+1 |
2012-02-27 | AppArmor: Fix the error case for chroot relative path name lookup | John Johansen | 1 | -3/+2 |
2012-02-27 | AppArmor: fix mapping of META_READ to audit and quiet flags | John Johansen | 1 | -2/+1 |
2012-02-27 | AppArmor: Fix underflow in xindex calculation | John Johansen | 1 | -1/+1 |
2012-02-27 | AppArmor: Fix dropping of allowed operations that are force audited | John Johansen | 2 | -3/+3 |
2012-02-27 | AppArmor: Add mising end of structure test to caps unpacking | John Johansen | 1 | -0/+2 |
2012-02-27 | AppArmor: export known rlimit names/value mappings in securityfs | Kees Cook | 4 | -6/+29 |
2012-02-27 | AppArmor: add "file" details to securityfs | Kees Cook | 2 | -0/+16 |
2012-02-27 | AppArmor: add initial "features" directory to securityfs | Kees Cook | 2 | -0/+65 |
2012-02-27 | AppArmor: refactor securityfs to use structures | Kees Cook | 2 | -42/+114 |
2012-02-19 | Replace the fd_sets in struct fdtable with an array of unsigned longs | David Howells | 1 | -1/+1 |
2012-02-16 | IMA: fix audit res field to indicate 1 for success and 0 for failure | Eric Paris | 2 | -2/+2 |
2012-02-16 | Yama: add PR_SET_PTRACER_ANY | Kees Cook | 1 | -2/+6 |
2012-02-14 | security: trim security.h | Al Viro | 4 | -0/+8 |
2012-02-14 | mm: collapse security_vm_enough_memory() variants into a single function | Al Viro | 1 | -14/+0 |
2012-02-10 | security: Yama LSM | Kees Cook | 5 | -0/+343 |
2012-02-10 | security: create task_free security callback | Kees Cook | 2 | -0/+10 |
2012-02-09 | Merge branch 'next-queue' into next | James Morris | 3 | -2/+16 |
2012-02-02 | cgroup: remove cgroup_subsys argument from callbacks | Li Zefan | 1 | -6/+4 |
2012-01-23 | Merge git://git.samba.org/sfrench/cifs-2.6 | Linus Torvalds | 3 | -0/+39 |
2012-01-19 | ima: policy for RAMFS | Dmitry Kasatkin | 1 | -0/+1 |
2012-01-19 | ima: fix Kconfig dependencies | Fabio Estevam | 1 | -1/+1 |
2012-01-19 | keys: fix user_defined key sparse messages | Mimi Zohar | 1 | -3/+3 |
2012-01-19 | ima: fix cred sparse warning | Mimi Zohar | 1 | -1/+2 |
2012-01-19 | KEYS: Allow special keyrings to be cleared | David Howells | 1 | -1/+14 |
2012-01-17 | keys: add a "logon" key type | Jeff Layton | 3 | -0/+39 |
2012-01-17 | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo... | Linus Torvalds | 9 | -22/+34 |
2012-01-17 | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir... | Linus Torvalds | 2 | -15/+20 |
2012-01-18 | integrity: digital signature config option name change | Dmitry Kasatkin | 3 | -4/+4 |
2012-01-18 | lib: digital signature config option name change | Dmitry Kasatkin | 1 | -1/+1 |
2012-01-18 | encrypted-keys: fix rcu and sparse messages | Mimi Zohar | 2 | -2/+2 |
2012-01-18 | keys: fix trusted/encrypted keys sparse rcu_assign_pointer messages | Mimi Zohar | 3 | -4/+6 |
2012-01-18 | KEYS: Add missing smp_rmb() primitives to the keyring search code | David Howells | 2 | -8/+18 |
2012-01-18 | TOMOYO: Accept \000 as a valid character. | Tetsuo Handa | 1 | -3/+3 |
2012-01-17 | audit: no leading space in audit_log_d_path prefix | Kees Cook | 1 | -2/+2 |
2012-01-17 | audit: treat s_id as an untrusted string | Kees Cook | 2 | -13/+18 |
2012-01-14 | Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security | Linus Torvalds | 5 | -85/+27 |
2012-01-13 | module_param: make bool parameters really bool (drivers & misc) | Rusty Russell | 2 | -11/+11 |
2012-01-10 | Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security | Linus Torvalds | 16 | -59/+259 |
2012-01-10 | securityfs: fix object creation races | Al Viro | 1 | -141/+50 |
2012-01-09 | Merge branch 'for-3.3' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cg... | Linus Torvalds | 1 | -3/+4 |
2012-01-09 | Merge branch 'next' into for-linus | James Morris | 16 | -59/+259 |
2012-01-08 | Merge branch 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/vi... | Linus Torvalds | 13 | -60/+46 |
2012-01-06 | switch security_path_chmod() to struct path * | Al Viro | 4 | -17/+11 |
2012-01-06 | vfs: prefer ->dentry->d_sb to ->mnt->mnt_sb | Al Viro | 2 | -3/+3 |
2012-01-06 | Merge branches 'vfsmount-guts', 'umode_t' and 'partitions' into Z | Al Viro | 10 | -34/+34 |
2012-01-05 | security: remove the security_netlink_recv hook as it is equivalent to capable() | Eric Paris | 4 | -34/+0 |
2012-01-05 | ptrace: do not audit capability check when outputing /proc/pid/stat | Eric Paris | 1 | -1/+1 |
2012-01-05 | capabilities: remove all _real_ interfaces | Eric Paris | 1 | -24/+0 |
2012-01-05 | capabilities: introduce security_capable_noaudit | Eric Paris | 1 | -0/+6 |
2012-01-05 | capabilities: reverse arguments to security_capable | Eric Paris | 1 | -1/+1 |
2012-01-05 | capabilities: remove the task from capable LSM hook entirely | Eric Paris | 4 | -30/+24 |
2012-01-05 | selinux: sparse fix: fix several warnings in the security server cod | James Morris | 5 | -7/+9 |
2012-01-05 | selinux: sparse fix: fix warnings in netlink code | James Morris | 6 | -5/+6 |
2012-01-05 | selinux: sparse fix: eliminate warnings for selinuxfs | James Morris | 3 | -6/+4 |
2012-01-05 | selinux: sparse fix: declare selinux_disable() in security.h | James Morris | 2 | -1/+1 |
2012-01-05 | selinux: sparse fix: move selinux_complete_init | James Morris | 2 | -1/+1 |
2012-01-05 | selinux: sparse fix: make selinux_secmark_refcount static | James Morris | 1 | -1/+1 |
2012-01-04 | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net | David S. Miller | 1 | -1/+1 |
2012-01-03 | vfs: trim includes a bit | Al Viro | 1 | -0/+1 |
2012-01-03 | switch ->path_mknod() to umode_t | Al Viro | 4 | -4/+4 |
2012-01-03 | switch ->path_mkdir() to umode_t | Al Viro | 4 | -4/+4 |
2012-01-03 | tomoyo_mini_stat: switch to umode_t | Al Viro | 2 | -3/+3 |
2012-01-03 | switch securityfs_create_file() to umode_t | Al Viro | 3 | -8/+8 |
2012-01-03 | switch security_path_chmod() to umode_t | Al Viro | 4 | -4/+4 |
2012-01-03 | get rid of open-coded S_ISREG(), etc. | Al Viro | 2 | -2/+2 |
2012-01-03 | switch ->mknod() to umode_t | Al Viro | 3 | -3/+3 |
2012-01-03 | switch ->create() to umode_t | Al Viro | 3 | -3/+3 |
2012-01-03 | switch vfs_mkdir() and ->mkdir() to umode_t | Al Viro | 3 | -3/+3 |
2012-01-03 | vfs: for usbfs, etc. internal vfsmounts ->mnt_sb->s_root == ->mnt_root | Al Viro | 1 | -1/+1 |
2012-01-03 | btrfs, nfs, apparmor: don't pull mnt_namespace.h for no reason... | Al Viro | 1 | -1/+0 |
2012-01-03 | tomoyo: stop including hell knows what | Al Viro | 1 | -8/+0 |
2012-01-03 | security: Fix security_old_inode_init_security() when CONFIG_SECURITY is not set | Jan Kara | 1 | -1/+1 |
2011-12-23 | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net | David S. Miller | 4 | -35/+66 |
2011-12-21 | SELinux: Fix RCU deref check warning in sel_netport_insert() | David Howells | 1 | -1/+3 |
2011-12-20 | SELinux: Fix RCU deref check warning in sel_netport_insert() | David Howells | 1 | -1/+3 |
2011-12-20 | evm: prevent racing during tfm allocation | Dmitry Kasatkin | 1 | -0/+9 |
2011-12-20 | evm: key must be set once during initialization | Dmitry Kasatkin | 1 | -4/+6 |
2011-12-19 | ima: fix invalid memory reference | Roberto Sassu | 1 | -5/+11 |
2011-12-19 | ima: free duplicate measurement memory | Roberto Sassu | 2 | -2/+3 |
2011-12-19 | selinux: Casting (void *) value returned by kmalloc is useless | Thomas Meyer | 1 | -1/+1 |
2011-12-16 | apparmor: fix module parameter handling | Rusty Russell | 1 | -3/+3 |
2011-12-12 | cgroup: introduce cgroup_taskset and use it in subsys->can_attach(), cancel_a... | Tejun Heo | 1 | -3/+4 |
2011-12-12 | Security: tomoyo: add .gitignore file | Greg Kroah-Hartman | 1 | -0/+2 |
2011-12-12 | tomoyo: add missing rcu_dereference() | Kees Cook | 1 | -1/+1 |
2011-12-09 | apparmor: add missing rcu_dereference() | Kees Cook | 1 | -1/+1 |
2011-12-08 | TOMOYO: Fix pathname handling of disconnected paths. | Tetsuo Handa | 1 | -1/+9 |
2011-12-08 | evm: prevent racing during tfm allocation | Dmitry Kasatkin | 1 | -3/+11 |
2011-12-08 | evm: key must be set once during initialization | Dmitry Kasatkin | 1 | -7/+8 |
2011-12-06 | fix apparmor dereferencing potentially freed dentry, sanitize __d_path() API | Al Viro | 2 | -29/+39 |
2011-12-06 | inet_diag: Partly rename inet_ to sock_ | Pavel Emelyanov | 1 | -1/+1 |
2011-12-03 | ipv6: Add fragment reporting to ipv6_skip_exthdr(). | Jesse Gross | 2 | -2/+4 |
2011-11-22 | net: remove ipv6_addr_copy() | Alexey Dobriyan | 3 | -6/+6 |
2011-11-22 | digsig: build dependency fix | Dmitry Kasatkin | 1 | -1/+1 |
2011-11-18 | Merge branch 'next-evm-digsig' of git://git.kernel.org/pub/scm/linux/kernel/g... | James Morris | 7 | -30/+226 |
2011-11-18 | Merge branch 'encrypted-key-fixes' of git://git.kernel.org/pub/scm/linux/kern... | James Morris | 3 | -4/+9 |
2011-11-18 | Merge branch 'for-1111' of git://gitorious.org/smack-next/kernel into for-linus | James Morris | 1 | -76/+39 |
2011-11-17 | KEYS: Give key types their own lockdep class for key->sem | David Howells | 1 | -0/+3 |
2011-11-16 | encrypted-keys: module build fixes | Mimi Zohar | 2 | -3/+8 |
2011-11-16 | encrypted-keys: fix error return code | Mimi Zohar | 1 | -1/+1 |
2011-11-16 | Merge branch 'master'; commit 'v3.2-rc2' into next | James Morris | 10 | -7/+14 |
2011-11-15 | KEYS: Fix a NULL pointer deref in the user-defined key type | David Howells | 1 | -1/+2 |
2011-11-16 | selinuxfs: remove custom hex_to_bin() | Andy Shevchenko | 1 | -10/+4 |
2011-11-11 | Smack: smackfs cipso seq read repair | Casey Schaufler | 1 | -76/+39 |
2011-11-09 | evm: digital signature verification support | Dmitry Kasatkin | 3 | -30/+142 |