aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2008-01-21Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds2-4/+5
2008-01-21Fix filesystem capability supportAndrew G. Morgan1-3/+10
2008-01-22selinux: fix memory leak in netlabel codePaul Moore2-4/+5
2007-12-06Security: allow capable check to permit mmap or low vm spaceEric Paris1-1/+1
2007-12-06SELinux: detect dead booleansStephen Smalley1-13/+30
2007-12-06SELinux: do not clear f_op when removing entriesStephen Smalley1-27/+1
2007-11-29file capabilities: don't prevent signaling setuid root programsSerge E. Hallyn1-0/+9
2007-11-14file capabilities: allow sigcont within sessionSerge E. Hallyn1-0/+4
2007-11-08SELinux: add more validity checks on policy loadStephen Smalley7-38/+118
2007-11-08SELinux: fix bug in new ebitmap code.KaiGai Kohei1-1/+1
2007-11-08SELinux: suppress a warning for 64k pages.Stephen Rothwell1-6/+7
2007-10-23Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds1-5/+1
2007-10-23SELinux: always check SIGCHLD in selinux_task_waitEric Paris1-5/+1
2007-10-22capabilities: clean up file capability readingSerge E. Hallyn1-8/+15
2007-10-19pid namespaces: define is_global_init() and is_container_init()Serge E. Hallyn1-1/+2
2007-10-18sparse pointer use of zero as nullStephen Hemminger1-1/+1
2007-10-18V3 file capabilities: alter behavior of cap_setpcapAndrew Morgan2-14/+61
2007-10-17security/ cleanupsAdrian Bunk5-118/+1
2007-10-17Implement file posix capabilitiesSerge E. Hallyn6-43/+313
2007-10-17security: Convert LSM into a static interfaceJames Morris8-71/+961
2007-10-17KEYS: Make request_key() and co fundamentally asynchronousDavid Howells5-317/+335
2007-10-17SELinux: kills warnings in Improve SELinux performance when AVC missesKaiGai Kohei2-6/+7
2007-10-17SELinux: improve performance when AVC misses.KaiGai Kohei4-237/+303
2007-10-17SELinux: policy selectable handling of unknown classes and permsEric Paris5-9/+106
2007-10-17SELinux: Improve read/write performanceYuichi Nakamura5-1/+67
2007-10-17SELinux: tune avtab to reduce memory usageYuichi Nakamura4-36/+82
2007-10-15[SELINUX]: Update for netfilter ->hook() arg changes.David S. Miller1-6/+5
2007-10-10[INET]: local port range robustnessStephen Hemminger1-17/+22
2007-10-10[NET]: Support multiple network namespaces with netlinkEric W. Biederman1-2/+3
2007-10-10[NET]: Make device event notification network namespace safeEric W. Biederman1-0/+4
2007-09-20SELinux: fix array out of bounds when mounting with selinux optionsEric Paris1-0/+2
2007-08-30SELinux: clear parent death signal on SID transitionsStephen Smalley1-0/+3
2007-08-22fix NULL pointer dereference in __vm_enough_memory()Alan Cox3-6/+6
2007-08-16SELinux: correct error code in selinux_audit_rule_initSteve G1-1/+1
2007-08-02SELinux: remove redundant pointer checks before calling kfree()Paul Moore1-2/+1
2007-08-02SELinux: restore proper NetLabel caching behaviorPaul Moore1-4/+12
2007-07-31Typo fixes errror -> errorGabriel Craciunescu1-1/+1
2007-07-25SELinux: null-terminate context string in selinux_xfrm_sec_ctx_allocVenkat Yekkirala1-1/+2
2007-07-23SELinux: fix memory leak in security_netlbl_cache_add()Jesper Juhl1-1/+3
2007-07-22[PATCH] get rid of AVC_PATH postponed treatmentAl Viro1-7/+8
2007-07-20mm: Remove slab destructors from kmem_cache_create().Paul Mundt4-4/+4
2007-07-19Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds2-31/+39
2007-07-19coredump masking: reimplementation of dumpable using two flagsKawai, Hidehiro2-2/+2
2007-07-19SELinux: use SECINITSID_NETMSG instead of SECINITSID_UNLABELED for NetLabelPaul Moore2-31/+31
2007-07-19SELinux: enable dynamic activation/deactivation of NetLabel/SELinux enforcementPaul Moore1-0/+8
2007-07-18usermodehelper: Tidy up waitingJeremy Fitzhardinge1-1/+2
2007-07-17Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid checkSatyam Sharma1-1/+1
2007-07-16Audit: add TTY input auditingMiloslav Trmac1-0/+2
2007-07-13Revert "SELinux: use SECINITSID_NETMSG instead of SECINITSID_UNLABELED for Ne...Linus Torvalds2-24/+31
2007-07-11security: unexport mmap_min_addrAdrian Bunk1-1/+0
2007-07-11SELinux: use SECINITSID_NETMSG instead of SECINITSID_UNLABELED for NetLabelPaul Moore2-31/+24
2007-07-11security: Protection for exploiting null dereference using mmapEric Paris7-5/+19
2007-07-11SELinux: Use %lu for inode->i_no when printing avcTobias Oed1-1/+1
2007-07-11SELinux: allow preemption between transition permission checksStephen Smalley4-29/+45
2007-07-11selinux: introduce schedule points in policydb_destroy()Eric Paris1-0/+7
2007-07-11selinux: add selinuxfs structure for object class discoveryChristopher J. PeBenito2-0/+250
2007-07-11selinux: change sel_make_dir() to specify inode counter.Christopher J. PeBenito1-5/+6
2007-07-11selinux: rename sel_remove_bools() for more general usage.Christopher J. PeBenito1-5/+4
2007-07-11selinux: add support for querying object classes and permissions from the run...Christopher J. PeBenito2-0/+98
2007-06-08[NetLabel]: consolidate the struct socket/sock handling to just struct sockPaul Moore1-15/+21
2007-05-09Fix trivial typos in Kconfig* filesDavid Sterba1-1/+1
2007-05-08header cleaning: don't include smp_lock.h when not usedRandy Dunlap3-3/+0
2007-05-08tty: introduce no_tty and use it in selinuxEric W. Biederman1-4/+3
2007-05-02remove "struct subsystem" as it is no longer neededGreg Kroah-Hartman1-1/+1
2007-04-27Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds12-760/+660
2007-04-26[AF_RXRPC]: Key facility changes for AF_RXRPCDavid Howells1-0/+2
2007-04-26selinux: preserve boolean values across policy reloadsStephen Smalley1-0/+38
2007-04-26selinux: change numbering of boolean directory inodes in selinuxfsJames Carter1-6/+5
2007-04-26selinux: remove unused enumeration constant from selinuxfsJames Carter1-1/+0
2007-04-26selinux: explicitly number all selinuxfs inodesJames Carter1-0/+6
2007-04-26selinux: export initial SID contexts via selinuxfsJames Carter3-0/+76
2007-04-26selinux: remove userland security class and permission definitionsStephen Smalley6-314/+21
2007-04-26SELinux: move security_skb_extlbl_sid() out of the security serverPaul Moore3-35/+31
2007-04-26SELinux: rename selinux_netlabel.h to netlabel.hPaul Moore3-2/+2
2007-04-26SELinux: extract the NetLabel SELinux support from the security serverPaul Moore5-402/+481
2007-04-25[NETLINK]: Switch cb_lock spinlock to mutex and allow to override itPatrick McHardy1-1/+1
2007-04-25[NETLINK]: Introduce nlmsg_hdr() helperArnaldo Carvalho de Melo1-1/+1
2007-04-25[SK_BUFF]: Convert skb->tail to sk_buff_data_tArnaldo Carvalho de Melo1-1/+1
2007-04-25[SK_BUFF]: Introduce skb_network_offset()Arnaldo Carvalho de Melo1-2/+2
2007-03-14[PATCH] sanitize security_getprocattr() APIAl Viro2-3/+7
2007-02-26Always initialize scontext and scontext_lenStephen Smalley1-0/+3
2007-02-26Reassign printk levels in selinux kernel codeEric Paris4-17/+17
2007-02-14[PATCH] selinux: enhance selinux to always ignore private inodesStephen Smalley1-0/+3
2007-02-14[PATCH] sysctl: fix the selinux_sysctl_get_sidEric W. Biederman1-0/+6
2007-02-14[PATCH] sysctl: remove the proc_dir_entry member for the sysctl tablesEric W. Biederman1-2/+37
2007-02-14[PATCH] remove many unneeded #includes of sched.hTim Schmielau4-4/+0
2007-02-12[PATCH] mark struct file_operations const 9Arjan van de Ven3-17/+17
2007-02-11[PATCH] Replace regular code with appropriate calls to container_of()Robert P. J. Day1-1/+1
2007-02-11[PATCH] Transform kmem_cache_alloc()+memset(0) -> kmem_cache_zalloc().Robert P. J. Day3-6/+3
2007-02-06[PATCH] Keys: Fix key serial number collision handlingDavid Howells1-19/+14
2007-01-26[SELINUX]: Fix 2.6.20-rc6 build when no xfrmVenkat Yekkirala2-3/+12
2007-01-23[SELINUX]: increment flow cache genidVenkat Yekkirala1-0/+3
2007-01-09NetLabel: correct locking in selinux_netlbl_socket_setsid()Paul Moore1-2/+2
2007-01-08selinux: Delete mls_copy_contextVenkat Yekkirala4-47/+29
2007-01-02[PATCH] selinux: fix selinux_netlbl_inode_permission() lockingParag Warudkar1-2/+4
2006-12-10[PATCH] fdtable: Make fdarray and fdsets equal in sizeVadim Lobanov1-1/+1
2006-12-08[PATCH] struct path: convert selinuxJosef Sipek2-14/+14
2006-12-08[PATCH] tty: ->signal->tty lockingPeter Zijlstra1-4/+7
2006-12-07[PATCH] lockdep: name some old style locksPeter Zijlstra1-1/+1
2006-12-07[PATCH] security/keys/*: user kmemdup()Eric Sesterhenn2-6/+2
2006-12-07[PATCH] slab: remove kmem_cache_tChristoph Lameter4-4/+4
2006-12-07[PATCH] slab: remove SLAB_KERNELChristoph Lameter3-3/+3
2006-12-07[PATCH] slab: remove SLAB_ATOMICChristoph Lameter1-1/+1
2006-12-05Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torval...David Howells3-6/+6
2006-12-05Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torval...David Howells24-712/+730
2006-12-04[PATCH] selinux endianness annotationsAl Viro3-6/+6
2006-12-02Rename class_destroy to avoid namespace conflicts.James Morris1-3/+3
2006-12-02NetLabel: convert to an extensibile/sparse category bitmapPaul Moore5-250/+199
2006-12-02Compile fix for "peer secid consolidation for external network labeling"James Morris1-1/+2
2006-12-02SELinux: peer secid consolidation for external network labelingPaul Moore6-150/+52
2006-12-02NetLabel: SELinux cleanupsPaul Moore4-54/+86
2006-12-02NetLabel: make netlbl_lsm_secattr struct easier/quicker to understandPaul Moore1-8/+16
2006-12-02[IPv6] prefix: Convert RTM_NEWPREFIX notifications to use the new netlink apiThomas Graf1-1/+0
2006-12-02[SELinux]: Add support for DCCPJames Morris6-8/+103
2006-12-02SELinux: Fix SA selection semanticsVenkat Yekkirala4-73/+68
2006-12-02SELinux: Return correct context for SO_PEERSECVenkat Yekkirala4-47/+32
2006-12-02SELinux: Various xfrm labeling fixesVenkat Yekkirala3-30/+13
2006-12-01Merge branch 'for-2.6.20' of git://git.kernel.org/pub/scm/linux/kernel/git/jm...Linus Torvalds6-103/+171
2006-11-28SELinux: validate kernel object classes and permissionsChad Sellers1-1/+137
2006-11-28SELinux: ensure keys constant in hashtab_searchChad Sellers3-12/+12
2006-11-28SELinux: export object class and permission definitionsChad Sellers2-12/+35
2006-11-28SELinux: remove current object class and permission validation mechanismChad Sellers1-91/+0
2006-11-27selinux: fix dentry_open() error checkAkinobu Mita1-1/+2
2006-11-22WorkStruct: Pass the work_struct pointer instead of context dataDavid Howells1-3/+3
2006-10-30[NetLabel]: protect the CIPSOv4 socket option from setsockopt()Paul Moore3-1/+54
2006-10-15NetLabel: better error handling involving mls_export_cat()Paul Moore3-13/+30
2006-10-11SELinux: Bug fix in polidydb_destroyChad Sellers1-0/+2
2006-10-11IPsec: correct semantics for SELinux policy matchingVenkat Yekkirala3-14/+45
2006-10-11NetLabel: use SECINITSID_UNLABELED for a base SIDpaul.moore@hp.com1-20/+9
2006-10-11NetLabel: fix a cache race conditionpaul.moore@hp.com1-16/+21
2006-10-03Still more typo fixesMatt LaPlante1-1/+1
2006-10-03more misc typo fixesMatt LaPlante1-1/+1
2006-10-01[PATCH] r/o bind mount prepwork: inc_nlink() helperDave Hansen2-4/+4
2006-09-29[PATCH] MLSXFRM: fix mis-labelling of child socketsDavid Woodhouse1-1/+3
2006-09-29[PATCH] pidspace: is_init()Sukadev Bhattiprolu1-1/+1
2006-09-29[PATCH] LSM: remove BSD secure level security moduleChris Wright3-684/+0
2006-09-29[PATCH] SELinux: support mls categories for context mountsCory Olmo1-5/+30
2006-09-27[PATCH] inode-diet: Eliminate i_blksize from the inode structureTheodore Ts'o2-2/+0
2006-09-27[PATCH] inode_diet: Replace inode.u.generic_ip with inode.i_privateTheodore Ts'o1-4/+4
2006-09-26[PATCH] selinux: fix tty lockingStephen Smalley1-1/+4
2006-09-26[PATCH] SELinux: convert sbsec semaphore to a mutexEric Paris2-5/+4
2006-09-26[PATCH] SELinux: change isec semaphore to a mutexEric Paris3-19/+17
2006-09-26[PATCH] SELinux: eliminate inode_security_set_securityEric Paris1-20/+7
2006-09-26[PATCH] selinux: add support for range transitions on object classesDarrel Goeddel5-23/+37
2006-09-26[PATCH] selinux: enable configuration of max policy versionStephen Smalley2-1/+42
2006-09-26[PATCH] selinux: replace ctxid with sid in selinux_audit_rule_match interfaceStephen Smalley1-3/+3
2006-09-26[PATCH] selinux: rename selinux_ctxid_to_stringStephen Smalley1-2/+2
2006-09-26[PATCH] selinux: eliminate selinux_task_ctxidStephen Smalley1-9/+0
2006-09-25[NetLabel]: change the SELinux permissionsPaul Moore1-4/+4
2006-09-25[NetLabel]: correct improper handling of non-NetLabel peer contextsPaul Moore1-1/+11
2006-09-22[SELINUX]: Fix bug in security_sid_mls_copyVenkat Yekkirala1-1/+1
2006-09-22[NetLabel]: add some missing #includes to various header filesPaul Moore1-0/+9
2006-09-22[NetLabel]: uninline selinux_netlbl_inode_permission()Paul Moore2-43/+25
2006-09-22[NetLabel]: Cleanup ebitmap_import()Paul Moore1-20/+16
2006-09-22[NetLabel]: Comment corrections.Paul Moore1-1/+1
2006-09-22[NetLabel]: Correctly initialize the NetLabel fields.Paul Moore3-2/+67
2006-09-22[SELINUX]: security/selinux/hooks.c: Make 4 functions static.Adrian Bunk1-5/+7
2006-09-22[NetLabel]: SELinux supportVenkat Yekkirala9-14/+996
2006-09-22[MLSXFRM]: Fix build with SECURITY_NETWORK_XFRM disabled.Venkat Yekkirala2-1/+11
2006-09-22[MLSXFRM]: Auto-labeling of child socketsVenkat Yekkirala3-45/+117
2006-09-22[MLSXFRM]: Default labeling of socket specific IPSec policiesVenkat Yekkirala3-13/+26
2006-09-22[MLSXFRM]: Add flow labelingVenkat Yekkirala4-25/+15
2006-09-22[MLSXFRM]: Flow based matching of xfrm policy and stateVenkat Yekkirala4-42/+210
2006-09-22[MLSXFRM]: Add security sid to sockVenkat Yekkirala3-17/+27
2006-09-22[MLSXFRM]: Define new SELinux service routineVenkat Yekkirala4-20/+91
2006-09-22[MLSXFRM]: Granular IPSec associations for use in MLS environmentsVenkat Yekkirala2-0/+2
2006-09-21[CRYPTO] users: Use crypto_hash interface instead of crypto_digestHerbert Xu1-8/+10
2006-08-02[AF_UNIX]: Kernel memory leak fix for af_unix datagram getpeersec patchCatherine Zhang2-16/+36
2006-07-31[PATCH] selinux: fix bug in security_compute_sidVenkat Yekkirala1-2/+2
2006-07-31[PATCH] selinux: fix memory leakDarrel Goeddel1-2/+10
2006-07-14[PATCH] Fix security check for joint context= and fscontext= mount optionsEric Paris1-5/+9
2006-07-10[PATCH] SELinux: add rootcontext= option to label root inode when mountingEric Paris1-9/+57
2006-07-10[PATCH] SELinux: decouple fscontext/context mount optionsEric Paris2-16/+56
2006-07-01[PATCH] audit: support for object context filtersDarrel Goeddel1-1/+17
2006-07-01[PATCH] audit: rename AUDIT_SE_* constantsDarrel Goeddel1-16/+16
2006-06-30Merge git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivialLinus Torvalds10-10/+0
2006-06-30[PATCH] SELinux: Add security hook definition for getioprio and insert hooksDavid Quigley2-0/+12
2006-06-30[PATCH] SELinux: extend task_kill hook to handle signals sent by AIO completionDavid Quigley2-5/+21
2006-06-30Remove obsolete #include <linux/config.h>Jörn Engel10-10/+0
2006-06-29[AF_UNIX]: Datagram getpeersecCatherine Zhang1-3/+8
2006-06-29[NETLINK]: Encapsulate eff_cap usage within security framework.Darrel Goeddel3-17/+17
2006-06-29[PATCH] Keys: Allow in-kernel key requestor to pass auxiliary data to upcallerDavid Howells3-11/+36
2006-06-27[PATCH] poison: add & use more constantsRandy Dunlap1-1/+2
2006-06-27[PATCH] selinux: inherit /proc/self/attr/keycreate across forkMichael LeMay1-2/+4
2006-06-26[PATCH] SELinux: Add sockcreate node to procattr APIEric Paris4-5/+20
2006-06-26[PATCH] keys: add a way to store the appropriate context for newly-created keysMichael LeMay4-7/+34
2006-06-26[PATCH] keys: restrict contents of /proc/keys to Viewable keysMichael LeMay2-7/+20
2006-06-26[PATCH] keys: allocate key serial numbers randomlyMichael LeMay1-14/+14
2006-06-26[PATCH] keys: let keyctl_chown() change a key's ownerFredrik Tolf1-8/+48
2006-06-26[PATCH] keys: discard the contents of a key on revocationDavid Howells2-1/+45
2006-06-26[PATCH] keys: sort out key quota systemDavid Howells9-44/+68
2006-06-24Merge branch 'master' of /home/trondmy/kernel/linux-2.6/Trond Myklebust14-45/+216
2006-06-23[PATCH] SELinux: add task_movememory hookDavid Quigley2-0/+12
2006-06-23[PATCH] lsm: add task_setioprio hookJames Morris2-0/+12
2006-06-23[PATCH] VFS: Permit filesystem to perform statfs with a known root dentryDavid Howells2-4/+4
2006-06-23[PATCH] VFS: Permit filesystem to override root dentry on mountDavid Howells2-7/+8
2006-06-22[PATCH] Keys: Fix race between two instantiators of a keyDavid Howells3-17/+74
2006-06-22[PATCH] selinux: add hooks for key subsystemMichael LeMay12-17/+106
2006-06-20Merge branch 'master' of /home/trondmy/kernel/linux-2.6/Trond Myklebust2-5/+5
2006-06-20Merge branch 'audit.b21' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-1/+1
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-30 17:33:16 +0000