aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2011-11-06Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds2-0/+2
2011-11-02Merge branch 'for-linus' of git://git.selinuxproject.org/~jmorris/linux-securityLinus Torvalds1-0/+30
2011-11-02Merge branch 'for-linus' of git://github.com/richardweinberger/linuxLinus Torvalds1-1/+1
2011-11-02um: switch to use of drivers/KconfigAl Viro1-1/+1
2011-10-31security: follow rename pack_hex_byte() to hex_byte_pack()Andy Shevchenko2-2/+2
2011-10-31Cross Memory AttachChristopher Yeoh2-2/+2
2011-10-31selinux: Add export.h to files using EXPORT_SYMBOL/THIS_MODULEPaul Gortmaker2-0/+2
2011-10-29TOMOYO: Fix interactive judgment functionality.Tetsuo Handa1-0/+30
2011-10-25Merge branch 'next' of git://selinuxproject.org/~jmorris/linux-securityLinus Torvalds72-1201/+4164
2011-10-22Merge branch 'master' of git://gitorious.org/smack-next/kernel into nextJames Morris3-24/+51
2011-10-22TOMOYO: Fix incomplete read after seek.Tetsuo Handa1-0/+1
2011-10-20Smack: allow to access /smack/access as normal userJarkko Sakkinen3-23/+50
2011-10-19TOMOYO: Fix unused kernel config option.Tetsuo Handa1-2/+4
2011-10-18bluetooth: Properly clone LSM attributes to newly created child connectionsPaul Moore1-0/+1
2011-10-18Smack: fix: invalid length set for the result of /smack/accessJarkko Sakkinen1-1/+1
2011-10-14Smack: compilation fixJarkko Sakkinen1-0/+1
2011-10-12Smack: fix for /smack/access output, use string instead of byteJarkko Sakkinen1-2/+5
2011-10-12Smack: domain transition protections (v3)Jarkko Sakkinen1-11/+42
2011-10-12Smack: Provide information for UDS getsockopt(SO_PEERCRED)Casey Schaufler1-0/+9
2011-10-12Smack: Clean up commentsCasey Schaufler3-12/+10
2011-10-12Smack: Repair processing of fcntlCasey Schaufler1-25/+42
2011-10-12Smack: Rule list lookup performanceCasey Schaufler4-121/+220
2011-10-12Smack: check permissions from user space (v2)Jarkko Sakkinen1-63/+117
2011-10-12TOMOYO: Fix quota and garbage collector.Tetsuo Handa2-0/+18
2011-10-12TOMOYO: Remove redundant tasklist_lock.Tetsuo Handa1-4/+0
2011-09-28TOMOYO: Fix domain transition failure warning.Tetsuo Handa1-1/+2
2011-09-27Merge branch 'next-hex2bin' of git://github.com/mzohar/linux-evm into nextJames Morris2-7/+26
2011-09-26TOMOYO: Remove tomoyo_policy_memory_lock spinlock.Tetsuo Handa3-27/+27
2011-09-26TOMOYO: Simplify garbage collector.Tetsuo Handa5-319/+186
2011-09-26TOMOYO: Fix make namespacecheck warnings.Tetsuo Handa5-7/+9
2011-09-20encrypted-keys: check hex2bin resultMimi Zohar1-3/+11
2011-09-20trusted-keys: check hex2bin resultMimi Zohar1-4/+15
2011-09-19TOMOYO: Allow specifying domain transition preference.Tetsuo Handa5-12/+137
2011-09-15encrypted-keys: IS_ERR need include/err.hStephen Rothwell1-0/+1
2011-09-15Merge branch 'next-evm' of git://github.com/mzohar/linux-evm into nextJames Morris14-84/+155
2011-09-15TOMOYO: Bump version.Tetsuo Handa3-9/+9
2011-09-14evm: clean verification statusDmitry Kasatkin1-0/+1
2011-09-14evm: permit mode bits to be updatedMimi Zohar1-17/+13
2011-09-14evm: posix acls modify i_modeMimi Zohar3-5/+46
2011-09-14evm: limit verifying current security.evm integrityMimi Zohar1-34/+24
2011-09-14evm: fix security/security_old_init_security return codeMimi Zohar1-2/+2
2011-09-14evm: remove TCG_TPM dependencyMimi Zohar1-2/+1
2011-09-14encrypted-keys: remove trusted-keys dependencyMimi Zohar5-28/+67
2011-09-14encrypted-keys: create encrypted-keys directoryMimi Zohar6-1/+6
2011-09-14TOMOYO: Avoid race when retrying "file execute" permission check.Tetsuo Handa1-34/+22
2011-09-14TOMOYO: Allow domain transition without execve().Tetsuo Handa4-28/+210
2011-09-14TOMOYO: Allow controlling generation of access granted logs for per an entry ...Tetsuo Handa5-1/+38
2011-09-14TOMOYO: Add socket operation restriction support.Tetsuo Handa10-17/+1215
2011-09-14TOMOYO: Add environment variable name restriction support.Tetsuo Handa7-10/+266
2011-09-09security: sparse fix: Move security_fixup_op to security.hJames Morris1-3/+0
2011-09-09selinux: sparse fix: fix several warnings in the security server codeJames Morris5-7/+9
2011-09-09selinux: sparse fix: include selinux.h in exports.cJames Morris1-0/+1
2011-09-09selinux: sparse fix: fix warnings in netlink codeJames Morris6-5/+6
2011-09-09selinux: sparse fix: eliminate warnings for selinuxfsJames Morris3-6/+4
2011-09-09ima: sparse fix: include linux/ima.h in ima_main.cJames Morris1-0/+1
2011-09-09ima: sparse fix: make ima_open_policy staticJames Morris1-1/+1
2011-09-09apparmor: sparse fix: include procattr.h in procattr.cJames Morris1-0/+1
2011-09-09apparmor: sparse fix: rename shadowed variables in policy_unpack.cJames Morris1-6/+6
2011-09-09apparmor: sparse fix: add apparmor.h to lib.cJames Morris1-0/+1
2011-09-09apparmor: sparse fix: include ipc.hJames Morris1-0/+1
2011-09-09selinux: sparse fix: declare selinux_disable() in security.hJames Morris2-1/+1
2011-09-09selinux: sparse fix: move selinux_complete_initJames Morris2-1/+1
2011-09-09selinux: sparse fix: make selinux_secmark_refcount staticJames Morris1-1/+1
2011-09-09apparmor: sparse fix: make aa_create_aafs staticJames Morris1-1/+1
2011-09-09integrity: sparse fix: move iint_initialized to integrity.hJames Morris2-1/+3
2011-09-09TOMOYO: Fix incorrect enforce mode.Tetsuo Handa1-1/+2
2011-08-23KEYS: Correctly destroy key payloads when their keytype is removedDavid Howells3-208/+258
2011-08-23KEYS: The dead key link reaper should be non-reentrantDavid Howells1-3/+3
2011-08-23KEYS: Make the key reaper non-reentrantDavid Howells1-1/+1
2011-08-23KEYS: Move the unreferenced key reaper to the keys garbage collector fileDavid Howells3-76/+85
2011-08-23KEYS: __key_link() should use the RCU deref wrapper for keyring payloadsDavid Howells1-2/+1
2011-08-23KEYS: keyctl_get_keyring_ID() should create a session keyring if create flag setDavid Howells1-2/+12
2011-08-23KEYS: If install_session_keyring() is given a keyring, it should install itDavid Howells1-1/+1
2011-08-18evm: add Kconfig TCG_TPM dependencyMimi Zohar1-1/+1
2011-08-17tomoyo: remove tomoyo_gc_thread()->daemonize()Oleg Nesterov1-1/+1
2011-08-16capabilities: initialize has_capSerge Hallyn1-1/+1
2011-08-12capabilities: do not grant full privs for setuid w/ file caps + no effective ...Zhi Li1-6/+10
2011-08-11evm: fix evm_inode_init_security return codeMimi Zohar1-1/+1
2011-08-09EVM: ensure trusted and encypted key symbols are available to EVMJames Morris1-1/+3
2011-08-09Merge branch 'next-evm' of git://git.kernel.org/pub/scm/linux/kernel/git/zoha...James Morris19-209/+1089
2011-08-08TOMOYO: Fix incomplete read of /sys/kernel/security/tomoyo/profileTetsuo Handa1-1/+4
2011-08-01doc: Update the email address for Paul Moore in various source filesPaul Moore16-16/+16
2011-07-27Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds24-2647/+5954
2011-07-26Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-1/+1
2011-07-26atomic: use <linux/atomic.h>Arun Sharma2-2/+2
2011-07-26ima: fmode_t misspelled as mode_t...Al Viro1-1/+1
2011-07-25Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jik...Linus Torvalds1-1/+0
2011-07-24VFS : mount lock scalability for internal mountsTim Chen1-0/+1
2011-07-22Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds6-14/+9
2011-07-22Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds3-45/+5
2011-07-22Merge branch 'ptrace' of git://git.kernel.org/pub/scm/linux/kernel/git/oleg/miscLinus Torvalds2-3/+3
2011-07-20security,rcu: Convert call_rcu(sel_netport_free) to kfree_rcu()Lai Jiangshan1-18/+2
2011-07-20security,rcu: Convert call_rcu(sel_netnode_free) to kfree_rcu()Lai Jiangshan1-18/+2
2011-07-20security,rcu: Convert call_rcu(whitelist_item_free) to kfree_rcu()Lai Jiangshan1-9/+1
2011-07-20get rid of pointless checks for dentry->sb == NULLAl Viro1-1/+1
2011-07-20->permission() sanitizing: don't pass flags to exec_permission()Al Viro1-10/+0
2011-07-20selinux: don't transliterate MAY_NOT_BLOCK to IPERM_FLAG_RCUAl Viro2-3/+3
2011-07-20->permission() sanitizing: don't pass flags to ->inode_permission()Al Viro4-7/+12
2011-07-18evm: add evm_inode_setattr to prevent updating an invalid security.evmMimi Zohar2-1/+21
2011-07-18evm: permit only valid security.evm xattrs to be updatedMimi Zohar1-14/+63
2011-07-18evm: replace hmac_status with evm_statusDmitry Kasatkin3-9/+9
2011-07-18evm: evm_verify_hmac must not return INTEGRITY_UNKNOWNDmitry Kasatkin1-6/+5
2011-07-18evm: additional parameter to pass integrity cache entry 'iint'Dmitry Kasatkin1-10/+8
2011-07-18evm: crypto hash replaced by shashDmitry Kasatkin3-45/+57
2011-07-18evm: call evm_inode_init_security from security_inode_init_securityMimi Zohar1-6/+12
2011-07-18evm: add evm_inode_init_security to initialize new filesMimi Zohar3-0/+61
2011-07-18security: imbed evm calls in security hooksMimi Zohar2-2/+15
2011-07-18evm: add support for different security.evm data typesDmitry Kasatkin3-9/+23
2011-07-18evm: re-releaseMimi Zohar10-1/+632
2011-07-18integrity: move ima inode integrity data managementMimi Zohar13-203/+247
2011-07-18security: new security_inode_init_security API adds function callbackMimi Zohar1-3/+36
2011-07-14TOMOYO: Update kernel-doc.Tetsuo Handa13-62/+269
2011-07-11Merge branch 'master' into for-nextJiri Kosina6-13/+45
2011-07-11TOMOYO: Enable conditional ACL.Tetsuo Handa5-33/+80
2011-07-11TOMOYO: Allow using argv[]/envp[] of execve() as conditions.Tetsuo Handa6-10/+589
2011-07-11TOMOYO: Allow using executable's realpath and symlink's target as conditions.Tetsuo Handa5-4/+228
2011-07-11TOMOYO: Allow using owner/group etc. of file objects as conditions.Tetsuo Handa4-0/+457
2011-07-11TOMOYO: Allow using UID/GID etc. of current thread as conditions.Tetsuo Handa8-37/+651
2011-07-08rcu: treewide: Do not use rcu_read_lock_held when calling rcu_dereference_checkMichal Hocko1-1/+0
2011-07-08TOMOYO: Remove /sys/kernel/security/tomoyo/.domain_status interface.Tetsuo Handa3-76/+0
2011-07-05Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/ne...David S. Miller1-1/+2
2011-07-01TOMOYO: Fix wrong domainname in tomoyo_init_log().Tetsuo Handa1-1/+1
2011-06-30TOMOYO: Cleanup header file.Tetsuo Handa1-117/+96
2011-06-30TOMOYO: Fix build error with CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER=y .Tetsuo Handa1-0/+2
2011-06-30Merge branch 'for-security' of git://git.kernel.org/pub/scm/linux/kernel/git/...James Morris2-2/+2
2011-06-30Merge branch 'linus' into nextJames Morris6-13/+45
2011-06-29AppArmor: Fix masking of capabilities in complain modeJohn Johansen1-1/+1
2011-06-29AppArmor: Fix reference to rcu protected pointer outside of rcu_read_lockJohn Johansen1-1/+1
2011-06-29TOMOYO: Make several options configurable.Tetsuo Handa3-23/+117
2011-06-29TOMOYO: Add built-in policy support.Tetsuo Handa4-10/+108
2011-06-29TOMOYO: Rename meminfo to stat and show more statistics.Tetsuo Handa6-143/+206
2011-06-29TOMOYO: Cleanup part 4.Tetsuo Handa6-121/+177
2011-06-29TOMOYO: Fix lockdep warning.Tetsuo Handa3-51/+276
2011-06-29TOMOYO: Change pathname for non-rename()able filesystems.Tetsuo Handa2-54/+180
2011-06-29TOMOYO: Add policy namespace support.Tetsuo Handa8-299/+669
2011-06-29TOMOYO: Add ACL group support.Tetsuo Handa5-11/+88
2011-06-29TOMOYO: Add auditing interface.Tetsuo Handa9-235/+557
2011-06-29TOMOYO: Simplify profile structure.Tetsuo Handa3-168/+83
2011-06-29TOMOYO: Rename directives.Tetsuo Handa4-59/+113
2011-06-29TOMOYO: Use struct for passing ACL line.Tetsuo Handa8-371/+347
2011-06-29TOMOYO: Cleanup part 3.Tetsuo Handa9-153/+410
2011-06-29TOMOYO: Cleanup part 2.Tetsuo Handa5-359/+204
2011-06-29TOMOYO: Cleanup part 1.Tetsuo Handa8-535/+71
2011-06-27encrypted-keys: add ecryptfs format supportRoberto Sassu4-8/+180
2011-06-27encrypted-keys: add key format supportRoberto Sassu1-40/+101
2011-06-27encrypted-keys: added additional debug messagesRoberto Sassu1-11/+34
2011-06-27encrypted-keys: fixed valid_master_desc() function descriptionRoberto Sassu1-1/+1
2011-06-27encrypted_keys: avoid dumping the master key if the request failsRoberto Sassu1-3/+5
2011-06-22ptrace: s/tracehook_tracer_task()/ptrace_parent()/Tejun Heo2-3/+3
2011-06-21net: remove mm.h inclusion from netdevice.hAlexey Dobriyan1-0/+1
2011-06-21KEYS: Fix error handling in construct_key_and_link()David Howells1-1/+2
2011-06-20Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-7/+1
2011-06-20devcgroup_inode_permission: take "is it a device node" checks to inlined wrapperAl Viro1-7/+1
2011-06-17KEYS/DNS: Fix ____call_usermodehelper() to not lose the session keyringDavid Howells1-2/+1
2011-06-15Merge branch 'for-linus' of git://git.infradead.org/users/eparis/selinux into...James Morris2-1/+39
2011-06-14SELinux: skip file_name_trans_write() when policy downgraded.Roy.Li1-0/+3
2011-06-14TOMOYO: Fix oops in tomoyo_mount_acl().Tetsuo Handa1-1/+1
2011-06-14KEYS: Don't return EAGAIN to keyctl_assume_authority()David Howells1-0/+2
2011-06-09AppArmor: Fix sleep in invalid context from task_setrlimitJohn Johansen1-1/+1
2011-06-08selinux: simplify and clean up inode_has_perm()Linus Torvalds1-10/+15
2011-06-01AppArmor: fix oops in apparmor_setprocattrKees Cook1-1/+2
2011-05-27Merge branch 'docs-move' of git://git.kernel.org/pub/scm/linux/kernel/git/rdu...Linus Torvalds6-7/+7
2011-05-26selinux: don't pass in NULL avd to avc_has_perm_noauditLinus Torvalds2-11/+4
2011-05-26cgroups: add per-thread subsystem callbacksBen Blum1-2/+1
2011-05-26selinux: fix case of names with whitespace/multibytes on /selinux/createKohei Kaigai1-1/+36
2011-05-26Merge commit 'v2.6.39' into 20110526Eric Paris16-64/+148
2011-05-26Set cred->user_ns in key_replace_session_keyringSerge E. Hallyn1-0/+1
2011-05-24Merge branch 'master' of git://git.infradead.org/users/eparis/selinux into fo...James Morris11-208/+370
2011-05-24Merge branch 'next' into for-linusJames Morris15-41/+66
2011-05-23Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jik...Linus Torvalds1-4/+4
2011-05-19selinux: avoid unnecessary avc cache stat hit countLinus Torvalds3-9/+11
2011-05-19selinux: de-crapify avc cache stat code generationLinus Torvalds1-5/+1
2011-05-19Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds2-31/+3
2011-05-19Create Documentation/security/,Randy Dunlap6-7/+7
2011-05-19Merge branch 'master' into nextJames Morris7-36/+69
2011-05-13Merge branch 'for-linus' of git://git.infradead.org/users/eparis/selinux into...James Morris1-4/+0
2011-05-12SELinux: delete debugging printks from filename_trans rule processingEric Paris1-4/+0
2011-05-12TOMOYO: Fix wrong domainname validation.Tetsuo Handa1-1/+1
2011-05-11SELINUX: add /sys/fs/selinux mount point to put selinuxfsGreg Kroah-Hartman1-1/+11
2011-05-07security,rcu: convert call_rcu(sel_netif_free) to kfree_rcu()Lai Jiangshan1-17/+1
2011-05-07security,rcu: convert call_rcu(user_update_rcu_disposal) to kfree_rcu()Lai Jiangshan1-14/+2
2011-05-04Merge branch 'for-linus' of git://git.infradead.org/users/eparis/selinux into...James Morris2-4/+5
2011-04-28flex_array: flex_array_prealloc takes a number of elements, not an endEric Paris1-3/+3
2011-04-28SELinux: pass last path component in may_createEric Paris1-1/+2
2011-04-28SELinux: introduce path_has_permEric Paris1-14/+30
2011-04-28flex_array: flex_array_prealloc takes a number of elements, not an endEric Paris1-3/+3
2011-04-28SELinux: pass last path component in may_createEric Paris1-1/+2
2011-04-28SELinux: put name based create rules in a hashtableEric Paris3-61/+135
2011-04-28SELinux: generic hashtab entry counterEric Paris1-2/+2
2011-04-28SELinux: calculate and print hashtab stats with a generic functionEric Paris1-19/+13
2011-04-28SELinux: skip filename trans rules if ttype does not match parent dirEric Paris3-0/+17
2011-04-28SELinux: rename filename_compute_type argument to *type instead of *conEric Paris1-3/+3
2011-04-28SELinux: fix comment to state filename_compute_type takes an objname not a qstrEric Paris1-1/+1
2011-04-26Merge branch 'master' into for-nextJiri Kosina15-71/+163
2011-04-25SELINUX: Make selinux cache VFS RCU walks safeEric Paris3-25/+55
2011-04-25SMACK: smack_file_lock can use the struct pathEric Paris1-2/+2
2011-04-25LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATHEric Paris4-42/+50
2011-04-25LSM: split LSM_AUDIT_DATA_FS into _PATH and _INODEEric Paris5-68/+74
2011-04-25SELINUX: Make selinux cache VFS RCU walks safeEric Paris3-25/+55
2011-04-25SECURITY: Move exec_permission RCU checks into security modulesAndi Kleen4-7/+13
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 19:38:19 +0000