summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2008-11-14CRED: Allow kernel services to override LSM settings for task actionsDavid Howells4-0/+105
2008-11-14CRED: Add a kernel_service object class to SELinuxDavid Howells4-0/+10
2008-11-14CRED: Differentiate objective and effective subjective credentials on a taskDavid Howells1-24/+41
2008-11-14CRED: Prettify commoncap.cDavid Howells1-52/+248
2008-11-14CRED: Make execve() take advantage of copy-on-write credentialsDavid Howells8-335/+214
2008-11-14CRED: Inaugurate COW credentialsDavid Howells14-630/+668
2008-11-14CRED: Pass credentials through dentry_open()David Howells3-9/+12
2008-11-14CRED: Make inode_has_perm() and file_has_perm() take a cred pointerDavid Howells1-48/+92
2008-11-14CRED: Separate per-task-group keyrings from signal_structDavid Howells2-80/+54
2008-11-14CRED: Wrap access to SELinux's task SIDDavid Howells1-194/+218
2008-11-14CRED: Use RCU to access another task's creds and to release a task's own credsDavid Howells5-57/+86
2008-11-14CRED: Wrap current->cred and a few other accessorsDavid Howells8-29/+32
2008-11-14CRED: Detach the credentials from task_structDavid Howells4-35/+33
2008-11-14CRED: Separate task security context from task_structDavid Howells13-258/+280
2008-11-14CRED: Constify the kernel_cap_t arguments to the capset LSM hooksDavid Howells3-14/+18
2008-11-14CRED: Neuter sys_capset()David Howells3-36/+21
2008-11-14KEYS: Alter use of key instantiation link-to-keyring argumentDavid Howells5-111/+187
2008-11-14KEYS: Disperse linux/key_ui.hDavid Howells3-1/+33
2008-11-14CRED: Wrap task credential accesses in the capabilities codeDavid Howells1-12/+18
2008-11-14CRED: Wrap task credential accesses in the key management codeDavid Howells4-8/+8
2008-11-11Currently SELinux jumps through some ugly hoops to not audit a capbilityEric Paris1-17/+2
2008-11-11Add a new capable interface that will be used by systems that use audit toEric Paris3-12/+23
2008-11-11Any time fcaps or a setuid app under SECURE_NOROOT is used to result in aEric Paris1-1/+22
2008-11-11This patch add a generic cpu endian caps structure and externally availableEric Paris1-58/+71
2008-11-09SELinux: Use unknown perm handling to handle unknown netlink msg typesEric Paris1-1/+1
2008-11-06file capabilities: add no_file_caps switch (v4)Serge E. Hallyn1-0/+3
2008-11-06Merge branch 'master' into nextJames Morris5-56/+30
2008-11-06selinux: recognize netlink messages for 'ip addrlabel'Michal Schmidt1-0/+3
2008-11-05SELinux: hold tasklist_lock and siglock while waking wait_chldexitEric Paris1-0/+7
2008-11-01Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds1-3/+5
2008-11-01file caps: always start with clear bprm->caps_*Serge Hallyn1-3/+3
2008-11-01SELinux: properly handle empty tty_files listEric Paris1-3/+5
2008-10-30nfsd: fix vm overcommit crashAlan Cox1-0/+9
2008-10-31SELinux: check open perms in dentry_open not inode_permissionEric Paris1-29/+30
2008-10-20Merge branch 'v28-timers-for-linus' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds1-7/+2
2008-10-20devcgroup: remove spin_lock()Lai Jiangshan1-29/+5
2008-10-20devcgroup: remove unused variableLi Zefan1-2/+1
2008-10-20devcgroup: use kmemdup()Li Zefan1-7/+2
2008-10-20Merge branches 'timers/clocksource', 'timers/hrtimers', 'timers/nohz', 'timer...Thomas Gleixner28-257/+1096
2008-10-13vfs: Use const for kernel parser tableSteven Whitehouse1-1/+1
2008-10-13Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds8-114/+473
2008-10-13tty: Redo current tty lockingAlan Cox1-2/+0
2008-10-13tty: Make get_current_tty use a krefAlan Cox1-1/+2
2008-10-13integrity: special fs magicMimi Zohar1-2/+1
2008-10-11Merge branch 'master' of git://git.infradead.org/users/pcmoore/lblnet-2.6_nex...James Morris7-112/+472
2008-10-10netlabel: Changes to the NetLabel security attributes to allow LSMs to pass f...Paul Moore1-1/+2
2008-10-10selinux: Cache NetLabel secattrs in the socket's security structPaul Moore4-39/+91
2008-10-10selinux: Set socket NetLabel based on connection endpointPaul Moore4-36/+142
2008-10-10netlabel: Add functionality to set the security attributes of a packetPaul Moore4-3/+125
2008-10-10netlabel: Replace protocol/NetLabel linking with refrerence countsPaul Moore1-1/+3