Commit Graph

632 Commits (d84f4f992cbd76e8f39c488cf0c5d123843923b1)

Author SHA1 Message Date
David Howells d84f4f992c CRED: Inaugurate COW credentials 16 years ago
David Howells 745ca2475a CRED: Pass credentials through dentry_open() 16 years ago
David Howells 88e67f3b88 CRED: Make inode_has_perm() and file_has_perm() take a cred pointer 16 years ago
David Howells bb952bb98a CRED: Separate per-task-group keyrings from signal_struct 16 years ago
David Howells 275bb41e9d CRED: Wrap access to SELinux's task SID 16 years ago
David Howells c69e8d9c01 CRED: Use RCU to access another task's creds and to release a task's own creds 16 years ago
David Howells 86a264abe5 CRED: Wrap current->cred and a few other accessors 16 years ago
David Howells f1752eec61 CRED: Detach the credentials from task_struct 16 years ago
David Howells b6dff3ec5e CRED: Separate task security context from task_struct 16 years ago
David Howells 15a2460ed0 CRED: Constify the kernel_cap_t arguments to the capset LSM hooks 16 years ago
David Howells 1cdcbec1a3 CRED: Neuter sys_capset() 16 years ago
David Howells 8bbf4976b5 KEYS: Alter use of key instantiation link-to-keyring argument 16 years ago
David Howells e9e349b051 KEYS: Disperse linux/key_ui.h 16 years ago
David Howells b103c59883 CRED: Wrap task credential accesses in the capabilities code 16 years ago
David Howells 47d804bfa1 CRED: Wrap task credential accesses in the key management code 16 years ago
Eric Paris 066746796b Currently SELinux jumps through some ugly hoops to not audit a capbility 16 years ago
Eric Paris 06112163f5 Add a new capable interface that will be used by systems that use audit to 16 years ago
Eric Paris 3fc689e96c Any time fcaps or a setuid app under SECURE_NOROOT is used to result in a 16 years ago
Eric Paris c0b004413a This patch add a generic cpu endian caps structure and externally available 16 years ago
Eric Paris 39c9aede2b SELinux: Use unknown perm handling to handle unknown netlink msg types 16 years ago
Serge E. Hallyn 1f29fae297 file capabilities: add no_file_caps switch (v4) 16 years ago
Michal Schmidt 2f99db28af selinux: recognize netlink messages for 'ip addrlabel' 16 years ago
Eric Paris 41d9f9c524 SELinux: hold tasklist_lock and siglock while waking wait_chldexit 16 years ago
Serge Hallyn 3318a386e4 file caps: always start with clear bprm->caps_* 16 years ago
Eric Paris 37dd0bd04a SELinux: properly handle empty tty_files list 16 years ago
Alan Cox 731572d39f nfsd: fix vm overcommit crash 16 years ago
Eric Paris 8b6a5a37f8 SELinux: check open perms in dentry_open not inode_permission 16 years ago
Lai Jiangshan 47c59803be devcgroup: remove spin_lock() 16 years ago
Li Zefan c012a54ae0 devcgroup: remove unused variable 16 years ago
Li Zefan 2cdc7241a2 devcgroup: use kmemdup() 16 years ago
Steven Whitehouse a447c09324 vfs: Use const for kernel parser table 16 years ago
Alan Cox 934e6ebf96 tty: Redo current tty locking 16 years ago
Alan Cox 452a00d2ee tty: Make get_current_tty use a kref 16 years ago
Mimi Zohar 9256292782 integrity: special fs magic 16 years ago
Paul Moore 8d75899d03 netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts 16 years ago
Paul Moore 6c5b3fc014 selinux: Cache NetLabel secattrs in the socket's security struct 16 years ago
Paul Moore 014ab19a69 selinux: Set socket NetLabel based on connection endpoint 16 years ago
Paul Moore 948bf85c1b netlabel: Add functionality to set the security attributes of a packet 16 years ago
Paul Moore b1edeb1023 netlabel: Replace protocol/NetLabel linking with refrerence counts 16 years ago
Paul Moore a8134296ba smack: Fix missing calls to netlbl_skbuff_err() 16 years ago
Paul Moore dfaebe9825 selinux: Fix missing calls to netlbl_skbuff_err() 16 years ago
Paul Moore 99d854d231 selinux: Fix a problem in security_netlbl_sid_to_secattr() 16 years ago
Paul Moore d8395c876b selinux: Better local/forward check in selinux_ip_postroute() 16 years ago
Paul Moore aa86290089 selinux: Correctly handle IPv4 packets on IPv6 sockets in all cases 16 years ago
Paul Moore accc609322 selinux: Cleanup the NetLabel glue code 16 years ago
Paul Moore 3040a6d5a2 selinux: Fix an uninitialized variable BUG/panic in selinux_secattr_to_sid() 17 years ago
Paul Moore 81990fbdd1 selinux: Fix an uninitialized variable BUG/panic in selinux_secattr_to_sid() 17 years ago
Stephen Smalley ea6b184f7d selinux: use default proc sid on symlinks 17 years ago
Serge E. Hallyn de45e806a8 file capabilities: uninline cap_safe_nice 17 years ago
Frank Mayhar f06febc96b timers: fix itimer/many thread hang 17 years ago