aboutsummaryrefslogtreecommitdiff
path: root/security/selinux
AgeCommit message (Expand)Author
2009-01-07CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3]David Howells
2009-01-07Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() ...James Morris
2009-01-05SELinux: shrink sizeof av_inhert selinux_class_perm and contextEric Paris
2009-01-05CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]David Howells
2008-12-31selinux: Deprecate and schedule the removal of the the compat_net functionalityPaul Moore
2008-12-28Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6Linus Torvalds
2008-12-20SELinux: don't check permissions for kernel mountsJames Morris
2008-12-20security: pass mount flags to security_sb_kern_mount()James Morris
2008-12-20SELinux: correctly detect proc filesystems of the form "proc/foo"Stephen Smalley
2008-11-14CRED: Allow kernel services to override LSM settings for task actionsDavid Howells
2008-11-14CRED: Add a kernel_service object class to SELinuxDavid Howells
2008-11-14CRED: Differentiate objective and effective subjective credentials on a taskDavid Howells
2008-11-14CRED: Make execve() take advantage of copy-on-write credentialsDavid Howells
2008-11-14CRED: Inaugurate COW credentialsDavid Howells
2008-11-14CRED: Pass credentials through dentry_open()David Howells
2008-11-14CRED: Make inode_has_perm() and file_has_perm() take a cred pointerDavid Howells
2008-11-14CRED: Wrap access to SELinux's task SIDDavid Howells
2008-11-14CRED: Use RCU to access another task's creds and to release a task's own credsDavid Howells
2008-11-14CRED: Wrap current->cred and a few other accessorsDavid Howells
2008-11-14CRED: Detach the credentials from task_structDavid Howells
2008-11-14CRED: Separate task security context from task_structDavid Howells
2008-11-14CRED: Constify the kernel_cap_t arguments to the capset LSM hooksDavid Howells
2008-11-14CRED: Neuter sys_capset()David Howells
2008-11-11Currently SELinux jumps through some ugly hoops to not audit a capbilityEric Paris
2008-11-11Add a new capable interface that will be used by systems that use audit toEric Paris
2008-11-09SELinux: Use unknown perm handling to handle unknown netlink msg typesEric Paris
2008-11-06Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/ne...David S. Miller
2008-11-06Merge branch 'master' into nextJames Morris
2008-11-06selinux: recognize netlink messages for 'ip addrlabel'Michal Schmidt
2008-11-05SELinux: hold tasklist_lock and siglock while waking wait_chldexitEric Paris
2008-11-01SELinux: properly handle empty tty_files listEric Paris
2008-10-31misc: replace NIPQUAD()Harvey Harrison
2008-10-31SELinux: check open perms in dentry_open not inode_permissionEric Paris
2008-10-29net: replace %p6 with %pI6Harvey Harrison
2008-10-28misc: replace NIP6_FMT with %p6 format specifierHarvey Harrison
2008-10-28net: reduce structures when XFRM=nAlexey Dobriyan
2008-10-20Merge branches 'timers/clocksource', 'timers/hrtimers', 'timers/nohz', 'timer...Thomas Gleixner
2008-10-13vfs: Use const for kernel parser tableSteven Whitehouse
2008-10-13Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds
2008-10-13tty: Redo current tty lockingAlan Cox
2008-10-13tty: Make get_current_tty use a krefAlan Cox
2008-10-11Merge branch 'master' of git://git.infradead.org/users/pcmoore/lblnet-2.6_nex...James Morris
2008-10-10netlabel: Changes to the NetLabel security attributes to allow LSMs to pass f...Paul Moore
2008-10-10selinux: Cache NetLabel secattrs in the socket's security structPaul Moore
2008-10-10selinux: Set socket NetLabel based on connection endpointPaul Moore
2008-10-10netlabel: Add functionality to set the security attributes of a packetPaul Moore
2008-10-10selinux: Fix missing calls to netlbl_skbuff_err()Paul Moore
2008-10-10selinux: Fix a problem in security_netlbl_sid_to_secattr()Paul Moore
2008-10-10selinux: Better local/forward check in selinux_ip_postroute()Paul Moore
2008-10-10selinux: Correctly handle IPv4 packets on IPv6 sockets in all casesPaul Moore