search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
first · prev · next
SELinux: inline selinux_is_enabled in !CONFIG_SECURITY_SELINUX
2009-09-15 Eric ParisSELinux: inline selinux_is_enabled in !CONFIG_SECURITY_SELINUX
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-09-14 Eric ParisSELinux: flush the avc before disabling SELinux
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-09-14 Eric ParisSELinux: seperate avc_cache flushing
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-09-14 Eric ParisCreds: creds->security can be NULL is selinux is disabled
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-28 Eric Parisinotify: update the group mask on mark addition
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-28 Eric Parisinotify: fix length reporting and size checking
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-27 Eric Parisinotify: fix locking around inotify watching in the idr
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-27 Eric Parisinotify: do not BUG on idr entries at inotify destruction
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-27 Eric Parisinotify: seperate new watch creation updating existing...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-27 Eric ParisIMA: iint put in ima_counts_get and put
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-17 Eric Parisinotify: start watch descriptor count at 1
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-17 Eric Parisinotify: tail drop inotify q_overflow events
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-17 Eric Parisnotify: unused event private race
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-17 Eric Parissecurity: define round_hint_to_min in !CONFIG_SECURITY
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-17 Eric ParisSecurity/SELinux: seperate lsm specific mmap_min_addr
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-17 Eric ParisSELinux: call cap_file_mmap in selinux_file_mmap
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-17 Eric ParisCapabilities: move cap_file_mmap to commoncap.c
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-14 Eric ParisSELinux: add selinux_kernel_module_request
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-14 Eric Parissecurity: introducing security_request_module
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-14 Eric ParisNetworking: use CAP_NET_ADMIN when deciding to call...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-10 Eric Parissecurity: define round_hint_to_min in !CONFIG_SECURITY
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-05 Eric ParisSecurity/SELinux: seperate lsm specific mmap_min_addr
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-05 Eric ParisSELinux: call cap_file_mmap in selinux_file_mmap
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-08-05 Eric ParisCapabilities: move cap_file_mmap to commoncap.c
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-07-21 Eric Parisinotify: use GFP_NOFS under potential memory pressure
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-07-21 Eric Parisfsnotify: fix inotify tail drop check with path entries
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-07-21 Eric Parisinotify: check filename before dropping repeat events
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-07-21 Eric Parisfsnotify: use def_bool in kconfig instead of letting...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-07-21 Eric Parisinotify: fix error paths in inotify_update_watch
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-07-21 Eric Parisinotify: do not leak inode marks in inotify_add_watch
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-07-21 Eric Parisinotify: drop user watch count when a watch is removed
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-24 Eric Parisaudit: inode watches depend on CONFIG_AUDIT not CONFIG_AUDIT...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-24 Eric ParisAudit: clean up all op= output to include string quoting
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-24 Eric ParisAudit: move audit_get_nd completely into audit_watch
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-24 Eric Parisaudit: seperate audit inode watches into a subfile
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-24 Eric ParisAudit: clean up audit_receive_skb
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-24 Eric ParisAudit: cleanup netlink mesg handling
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-24 Eric ParisAudit: unify the printk of an skb when auditd not around
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-24 Eric ParisAudit: dereferencing krule as if it were an audit_watch
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-24 Eric ParisAudit: better estimation of execve record length
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-24 Eric ParisAudit: fix audit watch use after free
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-19 Eric Parisinotify: inotify_destroy_mark_entry could get called...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisfsnotify: allow groups to set freeing_mark to null
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisinotify/dnotify: should_send_event shouldn't match...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisdnotify: do not bother to lock entry->lock when reading...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisdnotify: do not use ?true:false when assigning to a...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisfsnotify: move events should indicate the event was...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisinotify: reimplement inotify using fsnotify
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisfsnotify: handle filesystem unmounts with fsnotify...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisfsnotify: fsnotify marks on inodes pin them in core
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisfsnotify: allow groups to add private data to events
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisfsnotify: add correlations between events
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisfsnotify: include pathnames with entries when possible
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisfsnotify: generic notification queue and waitq
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisdnotify: reimplement dnotify using fsnotify
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisfsnotify: parent event notification
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisfsnotify: add marks to inodes so groups can interpret...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-11 Eric Parisfsnotify: unified filesystem notification backend
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-06-02 Eric ParisSELinux: define audit permissions for audit tree netlink...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-05-21 Eric ParisIMA: Add __init notation to ima functions
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-05-21 Eric ParisIMA: Minimal IMA policy and boot param for TCB IMA...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-05-19 Eric ParisTPM: get_event_name stack corruption
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-05-18 Eric ParisSELinux: move SELINUX_MAGIC into magic.h
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-05-14 Eric ParisIMA: do not measure everything opened by root by default
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-05-14 Eric ParisIMA: remove read permissions on the ima policy file
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-05-13 Eric ParisTPM: get_event_name stack corruption
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-05-12 Eric Parissecurityfs: securityfs_remove should handle IS_ERR...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-05-12 Eric ParisIMA: open all files O_LARGEFILE
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-05-12 Eric ParisIMA: Handle dentry_open failures
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-05-12 Eric ParisIMA: use current_cred() instead of current->cred
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-04-29 Eric ParisSELinux: drop secondary_ops->sysctl
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-04-29 Eric Parismutex: add atomic_dec_and_mutex_lock()
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-04-06 Eric Parismutex: add atomic_dec_and_mutex_lock()
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-04-05 Eric ParisAudit: remove spaces from audit_log_d_path
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-04-05 Eric Parisaudit: audit_set_auditable defined but not used
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-04-05 Eric Parisaudit: incorrect ref counting in audit tree tag_chunk
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-04-02 Eric ParisBtrfs: introduce btrfs_show_options
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-03-09 Eric ParisSELinux: inode_doinit_with_dentry drop no dentry printk
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-03-05 Eric ParisSELinux: new permission between tty audit and audit...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-03-05 Eric ParisSELinux: open perm for sock files
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-02-13 Eric ParisSELinux: convert the avc cache hash list to an hlist
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-02-13 Eric ParisSELinux: code readability with avc_cache
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-02-13 Eric ParisSELinux: remove unused av.decided field
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-02-13 Eric ParisSELinux: more careful use of avd in avc_has_perm_noaudit
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-02-13 Eric ParisSELinux: remove the unused ae.used
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-02-13 Eric ParisSELinux: check seqno when updating an avc_node
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-02-13 Eric ParisSELinux: NULL terminate al contexts from disk
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-02-13 Eric ParisSELinux: better printk when file with invalid label...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-02-13 Eric ParisSELinux: call capabilities code directory
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-01-27 Eric Paristty_open can return to userspace holding tty_mutex
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-01-05 Eric Parissys_execve and sys_uselib do not call into fsnotify
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2009-01-05 Eric ParisSELinux: shrink sizeof av_inhert selinux_class_perm...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2008-12-31 Eric Parisfilesystem notification: create fs/notify to contain...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2008-12-09 Eric Paris[PATCH] Audit: make audit=0 actually turn off audit
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2008-11-14 Eric Pariscapabilities: define get_vfs_caps_from_disk when file...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2008-11-11 Eric ParisCurrently SELinux jumps through some ugly hoops to...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2008-11-11 Eric ParisThe oomkiller calculations make decisions based on...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2008-11-11 Eric ParisAdd a new capable interface that will be used by systems...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2008-11-11 Eric ParisCapabilities: BUG when an invalid capability is requested
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2008-11-11 Eric ParisWhen the capset syscall is used it is not possible...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
next
Verdex Pro support