summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)Author
2012-05-14Smack: allow for significantly longer Smack labels v4Casey Schaufler
2012-05-14gfp flags for security_inode_alloc()?Tetsuo Handa
2012-05-14Smack: recursive tramsmuteCasey Schaufler
2012-05-15Yama: replace capable() with ns_capable()Kees Cook
2012-05-15TOMOYO: Accept manager programs which do not start with / .Tetsuo Handa
2012-05-11KEYS: Add invalidation supportDavid Howells
2012-05-11KEYS: Do LRU discard in full keyringsDavid Howells
2012-05-11KEYS: Permit in-place link replacement in keyring listDavid Howells
2012-05-11KEYS: Perform RCU synchronisation on keys prior to key destructionDavid Howells
2012-05-11KEYS: Announce key type (un)registrationDavid Howells
2012-05-11KEYS: Reorganise keys MakefileDavid Howells
2012-05-11KEYS: Move the key config into security/keys/KconfigDavid Howells
2012-05-08netfilter: remove ip_queue supportPablo Neira Ayuso
2012-05-04Merge tag 'v3.4-rc5' into nextJames Morris
2012-05-03userns: Convert capabilities related permsion checksEric W. Biederman
2012-05-03userns: Store uid and gid values in struct cred with kuid_t and kgid_t typesEric W. Biederman
2012-05-03userns: Convert group_info values from gid_t to kgid_t.Eric W. Biederman
2012-04-26userns: Simplify the user_namespace by making userns->creator a kuid.Eric W. Biederman
2012-04-23Yama: remove an unused variableDan Carpenter
2012-04-19Yama: add additional ptrace scopesKees Cook
2012-04-19security: fix compile error in commoncap.cJonghwan Choi
2012-04-18fcaps: clear the same personality flags as suid when fcaps are usedEric Paris
2012-04-18Smack: move label list initializationCasey Schaufler
2012-04-14Fix execve behavior apparmor for PR_{GET,SET}_NO_NEW_PRIVSJohn Johansen
2012-04-14Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privsAndy Lutomirski
2012-04-10Smack: build when CONFIG_AUDIT not definedKees Cook
2012-04-09SELinux: remove unused common_audit_data in flush_unauthorized_filesEric Paris
2012-04-09SELinux: avc: remove the useless fields in avc_add_callbackWanlong Gao
2012-04-09SELinux: replace weak GFP_ATOMIC to GFP_KERNEL in avc_add_callbackWanlong Gao
2012-04-09SELinux: unify the selinux_audit_data and selinux_late_audit_dataEric Paris
2012-04-09SELinux: remove auditdeny from selinux_audit_dataEric Paris
2012-04-09LSM: do not initialize common_audit_data to 0Eric Paris
2012-04-09LSM: BUILD_BUG_ON if the common_audit_data union ever growsEric Paris
2012-04-09LSM: remove the task field from common_audit_dataEric Paris
2012-04-09apparmor: move task from common_audit_data to apparmor_audit_dataEric Paris
2012-04-09LSM: remove the COMMON_AUDIT_DATA_INIT type expansionEric Paris
2012-04-09SELinux: move common_audit_data to a noinline slow path functionEric Paris
2012-04-09SELinux: remove inode_has_perm_noadpEric Paris
2012-04-09SELinux: delay initialization of audit data in selinux_inode_permissionEric Paris
2012-04-09SELinux: if sel_make_bools errors don't leave inconsistent stateEric Paris
2012-04-09SELinux: remove needless sel_div functionEric Paris
2012-04-09SELinux: possible NULL deref in context_struct_to_stringEric Paris
2012-04-09SELinux: audit failed attempts to set invalid labelsEric Paris
2012-04-09SELinux: rename dentry_open to file_openEric Paris
2012-04-09SELinux: check OPEN on truncate callsEric Paris
2012-04-09SELinux: add default_type statementsEric Paris
2012-04-09SELinux: allow default source/target selectors for user/role/rangeEric Paris
2012-04-09SELinux: loosen DAC perms on reading policyEric Paris
2012-04-09SELinux: allow seek operations on the file exposing policyEric Paris
2012-04-07userns: Add an explicit reference to the parent user namespaceEric W. Biederman