linux-toradex.git/security/smack, branch colibri Linux kernel for Apalis and Colibri modules doc: Update the email address for Paul Moore in various source files 2011-08-02T00:58:33+00:00 Paul Moore paul.moore@hp.com 2011-08-01T11:10:33+00:00 82c21bfab41a77bc01affe21bea9727d776774a7 My @hp.com will no longer be valid starting August 5, 2011 so an update is necessary. My new email address is employer independent so we don't have to worry about doing this again any time soon. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
My @hp.com will no longer be valid starting August 5, 2011 so an update is
necessary.  My new email address is employer independent so we don't have
to worry about doing this again any time soon.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
->permission() sanitizing: don't pass flags to ->inode_permission() 2011-07-20T05:43:26+00:00 Al Viro viro@zeniv.linux.org.uk 2011-06-20T23:38:15+00:00 e74f71eb78a4a8b9eaf1bc65f20f761648e85f76 pass that via mask instead. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
pass that via mask instead.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Merge branch 'master' of git://git.infradead.org/users/eparis/selinux into for-linus 2011-05-24T13:20:19+00:00 James Morris jmorris@namei.org 2011-05-24T13:20:19+00:00 b7b57551bbda1390959207f79f2038aa7adb72ae Conflicts: lib/flex_array.c security/selinux/avc.c security/selinux/hooks.c security/selinux/ss/policydb.c security/smack/smack_lsm.c Manually resolve conflicts. Signed-off-by: James Morris <jmorris@namei.org> 
Conflicts:
	lib/flex_array.c
	security/selinux/avc.c
	security/selinux/hooks.c
	security/selinux/ss/policydb.c
	security/smack/smack_lsm.c

Manually resolve conflicts.

Signed-off-by: James Morris <jmorris@namei.org>
SMACK: smack_file_lock can use the struct path 2011-04-25T22:14:45+00:00 Eric Paris eparis@redhat.com 2011-04-25T17:15:55+00:00 92f4250901476fcadc4f52ace36e453c61f5591d smack_file_lock has a struct path, so use that instead of only the dentry. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com> 
smack_file_lock has a struct path, so use that instead of only the
dentry.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATH 2011-04-25T22:14:07+00:00 Eric Paris eparis@redhat.com 2011-04-25T17:10:27+00:00 a269434d2fb48a4d66c1d7bf821b7874b59c5b41 This patch separates and audit message that only contains a dentry from one that contains a full path. This allows us to make it harder to misuse the interfaces or for the interfaces to be implemented wrong. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com> 
This patch separates and audit message that only contains a dentry from
one that contains a full path.  This allows us to make it harder to
misuse the interfaces or for the interfaces to be implemented wrong.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
LSM: split LSM_AUDIT_DATA_FS into _PATH and _INODE 2011-04-25T22:13:15+00:00 Eric Paris eparis@redhat.com 2011-04-25T16:54:27+00:00 f48b7399840b453e7282b523f535561fe9638a2d The lsm common audit code has wacky contortions making sure which pieces of information are set based on if it was given a path, dentry, or inode. Split this into path and inode to get rid of some of the code complexity. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com> 
The lsm common audit code has wacky contortions making sure which pieces
of information are set based on if it was given a path, dentry, or
inode.  Split this into path and inode to get rid of some of the code
complexity.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
SECURITY: Move exec_permission RCU checks into security modules 2011-04-25T14:20:32+00:00 Andi Kleen ak@linux.intel.com 2011-04-22T00:23:19+00:00 1c9904297451f558191e211a48d8838b4bf792b0 Right now all RCU walks fall back to reference walk when CONFIG_SECURITY is enabled, even though just the standard capability module is active. This is because security_inode_exec_permission unconditionally fails RCU walks. Move this decision to the low level security module. This requires passing the RCU flags down the security hook. This way at least the capability module and a few easy cases in selinux/smack work with RCU walks with CONFIG_SECURITY=y Signed-off-by: Andi Kleen <ak@linux.intel.com> Signed-off-by: Eric Paris <eparis@redhat.com> 
Right now all RCU walks fall back to reference walk when CONFIG_SECURITY
is enabled, even though just the standard capability module is active.
This is because security_inode_exec_permission unconditionally fails
RCU walks.

Move this decision to the low level security module. This requires
passing the RCU flags down the security hook. This way at least
the capability module and a few easy cases in selinux/smack work
with RCU walks with CONFIG_SECURITY=y

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
SECURITY: Move exec_permission RCU checks into security modules 2011-04-22T23:17:29+00:00 Andi Kleen ak@linux.intel.com 2011-04-22T00:23:19+00:00 8c9e80ed276fc4b9c9fadf29d8bf6b3576112f1a Right now all RCU walks fall back to reference walk when CONFIG_SECURITY is enabled, even though just the standard capability module is active. This is because security_inode_exec_permission unconditionally fails RCU walks. Move this decision to the low level security module. This requires passing the RCU flags down the security hook. This way at least the capability module and a few easy cases in selinux/smack work with RCU walks with CONFIG_SECURITY=y Signed-off-by: Andi Kleen <ak@linux.intel.com> Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Right now all RCU walks fall back to reference walk when CONFIG_SECURITY
is enabled, even though just the standard capability module is active.
This is because security_inode_exec_permission unconditionally fails
RCU walks.

Move this decision to the low level security module. This requires
passing the RCU flags down the security hook. This way at least
the capability module and a few easy cases in selinux/smack work
with RCU walks with CONFIG_SECURITY=y

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Fix common misspellings 2011-03-31T14:26:23+00:00 Lucas De Marchi lucas.demarchi@profusion.mobi 2011-03-31T01:57:33+00:00 25985edcedea6396277003854657b5f3cb31a628 Fixes generated by 'codespell' and manually reviewed. Signed-off-by: Lucas De Marchi <lucas.demarchi@profusion.mobi> 
Fixes generated by 'codespell' and manually reviewed.

Signed-off-by: Lucas De Marchi <lucas.demarchi@profusion.mobi>
Merge branch 'master' of git://git.infradead.org/users/eparis/selinux into next 2011-03-08T00:38:10+00:00 James Morris jmorris@namei.org 2011-03-08T00:38:10+00:00 fe3fa43039d47ee4e22caf460b79b62a14937f79