summaryrefslogtreecommitdiffstats
path: root/security/seclvl.c
AgeCommit message (Collapse)Author
2006-09-29[PATCH] LSM: remove BSD secure level security moduleChris Wright
This code has suffered from broken core design and lack of developer attention. Broken security modules are too dangerous to leave around. It is time to remove this one. Signed-off-by: Chris Wright <chrisw@sous-sol.org> Acked-by: Michael Halcrow <mhalcrow@us.ibm.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: Davi Arnaut <davi.arnaut@gmail.com> Acked-by: Greg Kroah-Hartman <gregkh@suse.de> Acked-by: James Morris <jmorris@namei.org> Acked-by: Alan Cox <alan@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-09-21[CRYPTO] users: Use crypto_hash interface instead of crypto_digestHerbert Xu
This patch converts all remaining crypto_digest users to use the new crypto_hash interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-06-30Remove obsolete #include <linux/config.h>Jörn Engel
Signed-off-by: Jörn Engel <joern@wohnheim.fh-wedel.de> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-03-23[PATCH] Bug fixes and cleanup for the BSD Secure Levels LSMDavi Arnaut
This patch address several issues in the current BSD Secure Levels code: o plaintext_to_sha1: Missing check for a NULL return from __get_free_page o passwd_write_file: A page is leaked if the password is wrong. o fix securityfs registration order o seclvl_init is a mess and can't properly tolerate failures, failure path is upside down (deldif and delf should be switched) Cleanups: o plaintext_to_sha1: Use buffers passed in o passwd_write_file: Use kmalloc() instead of get_zeroed_page() o passwd_write_file: hashedPassword comparison is just memcmp o s/ENOSYS/EINVAL/ o misc (akpm: after some discussion it appears that the BSD secure levels feature should be scheduled for removal. But for now, let's fix these problems up). Signed-off-by: Davi Arnaut <davi.arnaut@gmail.com> Cc: Michael Halcrow <mhalcrow@us.ibm.com> Cc: Chris Wright <chrisw@sous-sol.org> Cc: Stephen Smalley <sds@epoch.ncsc.mil> Cc: James Morris <jmorris@namei.org> Cc: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-01-31Don't try to "validate" a non-existing timeval.Linus Torvalds
settime() with a NULL timeval is silly but legal. Noticed by Dave Jones <davej@redhat.com> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-17[PATCH] seclvl: use securityfs (fix)Serge Hallyn
That should be -EINVAL for both. Signed-off-by: Serge Hallyn <serue@us.ibm.com> Cc: Greg KH <greg@kroah.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-17[PATCH] seclvl-use-securityfs tidyAndrew Morton
We don't put braces around single statements, thanks. Cc: Serge Hallyn <serue@us.ibm.com> Cc: James Morris <jmorris@namei.org> Cc: Chris Wright <chrisw@osdl.org> Cc: Greg KH <greg@kroah.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-13Merge master.kernel.org:/pub/scm/linux/kernel/git/chrisw/lsm-2.6 Linus Torvalds
2005-09-01[CRYPTO]: Use CRYPTO_TFM_REQ_MAY_SLEEP where appropriateHerbert Xu
This patch goes through the current users of the crypto layer and sets CRYPTO_TFM_REQ_MAY_SLEEP at crypto_alloc_tfm() where all crypto operations are performed in process context. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-08[PATCH] seclvl securityfsserue@us.ibm.com
Once again, the simple_attr in libfs was actually sufficient - I'd thought the __attribute__(format(printk(1,2))) was more mysterious than it really is. At last, here is the full patch to make seclvl use securityfs. Signed-off-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Chris Wright <chrisw@osdl.org> -- seclvl.c | 228 +++++++++++++++++++-------------------------------------------- 1 files changed, 70 insertions(+), 158 deletions(-) Index: linux-2.6.13-rc1/security/seclvl.c ===================================================================
2005-06-20[PATCH] sysfs: (rest) if show/store is missing return -EIODmitry Torokhov
sysfs: fix the rest of the kernel so if an attribute doesn't implement show or store method read/write will return -EIO instead of 0 or -EINVAL or -EPERM. Signed-off-by: Dmitry Torokhov <dtor@mail.ru> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2005-04-16Linux-2.6.12-rc2v2.6.12-rc2Linus Torvalds
Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!