Age | Commit message (Collapse) | Author |
|
This code has suffered from broken core design and lack of developer
attention. Broken security modules are too dangerous to leave around. It
is time to remove this one.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Acked-by: Michael Halcrow <mhalcrow@us.ibm.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Davi Arnaut <davi.arnaut@gmail.com>
Acked-by: Greg Kroah-Hartman <gregkh@suse.de>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
This patch converts all remaining crypto_digest users to use the new
crypto_hash interface.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Signed-off-by: Jörn Engel <joern@wohnheim.fh-wedel.de>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
|
|
This patch address several issues in the current BSD Secure Levels code:
o plaintext_to_sha1: Missing check for a NULL return from __get_free_page
o passwd_write_file: A page is leaked if the password is wrong.
o fix securityfs registration order
o seclvl_init is a mess and can't properly tolerate failures, failure
path is upside down (deldif and delf should be switched)
Cleanups:
o plaintext_to_sha1: Use buffers passed in
o passwd_write_file: Use kmalloc() instead of get_zeroed_page()
o passwd_write_file: hashedPassword comparison is just memcmp
o s/ENOSYS/EINVAL/
o misc
(akpm: after some discussion it appears that the BSD secure levels feature
should be scheduled for removal. But for now, let's fix these problems up).
Signed-off-by: Davi Arnaut <davi.arnaut@gmail.com>
Cc: Michael Halcrow <mhalcrow@us.ibm.com>
Cc: Chris Wright <chrisw@sous-sol.org>
Cc: Stephen Smalley <sds@epoch.ncsc.mil>
Cc: James Morris <jmorris@namei.org>
Cc: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
settime() with a NULL timeval is silly but legal.
Noticed by Dave Jones <davej@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
That should be -EINVAL for both.
Signed-off-by: Serge Hallyn <serue@us.ibm.com>
Cc: Greg KH <greg@kroah.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
We don't put braces around single statements, thanks.
Cc: Serge Hallyn <serue@us.ibm.com>
Cc: James Morris <jmorris@namei.org>
Cc: Chris Wright <chrisw@osdl.org>
Cc: Greg KH <greg@kroah.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
|
|
This patch goes through the current users of the crypto layer and sets
CRYPTO_TFM_REQ_MAY_SLEEP at crypto_alloc_tfm() where all crypto operations
are performed in process context.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Once again, the simple_attr in libfs was actually sufficient - I'd
thought the __attribute__(format(printk(1,2))) was more mysterious than
it really is.
At last, here is the full patch to make seclvl use securityfs.
Signed-off-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: Chris Wright <chrisw@osdl.org>
--
seclvl.c | 228 +++++++++++++++++++--------------------------------------------
1 files changed, 70 insertions(+), 158 deletions(-)
Index: linux-2.6.13-rc1/security/seclvl.c
===================================================================
|
|
sysfs: fix the rest of the kernel so if an attribute doesn't
implement show or store method read/write will return
-EIO instead of 0 or -EINVAL or -EPERM.
Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
|
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.
Let it rip!
|