summaryrefslogtreecommitdiff
path: root/security/seclvl.c
AgeCommit message (Collapse)AuthorFilesLines
2006-09-29[PATCH] LSM: remove BSD secure level security moduleChris Wright1-671/+0
This code has suffered from broken core design and lack of developer attention. Broken security modules are too dangerous to leave around. It is time to remove this one. Signed-off-by: Chris Wright <chrisw@sous-sol.org> Acked-by: Michael Halcrow <mhalcrow@us.ibm.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: Davi Arnaut <davi.arnaut@gmail.com> Acked-by: Greg Kroah-Hartman <gregkh@suse.de> Acked-by: James Morris <jmorris@namei.org> Acked-by: Alan Cox <alan@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-09-21[CRYPTO] users: Use crypto_hash interface instead of crypto_digestHerbert Xu1-8/+10
This patch converts all remaining crypto_digest users to use the new crypto_hash interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-06-30Remove obsolete #include <linux/config.h>Jörn Engel1-1/+0
Signed-off-by: Jörn Engel <joern@wohnheim.fh-wedel.de> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-03-23[PATCH] Bug fixes and cleanup for the BSD Secure Levels LSMDavi Arnaut1-97/+113
This patch address several issues in the current BSD Secure Levels code: o plaintext_to_sha1: Missing check for a NULL return from __get_free_page o passwd_write_file: A page is leaked if the password is wrong. o fix securityfs registration order o seclvl_init is a mess and can't properly tolerate failures, failure path is upside down (deldif and delf should be switched) Cleanups: o plaintext_to_sha1: Use buffers passed in o passwd_write_file: Use kmalloc() instead of get_zeroed_page() o passwd_write_file: hashedPassword comparison is just memcmp o s/ENOSYS/EINVAL/ o misc (akpm: after some discussion it appears that the BSD secure levels feature should be scheduled for removal. But for now, let's fix these problems up). Signed-off-by: Davi Arnaut <davi.arnaut@gmail.com> Cc: Michael Halcrow <mhalcrow@us.ibm.com> Cc: Chris Wright <chrisw@sous-sol.org> Cc: Stephen Smalley <sds@epoch.ncsc.mil> Cc: James Morris <jmorris@namei.org> Cc: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-01-31Don't try to "validate" a non-existing timeval.Linus Torvalds1-2/+2
settime() with a NULL timeval is silly but legal. Noticed by Dave Jones <davej@redhat.com> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-17[PATCH] seclvl: use securityfs (fix)Serge Hallyn1-1/+1
That should be -EINVAL for both. Signed-off-by: Serge Hallyn <serue@us.ibm.com> Cc: Greg KH <greg@kroah.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-17[PATCH] seclvl-use-securityfs tidyAndrew Morton1-10/+5
We don't put braces around single statements, thanks. Cc: Serge Hallyn <serue@us.ibm.com> Cc: James Morris <jmorris@namei.org> Cc: Chris Wright <chrisw@osdl.org> Cc: Greg KH <greg@kroah.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-13Merge master.kernel.org:/pub/scm/linux/kernel/git/chrisw/lsm-2.6 Linus Torvalds1-158/+70
2005-09-02[CRYPTO]: Use CRYPTO_TFM_REQ_MAY_SLEEP where appropriateHerbert Xu1-1/+1
This patch goes through the current users of the crypto layer and sets CRYPTO_TFM_REQ_MAY_SLEEP at crypto_alloc_tfm() where all crypto operations are performed in process context. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-09[PATCH] seclvl securityfsserue@us.ibm.com1-158/+70
Once again, the simple_attr in libfs was actually sufficient - I'd thought the __attribute__(format(printk(1,2))) was more mysterious than it really is. At last, here is the full patch to make seclvl use securityfs. Signed-off-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Chris Wright <chrisw@osdl.org> -- seclvl.c | 228 +++++++++++++++++++-------------------------------------------- 1 files changed, 70 insertions(+), 158 deletions(-) Index: linux-2.6.13-rc1/security/seclvl.c ===================================================================
2005-06-21[PATCH] sysfs: (rest) if show/store is missing return -EIODmitry Torokhov1-2/+2
sysfs: fix the rest of the kernel so if an attribute doesn't implement show or store method read/write will return -EIO instead of 0 or -EINVAL or -EPERM. Signed-off-by: Dmitry Torokhov <dtor@mail.ru> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2005-04-17Linux-2.6.12-rc2v2.6.12-rc2Linus Torvalds1-0/+747
Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!