aboutsummaryrefslogtreecommitdiffstats
path: root/security/seclvl.c
Commit message (Collapse)AuthorAgeFilesLines
* [PATCH] Bug fixes and cleanup for the BSD Secure Levels LSMDavi Arnaut2006-03-231-97/+113
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch address several issues in the current BSD Secure Levels code: o plaintext_to_sha1: Missing check for a NULL return from __get_free_page o passwd_write_file: A page is leaked if the password is wrong. o fix securityfs registration order o seclvl_init is a mess and can't properly tolerate failures, failure path is upside down (deldif and delf should be switched) Cleanups: o plaintext_to_sha1: Use buffers passed in o passwd_write_file: Use kmalloc() instead of get_zeroed_page() o passwd_write_file: hashedPassword comparison is just memcmp o s/ENOSYS/EINVAL/ o misc (akpm: after some discussion it appears that the BSD secure levels feature should be scheduled for removal. But for now, let's fix these problems up). Signed-off-by: Davi Arnaut <davi.arnaut@gmail.com> Cc: Michael Halcrow <mhalcrow@us.ibm.com> Cc: Chris Wright <chrisw@sous-sol.org> Cc: Stephen Smalley <sds@epoch.ncsc.mil> Cc: James Morris <jmorris@namei.org> Cc: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
* Don't try to "validate" a non-existing timeval.Linus Torvalds2006-01-311-2/+2
| | | | | | | | settime() with a NULL timeval is silly but legal. Noticed by Dave Jones <davej@redhat.com> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
* [PATCH] seclvl: use securityfs (fix)Serge Hallyn2005-09-171-1/+1
| | | | | | | | | That should be -EINVAL for both. Signed-off-by: Serge Hallyn <serue@us.ibm.com> Cc: Greg KH <greg@kroah.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
* [PATCH] seclvl-use-securityfs tidyAndrew Morton2005-09-171-10/+5
| | | | | | | | | | | We don't put braces around single statements, thanks. Cc: Serge Hallyn <serue@us.ibm.com> Cc: James Morris <jmorris@namei.org> Cc: Chris Wright <chrisw@osdl.org> Cc: Greg KH <greg@kroah.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
* Merge master.kernel.org:/pub/scm/linux/kernel/git/chrisw/lsm-2.6 Linus Torvalds2005-09-131-158/+70
|\
| * [PATCH] seclvl securityfsserue@us.ibm.com2005-07-081-158/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Once again, the simple_attr in libfs was actually sufficient - I'd thought the __attribute__(format(printk(1,2))) was more mysterious than it really is. At last, here is the full patch to make seclvl use securityfs. Signed-off-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Chris Wright <chrisw@osdl.org> -- seclvl.c | 228 +++++++++++++++++++-------------------------------------------- 1 files changed, 70 insertions(+), 158 deletions(-) Index: linux-2.6.13-rc1/security/seclvl.c ===================================================================
* | [CRYPTO]: Use CRYPTO_TFM_REQ_MAY_SLEEP where appropriateHerbert Xu2005-09-011-1/+1
|/ | | | | | | | | This patch goes through the current users of the crypto layer and sets CRYPTO_TFM_REQ_MAY_SLEEP at crypto_alloc_tfm() where all crypto operations are performed in process context. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [PATCH] sysfs: (rest) if show/store is missing return -EIODmitry Torokhov2005-06-201-2/+2
| | | | | | | | | sysfs: fix the rest of the kernel so if an attribute doesn't implement show or store method read/write will return -EIO instead of 0 or -EINVAL or -EPERM. Signed-off-by: Dmitry Torokhov <dtor@mail.ru> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* Linux-2.6.12-rc2v2.6.12-rc2Linus Torvalds2005-04-161-0/+747
Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!