| #
9b610fda |
| 18-Jul-2008 |
Ingo Molnar <mingo@elte.hu> |
Merge branch 'linus' into timers/nohz
|
| #
f1b0c8d3 |
| 18-Jul-2008 |
Ingo Molnar <mingo@elte.hu> |
Merge branch 'linus' into x86/amd-iommu
|
| #
cdbfc557 |
| 18-Jul-2008 |
Ingo Molnar <mingo@elte.hu> |
Merge branch 'linus' into x86/cleanups
|
| #
49997d75 |
| 18-Jul-2008 |
David S. Miller <davem@davemloft.net> |
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6
Conflicts:
Documentation/powerpc/booting-without-of.txt
drivers/atm/Makefile
drivers/net/fs_enet/fs_enet-m
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6
Conflicts:
Documentation/powerpc/booting-without-of.txt
drivers/atm/Makefile
drivers/net/fs_enet/fs_enet-main.c
drivers/pci/pci-acpi.c
net/8021q/vlan.c
net/iucv/iucv.c
show more ...
|
| #
82638844 |
| 15-Jul-2008 |
Ingo Molnar <mingo@elte.hu> |
Merge branch 'linus' into cpus4096
Conflicts:
arch/x86/xen/smp.c
kernel/sched_rt.c
net/iucv/iucv.c
Signed-off-by: Ingo Molnar <mingo@elte.hu>
|
| #
1e094813 |
| 15-Jul-2008 |
Ingo Molnar <mingo@elte.hu> |
Merge branch 'linus' into core/softlockup
Conflicts:
kernel/softlockup.c
Signed-off-by: Ingo Molnar <mingo@elte.hu>
|
| #
0c17e4ce |
| 15-Jul-2008 |
Ben Dooks <ben-linux@fluff.org> |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6 into for-rmk
|
| #
91d0322b |
| 15-Jul-2008 |
Ingo Molnar <mingo@elte.hu> |
Merge branch 'linus' into x86/urgent
|
| #
43d2548b |
| 15-Jul-2008 |
Benjamin Herrenschmidt <benh@kernel.crashing.org> |
Merge commit '85082fd7cbe3173198aac0eb5e85ab1edcc6352c' into test-build
Manual fixup of:
arch/powerpc/Kconfig
|
| #
847106ff |
| 14-Jul-2008 |
Linus Torvalds <torvalds@linux-foundation.org> |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (2
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (25 commits)
security: remove register_security hook
security: remove dummy module fix
security: remove dummy module
security: remove unused sb_get_mnt_opts hook
LSM/SELinux: show LSM mount options in /proc/mounts
SELinux: allow fstype unknown to policy to use xattrs if present
security: fix return of void-valued expressions
SELinux: use do_each_thread as a proper do/while block
SELinux: remove unused and shadowed addrlen variable
SELinux: more user friendly unknown handling printk
selinux: change handling of invalid classes (Was: Re: 2.6.26-rc5-mm1 selinux whine)
SELinux: drop load_mutex in security_load_policy
SELinux: fix off by 1 reference of class_to_string in context_struct_compute_av
SELinux: open code sidtab lock
SELinux: open code load_mutex
SELinux: open code policy_rwlock
selinux: fix endianness bug in network node address handling
selinux: simplify ioctl checking
SELinux: enable processes with mac_admin to get the raw inode contexts
Security: split proc ptrace checking into read vs. attach
...
show more ...
|
|
Revision tags: v2.6.26, v2.6.26-rc9, v2.6.26-rc8, v2.6.26-rc7, v2.6.26-rc6, v2.6.26-rc5, v2.6.26-rc4, v2.6.26-rc3, v2.6.26-rc2 |
|
| #
12b29f34 |
| 07-May-2008 |
Stephen Smalley <sds@tycho.nsa.gov> |
selinux: support deferred mapping of contexts
Introduce SELinux support for deferred mapping of security contexts in
the SID table upon policy reload, and use this support for inode
security context
selinux: support deferred mapping of contexts
Introduce SELinux support for deferred mapping of security contexts in
the SID table upon policy reload, and use this support for inode
security contexts when the context is not yet valid under the current
policy. Only processes with CAP_MAC_ADMIN + mac_admin permission in
policy can set undefined security contexts on inodes. Inodes with
such undefined contexts are treated as having the unlabeled context
until the context becomes valid upon a policy reload that defines the
context. Context invalidation upon policy reload also uses this
support to save the context information in the SID table and later
recover it upon a subsequent policy reload that defines the context
again.
This support is to enable package managers and similar programs to set
down file contexts unknown to the system policy at the time the file
is created in order to better support placing loadable policy modules
in packages and to support build systems that need to create images of
different distro releases with different policies w/o requiring all of
the contexts to be defined or legal in the build host policy.
With this patch applied, the following sequence is possible, although
in practice it is recommended that this permission only be allowed to
specific program domains such as the package manager.
# rmdir baz
# rm bar
# touch bar
# chcon -t foo_exec_t bar # foo_exec_t is not yet defined
chcon: failed to change context of `bar' to `system_u:object_r:foo_exec_t': Invalid argument
# mkdir -Z system_u:object_r:foo_exec_t baz
mkdir: failed to set default file creation context to `system_u:object_r:foo_exec_t': Invalid argument
# cat setundefined.te
policy_module(setundefined, 1.0)
require {
type unconfined_t;
type unlabeled_t;
}
files_type(unlabeled_t)
allow unconfined_t self:capability2 mac_admin;
# make -f /usr/share/selinux/devel/Makefile setundefined.pp
# semodule -i setundefined.pp
# chcon -t foo_exec_t bar # foo_exec_t is not yet defined
# mkdir -Z system_u:object_r:foo_exec_t baz
# ls -Zd bar baz
-rw-r--r-- root root system_u:object_r:unlabeled_t bar
drwxr-xr-x root root system_u:object_r:unlabeled_t baz
# cat foo.te
policy_module(foo, 1.0)
type foo_exec_t;
files_type(foo_exec_t)
# make -f /usr/share/selinux/devel/Makefile foo.pp
# semodule -i foo.pp # defines foo_exec_t
# ls -Zd bar baz
-rw-r--r-- root root user_u:object_r:foo_exec_t bar
drwxr-xr-x root root system_u:object_r:foo_exec_t baz
# semodule -r foo
# ls -Zd bar baz
-rw-r--r-- root root system_u:object_r:unlabeled_t bar
drwxr-xr-x root root system_u:object_r:unlabeled_t baz
# semodule -i foo.pp
# ls -Zd bar baz
-rw-r--r-- root root user_u:object_r:foo_exec_t bar
drwxr-xr-x root root system_u:object_r:foo_exec_t baz
# semodule -r setundefined foo
# chcon -t foo_exec_t bar # no longer defined and not allowed
chcon: failed to change context of `bar' to `system_u:object_r:foo_exec_t': Invalid argument
# rmdir baz
# mkdir -Z system_u:object_r:foo_exec_t baz
mkdir: failed to set default file creation context to `system_u:object_r:foo_exec_t': Invalid argument
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
show more ...
|
| #
7022b15e |
| 06-May-2008 |
Jiri Kosina <jkosina@suse.cz> |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6
|
|
Revision tags: v2.6.26-rc1 |
|
| #
96916090 |
| 30-Apr-2008 |
Len Brown <len.brown@intel.com> |
Merge branches 'release', 'acpica', 'bugzilla-10224', 'bugzilla-9772', 'bugzilla-9916', 'ec', 'eeepc', 'idle', 'misc', 'pm-legacy', 'sysfs-links-2.6.26', 'thermal', 'thinkpad' and 'video' into release
|
| #
e9f20d6f |
| 28-Apr-2008 |
Igor Mammedov <niallain@gmail.com> |
Merge branch 'master' of /pub/scm/linux/kernel/git/torvalds/linux-2.6
|
| #
cfd299df |
| 28-Apr-2008 |
Linus Torvalds <torvalds@linux-foundation.org> |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
SELinux: Fix a RCU
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
SELinux: Fix a RCU free problem with the netport cache
SELinux: Made netnode cache adds faster
SELinux: include/security.h whitespace, syntax, and other cleanups
SELinux: policydb.h whitespace, syntax, and other cleanups
SELinux: mls_types.h whitespace, syntax, and other cleanups
SELinux: mls.h whitespace, syntax, and other cleanups
SELinux: hashtab.h whitespace, syntax, and other cleanups
SELinux: context.h whitespace, syntax, and other cleanups
SELinux: ss/conditional.h whitespace, syntax, and other cleanups
SELinux: selinux/include/security.h whitespace, syntax, and other cleanups
SELinux: objsec.h whitespace, syntax, and other cleanups
SELinux: netlabel.h whitespace, syntax, and other cleanups
SELinux: avc_ss.h whitespace, syntax, and other cleanups
Fixed up conflict in include/linux/security.h manually
show more ...
|
| #
d497fc87 |
| 22-Apr-2008 |
Eric Paris <eparis@redhat.com> |
SELinux: mls.h whitespace, syntax, and other cleanups
This patch changes mls.h to fix whitespace and syntax issues. Things that
are fixed may include (does not not have to include)
spaces used ins
SELinux: mls.h whitespace, syntax, and other cleanups
This patch changes mls.h to fix whitespace and syntax issues. Things that
are fixed may include (does not not have to include)
spaces used instead of tabs
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
show more ...
|
|
Revision tags: v2.6.25, v2.6.25-rc9, v2.6.25-rc8, v2.6.25-rc7, v2.6.25-rc6, v2.6.25-rc5, v2.6.25-rc4, v2.6.25-rc3, v2.6.25-rc2, v2.6.25-rc1 |
|
| #
c1f3ee12 |
| 03-Feb-2008 |
David Woodhouse <dwmw2@infradead.org> |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git
|
|
Revision tags: v2.6.24, v2.6.24-rc8, v2.6.24-rc7, v2.6.24-rc6, v2.6.24-rc5, v2.6.24-rc4, v2.6.24-rc3 |
|
| #
98d74e08 |
| 09-Nov-2007 |
Linus Torvalds <torvalds@woody.linux-foundation.org> |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
SELinux: add more
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
SELinux: add more validity checks on policy load
SELinux: fix bug in new ebitmap code.
SELinux: suppress a warning for 64k pages.
show more ...
|
| #
45e5421e |
| 07-Nov-2007 |
Stephen Smalley <sds@tycho.nsa.gov> |
SELinux: add more validity checks on policy load
Add more validity checks at policy load time to reject malformed
policies and prevent subsequent out-of-range indexing when in permissive
mode. Reso
SELinux: add more validity checks on policy load
Add more validity checks at policy load time to reject malformed
policies and prevent subsequent out-of-range indexing when in permissive
mode. Resolves the NULL pointer dereference reported in
https://bugzilla.redhat.com/show_bug.cgi?id=357541.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
show more ...
|
|
Revision tags: v2.6.24-rc2, v2.6.24-rc1, v2.6.23, v2.6.23-rc9, v2.6.23-rc8, v2.6.23-rc7, v2.6.23-rc6, v2.6.23-rc5, v2.6.23-rc4, v2.6.23-rc3, v2.6.23-rc2, v2.6.23-rc1, v2.6.22, v2.6.22-rc7, v2.6.22-rc6, v2.6.22-rc5, v2.6.22-rc4, v2.6.22-rc3, v2.6.22-rc2, v2.6.22-rc1, v2.6.21, v2.6.21-rc7, v2.6.21-rc6, v2.6.21-rc5, v2.6.21-rc4, v2.6.21-rc3, v2.6.21-rc2, v2.6.21-rc1 |
|
| #
b22364c8 |
| 10-Feb-2007 |
Dmitry Torokhov <dtor@insightbb.com> |
Merge rsync://rsync.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6
|
|
Revision tags: v2.6.20, v2.6.20-rc7, v2.6.20-rc6 |
|
| #
9cdf083f |
| 17-Jan-2007 |
David Woodhouse <dwmw2@infradead.org> |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6
|
|
Revision tags: v2.6.20-rc5 |
|
| #
efa06708 |
| 08-Jan-2007 |
Linus Torvalds <torvalds@woody.osdl.org> |
Merge branch 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jmorris/selinux-2.6
* 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
selinux: Delete mls_co
Merge branch 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jmorris/selinux-2.6
* 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
selinux: Delete mls_copy_context
show more ...
|
|
Revision tags: v2.6.20-rc4, v2.6.20-rc3, v2.6.20-rc2, v2.6.20-rc1 |
|
| #
0efc61ea |
| 12-Dec-2006 |
Venkat Yekkirala <vyekkirala@TrustedCS.com> |
selinux: Delete mls_copy_context
This deletes mls_copy_context() in favor of mls_context_cpy() and
replaces mls_scopy_context() with mls_context_cpy_low().
Signed-off-by: Venkat Yekkirala <vyekkira
selinux: Delete mls_copy_context
This deletes mls_copy_context() in favor of mls_context_cpy() and
replaces mls_scopy_context() with mls_context_cpy_low().
Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
show more ...
|
| #
f0eef253 |
| 12-Dec-2006 |
Dave Jones <davej@redhat.com> |
Merge ../linus
|
| #
c4366889 |
| 12-Dec-2006 |
Dave Jones <davej@redhat.com> |
Merge ../linus
Conflicts:
drivers/cpufreq/cpufreq.c
|