linux/security
Casey Schaufler 531f1d453e Smack: Repair processing of fcntl
Al Viro pointed out that the processing of fcntl done
by Smack appeared poorly designed. He was right. There
are three things that required change. Most obviously,
the list of commands that really imply writing is limited
to those involving file locking and signal handling.
The initialization if the file security blob was
incomplete, requiring use of a heretofore unused LSM hook.
Finally, the audit information coming from a helper
masked the identity of the LSM hook. This patch corrects
all three of these defects.

This is targeted for the smack-next tree pending comments.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
2011-10-12 14:24:28 -07:00
..
apparmor apparmor: sparse fix: include procattr.h in procattr.c 2011-09-09 16:56:29 -07:00
integrity evm: clean verification status 2011-09-14 15:24:52 -04:00
keys encrypted-keys: check hex2bin result 2011-09-20 23:26:44 -04:00
selinux selinux: sparse fix: fix several warnings in the security server code 2011-09-09 16:56:32 -07:00
smack Smack: Repair processing of fcntl 2011-10-12 14:24:28 -07:00
tomoyo TOMOYO: Fix quota and garbage collector. 2011-10-12 12:15:20 +11:00
capability.c ->permission() sanitizing: don't pass flags to ->inode_permission() 2011-07-20 01:43:26 -04:00
commoncap.c capabilities: initialize has_cap 2011-08-16 09:20:45 +10:00
device_cgroup.c security,rcu: Convert call_rcu(whitelist_item_free) to kfree_rcu() 2011-07-20 11:05:30 -07:00
inode.c convert get_sb_single() users 2010-10-29 04:16:28 -04:00
Kconfig encrypted-keys: remove trusted-keys dependency 2011-09-14 15:23:49 -04:00
lsm_audit.c LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATH 2011-04-25 18:14:07 -04:00
Makefile integrity: move ima inode integrity data management 2011-07-18 12:29:38 -04:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c evm: fix security/security_old_init_security return code 2011-09-14 15:24:50 -04:00