Mimi Zohar 7102ebcd65 evm: permit only valid security.evm xattrs to be updated ... In addition to requiring CAP_SYS_ADMIN permission to modify/delete security.evm, prohibit invalid security.evm xattrs from changing, unless in fixmode. This patch prevents inadvertent 'fixing' of security.evm to reflect offline modifications. Changelog v7: - rename boot paramater 'evm_mode' to 'evm' Reported-by: Roberto Sassu <roberto.sassu@polito.it> Signed-off-by: Mimi Zohar <zohar@us.ibm.com>		2011-07-18 12:29:49 -04:00
..
apparmor	AppArmor: Fix masking of capabilities in complain mode	2011-06-29 02:04:44 +01:00
integrity	evm: permit only valid security.evm xattrs to be updated	2011-07-18 12:29:49 -04:00
keys	Merge branch 'linus' into next	2011-06-30 18:43:56 +10:00
selinux	Merge branch 'for-linus' of git://git.infradead.org/users/eparis/selinux into for-linus	2011-06-15 09:41:48 +10:00
smack	Merge commit 'v2.6.39' into 20110526	2011-05-26 17:20:14 -04:00
tomoyo	TOMOYO: Update kernel-doc.	2011-07-14 17:50:03 +10:00
capability.c	SECURITY: Move exec_permission RCU checks into security modules	2011-04-25 10:20:32 -04:00
commoncap.c	capabilities: do not special case exec of init	2011-04-04 10:31:06 +10:00
device_cgroup.c	devcgroup_inode_permission: take "is it a device node" checks to inlined wrapper	2011-06-20 10:46:04 -04:00
inode.c	convert get_sb_single() users	2010-10-29 04:16:28 -04:00
Kconfig	integrity: move ima inode integrity data management	2011-07-18 12:29:38 -04:00
lsm_audit.c	LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATH	2011-04-25 18:14:07 -04:00
Makefile	integrity: move ima inode integrity data management	2011-07-18 12:29:38 -04:00
min_addr.c	mmap_min_addr check CAP_SYS_RAWIO only for write	2010-04-23 08:56:31 +10:00
security.c	evm: call evm_inode_init_security from security_inode_init_security	2011-07-18 12:29:45 -04:00