kernel_optimize_test/security
Mimi Zohar 566be59ab8 evm: permit mode bits to be updated
Before permitting 'security.evm' to be updated, 'security.evm' must
exist and be valid.  In the case that there are no existing EVM protected
xattrs, it is safe for posix acls to update the mode bits.

To differentiate between no 'security.evm' xattr and no xattrs used to
calculate 'security.evm', this patch defines INTEGRITY_NOXATTR.

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
2011-09-14 15:24:52 -04:00
..
apparmor apparmor: sparse fix: include procattr.h in procattr.c 2011-09-09 16:56:29 -07:00
integrity evm: permit mode bits to be updated 2011-09-14 15:24:52 -04:00
keys encrypted-keys: remove trusted-keys dependency 2011-09-14 15:23:49 -04:00
selinux selinux: sparse fix: fix several warnings in the security server code 2011-09-09 16:56:32 -07:00
smack doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
tomoyo TOMOYO: Avoid race when retrying "file execute" permission check. 2011-09-14 08:27:07 +10:00
capability.c ->permission() sanitizing: don't pass flags to ->inode_permission() 2011-07-20 01:43:26 -04:00
commoncap.c capabilities: initialize has_cap 2011-08-16 09:20:45 +10:00
device_cgroup.c security,rcu: Convert call_rcu(whitelist_item_free) to kfree_rcu() 2011-07-20 11:05:30 -07:00
inode.c convert get_sb_single() users 2010-10-29 04:16:28 -04:00
Kconfig encrypted-keys: remove trusted-keys dependency 2011-09-14 15:23:49 -04:00
lsm_audit.c LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATH 2011-04-25 18:14:07 -04:00
Makefile integrity: move ima inode integrity data management 2011-07-18 12:29:38 -04:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c evm: fix security/security_old_init_security return code 2011-09-14 15:24:50 -04:00