summaryrefslogtreecommitdiffstats
path: root/security/commoncap.c
AgeCommit message (Expand)AuthorFilesLines
2017-09-24Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-3/+3
2017-09-23security: fix description of values returned by cap_inode_need_killprivStefan Berger1-3/+3
2017-09-11Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds1-21/+256
2017-09-01Introduce v3 namespaced file capabilitiesSerge E. Hallyn1-19/+251
2017-08-01commoncap: Move cap_elevated calculation into bprm_set_credsKees Cook1-42/+10
2017-08-01commoncap: Refactor to remove bprm_secureexec hookKees Cook1-4/+8
2017-07-20security: Use user_namespace::level to avoid redundant iterations in cap_capa...Kirill Tkhai1-2/+5
2017-03-06security: mark LSM hooks as __ro_after_initJames Morris1-1/+1
2017-02-23Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds1-2/+3
2017-01-24exec: Remove LSM_UNSAFE_PTRACE_CAPEric W. Biederman1-1/+1
2017-01-24exec: Test the ptracer's saved cred to see if the tracee can gain capsEric W. Biederman1-1/+2
2017-01-24exec: Don't reset euid and egid when the tracee has CAP_SETUIDEric W. Biederman1-1/+1
2017-01-19LSM: Add /sys/kernel/security/lsmCasey Schaufler1-1/+2
2016-10-07xattr: Add __vfs_{get,set,remove}xattr helpersAndreas Gruenbacher1-15/+10
2016-06-24fs: Treat foreign mounts as nosuidAndy Lutomirski1-1/+7
2016-06-24fs: Limit file caps to the user namespace of the super blockSeth Forshee1-0/+2
2016-05-17Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-3/+3
2016-04-22security: Introduce security_settime64()Baolin Wang1-1/+1
2016-04-11->getxattr(): pass dentry and inode as separate argumentsAl Viro1-3/+3
2016-01-20ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn1-1/+6
2015-09-04capabilities: add a securebit to disable PR_CAP_AMBIENT_RAISEAndy Lutomirski1-1/+2
2015-09-04capabilities: ambient capabilitiesAndy Lutomirski1-10/+92
2015-05-12LSM: Switch to lists of hooksCasey Schaufler1-8/+33
2015-04-15VFS: security/: d_backing_inode() annotationsDavid Howells1-3/+3
2015-01-25file->f_path.dentry is pinned down for as long as the file is open...Al Viro1-5/+1
2014-11-19kill f_dentry usesAl Viro1-1/+1
2014-07-24CAPABILITIES: remove undefined caps from all processesEric Paris1-0/+3
2014-07-24commoncap: don't alloc the credential unless needed in cap_task_prctlTetsuo Handa1-42/+30
2013-08-30capabilities: allow nice if we are privilegedSerge Hallyn1-4/+4
2013-08-30userns: Allow PR_CAPBSET_DROP in a user namespace.Eric W. Biederman1-1/+1
2013-02-26kill f_vfsmntAl Viro1-1/+1
2012-12-14Fix cap_capable to only allow owners in the parent user namespace to have caps.Eric W. Biederman1-8/+17
2012-05-31split ->file_mmap() into ->mmap_addr()/->mmap_file()Al Viro1-18/+3
2012-05-31split cap_mmap_addr() out of cap_file_mmap()Al Viro1-9/+23
2012-05-23Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds1-25/+36
2012-05-04Merge tag 'v3.4-rc5' into nextJames Morris1-0/+6
2012-05-03userns: Convert capabilities related permsion checksEric W. Biederman1-15/+26
2012-05-03userns: Store uid and gid values in struct cred with kuid_t and kgid_t typesEric W. Biederman1-2/+1
2012-04-26userns: Simplify the user_namespace by making userns->creator a kuid.Eric W. Biederman1-2/+3
2012-04-19security: fix compile error in commoncap.cJonghwan Choi1-0/+1
2012-04-18fcaps: clear the same personality flags as suid when fcaps are usedEric Paris1-0/+5
2012-04-14Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privsAndy Lutomirski1-2/+5
2012-04-07userns: Add an explicit reference to the parent user namespaceEric W. Biederman1-1/+1
2012-04-07userns: Use cred->user_ns instead of cred->user->user_nsEric W. Biederman1-7/+7
2012-02-14security: trim security.hAl Viro1-0/+1
2012-01-14Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-securityLinus Torvalds1-17/+7
2012-01-05security: remove the security_netlink_recv hook as it is equivalent to capable()Eric Paris1-8/+0
2012-01-05capabilities: remove the task from capable LSM hook entirelyEric Paris1-9/+7
2011-08-16capabilities: initialize has_capSerge Hallyn1-1/+1
2011-08-12capabilities: do not grant full privs for setuid w/ file caps + no effective ...Zhi Li1-6/+10