summaryrefslogtreecommitdiff
path: root/security/commoncap.c
AgeCommit message (Expand)AuthorFilesLines
2018-08-11cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias()Eddie.Horng1-1/+1
2018-05-24capabilities: Allow privileged user in s_user_ns to set security.* xattrsEric W. Biederman1-2/+6
2018-04-10commoncap: Handle memory allocation failure.Tetsuo Handa1-0/+2
2018-01-02capabilities: fix buffer overread on very short xattrEric Biggers1-12/+9
2017-11-13Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-65/+128
2017-10-20capabilities: audit log other surprising conditionsRichard Guy Briggs1-7/+22
2017-10-20capabilities: fix logic for effective root or real rootRichard Guy Briggs1-3/+2
2017-10-20capabilities: invert logic for clarityRichard Guy Briggs1-4/+4
2017-10-20capabilities: remove a layer of conditional logicRichard Guy Briggs1-13/+10
2017-10-20capabilities: move audit log decision to functionRichard Guy Briggs1-20/+30
2017-10-20capabilities: use intuitive names for id changesRichard Guy Briggs1-6/+22
2017-10-20capabilities: use root_priveleged inline to clarify logicRichard Guy Briggs1-2/+4
2017-10-20capabilities: rename has_cap to has_fcapRichard Guy Briggs1-10/+10
2017-10-20capabilities: intuitive names for cap gain statusRichard Guy Briggs1-7/+11
2017-10-20capabilities: factor out cap_bprm_set_creds privileged rootRichard Guy Briggs1-28/+48
2017-10-19commoncap: move assignment of fs_ns to avoid null pointer dereferenceColin Ian King1-1/+2
2017-09-24Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-3/+3
2017-09-23security: fix description of values returned by cap_inode_need_killprivStefan Berger1-3/+3
2017-09-11Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds1-21/+256
2017-09-01Introduce v3 namespaced file capabilitiesSerge E. Hallyn1-19/+251
2017-08-01commoncap: Move cap_elevated calculation into bprm_set_credsKees Cook1-42/+10
2017-08-01commoncap: Refactor to remove bprm_secureexec hookKees Cook1-4/+8
2017-07-20security: Use user_namespace::level to avoid redundant iterations in cap_capa...Kirill Tkhai1-2/+5
2017-03-06security: mark LSM hooks as __ro_after_initJames Morris1-1/+1
2017-02-23Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds1-2/+3
2017-01-24exec: Remove LSM_UNSAFE_PTRACE_CAPEric W. Biederman1-1/+1
2017-01-24exec: Test the ptracer's saved cred to see if the tracee can gain capsEric W. Biederman1-1/+2
2017-01-24exec: Don't reset euid and egid when the tracee has CAP_SETUIDEric W. Biederman1-1/+1
2017-01-19LSM: Add /sys/kernel/security/lsmCasey Schaufler1-1/+2
2016-10-07xattr: Add __vfs_{get,set,remove}xattr helpersAndreas Gruenbacher1-15/+10
2016-06-24fs: Treat foreign mounts as nosuidAndy Lutomirski1-1/+7
2016-06-24fs: Limit file caps to the user namespace of the super blockSeth Forshee1-0/+2
2016-05-17Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-3/+3
2016-04-22security: Introduce security_settime64()Baolin Wang1-1/+1
2016-04-11->getxattr(): pass dentry and inode as separate argumentsAl Viro1-3/+3
2016-01-20ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn1-1/+6
2015-09-04capabilities: add a securebit to disable PR_CAP_AMBIENT_RAISEAndy Lutomirski1-1/+2
2015-09-04capabilities: ambient capabilitiesAndy Lutomirski1-10/+92
2015-05-12LSM: Switch to lists of hooksCasey Schaufler1-8/+33
2015-04-15VFS: security/: d_backing_inode() annotationsDavid Howells1-3/+3
2015-01-25file->f_path.dentry is pinned down for as long as the file is open...Al Viro1-5/+1
2014-11-19kill f_dentry usesAl Viro1-1/+1
2014-07-24CAPABILITIES: remove undefined caps from all processesEric Paris1-0/+3
2014-07-24commoncap: don't alloc the credential unless needed in cap_task_prctlTetsuo Handa1-42/+30
2013-08-30capabilities: allow nice if we are privilegedSerge Hallyn1-4/+4
2013-08-30userns: Allow PR_CAPBSET_DROP in a user namespace.Eric W. Biederman1-1/+1
2013-02-26kill f_vfsmntAl Viro1-1/+1
2012-12-14Fix cap_capable to only allow owners in the parent user namespace to have caps.Eric W. Biederman1-8/+17
2012-05-31split ->file_mmap() into ->mmap_addr()/->mmap_file()Al Viro1-18/+3
2012-05-31split cap_mmap_addr() out of cap_file_mmap()Al Viro1-9/+23