summaryrefslogtreecommitdiffstats
path: root/security/commoncap.c
Commit message (Expand)AuthorAgeFilesLines
* exec: Always set cap_ambient in cap_bprm_set_credsEric W. Biederman2020-06-031-0/+1
* LSM: generalize flag passing to security_capableMicah Morton2020-01-231-8/+9
* cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias()Eddie.Horng2018-08-111-1/+1
* capabilities: Allow privileged user in s_user_ns to set security.* xattrsEric W. Biederman2018-05-241-2/+6
* commoncap: Handle memory allocation failure.Tetsuo Handa2018-04-101-0/+2
* capabilities: fix buffer overread on very short xattrEric Biggers2018-01-021-12/+9
* Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2017-11-131-65/+128
|\
| * capabilities: audit log other surprising conditionsRichard Guy Briggs2017-10-201-7/+22
| * capabilities: fix logic for effective root or real rootRichard Guy Briggs2017-10-201-3/+2
| * capabilities: invert logic for clarityRichard Guy Briggs2017-10-201-4/+4
| * capabilities: remove a layer of conditional logicRichard Guy Briggs2017-10-201-13/+10
| * capabilities: move audit log decision to functionRichard Guy Briggs2017-10-201-20/+30
| * capabilities: use intuitive names for id changesRichard Guy Briggs2017-10-201-6/+22
| * capabilities: use root_priveleged inline to clarify logicRichard Guy Briggs2017-10-201-2/+4
| * capabilities: rename has_cap to has_fcapRichard Guy Briggs2017-10-201-10/+10
| * capabilities: intuitive names for cap gain statusRichard Guy Briggs2017-10-201-7/+11
| * capabilities: factor out cap_bprm_set_creds privileged rootRichard Guy Briggs2017-10-201-28/+48
* | commoncap: move assignment of fs_ns to avoid null pointer dereferenceColin Ian King2017-10-191-1/+2
|/
* Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2017-09-241-3/+3
|\
| * security: fix description of values returned by cap_inode_need_killprivStefan Berger2017-09-231-3/+3
* | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds2017-09-111-21/+256
|\ \
| * | Introduce v3 namespaced file capabilitiesSerge E. Hallyn2017-09-011-19/+251
| * | security: Use user_namespace::level to avoid redundant iterations in cap_capa...Kirill Tkhai2017-07-201-2/+5
| |/
* | commoncap: Move cap_elevated calculation into bprm_set_credsKees Cook2017-08-011-42/+10
* | commoncap: Refactor to remove bprm_secureexec hookKees Cook2017-08-011-4/+8
|/
* security: mark LSM hooks as __ro_after_initJames Morris2017-03-061-1/+1
* Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds2017-02-231-2/+3
|\
| * exec: Remove LSM_UNSAFE_PTRACE_CAPEric W. Biederman2017-01-241-1/+1
| * exec: Test the ptracer's saved cred to see if the tracee can gain capsEric W. Biederman2017-01-241-1/+2
| * exec: Don't reset euid and egid when the tracee has CAP_SETUIDEric W. Biederman2017-01-241-1/+1
* | LSM: Add /sys/kernel/security/lsmCasey Schaufler2017-01-191-1/+2
|/
* xattr: Add __vfs_{get,set,remove}xattr helpersAndreas Gruenbacher2016-10-071-15/+10
* fs: Treat foreign mounts as nosuidAndy Lutomirski2016-06-241-1/+7
* fs: Limit file caps to the user namespace of the super blockSeth Forshee2016-06-241-0/+2
* Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds2016-05-171-3/+3
|\
| * ->getxattr(): pass dentry and inode as separate argumentsAl Viro2016-04-111-3/+3
* | security: Introduce security_settime64()Baolin Wang2016-04-221-1/+1
|/
* ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn2016-01-201-1/+6
* capabilities: add a securebit to disable PR_CAP_AMBIENT_RAISEAndy Lutomirski2015-09-041-1/+2
* capabilities: ambient capabilitiesAndy Lutomirski2015-09-041-10/+92
* LSM: Switch to lists of hooksCasey Schaufler2015-05-121-8/+33
* VFS: security/: d_backing_inode() annotationsDavid Howells2015-04-151-3/+3
* file->f_path.dentry is pinned down for as long as the file is open...Al Viro2015-01-251-5/+1
* kill f_dentry usesAl Viro2014-11-191-1/+1
* CAPABILITIES: remove undefined caps from all processesEric Paris2014-07-241-0/+3
* commoncap: don't alloc the credential unless needed in cap_task_prctlTetsuo Handa2014-07-241-42/+30
* capabilities: allow nice if we are privilegedSerge Hallyn2013-08-301-4/+4
* userns: Allow PR_CAPBSET_DROP in a user namespace.Eric W. Biederman2013-08-301-1/+1
* kill f_vfsmntAl Viro2013-02-261-1/+1
* Fix cap_capable to only allow owners in the parent user namespace to have caps.Eric W. Biederman2012-12-141-8/+17