1. 21 Apr, 2008 26 commits
  2. 19 Apr, 2008 4 commits
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of... · 3925e6fc
      Linus Torvalds authored
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6:
        security: fix up documentation for security_module_enable
        Security: Introduce security= boot parameter
        Audit: Final renamings and cleanup
        SELinux: use new audit hooks, remove redundant exports
        Audit: internally use the new LSM audit hooks
        LSM/Audit: Introduce generic Audit LSM hooks
        SELinux: remove redundant exports
        Netlink: Use generic LSM hook
        Audit: use new LSM hooks instead of SELinux exports
        SELinux: setup new inode/ipc getsecid hooks
        LSM: Introduce inode_getsecid and ipc_getsecid hooks
      3925e6fc
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.26 · 334d0945
      Linus Torvalds authored
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.26: (1090 commits)
        [NET]: Fix and allocate less memory for ->priv'less netdevices
        [IPV6]: Fix dangling references on error in fib6_add().
        [NETLABEL]: Fix NULL deref in netlbl_unlabel_staticlist_gen() if ifindex not found
        [PKT_SCHED]: Fix datalen check in tcf_simp_init().
        [INET]: Uninline the __inet_inherit_port call.
        [INET]: Drop the inet_inherit_port() call.
        SCTP: Initialize partial_bytes_acked to 0, when all of the data is acked.
        [netdrvr] forcedeth: internal simplifications; changelog removal
        phylib: factor out get_phy_id from within get_phy_device
        PHY: add BCM5464 support to broadcom PHY driver
        cxgb3: Fix __must_check warning with dev_dbg.
        tc35815: Statistics cleanup
        natsemi: fix MMIO for PPC 44x platforms
        [TIPC]: Cleanup of TIPC reference table code
        [TIPC]: Optimized initialization of TIPC reference table
        [TIPC]: Remove inlining of reference table locking routines
        e1000: convert uint16_t style integers to u16
        ixgb: convert uint16_t style integers to u16
        sb1000.c: make const arrays static
        sb1000.c: stop inlining largish static functions
        ...
      334d0945
    • James Morris's avatar
      security: fix up documentation for security_module_enable · 7cea51be
      James Morris authored
      security_module_enable() can only be called during kernel init.
      Signed-off-by: default avatarJames Morris <jmorris@namei.org>
      7cea51be
    • Ahmed S. Darwish's avatar
      Security: Introduce security= boot parameter · 076c54c5
      Ahmed S. Darwish authored
      Add the security= boot parameter. This is done to avoid LSM
      registration clashes in case of more than one bult-in module.
      
      User can choose a security module to enable at boot. If no
      security= boot parameter is specified, only the first LSM
      asking for registration will be loaded. An invalid security
      module name will be treated as if no module has been chosen.
      
      LSM modules must check now if they are allowed to register
      by calling security_module_enable(ops) first. Modify SELinux
      and SMACK to do so.
      
      Do not let SMACK register smackfs if it was not chosen on
      boot. Smackfs assumes that smack hooks are registered and
      the initial task security setup (swapper->security) is done.
      Signed-off-by: default avatarAhmed S. Darwish <darwish.07@gmail.com>
      Acked-by: default avatarJames Morris <jmorris@namei.org>
      076c54c5
  3. 18 Apr, 2008 10 commits