acrn-kernel/security
Davi Arnaut 6bb08da477 [PATCH] Bug fixes and cleanup for the BSD Secure Levels LSM
This patch address several issues in the current BSD Secure Levels code:

o plaintext_to_sha1: Missing check for a NULL return from __get_free_page

o passwd_write_file: A page is leaked if the password is wrong.

o fix securityfs registration order

o seclvl_init is a mess and can't properly tolerate failures, failure
  path is upside down (deldif and delf should be switched)

Cleanups:

o plaintext_to_sha1: Use buffers passed in
o passwd_write_file: Use kmalloc() instead of get_zeroed_page()
o passwd_write_file: hashedPassword comparison is just memcmp
o s/ENOSYS/EINVAL/
o misc

(akpm: after some discussion it appears that the BSD secure levels feature
should be scheduled for removal.  But for now, let's fix these problems up).

Signed-off-by: Davi Arnaut <davi.arnaut@gmail.com>
Cc: Michael Halcrow <mhalcrow@us.ibm.com>
Cc: Chris Wright <chrisw@sous-sol.org>
Cc: Stephen Smalley <sds@epoch.ncsc.mil>
Cc: James Morris <jmorris@namei.org>
Cc: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-23 07:38:03 -08:00
..
keys [PATCH] sem2mutex: security/ 2006-03-22 07:54:06 -08:00
selinux [PATCH] SELinux: add slab cache for inode security struct 2006-03-22 07:54:07 -08:00
Kconfig [LSM-IPSec]: Security association restriction. 2006-01-03 13:10:24 -08:00
Makefile
capability.c kbuild: un-stringnify KBUILD_MODNAME 2006-01-06 21:17:50 +01:00
commoncap.c [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00
dummy.c [SECURITY] getpeersec: Fix build breakage 2006-03-20 22:47:37 -08:00
inode.c [PATCH] mutex subsystem, semaphore to mutex: VFS, ->i_sem 2006-01-09 15:59:24 -08:00
root_plug.c
seclvl.c [PATCH] Bug fixes and cleanup for the BSD Secure Levels LSM 2006-03-23 07:38:03 -08:00
security.c [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00