OpenCloudOS-Kernel/security
Tetsuo Handa 57c2590fb7 TOMOYO: Update profile structure.
This patch allows users to change access control mode for per-operation basis.
This feature comes from non LSM version of TOMOYO which is designed for
permitting users to use SELinux and TOMOYO at the same time.

SELinux does not care filename in a directory whereas TOMOYO does. Change of
filename can change how the file is used. For example, renaming index.txt to
.htaccess will change how the file is used. Thus, letting SELinux to enforce
read()/write()/mmap() etc. restriction and letting TOMOYO to enforce rename()
restriction is an example usage of this feature.

What is unfortunate for me is that currently LSM does not allow users to use
SELinux and LSM version of TOMOYO at the same time...

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
2010-08-02 15:33:43 +10:00
..
integrity/ima kref: remove kref_set 2010-05-21 09:37:29 -07:00
keys KEYS: Propagate error code instead of returning -EINVAL 2010-06-27 07:02:34 -07:00
selinux selinux: remove all rcu head initializations 2010-08-02 15:33:35 +10:00
smack smack: opt_dentry is never null in in smack_d_instantiate() 2010-08-02 15:33:39 +10:00
tomoyo TOMOYO: Update profile structure. 2010-08-02 15:33:43 +10:00
Kconfig remove CONFIG_SECURITY_FILE_CAPABILITIES compile option 2009-11-24 15:06:47 +11:00
Makefile NOMMU: Optimise away the {dac_,}mmap_min_addr tests 2009-12-17 09:25:19 +11:00
capability.c LSM: Remove unused arguments from security_path_truncate(). 2010-08-02 15:33:40 +10:00
commoncap.c security: whitespace coding style fixes 2010-04-23 10:10:23 +10:00
device_cgroup.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
inode.c security: testing the wrong variable in create_by_name() 2010-04-22 21:17:41 +10:00
lsm_audit.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c LSM: Remove unused arguments from security_path_truncate(). 2010-08-02 15:33:40 +10:00