First | Prev | Next | Last
Pages: 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705
[PATCH 05/10] KConfig: Add KConfig entries for Labeled NFS
This patch adds two entries into the fs/KConfig file. The first entry NFS_V4_SECURITY_LABEL enables security label support for the NFSv4 client while the second entry NFSD_V4_SECURITY_LABEL enables security labeling support on the server side. Signed-off-by: Matthew N. Dodd <Matthew.Dodd(a)sparta.com> Signed-off-b... 7 Jul 2010 11:15
[PATCH 06/10] NFSv4: Add label recommended attribute and NFSv4 flags
This patch adds a new recommended attribute named label into the NFSv4 file attribute structure. It also adds several new flags to allow the NFS client and server to determine if this attribute is supported and if it is being sent over the wire. Signed-off-by: Matthew N. Dodd <Matthew.Dodd(a)sparta.com> Signed-off... 7 Jul 2010 11:15
[PATCH 03/10] LSM: Add flags field to security_sb_set_mnt_opts for in kernel mount data.
There is no way to differentiate if a text mount option is passed from user space or the kernel. A flags field is being added to the security_sb_set_mnt_opts hook to allow for in kernel security flags to be sent to the LSM for processing in addition to the text options received from mount. This patch also updated e... 7 Jul 2010 11:15
[PATCH 09/10] NFS: Extend NFS xattr handlers to accept the security namespace
The existing NFSv4 xattr handlers do not accept xattr calls to the security namespace. This patch extends these handlers to accept xattrs from the security namespace in addition to the default NFSv4 ACL namespace. Signed-off-by: Matthew N. Dodd <Matthew.Dodd(a)sparta.com> Signed-off-by: David P. Quigley <dpquigl(a)ty... 7 Jul 2010 11:15
[PATCH 07/10] NFSv4: Introduce new label structure
In order to mimic the way that NFSv4 ACLs are implemented we have created a structure to be used to pass label data up and down the call chain. This patch adds the new structure and new members to the required NFSv4 call structures. Signed-off-by: Matthew N. Dodd <Matthew.Dodd(a)sparta.com> Signed-off-by: David P. ... 7 Jul 2010 11:15
[PATCH 01/10] Security: Add hook to calculate context based on a negative dentry.
There is a time where we need to calculate a context without the inode having been created yet. To do this we take the negative dentry and calculate a context based on the process and the parent directory contexts. Signed-off-by: Matthew N. Dodd <Matthew.Dodd(a)sparta.com> Signed-off-by: David P. Quigley <dpquigl@t... 7 Jul 2010 11:15
mmc: Add erase, secure erase, trim and secure trim operations
On Wed, Jul 7, 2010 at 7:17 AM, Adrian Hunter <adrian.hunter(a)nokia.com> wrote: From 7f01ad3c4be6ec09318176db12db66f353b526e0 Mon Sep 17 00:00:00 2001 SD/MMC cards tend to support an erase operation. �In addition, eMMC v4.4 cards can support secure erase, trim and secure trim operations that are all varian... 7 Jul 2010 17:52
[PATCH 02/10] Security: Add Hook to test if the particular xattr is part of a MAC model.
There are areas in the Labeled NFS code where where we need to test if the attribute being requested exhibits the semantics of a MAC model. This allows us to make sure that we get the desired semantics from the attribute instead of something else such as capabilities or a time based LSM. Signed-off-by: Matthew N.... 7 Jul 2010 11:15
[PATCH 4/7] block: push BKL into blktrace ioctls
The blktrace driver currently needs the BKL, but we should not need to take that in the block layer, so just push it down into the driver itself. It is quite likely that the BKL is not actually required in blktrace code and could be removed in a follow-on patch. Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> -... 7 Jul 2010 11:15
[PATCH 5/7] block: remove BKL from BLKROSET and BLKFLSBUF
We only call the functions set_device_ro(), invalidate_bdev(), sync_filesystem() and sync_blockdev() while holding the BKL in these commands. All of these are also done in other code paths without the BKL, which leads me to the conclusion that the BKL is not needed here either. The reason we hold it here is tha... 7 Jul 2010 11:15