leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ff35e8b189
linux/net/netfilter
History
Linus Torvalds c49c41a413 Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security 
* 'for-linus' of git://selinuxproject.org/~jmorris/linux-security:
  capabilities: remove __cap_full_set definition
  security: remove the security_netlink_recv hook as it is equivalent to capable()
  ptrace: do not audit capability check when outputing /proc/pid/stat
  capabilities: remove task_ns_* functions
  capabitlies: ns_capable can use the cap helpers rather than lsm call
  capabilities: style only - move capable below ns_capable
  capabilites: introduce new has_ns_capabilities_noaudit
  capabilities: call has_ns_capability from has_capability
  capabilities: remove all _real_ interfaces
  capabilities: introduce security_capable_noaudit
  capabilities: reverse arguments to security_capable
  capabilities: remove the task from capable LSM hook entirely
  selinux: sparse fix: fix several warnings in the security server cod
  selinux: sparse fix: fix warnings in netlink code
  selinux: sparse fix: eliminate warnings for selinuxfs
  selinux: sparse fix: declare selinux_disable() in security.h
  selinux: sparse fix: move selinux_complete_init
  selinux: sparse fix: make selinux_secmark_refcount static
  SELinux: Fix RCU deref check warning in sel_netport_insert()

Manually fix up a semantic mis-merge wrt security_netlink_recv():

 - the interface was removed in commit fd77846152 ("security: remove
   the security_netlink_recv hook as it is equivalent to capable()")

 - a new user of it appeared in commit a38f7907b9 ("crypto: Add
   userspace configuration API")

causing no automatic merge conflict, but Eric Paris pointed out the
issue.
2012-01-14 18:36:33 -08:00
..
ipset net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
ipvs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2012-01-08 13:21:22 -08:00
core.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
Kconfig netfilter: Kconfig: fix unmet xt_nfacct dependencies 2011-12-29 14:39:19 -05:00
Makefile netfilter: xtables: move ipt_ecn to xt_ecn 2011-12-27 20:31:31 +01:00
nf_conntrack_acct.c Merge branch 'nf-next' of git://1984.lsi.us.es/net-next 2011-12-25 02:21:45 -05:00
nf_conntrack_amanda.c
nf_conntrack_broadcast.c
nf_conntrack_core.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_conntrack_ecache.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_conntrack_expect.c netfilter: provide config option to disable ancient procfs parts 2011-12-27 20:45:28 +01:00
nf_conntrack_extend.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_conntrack_ftp.c module_param: make bool parameters really bool (net & drivers/net) 2011-12-19 22:27:29 -05:00
nf_conntrack_h323_asn1.c netfilter: h323: bug in parsing of ASN1 SEQOF field 2011-04-04 15:21:02 +02:00
nf_conntrack_h323_main.c module_param: make bool parameters really bool (net & drivers/net) 2011-12-19 22:27:29 -05:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_conntrack_irc.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_l3proto_generic.c
nf_conntrack_netbios_ns.c
nf_conntrack_netlink.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_conntrack_pptp.c netfilter: nf_ct_pptp: fix DNATed PPTP connection address translation 2011-08-30 15:23:03 +02:00
nf_conntrack_proto_dccp.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto_generic.c
nf_conntrack_proto_gre.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto_sctp.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto_tcp.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto_udp.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto_udplite.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto.c
nf_conntrack_sane.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_sip.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_snmp.c
nf_conntrack_standalone.c netfilter: provide config option to disable ancient procfs parts 2011-12-27 20:45:28 +01:00
nf_conntrack_tftp.c
nf_conntrack_timestamp.c module_param: make bool parameters really bool (net & drivers/net) 2011-12-19 22:27:29 -05:00
nf_internals.h
nf_log.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_queue.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_sockopt.c
nf_tproxy_core.c
nfnetlink_acct.c netfilter: nfnetlink_acct: fix nfnl_acct_get operation 2012-01-01 16:36:08 +01:00
nfnetlink_log.c netfilter: Remove unnecessary OOM logging messages 2011-11-01 09:19:49 +01:00
nfnetlink_queue.c netfilter: nf_queue: reject NF_STOLEN verdicts from userspace 2011-08-30 15:01:20 +02:00
nfnetlink.c Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security 2012-01-14 18:36:33 -08:00
x_tables.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
xt_addrtype.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_AUDIT.c ipv6: Add fragment reporting to ipv6_skip_exthdr(). 2011-12-03 09:35:10 -08:00
xt_CHECKSUM.c
xt_CLASSIFY.c
xt_cluster.c
xt_comment.c
xt_connbytes.c Merge branch 'nf-next' of git://1984.lsi.us.es/net-next 2011-12-25 02:21:45 -05:00
xt_connlimit.c netfilter: xt_connlimit: remove connlimit_rnd_inited 2011-03-15 13:26:32 +01:00
xt_connmark.c
xt_CONNSECMARK.c
xt_conntrack.c netfilter: revert a2361c8735 2011-05-10 12:13:36 +02:00
xt_cpu.c
xt_CT.c netfilter: rework user-space expectation helper support 2011-12-23 14:36:39 +01:00
xt_dccp.c
xt_devgroup.c
xt_dscp.c
xt_DSCP.c netfilter: IPv6: fix DSCP mangle code 2011-05-10 10:00:21 +02:00
xt_ecn.c netfilter: xtables: collapse conditions in xt_ecn 2011-12-27 20:45:25 +01:00
xt_esp.c
xt_hashlimit.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_helper.c
xt_hl.c netfilter: Reduce switch/case indent 2011-07-01 16:11:15 -07:00
xt_HL.c netfilter: Reduce switch/case indent 2011-07-01 16:11:15 -07:00
xt_IDLETIMER.c netfilter: Remove unnecessary OOM logging messages 2011-11-01 09:19:49 +01:00
xt_iprange.c
xt_ipvs.c
xt_LED.c
xt_length.c
xt_limit.c
xt_mac.c
xt_mark.c
xt_multiport.c
xt_nfacct.c netfilter: xtables: add nfacct match to support extended accounting 2011-12-25 02:43:17 +01:00
xt_NFLOG.c
xt_NFQUEUE.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_NOTRACK.c
xt_osf.c net,rcu: convert call_rcu(xt_osf_finger_free_rcu) to kfree_rcu() 2011-05-07 22:51:12 -07:00
xt_owner.c
xt_physdev.c
xt_pkttype.c
xt_policy.c
xt_quota.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
xt_rateest.c netfilter: xt_rateest: fix xt_rateest_mt_checkentry() 2011-07-29 16:24:46 +02:00
xt_RATEEST.c net,rcu: Convert call_rcu(xt_rateest_free_rcu) to kfree_rcu() 2011-07-20 14:10:19 -07:00
xt_realm.c
xt_recent.c
xt_repldata.h
xt_sctp.c
xt_SECMARK.c
xt_set.c Remove redundant linux/version.h includes from net/ 2011-06-21 16:03:17 -07:00
xt_socket.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_state.c
xt_statistic.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
xt_string.c
xt_tcpmss.c
xt_TCPMSS.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_TCPOPTSTRIP.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_tcpudp.c
xt_TEE.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_time.c
xt_TPROXY.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_TRACE.c
xt_u32.c