aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Documentation/00-INDEX6
-rw-r--r--Documentation/filesystems/nfs/idmapper.txt4
-rw-r--r--Documentation/networking/dns_resolver.txt4
-rw-r--r--Documentation/security/00-INDEX18
-rw-r--r--Documentation/security/SELinux.txt (renamed from Documentation/SELinux.txt)0
-rw-r--r--Documentation/security/Smack.txt (renamed from Documentation/Smack.txt)0
-rw-r--r--Documentation/security/apparmor.txt (renamed from Documentation/apparmor.txt)0
-rw-r--r--Documentation/security/credentials.txt (renamed from Documentation/credentials.txt)2
-rw-r--r--Documentation/security/keys-request-key.txt (renamed from Documentation/keys-request-key.txt)4
-rw-r--r--Documentation/security/keys-trusted-encrypted.txt (renamed from Documentation/keys-trusted-encrypted.txt)0
-rw-r--r--Documentation/security/keys.txt (renamed from Documentation/keys.txt)4
-rw-r--r--Documentation/security/tomoyo.txt (renamed from Documentation/tomoyo.txt)0
-rw-r--r--MAINTAINERS6
-rw-r--r--include/linux/cred.h2
-rw-r--r--include/linux/key.h2
-rw-r--r--kernel/cred.c2
-rw-r--r--scripts/selinux/README2
-rw-r--r--security/apparmor/match.c2
-rw-r--r--security/apparmor/policy_unpack.c4
-rw-r--r--security/keys/encrypted.c2
-rw-r--r--security/keys/request_key.c2
-rw-r--r--security/keys/request_key_auth.c2
-rw-r--r--security/keys/trusted.c2
23 files changed, 43 insertions, 27 deletions
diff --git a/Documentation/00-INDEX b/Documentation/00-INDEX
index 1b777b960492..1f89424c36a6 100644
--- a/Documentation/00-INDEX
+++ b/Documentation/00-INDEX
@@ -192,10 +192,6 @@ kernel-docs.txt
192 - listing of various WWW + books that document kernel internals. 192 - listing of various WWW + books that document kernel internals.
193kernel-parameters.txt 193kernel-parameters.txt
194 - summary listing of command line / boot prompt args for the kernel. 194 - summary listing of command line / boot prompt args for the kernel.
195keys-request-key.txt
196 - description of the kernel key request service.
197keys.txt
198 - description of the kernel key retention service.
199kobject.txt 195kobject.txt
200 - info of the kobject infrastructure of the Linux kernel. 196 - info of the kobject infrastructure of the Linux kernel.
201kprobes.txt 197kprobes.txt
@@ -294,6 +290,8 @@ scheduler/
294 - directory with info on the scheduler. 290 - directory with info on the scheduler.
295scsi/ 291scsi/
296 - directory with info on Linux scsi support. 292 - directory with info on Linux scsi support.
293security/
294 - directory that contains security-related info
297serial/ 295serial/
298 - directory with info on the low level serial API. 296 - directory with info on the low level serial API.
299serial-console.txt 297serial-console.txt
diff --git a/Documentation/filesystems/nfs/idmapper.txt b/Documentation/filesystems/nfs/idmapper.txt
index b9b4192ea8b5..9c8fd6148656 100644
--- a/Documentation/filesystems/nfs/idmapper.txt
+++ b/Documentation/filesystems/nfs/idmapper.txt
@@ -47,8 +47,8 @@ request-key will find the first matching line and corresponding program. In
47this case, /some/other/program will handle all uid lookups and 47this case, /some/other/program will handle all uid lookups and
48/usr/sbin/nfs.idmap will handle gid, user, and group lookups. 48/usr/sbin/nfs.idmap will handle gid, user, and group lookups.
49 49
50See <file:Documentation/keys-request-keys.txt> for more information about the 50See <file:Documentation/security/keys-request-keys.txt> for more information
51request-key function. 51about the request-key function.
52 52
53 53
54========= 54=========
diff --git a/Documentation/networking/dns_resolver.txt b/Documentation/networking/dns_resolver.txt
index 04ca06325b08..7f531ad83285 100644
--- a/Documentation/networking/dns_resolver.txt
+++ b/Documentation/networking/dns_resolver.txt
@@ -139,8 +139,8 @@ the key will be discarded and recreated when the data it holds has expired.
139dns_query() returns a copy of the value attached to the key, or an error if 139dns_query() returns a copy of the value attached to the key, or an error if
140that is indicated instead. 140that is indicated instead.
141 141
142See <file:Documentation/keys-request-key.txt> for further information about 142See <file:Documentation/security/keys-request-key.txt> for further
143request-key function. 143information about request-key function.
144 144
145 145
146========= 146=========
diff --git a/Documentation/security/00-INDEX b/Documentation/security/00-INDEX
new file mode 100644
index 000000000000..19bc49439cac
--- /dev/null
+++ b/Documentation/security/00-INDEX
@@ -0,0 +1,18 @@
100-INDEX
2 - this file.
3SELinux.txt
4 - how to get started with the SELinux security enhancement.
5Smack.txt
6 - documentation on the Smack Linux Security Module.
7apparmor.txt
8 - documentation on the AppArmor security extension.
9credentials.txt
10 - documentation about credentials in Linux.
11keys-request-key.txt
12 - description of the kernel key request service.
13keys-trusted-encrypted.txt
14 - info on the Trusted and Encrypted keys in the kernel key ring service.
15keys.txt
16 - description of the kernel key retention service.
17tomoyo.txt
18 - documentation on the TOMOYO Linux Security Module.
diff --git a/Documentation/SELinux.txt b/Documentation/security/SELinux.txt
index 07eae00f3314..07eae00f3314 100644
--- a/Documentation/SELinux.txt
+++ b/Documentation/security/SELinux.txt
diff --git a/Documentation/Smack.txt b/Documentation/security/Smack.txt
index e9dab41c0fe0..e9dab41c0fe0 100644
--- a/Documentation/Smack.txt
+++ b/Documentation/security/Smack.txt
diff --git a/Documentation/apparmor.txt b/Documentation/security/apparmor.txt
index 93c1fd7d0635..93c1fd7d0635 100644
--- a/Documentation/apparmor.txt
+++ b/Documentation/security/apparmor.txt
diff --git a/Documentation/credentials.txt b/Documentation/security/credentials.txt
index 995baf379c07..fc0366cbd7ce 100644
--- a/Documentation/credentials.txt
+++ b/Documentation/security/credentials.txt
@@ -216,7 +216,7 @@ The Linux kernel supports the following types of credentials:
216 When a process accesses a key, if not already present, it will normally be 216 When a process accesses a key, if not already present, it will normally be
217 cached on one of these keyrings for future accesses to find. 217 cached on one of these keyrings for future accesses to find.
218 218
219 For more information on using keys, see Documentation/keys.txt. 219 For more information on using keys, see Documentation/security/keys.txt.
220 220
221 (5) LSM 221 (5) LSM
222 222
diff --git a/Documentation/keys-request-key.txt b/Documentation/security/keys-request-key.txt
index 69686ad12c66..51987bfecfed 100644
--- a/Documentation/keys-request-key.txt
+++ b/Documentation/security/keys-request-key.txt
@@ -3,8 +3,8 @@
3 =================== 3 ===================
4 4
5The key request service is part of the key retention service (refer to 5The key request service is part of the key retention service (refer to
6Documentation/keys.txt). This document explains more fully how the requesting 6Documentation/security/keys.txt). This document explains more fully how
7algorithm works. 7the requesting algorithm works.
8 8
9The process starts by either the kernel requesting a service by calling 9The process starts by either the kernel requesting a service by calling
10request_key*(): 10request_key*():
diff --git a/Documentation/keys-trusted-encrypted.txt b/Documentation/security/keys-trusted-encrypted.txt
index 8fb79bc1ac4b..8fb79bc1ac4b 100644
--- a/Documentation/keys-trusted-encrypted.txt
+++ b/Documentation/security/keys-trusted-encrypted.txt
diff --git a/Documentation/keys.txt b/Documentation/security/keys.txt
index 6523a9e6f293..4d75931d2d79 100644
--- a/Documentation/keys.txt
+++ b/Documentation/security/keys.txt
@@ -434,7 +434,7 @@ The main syscalls are:
434 /sbin/request-key will be invoked in an attempt to obtain a key. The 434 /sbin/request-key will be invoked in an attempt to obtain a key. The
435 callout_info string will be passed as an argument to the program. 435 callout_info string will be passed as an argument to the program.
436 436
437 See also Documentation/keys-request-key.txt. 437 See also Documentation/security/keys-request-key.txt.
438 438
439 439
440The keyctl syscall functions are: 440The keyctl syscall functions are:
@@ -864,7 +864,7 @@ payload contents" for more information.
864 If successful, the key will have been attached to the default keyring for 864 If successful, the key will have been attached to the default keyring for
865 implicitly obtained request-key keys, as set by KEYCTL_SET_REQKEY_KEYRING. 865 implicitly obtained request-key keys, as set by KEYCTL_SET_REQKEY_KEYRING.
866 866
867 See also Documentation/keys-request-key.txt. 867 See also Documentation/security/keys-request-key.txt.
868 868
869 869
870(*) To search for a key, passing auxiliary data to the upcaller, call: 870(*) To search for a key, passing auxiliary data to the upcaller, call:
diff --git a/Documentation/tomoyo.txt b/Documentation/security/tomoyo.txt
index 200a2d37cbc8..200a2d37cbc8 100644
--- a/Documentation/tomoyo.txt
+++ b/Documentation/security/tomoyo.txt
diff --git a/MAINTAINERS b/MAINTAINERS
index 572b5b20ba48..a6562ba1dc35 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -3726,7 +3726,7 @@ KEYS/KEYRINGS:
3726M: David Howells <dhowells@redhat.com> 3726M: David Howells <dhowells@redhat.com>
3727L: keyrings@linux-nfs.org 3727L: keyrings@linux-nfs.org
3728S: Maintained 3728S: Maintained
3729F: Documentation/keys.txt 3729F: Documentation/security/keys.txt
3730F: include/linux/key.h 3730F: include/linux/key.h
3731F: include/linux/key-type.h 3731F: include/linux/key-type.h
3732F: include/keys/ 3732F: include/keys/
@@ -3738,7 +3738,7 @@ M: Mimi Zohar <zohar@us.ibm.com>
3738L: linux-security-module@vger.kernel.org 3738L: linux-security-module@vger.kernel.org
3739L: keyrings@linux-nfs.org 3739L: keyrings@linux-nfs.org
3740S: Supported 3740S: Supported
3741F: Documentation/keys-trusted-encrypted.txt 3741F: Documentation/security/keys-trusted-encrypted.txt
3742F: include/keys/trusted-type.h 3742F: include/keys/trusted-type.h
3743F: security/keys/trusted.c 3743F: security/keys/trusted.c
3744F: security/keys/trusted.h 3744F: security/keys/trusted.h
@@ -3749,7 +3749,7 @@ M: David Safford <safford@watson.ibm.com>
3749L: linux-security-module@vger.kernel.org 3749L: linux-security-module@vger.kernel.org
3750L: keyrings@linux-nfs.org 3750L: keyrings@linux-nfs.org
3751S: Supported 3751S: Supported
3752F: Documentation/keys-trusted-encrypted.txt 3752F: Documentation/security/keys-trusted-encrypted.txt
3753F: include/keys/encrypted-type.h 3753F: include/keys/encrypted-type.h
3754F: security/keys/encrypted.c 3754F: security/keys/encrypted.c
3755F: security/keys/encrypted.h 3755F: security/keys/encrypted.h
diff --git a/include/linux/cred.h b/include/linux/cred.h
index be16b61283cc..82607992f308 100644
--- a/include/linux/cred.h
+++ b/include/linux/cred.h
@@ -1,4 +1,4 @@
1/* Credentials management - see Documentation/credentials.txt 1/* Credentials management - see Documentation/security/credentials.txt
2 * 2 *
3 * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved. 3 * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com) 4 * Written by David Howells (dhowells@redhat.com)
diff --git a/include/linux/key.h b/include/linux/key.h
index ef19b99aff98..6ea4eebd3467 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -9,7 +9,7 @@
9 * 2 of the License, or (at your option) any later version. 9 * 2 of the License, or (at your option) any later version.
10 * 10 *
11 * 11 *
12 * See Documentation/keys.txt for information on keys/keyrings. 12 * See Documentation/security/keys.txt for information on keys/keyrings.
13 */ 13 */
14 14
15#ifndef _LINUX_KEY_H 15#ifndef _LINUX_KEY_H
diff --git a/kernel/cred.c b/kernel/cred.c
index e12c8af793f8..174fa84eca30 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -1,4 +1,4 @@
1/* Task credentials management - see Documentation/credentials.txt 1/* Task credentials management - see Documentation/security/credentials.txt
2 * 2 *
3 * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved. 3 * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com) 4 * Written by David Howells (dhowells@redhat.com)
diff --git a/scripts/selinux/README b/scripts/selinux/README
index a936315ba2c8..4d020ecb7524 100644
--- a/scripts/selinux/README
+++ b/scripts/selinux/README
@@ -1,2 +1,2 @@
1Please see Documentation/SELinux.txt for information on 1Please see Documentation/security/SELinux.txt for information on
2installing a dummy SELinux policy. 2installing a dummy SELinux policy.
diff --git a/security/apparmor/match.c b/security/apparmor/match.c
index 06d764ccbbe5..94de6b4907c8 100644
--- a/security/apparmor/match.c
+++ b/security/apparmor/match.c
@@ -194,7 +194,7 @@ void aa_dfa_free_kref(struct kref *kref)
194 * @flags: flags controlling what type of accept tables are acceptable 194 * @flags: flags controlling what type of accept tables are acceptable
195 * 195 *
196 * Unpack a dfa that has been serialized. To find information on the dfa 196 * Unpack a dfa that has been serialized. To find information on the dfa
197 * format look in Documentation/apparmor.txt 197 * format look in Documentation/security/apparmor.txt
198 * Assumes the dfa @blob stream has been aligned on a 8 byte boundary 198 * Assumes the dfa @blob stream has been aligned on a 8 byte boundary
199 * 199 *
200 * Returns: an unpacked dfa ready for matching or ERR_PTR on failure 200 * Returns: an unpacked dfa ready for matching or ERR_PTR on failure
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index e33aaf7e5744..d6d9a57b5652 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -12,8 +12,8 @@
12 * published by the Free Software Foundation, version 2 of the 12 * published by the Free Software Foundation, version 2 of the
13 * License. 13 * License.
14 * 14 *
15 * AppArmor uses a serialized binary format for loading policy. 15 * AppArmor uses a serialized binary format for loading policy. To find
16 * To find policy format documentation look in Documentation/apparmor.txt 16 * policy format documentation look in Documentation/security/apparmor.txt
17 * All policy is validated before it is used. 17 * All policy is validated before it is used.
18 */ 18 */
19 19
diff --git a/security/keys/encrypted.c b/security/keys/encrypted.c
index 69907a58a683..b1cba5bf0a5e 100644
--- a/security/keys/encrypted.c
+++ b/security/keys/encrypted.c
@@ -8,7 +8,7 @@
8 * it under the terms of the GNU General Public License as published by 8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, version 2 of the License. 9 * the Free Software Foundation, version 2 of the License.
10 * 10 *
11 * See Documentation/keys-trusted-encrypted.txt 11 * See Documentation/security/keys-trusted-encrypted.txt
12 */ 12 */
13 13
14#include <linux/uaccess.h> 14#include <linux/uaccess.h>
diff --git a/security/keys/request_key.c b/security/keys/request_key.c
index b18a71745901..d31862e0aa1c 100644
--- a/security/keys/request_key.c
+++ b/security/keys/request_key.c
@@ -8,7 +8,7 @@
8 * as published by the Free Software Foundation; either version 8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version. 9 * 2 of the License, or (at your option) any later version.
10 * 10 *
11 * See Documentation/keys-request-key.txt 11 * See Documentation/security/keys-request-key.txt
12 */ 12 */
13 13
14#include <linux/module.h> 14#include <linux/module.h>
diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
index f6337c9082eb..6cff37529b80 100644
--- a/security/keys/request_key_auth.c
+++ b/security/keys/request_key_auth.c
@@ -8,7 +8,7 @@
8 * as published by the Free Software Foundation; either version 8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version. 9 * 2 of the License, or (at your option) any later version.
10 * 10 *
11 * See Documentation/keys-request-key.txt 11 * See Documentation/security/keys-request-key.txt
12 */ 12 */
13 13
14#include <linux/module.h> 14#include <linux/module.h>
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index c99b9368368c..0c33e2ea1f3c 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -8,7 +8,7 @@
8 * it under the terms of the GNU General Public License as published by 8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, version 2 of the License. 9 * the Free Software Foundation, version 2 of the License.
10 * 10 *
11 * See Documentation/keys-trusted-encrypted.txt 11 * See Documentation/security/keys-trusted-encrypted.txt
12 */ 12 */
13 13
14#include <linux/uaccess.h> 14#include <linux/uaccess.h>