kernel-ark/security
David Howells 606531c316 KEYS: Have the garbage collector set its timer for live expired keys
The key garbage collector sets a timer to start a new collection cycle at the
point the earliest key to expire should be considered garbage.  However, it
currently only does this if the key it is considering hasn't yet expired.

If the key being considering has expired, but hasn't yet reached the collection
time then it is ignored, and won't be collected until some other key provokes a
round of collection.

Make the garbage collector set the timer for the earliest key that hasn't yet
passed its collection time, rather than the earliest key that hasn't yet
expired.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-09-23 11:03:47 -07:00
..
integrity/ima IMA: update ima_counts_put 2009-09-07 11:54:58 +10:00
keys KEYS: Have the garbage collector set its timer for live expired keys 2009-09-23 11:03:47 -07:00
selinux SELinux: flush the avc before disabling SELinux 2009-09-14 12:34:11 +10:00
smack sysfs: Add labeling support for sysfs 2009-09-10 10:11:29 +10:00
tomoyo KEYS: Add a keyctl to install a process's session keyring on its parent [try #6] 2009-09-02 21:29:22 +10:00
capability.c LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information. 2009-09-10 10:11:24 +10:00
commoncap.c Security/SELinux: seperate lsm specific mmap_min_addr 2009-08-17 15:09:11 +10:00
device_cgroup.c devcgroup: skip superfluous checks when found the DEV_ALL elem 2009-06-18 13:03:47 -07:00
inode.c securityfs: securityfs_remove should handle IS_ERR pointers 2009-05-12 11:06:11 +10:00
Kconfig Merge commit 'v2.6.31-rc8' into x86/txt 2009-09-02 08:17:56 +02:00
lsm_audit.c SELinux: Convert avc_audit to use lsm_audit.h 2009-08-17 08:37:18 +10:00
Makefile Security/SELinux: seperate lsm specific mmap_min_addr 2009-08-17 15:09:11 +10:00
min_addr.c Security/SELinux: seperate lsm specific mmap_min_addr 2009-08-17 15:09:11 +10:00
root_plug.c rootplug: Remove redundant initialization. 2009-05-27 13:30:46 +10:00
security.c LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information. 2009-09-10 10:11:24 +10:00