Create Documentation/security/,

move LSM-, credentials-, and keys-related files from Documentation/
  to Documentation/security/,
add Documentation/security/00-INDEX, and
update all occurrences of Documentation/<moved_file>
  to Documentation/security/<moved_file>.

diff --git a/Documentation/00-INDEX b/Documentation/00-INDEX
index c17cd4bb2290895ee209764708efcb372815b8bb..c8c1cf631b37183ae4770f8bacdeb7652a96e5fd 100644 (file)
--- a/Documentation/00-INDEX
+++ b/Documentation/00-INDEX
@@ -192,10 +192,6 @@ kernel-docs.txt
        - listing of various WWW + books that document kernel internals.
 kernel-parameters.txt
        - summary listing of command line / boot prompt args for the kernel.
-keys-request-key.txt
-       - description of the kernel key request service.
-keys.txt
-       - description of the kernel key retention service.
 kobject.txt
        - info of the kobject infrastructure of the Linux kernel.
 kprobes.txt
@@ -294,6 +290,8 @@ scheduler/
        - directory with info on the scheduler.
 scsi/
        - directory with info on Linux scsi support.
+security/
+       - directory that contains security-related info
 serial/
        - directory with info on the low level serial API.
 serial-console.txt

diff --git a/Documentation/filesystems/nfs/idmapper.txt b/Documentation/filesystems/nfs/idmapper.txt
index b9b4192ea8b588ebd2d5be15767e69b93c8a7d0a..9c8fd614865642e7b9faf418de164c6088204b50 100644 (file)
--- a/Documentation/filesystems/nfs/idmapper.txt
+++ b/Documentation/filesystems/nfs/idmapper.txt
@@ -47,8 +47,8 @@ request-key will find the first matching line and corresponding program.  In
 this case, /some/other/program will handle all uid lookups and
 /usr/sbin/nfs.idmap will handle gid, user, and group lookups.
 
-See <file:Documentation/keys-request-keys.txt> for more information about the
-request-key function.
+See <file:Documentation/security/keys-request-keys.txt> for more information
+about the request-key function.
 
 
 =========

diff --git a/Documentation/networking/dns_resolver.txt b/Documentation/networking/dns_resolver.txt
index 04ca06325b087157b8f21afb3f571350b7e5ef3f..7f531ad83285ced1d2cc24d513d611e0c8156c47 100644 (file)
--- a/Documentation/networking/dns_resolver.txt
+++ b/Documentation/networking/dns_resolver.txt
@@ -139,8 +139,8 @@ the key will be discarded and recreated when the data it holds has expired.
 dns_query() returns a copy of the value attached to the key, or an error if
 that is indicated instead.
 
-See <file:Documentation/keys-request-key.txt> for further information about
-request-key function.
+See <file:Documentation/security/keys-request-key.txt> for further
+information about request-key function.
 
 
 =========

diff --git a/Documentation/security/00-INDEX b/Documentation/security/00-INDEX
new file mode 100644 (file)
index 0000000..19bc494
--- /dev/null
+++ b/Documentation/security/00-INDEX
@@ -0,0 +1,18 @@
+00-INDEX
+       - this file.
+SELinux.txt
+       - how to get started with the SELinux security enhancement.
+Smack.txt
+       - documentation on the Smack Linux Security Module.
+apparmor.txt
+       - documentation on the AppArmor security extension.
+credentials.txt
+       - documentation about credentials in Linux.
+keys-request-key.txt
+       - description of the kernel key request service.
+keys-trusted-encrypted.txt
+       - info on the Trusted and Encrypted keys in the kernel key ring service.
+keys.txt
+       - description of the kernel key retention service.
+tomoyo.txt
+       - documentation on the TOMOYO Linux Security Module.

diff --git a/Documentation/SELinux.txt b/Documentation/security/SELinux.txt
similarity index 100%
rename from Documentation/SELinux.txt
rename to Documentation/security/SELinux.txt

diff --git a/Documentation/Smack.txt b/Documentation/security/Smack.txt
similarity index 100%
rename from Documentation/Smack.txt
rename to Documentation/security/Smack.txt

diff --git a/Documentation/apparmor.txt b/Documentation/security/apparmor.txt
similarity index 100%
rename from Documentation/apparmor.txt
rename to Documentation/security/apparmor.txt

diff --git a/Documentation/credentials.txt b/Documentation/security/credentials.txt
similarity index 99%
rename from Documentation/credentials.txt
rename to Documentation/security/credentials.txt
index 995baf379c076770962a84268fde19b527caa0be..fc0366cbd7ce6af2392d8a124d6c6a9ab8d7b963 100644 (file)
--- a/Documentation/credentials.txt
+++ b/Documentation/security/credentials.txt
@@ -216,7 +216,7 @@ The Linux kernel supports the following types of credentials:
      When a process accesses a key, if not already present, it will normally be
      cached on one of these keyrings for future accesses to find.
 
-     For more information on using keys, see Documentation/keys.txt.
+     For more information on using keys, see Documentation/security/keys.txt.
 
  (5) LSM
 

diff --git a/Documentation/keys-request-key.txt b/Documentation/security/keys-request-key.txt
similarity index 98%
rename from Documentation/keys-request-key.txt
rename to Documentation/security/keys-request-key.txt
index 69686ad12c66e3a39de20fcf45b91dfcbee52cdf..51987bfecfedffa8e42ae64bc9aad54f4e4dd796 100644 (file)
--- a/Documentation/keys-request-key.txt
+++ b/Documentation/security/keys-request-key.txt
@@ -3,8 +3,8 @@
                              ===================
 
 The key request service is part of the key retention service (refer to
-Documentation/keys.txt).  This document explains more fully how the requesting
-algorithm works.
+Documentation/security/keys.txt).  This document explains more fully how
+the requesting algorithm works.
 
 The process starts by either the kernel requesting a service by calling
 request_key*():

diff --git a/Documentation/keys-trusted-encrypted.txt b/Documentation/security/keys-trusted-encrypted.txt
similarity index 100%
rename from Documentation/keys-trusted-encrypted.txt
rename to Documentation/security/keys-trusted-encrypted.txt

diff --git a/Documentation/keys.txt b/Documentation/security/keys.txt
similarity index 99%
rename from Documentation/keys.txt
rename to Documentation/security/keys.txt
index 6523a9e6f293675a104ce77d78a896d0e9d190e5..4d75931d2d79e7febde59664b005798827df6d26 100644 (file)
--- a/Documentation/keys.txt
+++ b/Documentation/security/keys.txt
@@ -434,7 +434,7 @@ The main syscalls are:
      /sbin/request-key will be invoked in an attempt to obtain a key. The
      callout_info string will be passed as an argument to the program.
 
-     See also Documentation/keys-request-key.txt.
+     See also Documentation/security/keys-request-key.txt.
 
 
 The keyctl syscall functions are:
@@ -864,7 +864,7 @@ payload contents" for more information.
     If successful, the key will have been attached to the default keyring for
     implicitly obtained request-key keys, as set by KEYCTL_SET_REQKEY_KEYRING.
 
-    See also Documentation/keys-request-key.txt.
+    See also Documentation/security/keys-request-key.txt.
 
 
 (*) To search for a key, passing auxiliary data to the upcaller, call:

diff --git a/Documentation/tomoyo.txt b/Documentation/security/tomoyo.txt
similarity index 100%
rename from Documentation/tomoyo.txt
rename to Documentation/security/tomoyo.txt

diff --git a/MAINTAINERS b/MAINTAINERS
index 69f19f10314a131428a58fed89c6a9dc962409da..3fa170ba5f983962b89d4ee2936502d59953b5b7 100644 (file)
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -3705,7 +3705,7 @@ KEYS/KEYRINGS:
 M:     David Howells <dhowells@redhat.com>
 L:     keyrings@linux-nfs.org
 S:     Maintained
-F:     Documentation/keys.txt
+F:     Documentation/security/keys.txt
 F:     include/linux/key.h
 F:     include/linux/key-type.h
 F:     include/keys/
@@ -3717,7 +3717,7 @@ M:        Mimi Zohar <zohar@us.ibm.com>
 L:     linux-security-module@vger.kernel.org
 L:     keyrings@linux-nfs.org
 S:     Supported
-F:     Documentation/keys-trusted-encrypted.txt
+F:     Documentation/security/keys-trusted-encrypted.txt
 F:     include/keys/trusted-type.h
 F:     security/keys/trusted.c
 F:     security/keys/trusted.h
@@ -3728,7 +3728,7 @@ M:        David Safford <safford@watson.ibm.com>
 L:     linux-security-module@vger.kernel.org
 L:     keyrings@linux-nfs.org
 S:     Supported
-F:     Documentation/keys-trusted-encrypted.txt
+F:     Documentation/security/keys-trusted-encrypted.txt
 F:     include/keys/encrypted-type.h
 F:     security/keys/encrypted.c
 F:     security/keys/encrypted.h

diff --git a/include/linux/cred.h b/include/linux/cred.h
index be16b61283ccb9855eabe82a97e4fd2345409f90..82607992f308aa4510f15c1becd64158e86947ca 100644 (file)
--- a/include/linux/cred.h
+++ b/include/linux/cred.h
@@ -1,4 +1,4 @@
-/* Credentials management - see Documentation/credentials.txt
+/* Credentials management - see Documentation/security/credentials.txt
  *
  * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
  * Written by David Howells (dhowells@redhat.com)

diff --git a/include/linux/key.h b/include/linux/key.h
index b2bb01719561f0d3de11945a9dba0a78744b8acc..303982a699338908c30f4bcd015ac102c77cb18a 100644 (file)
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -9,7 +9,7 @@
  * 2 of the License, or (at your option) any later version.
  *
  *
- * See Documentation/keys.txt for information on keys/keyrings.
+ * See Documentation/security/keys.txt for information on keys/keyrings.
  */
 
 #ifndef _LINUX_KEY_H

diff --git a/kernel/cred.c b/kernel/cred.c
index 8093c16b84b13d2e9e0714af279b29b0549a0652..004e3679624d2bdf434af96b35aa3e4113a463d5 100644 (file)
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -1,4 +1,4 @@
-/* Task credentials management - see Documentation/credentials.txt
+/* Task credentials management - see Documentation/security/credentials.txt
  *
  * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
  * Written by David Howells (dhowells@redhat.com)

diff --git a/scripts/selinux/README b/scripts/selinux/README
index a936315ba2c87340f3a38d38c68bc599907a47d0..4d020ecb75242db1372be5cf09df4d705b6c7592 100644 (file)
--- a/scripts/selinux/README
+++ b/scripts/selinux/README
@@ -1,2 +1,2 @@
-Please see Documentation/SELinux.txt for information on
+Please see Documentation/security/SELinux.txt for information on
 installing a dummy SELinux policy.

diff --git a/security/apparmor/match.c b/security/apparmor/match.c
index 06d764ccbbe5533f3e77a7d6b00a6bb3c7d3614b..94de6b4907c8af064ed20743148f40b7d946b12e 100644 (file)
--- a/security/apparmor/match.c
+++ b/security/apparmor/match.c
@@ -194,7 +194,7 @@ void aa_dfa_free_kref(struct kref *kref)
  * @flags: flags controlling what type of accept tables are acceptable
  *
  * Unpack a dfa that has been serialized.  To find information on the dfa
- * format look in Documentation/apparmor.txt
+ * format look in Documentation/security/apparmor.txt
  * Assumes the dfa @blob stream has been aligned on a 8 byte boundary
  *
  * Returns: an unpacked dfa ready for matching or ERR_PTR on failure

diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index e33aaf7e5744fcec9fd65d0e5974d13303fff506..d6d9a57b56525e5c7ca9df569f19d3da7d84feba 100644 (file)
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -12,8 +12,8 @@
  * published by the Free Software Foundation, version 2 of the
  * License.
  *
- * AppArmor uses a serialized binary format for loading policy.
- * To find policy format documentation look in Documentation/apparmor.txt
+ * AppArmor uses a serialized binary format for loading policy. To find
+ * policy format documentation look in Documentation/security/apparmor.txt
  * All policy is validated before it is used.
  */
 

diff --git a/security/keys/encrypted.c b/security/keys/encrypted.c
index 69907a58a6837d038675e55b6abede4176b92daf..b1cba5bf0a5e3d092b57318a242014e915af04ff 100644 (file)
--- a/security/keys/encrypted.c
+++ b/security/keys/encrypted.c
@@ -8,7 +8,7 @@
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, version 2 of the License.
  *
- * See Documentation/keys-trusted-encrypted.txt
+ * See Documentation/security/keys-trusted-encrypted.txt
  */
 
 #include <linux/uaccess.h>

diff --git a/security/keys/request_key.c b/security/keys/request_key.c
index df3c0417ee4062ffebac5cb6f3ad30d84fc66a6b..d41cc153a31373a33580f69d53ba21455d187d4e 100644 (file)
--- a/security/keys/request_key.c
+++ b/security/keys/request_key.c
@@ -8,7 +8,7 @@
  * as published by the Free Software Foundation; either version
  * 2 of the License, or (at your option) any later version.
  *
- * See Documentation/keys-request-key.txt
+ * See Documentation/security/keys-request-key.txt
  */
 
 #include <linux/module.h>

diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
index 68164031a74e0bc225844037ceedd45a40fc94cb..3c0cfdec6e37c739413d4c0ec897595fa41b1b31 100644 (file)
--- a/security/keys/request_key_auth.c
+++ b/security/keys/request_key_auth.c
@@ -8,7 +8,7 @@
  * as published by the Free Software Foundation; either version
  * 2 of the License, or (at your option) any later version.
  *
- * See Documentation/keys-request-key.txt
+ * See Documentation/security/keys-request-key.txt
  */
 
 #include <linux/module.h>

diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index c99b9368368c3d6e2193e81abaf5ab417d34557b..0c33e2ea1f3c34879d44ca57044822fefc657695 100644 (file)
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -8,7 +8,7 @@
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, version 2 of the License.
  *
- * See Documentation/keys-trusted-encrypted.txt
+ * See Documentation/security/keys-trusted-encrypted.txt
  */
 
 #include <linux/uaccess.h>