summaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2017-06-10apparmor: rework file permission to cache file access in file->ctxJohn Johansen1-6/+76
2017-06-10apparmor: move path_link mediation to using labelsJohn Johansen3-47/+59
2017-06-10apparmor: refactor path name lookup and permission checks around labelsJohn Johansen3-45/+85
2017-06-10apparmor: update aa_audit_file() to use labelsJohn Johansen3-9/+18
2017-06-10apparmor: move aa_file_perm() to use labelsJohn Johansen3-37/+64
2017-06-10apparmor: allow ptrace checks to be finer grained than just capabilityJohn Johansen3-0/+68
2017-06-10apparmor: move ptrace checks to using labelsJohn Johansen5-80/+58
2017-06-10apparmor: add cross check permission helper macrosJohn Johansen1-1/+41
2017-06-10apparmor: move resource checks to using labelsJohn Johansen3-42/+80
2017-06-10apparmor: move capability checks to using labelsJohn Johansen5-29/+58
2017-06-10apparmor: update query interface to support label queriesJohn Johansen1-7/+39
2017-06-10apparmor: switch getprocattr to using label_print fns()John Johansen3-37/+27
2017-06-10apparmor: switch from profiles to using labels on contextsJohn Johansen20-529/+686
2017-06-10apparmor: add the base fns() for domain labelsJohn Johansen2-0/+2561
2017-06-10apparmor: revalidate files during execJohn Johansen4-0/+81
2017-06-10apparmor: cleanup rename XXX_file_context() to XXX_file_ctx()John Johansen2-11/+16
2017-06-10apparmor: convert aa_change_XXX bool parameters to flagsJohn Johansen5-32/+29
2017-06-10apparmor: cleanup remove unused and not fully implemented profile renameJohn Johansen1-37/+2
2017-06-10apparmor: refactor updating profiles to the newest parentJohn Johansen1-4/+31
2017-06-10apparmor: share profile name on replacementJohn Johansen3-9/+72
2017-06-10apparmor: convert to profile block critical sectionsJohn Johansen8-56/+162
2017-06-10apparmor: move bprm_committing_creds/committed_creds to lsm.cJohn Johansen3-32/+30
2017-06-10apparmor: fix display of ns nameJohn Johansen1-1/+1
2017-06-10apparmor: fix apparmor_query dataJohn Johansen1-2/+6
2017-06-10apparmor: fix policy load/remove semanticsJohn Johansen2-15/+13
2017-06-10apparmor: add namespace lookup fns()John Johansen3-4/+73
2017-06-10apparmor: cleanup __find_child()John Johansen1-8/+8
2017-06-10apparmor: provide information about path buffer size at bootJohn Johansen1-2/+9
2017-06-10apparmor: add profile permission query abilityJohn Johansen1-1/+102
2017-06-10apparmor: switch from file_perms to aa_permsJohn Johansen5-48/+29
2017-06-10apparmor: add gerneric permissions struct and support fnsJohn Johansen4-17/+153
2017-06-10apparmor: add fn to test if profile supports a given mediation classJohn Johansen1-0/+10
2017-06-10apparmor: speed up transactional queriesJohn Johansen1-11/+114
2017-06-10apparmor: add label data availability to the feature setJohn Johansen1-0/+10
2017-06-10apparmor: add mkdir/rmdir interface to manage policy namespacesJohn Johansen1-1/+94
2017-06-10apparmor: add policy revision file interfaceJohn Johansen4-1/+116
2017-06-10apparmor: provide finer control over policy managementJohn Johansen3-23/+35
2017-06-09apparmor: rework perm mapping to a slightly broader setJohn Johansen5-53/+133
2017-06-08apparmor: move permissions into their own file to be more easily sharedJohn Johansen4-19/+43
2017-06-08apparmor: convert from securityfs to apparmorfs for policy ns filesJohn Johansen1-26/+37
2017-06-08apparmor: allow specifying an already created dir to create ns entries inJohn Johansen3-7/+8
2017-06-08apparmor: rename apparmor file fns and data to indicate useJohn Johansen9-127/+172
2017-06-08apparmor: add custom apparmorfs that will be used by policy namespace filesJohn Johansen2-17/+338
2017-06-08apparmor: use macro template to simplify namespace seq_filesJohn Johansen1-29/+24
2017-06-08apparmor: use macro template to simplify profile seq_filesJohn Johansen1-61/+36
2017-06-08apparmor: move to per loaddata files, instead of replicating in profilesJohn Johansen7-69/+409
2017-06-08securityfs: add the ability to support symlinksJohn Johansen2-21/+135
2017-06-08apparmor: Move path lookup to using preallocated buffersJohn Johansen4-86/+53
2017-06-08apparmor: allow profiles to provide info to disconnected pathsJohn Johansen6-17/+34
2017-06-08apparmor: make internal lib fn skipn_spaces available to the rest of apparmorJohn Johansen2-1/+2