summaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2017-06-10apparmor: fix apparmor_query dataJohn Johansen1-2/+6
2017-06-10apparmor: fix policy load/remove semanticsJohn Johansen2-15/+13
2017-06-10apparmor: add namespace lookup fns()John Johansen3-4/+73
2017-06-10apparmor: cleanup __find_child()John Johansen1-8/+8
2017-06-10apparmor: provide information about path buffer size at bootJohn Johansen1-2/+9
2017-06-10apparmor: add profile permission query abilityJohn Johansen1-1/+102
2017-06-10apparmor: switch from file_perms to aa_permsJohn Johansen5-48/+29
2017-06-10apparmor: add gerneric permissions struct and support fnsJohn Johansen4-17/+153
2017-06-10apparmor: add fn to test if profile supports a given mediation classJohn Johansen1-0/+10
2017-06-10apparmor: speed up transactional queriesJohn Johansen1-11/+114
2017-06-10apparmor: add label data availability to the feature setJohn Johansen1-0/+10
2017-06-10apparmor: add mkdir/rmdir interface to manage policy namespacesJohn Johansen1-1/+94
2017-06-10apparmor: add policy revision file interfaceJohn Johansen4-1/+116
2017-06-10apparmor: provide finer control over policy managementJohn Johansen3-23/+35
2017-06-09security/selinux: allow security_sb_clone_mnt_opts to enable/disable native l...Scott Mayhew2-4/+38
2017-06-09selinux: use kmem_cache for ebitmapJunil Lee3-6/+27
2017-06-09apparmor: rework perm mapping to a slightly broader setJohn Johansen5-53/+133
2017-06-08apparmor: move permissions into their own file to be more easily sharedJohn Johansen4-19/+43
2017-06-08apparmor: convert from securityfs to apparmorfs for policy ns filesJohn Johansen1-26/+37
2017-06-08apparmor: allow specifying an already created dir to create ns entries inJohn Johansen3-7/+8
2017-06-08apparmor: rename apparmor file fns and data to indicate useJohn Johansen9-127/+172
2017-06-08apparmor: add custom apparmorfs that will be used by policy namespace filesJohn Johansen1-17/+336
2017-06-08apparmor: use macro template to simplify namespace seq_filesJohn Johansen1-29/+24
2017-06-08apparmor: use macro template to simplify profile seq_filesJohn Johansen1-61/+36
2017-06-08apparmor: move to per loaddata files, instead of replicating in profilesJohn Johansen7-69/+409
2017-06-08securityfs: add the ability to support symlinksJohn Johansen1-21/+123
2017-06-08apparmor: Move path lookup to using preallocated buffersJohn Johansen4-86/+53
2017-06-08apparmor: allow profiles to provide info to disconnected pathsJohn Johansen6-17/+34
2017-06-08apparmor: make internal lib fn skipn_spaces available to the rest of apparmorJohn Johansen2-1/+2
2017-06-08apparmor: move file context into file.hJohn Johansen2-32/+32
2017-06-08security/apparmor: Use POSIX-compatible "printf '%s'"Thomas Schneider1-2/+2
2017-06-08apparmor: Fix error cod in __aa_fs_profile_mkdir()Dan Carpenter1-2/+4
2017-06-08apparmorfs: Use seq_putc() in two functionsMarkus Elfring1-2/+2
2017-06-08apparmorfs: Combine two function calls into one in aa_fs_seq_raw_abi_show()Markus Elfring1-4/+3
2017-06-02selinux: use pernet operations for hook registrationFlorian Westphal1-4/+20
2017-06-01Smack: Use cap_capable in privilege checkCasey Schaufler2-9/+12
2017-06-01Smack: Safer check for a socket in file_receiveCasey Schaufler1-1/+1
2017-06-01smack: use pernet operations for hook registrationFlorian Westphal1-8/+18
2017-05-23selinux: Add a cache for quicker retreival of PKey SIDsDaniel Jurgens5-3/+288
2017-05-23selinux: Add IB Port SMP access vectorDaniel Jurgens5-0/+75
2017-05-23selinux: Implement Infiniband PKey "Access" access vectorDaniel Jurgens5-0/+77
2017-05-23selinux: Allocate and free infiniband security hooksDaniel Jurgens2-1/+29
2017-05-23selinux: Create policydb version for Infiniband supportDaniel Jurgens3-24/+118
2017-05-23IB/core: Enforce security on management datagramsDaniel Jurgens1-0/+6
2017-05-23selinux lsm IB/core: Implement LSM notification systemDaniel Jurgens3-0/+33
2017-05-23IB/core: Enforce PKey security on QPsDaniel Jurgens2-0/+31
2017-05-23selinux: Remove redundant check for unknown labeling behaviorMatthias Kaehlcke1-16/+0
2017-05-23selinux: log policy capability state when a policy is loadedStephen Smalley3-11/+27
2017-05-23selinux: do not check open permission on socketsStephen Smalley1-3/+7
2017-05-23selinux: add a map permission check for mmapStephen Smalley2-1/+13
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-25 05:58:31 +0000