summaryrefslogtreecommitdiff
path: root/security/apparmor/include/apparmor.h
AgeCommit message (Collapse)AuthorFilesLines
2017-06-11apparmor: move ptrace checks to using labelsJohn Johansen1-0/+1
Signed-off-by: John Johansen <john.johansen@canonical.com>
2017-06-11apparmor: switch from profiles to using labels on contextsJohn Johansen1-2/+3
Begin the actual switch to using domain labels by storing them on the context and converting the label to a singular profile where possible. Signed-off-by: John Johansen <john.johansen@canonical.com>
2017-01-16apparmor: move lib definitions into separate lib includeJohn Johansen1-80/+2
Signed-off-by: John Johansen <john.johansen@canonical.com>
2016-07-12apparmor: add parameter to control whether policy hashing is usedJohn Johansen1-0/+1
Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com>
2015-02-22Apparmor: mediated_filesystem() should use dentry->d_sb not inode->i_sbDavid Howells1-2/+2
mediated_filesystem() should use dentry->d_sb not dentry->d_inode->i_sb and should avoid file_inode() also since it is really dealing with the path. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2014-05-06nick kvfree() from apparmorAl Viro1-1/+0
too many places open-code it Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2013-08-14apparmor: convert profile lists to RCU based lockingJohn Johansen1-0/+6
Signed-off-by: John Johansen <john.johansen@canonical.com>
2013-04-28apparmor: add kvzalloc to handle zeroing for kvmallocJohn Johansen1-1/+11
Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Steve Beattie <sbeattie@ubuntu.com>
2012-03-15AppArmor: Add ability to load extended policyJohn Johansen1-0/+13
Add the base support for the new policy extensions. This does not bring any additional functionality, or change current semantics. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com>
2012-03-14AppArmor: Update dfa matching routines.John Johansen1-1/+1
Update aa_dfa_match so that it doesn't result in an input string being walked twice (once to get its length and another time to match) Add a single step functions aa_dfa_next Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com>
2012-01-13module_param: make bool parameters really bool (drivers & misc)Rusty Russell1-5/+5
module_param(bool) used to counter-intuitively take an int. In fddd5201 (mid-2009) we allowed bool or int/unsigned int using a messy trick. It's time to remove the int/unsigned int option. For this version it'll simply give a warning, but it'll break next kernel version. Acked-by: Mauro Carvalho Chehab <mchehab@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2010-08-02AppArmor: misc. base functions and definesJohn Johansen1-0/+92
Miscellaneous functions and defines needed by AppArmor, including the base path resolution routines. Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <jmorris@namei.org>
generated by cgit v1.2.3 (git 2.39.0) at 2025-08-31 21:55:48 +0300