summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2017-01-16apparmor: allow introspecting the policy namespace nameJohn Johansen1-0/+24
2017-01-16apparmor: Make aa_remove_profile() callable from a different viewJohn Johansen3-5/+7
2017-01-16apparmor: track ns level so it can be used to help in view checksJohn Johansen1-0/+1
2017-01-16apparmor: add special .null file used to "close" fds at execJohn Johansen3-1/+81
2017-01-16apparmor: provide userspace flag indicating binfmt_elf_mmap changeJohn Johansen1-0/+1
2017-01-16apparmor: add a default null dfaJohn Johansen6-2/+46
2017-01-16apparmor: allow policydb to be used as the file dfaJohn Johansen1-4/+8
2017-01-16apparmor: add get_dfa() fnJohn Johansen1-0/+15
2017-01-16apparmor: prepare to support newer versions of policyJohn Johansen2-10/+25
2017-01-16apparmor: add support for force complain flag to support learning modeJohn Johansen1-1/+3
2017-01-16apparmor: remove paranoid load switchJohn Johansen2-16/+10
2017-01-16apparmor: name null-XXX profiles after the executableJohn Johansen3-17/+47
2017-01-16apparmor: pass gfp_t parameter into profile allocationJohn Johansen4-8/+9
2017-01-16apparmor: refactor prepare_ns() and make usable from different viewsJohn Johansen5-38/+79
2017-01-16apparmor: update policy_destroy to use new debug assertsJohn Johansen1-9/+2
2017-01-16apparmor: pass gfp param into aa_policy_init()John Johansen4-7/+7
2017-01-16apparmor: constify policy name and hnameJohn Johansen3-4/+4
2017-01-16apparmor: rename hname_tail to basenameJohn Johansen3-4/+4
2017-01-16apparmor: rename mediated_filesystem() to path_mediated_fs()John Johansen2-8/+8
2017-01-16apparmor: add debug assert AA_BUG and Kconfig to control debug infoJohn Johansen3-4/+43
2017-01-16apparmor: add macro for bug asserts to check that a lock is heldJohn Johansen1-0/+11
2017-01-16apparmor: allow ns visibility question to consider subnsesJohn Johansen4-8/+14
2017-01-16apparmor: add fn to lookup profiles by fqnameJohn Johansen4-7/+38
2017-01-16apparmor: add lib fn to find the "split" for fqnamesJohn Johansen2-0/+55
2017-01-16apparmor: add strn version of aa_find_nsJohn Johansen2-6/+29
2017-01-16apparmor: add strn version of lookup_profile fnJohn Johansen2-11/+27
2017-01-16apparmor: rename replacedby to proxyJohn Johansen5-65/+65
2017-01-16apparmor: rename PFLAG_INVALID to PFLAG_STALEJohn Johansen3-5/+5
2017-01-16apparmor: rename sid to secidJohn Johansen4-65/+65
2017-01-16apparmor: rename namespace to ns to improve code line lengthsJohn Johansen8-128/+122
2017-01-16apparmor: split apparmor policy namespaces code into its own fileJohn Johansen10-391/+454
2017-01-16apparmor: split out shared policy_XXX fns to libJohn Johansen4-132/+137
2017-01-16apparmor: move lib definitions into separate lib includeJohn Johansen5-82/+99
2017-01-16apparmor: use designated initializersKees Cook2-5/+7
2017-01-16AppArmor: Use GFP_KERNEL for __aa_kvmalloc().Tetsuo Handa1-1/+2
2017-01-14locking/atomic, kref: Use kref_get_unless_zero() morePeter Zijlstra2-8/+2
2017-01-12security,selinux,smack: kill security_task_wait hookStephen Smalley3-33/+0
2017-01-12selinux: drop unused socket security classesStephen Smalley2-12/+0
2017-01-10Smack: ignore private inode for file functionsSeung-Woo Kim1-0/+12
2017-01-10Smack: fix d_instantiate logic for sockfs and pipefsRafal Krypa1-7/+7
2017-01-10SMACK: Use smk_tskacc() instead of smk_access() for proper loggingHimanshu Shukla1-4/+1
2017-01-10Smack: Traverse the smack_known_list using list_for_each_entry_rcu macroVishal Goel1-1/+1
2017-01-10SMACK: Free the i_security blob in inode using RCUHimanshu Shukla2-4/+29
2017-01-10SMACK: Delete list_head repeated initializationHimanshu Shukla1-4/+0
2017-01-10SMACK: Add new lock for adding entry in smack master listVishal Goel1-0/+5
2017-01-10Smack: Fix the issue of wrong SMACK label update in socket bind fail caseVishal Goel2-0/+21
2017-01-10Smack: Fix the issue of permission denied error in ipv6 hookVishal Goel2-2/+4
2017-01-10SMACK: Add the rcu synchronization mechanism in ipv6 hooksVishal Goel1-5/+15
2017-01-09selinux: default to security isid in sel_make_bools() if no sid is foundGary Tierney1-3/+3
2017-01-09selinux: log errors when loading new policyGary Tierney1-5/+16