summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
...
| | * | | | SMACK: Add new lock for adding entry in smack master listVishal Goel2017-01-101-0/+5
| | * | | | Smack: Fix the issue of wrong SMACK label update in socket bind fail caseVishal Goel2017-01-102-0/+21
| | * | | | Smack: Fix the issue of permission denied error in ipv6 hookVishal Goel2017-01-102-2/+4
| | * | | | SMACK: Add the rcu synchronization mechanism in ipv6 hooksVishal Goel2017-01-101-5/+15
| | | |/ / | | |/| |
| * | | | LSM: Add /sys/kernel/security/lsmCasey Schaufler2017-01-199-9/+71
| * | | | apparmor: fix undefined reference to `aa_g_hash_policy'John Johansen2017-01-161-1/+1
| * | | | apparmor: replace remaining BUG_ON() asserts with AA_BUG()John Johansen2017-01-164-5/+5
| * | | | apparmor: fix restricted endian type warnings for policy unpackJohn Johansen2017-01-161-6/+6
| * | | | apparmor: fix restricted endian type warnings for dfa unpackJohn Johansen2017-01-162-12/+12
| * | | | apparmor: add check for apparmor enabled in module parameters missing itJohn Johansen2017-01-161-0/+10
| * | | | apparmor: add per cpu work buffers to avoid allocating buffers at every hookJohn Johansen2017-01-162-1/+103
| * | | | apparmor: sysctl to enable unprivileged user ns AppArmor policy loadingTyler Hicks2017-01-162-1/+47
| * | | | apparmor: support querying extended trusted helper extra dataWilliam Hua2017-01-165-0/+245
| * | | | apparmor: update cap audit to check SECURITY_CAP_NOAUDITJohn Johansen2017-01-161-6/+10
| * | | | apparmor: make computing policy hashes conditional on kernel parameterJohn Johansen2017-01-162-29/+32
| * | | | apparmor: convert change_profile to use fqname later to give better controlJohn Johansen2017-01-165-66/+28
| * | | | apparmor: fix change_hat debug outputJohn Johansen2017-01-161-4/+5
| * | | | apparmor: remove unused op parameter from simple_write_to_buffer()John Johansen2017-01-161-6/+3
| * | | | apparmor: change aad apparmor_audit_data macro to a fn macroJohn Johansen2017-01-1612-161/+155
| * | | | apparmor: change op from int to const char *John Johansen2017-01-1610-134/+84
| * | | | apparmor: rename context abreviation cxt to the more standard ctxJohn Johansen2017-01-165-144/+150
| * | | | apparmor: fail task profile update if current_cred isn't real_credJohn Johansen2017-01-161-0/+3
| * | | | apparmor: add per policy ns .load, .replace, .remove interface filesJohn Johansen2017-01-162-22/+130
| * | | | apparmor: pass the subject profile into profile replace/removeJohn Johansen2017-01-163-16/+21
| * | | | apparmor: audit policy ns specified in policy loadJohn Johansen2017-01-163-24/+77
| * | | | apparmor: allow introspecting the loaded policy pre internal transformJohn Johansen2017-01-168-58/+278
| * | | | apparmor: add ns name to the audit data for policy loadsJohn Johansen2017-01-162-10/+25
| * | | | apparmor: add profile and ns params to aa_may_manage_policy()John Johansen2017-01-163-14/+12
| * | | | apparmor: add ns being viewed as a param to policy_admin_capable()John Johansen2017-01-163-10/+16
| * | | | apparmor: add ns being viewed as a param to policy_view_capable()John Johansen2017-01-164-8/+35
| * | | | apparmor: allow specifying the profile doing the managementJohn Johansen2017-01-161-11/+21
| * | | | apparmor: allow introspecting the policy namespace nameJohn Johansen2017-01-161-0/+24
| * | | | apparmor: Make aa_remove_profile() callable from a different viewJohn Johansen2017-01-163-5/+7
| * | | | apparmor: track ns level so it can be used to help in view checksJohn Johansen2017-01-161-0/+1
| * | | | apparmor: add special .null file used to "close" fds at execJohn Johansen2017-01-163-1/+81
| * | | | apparmor: provide userspace flag indicating binfmt_elf_mmap changeJohn Johansen2017-01-161-0/+1
| * | | | apparmor: add a default null dfaJohn Johansen2017-01-166-2/+46
| * | | | apparmor: allow policydb to be used as the file dfaJohn Johansen2017-01-161-4/+8
| * | | | apparmor: add get_dfa() fnJohn Johansen2017-01-161-0/+15
| * | | | apparmor: prepare to support newer versions of policyJohn Johansen2017-01-162-10/+25
| * | | | apparmor: add support for force complain flag to support learning modeJohn Johansen2017-01-161-1/+3
| * | | | apparmor: remove paranoid load switchJohn Johansen2017-01-162-16/+10
| * | | | apparmor: name null-XXX profiles after the executableJohn Johansen2017-01-163-17/+47
| * | | | apparmor: pass gfp_t parameter into profile allocationJohn Johansen2017-01-164-8/+9
| * | | | apparmor: refactor prepare_ns() and make usable from different viewsJohn Johansen2017-01-165-38/+79
| * | | | apparmor: update policy_destroy to use new debug assertsJohn Johansen2017-01-161-9/+2
| * | | | apparmor: pass gfp param into aa_policy_init()John Johansen2017-01-164-7/+7
| * | | | apparmor: constify policy name and hnameJohn Johansen2017-01-163-4/+4
| * | | | apparmor: rename hname_tail to basenameJohn Johansen2017-01-163-4/+4
| * | | | apparmor: rename mediated_filesystem() to path_mediated_fs()John Johansen2017-01-162-8/+8
OpenPOWER on IntegriCloud