index
:
blackbird-op-linux
master
Blackbird™ Linux sources for OpenPOWER
Raptor Computing Systems
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
security
Commit message (
Expand
)
Author
Age
Files
Lines
...
|
|
*
|
|
|
SMACK: Add new lock for adding entry in smack master list
Vishal Goel
2017-01-10
1
-0
/
+5
|
|
*
|
|
|
Smack: Fix the issue of wrong SMACK label update in socket bind fail case
Vishal Goel
2017-01-10
2
-0
/
+21
|
|
*
|
|
|
Smack: Fix the issue of permission denied error in ipv6 hook
Vishal Goel
2017-01-10
2
-2
/
+4
|
|
*
|
|
|
SMACK: Add the rcu synchronization mechanism in ipv6 hooks
Vishal Goel
2017-01-10
1
-5
/
+15
|
|
|
|
/
/
|
|
|
/
|
|
|
*
|
|
|
LSM: Add /sys/kernel/security/lsm
Casey Schaufler
2017-01-19
9
-9
/
+71
|
*
|
|
|
apparmor: fix undefined reference to `aa_g_hash_policy'
John Johansen
2017-01-16
1
-1
/
+1
|
*
|
|
|
apparmor: replace remaining BUG_ON() asserts with AA_BUG()
John Johansen
2017-01-16
4
-5
/
+5
|
*
|
|
|
apparmor: fix restricted endian type warnings for policy unpack
John Johansen
2017-01-16
1
-6
/
+6
|
*
|
|
|
apparmor: fix restricted endian type warnings for dfa unpack
John Johansen
2017-01-16
2
-12
/
+12
|
*
|
|
|
apparmor: add check for apparmor enabled in module parameters missing it
John Johansen
2017-01-16
1
-0
/
+10
|
*
|
|
|
apparmor: add per cpu work buffers to avoid allocating buffers at every hook
John Johansen
2017-01-16
2
-1
/
+103
|
*
|
|
|
apparmor: sysctl to enable unprivileged user ns AppArmor policy loading
Tyler Hicks
2017-01-16
2
-1
/
+47
|
*
|
|
|
apparmor: support querying extended trusted helper extra data
William Hua
2017-01-16
5
-0
/
+245
|
*
|
|
|
apparmor: update cap audit to check SECURITY_CAP_NOAUDIT
John Johansen
2017-01-16
1
-6
/
+10
|
*
|
|
|
apparmor: make computing policy hashes conditional on kernel parameter
John Johansen
2017-01-16
2
-29
/
+32
|
*
|
|
|
apparmor: convert change_profile to use fqname later to give better control
John Johansen
2017-01-16
5
-66
/
+28
|
*
|
|
|
apparmor: fix change_hat debug output
John Johansen
2017-01-16
1
-4
/
+5
|
*
|
|
|
apparmor: remove unused op parameter from simple_write_to_buffer()
John Johansen
2017-01-16
1
-6
/
+3
|
*
|
|
|
apparmor: change aad apparmor_audit_data macro to a fn macro
John Johansen
2017-01-16
12
-161
/
+155
|
*
|
|
|
apparmor: change op from int to const char *
John Johansen
2017-01-16
10
-134
/
+84
|
*
|
|
|
apparmor: rename context abreviation cxt to the more standard ctx
John Johansen
2017-01-16
5
-144
/
+150
|
*
|
|
|
apparmor: fail task profile update if current_cred isn't real_cred
John Johansen
2017-01-16
1
-0
/
+3
|
*
|
|
|
apparmor: add per policy ns .load, .replace, .remove interface files
John Johansen
2017-01-16
2
-22
/
+130
|
*
|
|
|
apparmor: pass the subject profile into profile replace/remove
John Johansen
2017-01-16
3
-16
/
+21
|
*
|
|
|
apparmor: audit policy ns specified in policy load
John Johansen
2017-01-16
3
-24
/
+77
|
*
|
|
|
apparmor: allow introspecting the loaded policy pre internal transform
John Johansen
2017-01-16
8
-58
/
+278
|
*
|
|
|
apparmor: add ns name to the audit data for policy loads
John Johansen
2017-01-16
2
-10
/
+25
|
*
|
|
|
apparmor: add profile and ns params to aa_may_manage_policy()
John Johansen
2017-01-16
3
-14
/
+12
|
*
|
|
|
apparmor: add ns being viewed as a param to policy_admin_capable()
John Johansen
2017-01-16
3
-10
/
+16
|
*
|
|
|
apparmor: add ns being viewed as a param to policy_view_capable()
John Johansen
2017-01-16
4
-8
/
+35
|
*
|
|
|
apparmor: allow specifying the profile doing the management
John Johansen
2017-01-16
1
-11
/
+21
|
*
|
|
|
apparmor: allow introspecting the policy namespace name
John Johansen
2017-01-16
1
-0
/
+24
|
*
|
|
|
apparmor: Make aa_remove_profile() callable from a different view
John Johansen
2017-01-16
3
-5
/
+7
|
*
|
|
|
apparmor: track ns level so it can be used to help in view checks
John Johansen
2017-01-16
1
-0
/
+1
|
*
|
|
|
apparmor: add special .null file used to "close" fds at exec
John Johansen
2017-01-16
3
-1
/
+81
|
*
|
|
|
apparmor: provide userspace flag indicating binfmt_elf_mmap change
John Johansen
2017-01-16
1
-0
/
+1
|
*
|
|
|
apparmor: add a default null dfa
John Johansen
2017-01-16
6
-2
/
+46
|
*
|
|
|
apparmor: allow policydb to be used as the file dfa
John Johansen
2017-01-16
1
-4
/
+8
|
*
|
|
|
apparmor: add get_dfa() fn
John Johansen
2017-01-16
1
-0
/
+15
|
*
|
|
|
apparmor: prepare to support newer versions of policy
John Johansen
2017-01-16
2
-10
/
+25
|
*
|
|
|
apparmor: add support for force complain flag to support learning mode
John Johansen
2017-01-16
1
-1
/
+3
|
*
|
|
|
apparmor: remove paranoid load switch
John Johansen
2017-01-16
2
-16
/
+10
|
*
|
|
|
apparmor: name null-XXX profiles after the executable
John Johansen
2017-01-16
3
-17
/
+47
|
*
|
|
|
apparmor: pass gfp_t parameter into profile allocation
John Johansen
2017-01-16
4
-8
/
+9
|
*
|
|
|
apparmor: refactor prepare_ns() and make usable from different views
John Johansen
2017-01-16
5
-38
/
+79
|
*
|
|
|
apparmor: update policy_destroy to use new debug asserts
John Johansen
2017-01-16
1
-9
/
+2
|
*
|
|
|
apparmor: pass gfp param into aa_policy_init()
John Johansen
2017-01-16
4
-7
/
+7
|
*
|
|
|
apparmor: constify policy name and hname
John Johansen
2017-01-16
3
-4
/
+4
|
*
|
|
|
apparmor: rename hname_tail to basename
John Johansen
2017-01-16
3
-4
/
+4
|
*
|
|
|
apparmor: rename mediated_filesystem() to path_mediated_fs()
John Johansen
2017-01-16
2
-8
/
+8
[prev]
[next]