index
:
talos-obmc-linux
dev-4.10
dev-4.13
dev-4.13-fsi
dev-4.13-raptor-05-18-2018
dev-4.13-raptor-06-04-2018
dev-5.0
dev-5.0-raptor-04-16-2019
dev-5.4-raptor-04-16-2019
Talos™ II Linux sources for OpenBMC
Raptor Computing Systems
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
security
Commit message (
Expand
)
Author
Age
Files
Lines
...
|
|
*
|
|
|
selinux: Allocate and free infiniband security hooks
Daniel Jurgens
2017-05-23
2
-1
/
+29
|
|
*
|
|
|
selinux: Create policydb version for Infiniband support
Daniel Jurgens
2017-05-23
3
-24
/
+118
|
|
*
|
|
|
IB/core: Enforce security on management datagrams
Daniel Jurgens
2017-05-23
1
-0
/
+6
|
|
*
|
|
|
selinux lsm IB/core: Implement LSM notification system
Daniel Jurgens
2017-05-23
3
-0
/
+33
|
|
*
|
|
|
IB/core: Enforce PKey security on QPs
Daniel Jurgens
2017-05-23
2
-0
/
+31
|
|
*
|
|
|
selinux: Remove redundant check for unknown labeling behavior
Matthias Kaehlcke
2017-05-23
1
-16
/
+0
|
|
*
|
|
|
selinux: log policy capability state when a policy is loaded
Stephen Smalley
2017-05-23
3
-11
/
+27
|
|
*
|
|
|
selinux: do not check open permission on sockets
Stephen Smalley
2017-05-23
1
-3
/
+7
|
|
*
|
|
|
selinux: add a map permission check for mmap
Stephen Smalley
2017-05-23
2
-1
/
+13
|
|
*
|
|
|
selinux: only invoke capabilities and selinux for CAP_MAC_ADMIN checks
Stephen Smalley
2017-05-23
1
-8
/
+15
|
|
*
|
|
|
selinux: Return an error code only as a constant in sidtab_insert()
Markus Elfring
2017-05-23
1
-17
/
+10
|
|
*
|
|
|
selinux: Return directly after a failed memory allocation in policydb_index()
Markus Elfring
2017-05-23
1
-10
/
+5
|
|
*
|
|
|
selinux: Use task_alloc hook rather than task_create hook
Tetsuo Handa
2017-05-23
1
-2
/
+3
|
*
|
|
|
|
ima: Log the same audit cause whenever a file has no signature
Thiago Jung Bauermann
2017-06-21
1
-1
/
+2
|
*
|
|
|
|
ima: Simplify policy_func_show.
Thiago Jung Bauermann
2017-06-21
2
-62
/
+21
|
*
|
|
|
|
integrity: Small code improvements
Thiago Jung Bauermann
2017-06-21
6
-9
/
+11
|
*
|
|
|
|
ima: fix get_binary_runtime_size()
Roberto Sassu
2017-06-21
1
-1
/
+1
|
*
|
|
|
|
ima: use ima_parse_buf() to parse template data
Roberto Sassu
2017-06-21
1
-31
/
+13
|
*
|
|
|
|
ima: use ima_parse_buf() to parse measurements headers
Roberto Sassu
2017-06-21
1
-52
/
+28
|
*
|
|
|
|
ima: introduce ima_parse_buf()
Roberto Sassu
2017-06-21
2
-0
/
+67
|
*
|
|
|
|
ima: Add cgroups2 to the defaults list
Laura Abbott
2017-06-21
1
-0
/
+3
|
*
|
|
|
|
ima: use memdup_user_nul
Geliang Tang
2017-06-21
1
-9
/
+4
|
*
|
|
|
|
ima: fix up #endif comments
Tycho Andersen
2017-06-21
1
-2
/
+2
|
*
|
|
|
|
IMA: Correct Kconfig dependencies for hash selection
Ben Hutchings
2017-06-21
1
-4
/
+4
|
*
|
|
|
|
ima: define is_ima_appraise_enabled()
Mimi Zohar
2017-06-21
1
-0
/
+10
|
*
|
|
|
|
ima: define Kconfig IMA_APPRAISE_BOOTPARAM option
Mimi Zohar
2017-06-21
2
-0
/
+10
|
*
|
|
|
|
ima: define a set of appraisal rules requiring file signatures
Mimi Zohar
2017-06-21
1
-1
/
+25
|
*
|
|
|
|
ima: extend the "ima_policy" boot command line to support multiple policies
Mimi Zohar
2017-06-21
1
-5
/
+10
|
*
|
|
|
|
Merge branch 'smack-for-4.13' of git://github.com/cschaufler/smack-next into ...
James Morris
2017-06-21
4
-18
/
+31
|
|
\
\
\
\
\
|
|
*
|
|
|
|
Smack: Use cap_capable in privilege check
Casey Schaufler
2017-06-01
2
-9
/
+12
|
|
*
|
|
|
|
Smack: Safer check for a socket in file_receive
Casey Schaufler
2017-06-01
1
-1
/
+1
|
|
*
|
|
|
|
smack: use pernet operations for hook registration
Florian Westphal
2017-06-01
1
-8
/
+18
|
|
|
/
/
/
/
|
*
|
|
|
|
apparmor: export that basic profile namespaces are supported
John Johansen
2017-06-10
1
-0
/
+7
|
*
|
|
|
|
apparmor: add stacked domain labels interface
John Johansen
2017-06-10
2
-0
/
+8
|
*
|
|
|
|
apparmor: add domain label stacking info to apparmorfs
John Johansen
2017-06-10
3
-0
/
+39
|
*
|
|
|
|
apparmor: move change_profile mediation to using labels
John Johansen
2017-06-10
1
-68
/
+123
|
*
|
|
|
|
apparmor: move change_hat mediation to using labels
John Johansen
2017-06-10
1
-102
/
+201
|
*
|
|
|
|
apparmor: move exec domain mediation to using labels
John Johansen
2017-06-10
2
-259
/
+678
|
*
|
|
|
|
apparmor: support v7 transition format compatible with label_parse
John Johansen
2017-06-10
2
-7
/
+15
|
*
|
|
|
|
apparmor: mediate files when they are received
John Johansen
2017-06-10
2
-0
/
+7
|
*
|
|
|
|
apparmor: rework file permission to cache file access in file->ctx
John Johansen
2017-06-10
1
-6
/
+76
|
*
|
|
|
|
apparmor: move path_link mediation to using labels
John Johansen
2017-06-10
3
-47
/
+59
|
*
|
|
|
|
apparmor: refactor path name lookup and permission checks around labels
John Johansen
2017-06-10
3
-45
/
+85
|
*
|
|
|
|
apparmor: update aa_audit_file() to use labels
John Johansen
2017-06-10
3
-9
/
+18
|
*
|
|
|
|
apparmor: move aa_file_perm() to use labels
John Johansen
2017-06-10
3
-37
/
+64
|
*
|
|
|
|
apparmor: allow ptrace checks to be finer grained than just capability
John Johansen
2017-06-10
3
-0
/
+68
|
*
|
|
|
|
apparmor: move ptrace checks to using labels
John Johansen
2017-06-10
5
-80
/
+58
|
*
|
|
|
|
apparmor: add cross check permission helper macros
John Johansen
2017-06-10
1
-1
/
+41
|
*
|
|
|
|
apparmor: move resource checks to using labels
John Johansen
2017-06-10
3
-42
/
+80
|
*
|
|
|
|
apparmor: move capability checks to using labels
John Johansen
2017-06-10
5
-29
/
+58
[prev]
[next]