Gitiles
Code Review
Sign In
gerrit-public.fairphone.software
/
kernel
/
msm-4.19
/
2872bb2d0a4952ffb721e703555cb73d40b2c2f0
/
security
/
apparmor
622f6e3
apparmor: Make path_max parameter readonly
by John Johansen
· 8 years ago
545de8f
apparmor: fix parameters so that the permission test is bypassed at boot
by John Johansen
· 8 years ago
b9b144b
apparmor: fix invalid reference to index variable of iterator line 836
by John Johansen
· 8 years ago
9814448
apparmor: use SHASH_DESC_ON_STACK
by Nicolas Iooss
· 8 years ago
eea7a05
security/apparmor/lsm.c: set debug messages
by Valentin Rothberg
· 8 years ago
b9c42ac
apparmor: fix boolreturn.cocci warnings
by kbuild test robot
· 8 years ago
ca97d93
security: mark LSM hooks as __ro_after_init
by James Morris
· 8 years ago
b2d0910
sched/headers: Prepare to use <linux/rcuupdate.h> instead of <linux/rculist.h> in <linux/sched.h>
by Ingo Molnar
· 8 years ago
5b825c3
sched/headers: Prepare to remove <linux/cred.h> inclusion from <linux/sched.h>
by Ingo Molnar
· 8 years ago
f1ef09f
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
by Linus Torvalds
· 8 years ago
c9341ee
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 8 years ago
a2a1547
Merge branch 'stable-4.11' of git://git.infradead.org/users/pcmoore/selinux into next
by James Morris
· 8 years ago
9227dd2
exec: Remove LSM_UNSAFE_PTRACE_CAP
by Eric W. Biederman
· 8 years ago
d69dece
LSM: Add /sys/kernel/security/lsm
by Casey Schaufler
· 8 years ago
3ccb76c
apparmor: fix undefined reference to `aa_g_hash_policy'
by John Johansen
· 8 years ago
e6bfa25
apparmor: replace remaining BUG_ON() asserts with AA_BUG()
by John Johansen
· 8 years ago
2c17cd3
apparmor: fix restricted endian type warnings for policy unpack
by John Johansen
· 8 years ago
e6e8bf4
apparmor: fix restricted endian type warnings for dfa unpack
by John Johansen
· 8 years ago
ca4bd5a
apparmor: add check for apparmor enabled in module parameters missing it
by John Johansen
· 8 years ago
d4669f0
apparmor: add per cpu work buffers to avoid allocating buffers at every hook
by John Johansen
· 8 years ago
e3ea1ca
apparmor: sysctl to enable unprivileged user ns AppArmor policy loading
by Tyler Hicks
· 9 years ago
e025be0
apparmor: support querying extended trusted helper extra data
by William Hua
· 8 years ago
12eb87d
apparmor: update cap audit to check SECURITY_CAP_NOAUDIT
by John Johansen
· 8 years ago
31f75bf
apparmor: make computing policy hashes conditional on kernel parameter
by John Johansen
· 8 years ago
aa9a39a
apparmor: convert change_profile to use fqname later to give better control
by John Johansen
· 8 years ago
c3e1e58
apparmor: fix change_hat debug output
by John Johansen
· 8 years ago
5ef50d0
apparmor: remove unused op parameter from simple_write_to_buffer()
by John Johansen
· 8 years ago
ef88a7a
apparmor: change aad apparmor_audit_data macro to a fn macro
by John Johansen
· 8 years ago
47f6e5c
apparmor: change op from int to const char *
by John Johansen
· 8 years ago
55a26eb
apparmor: rename context abreviation cxt to the more standard ctx
by John Johansen
· 8 years ago
a20aa95
apparmor: fail task profile update if current_cred isn't real_cred
by John Johansen
· 8 years ago
b7fd2c0
apparmor: add per policy ns .load, .replace, .remove interface files
by John Johansen
· 8 years ago
12dd717
apparmor: pass the subject profile into profile replace/remove
by John Johansen
· 8 years ago
04dc715
apparmor: audit policy ns specified in policy load
by John Johansen
· 8 years ago
5ac8c35
apparmor: allow introspecting the loaded policy pre internal transform
by John Johansen
· 8 years ago
fc1c9fd
apparmor: add ns name to the audit data for policy loads
by John Johansen
· 8 years ago
078c73c6
apparmor: add profile and ns params to aa_may_manage_policy()
by John Johansen
· 8 years ago
fd2a804
apparmor: add ns being viewed as a param to policy_admin_capable()
by John Johansen
· 8 years ago
2bd8dbb
apparmor: add ns being viewed as a param to policy_view_capable()
by John Johansen
· 8 years ago
a6f2330
apparmor: allow specifying the profile doing the management
by John Johansen
· 8 years ago
3e3e569
apparmor: allow introspecting the policy namespace name
by John Johansen
· 8 years ago
b79473f
apparmor: Make aa_remove_profile() callable from a different view
by John Johansen
· 8 years ago
ee2351e
apparmor: track ns level so it can be used to help in view checks
by John Johansen
· 8 years ago
a71ada3
apparmor: add special .null file used to "close" fds at exec
by John Johansen
· 8 years ago
34c426a
apparmor: provide userspace flag indicating binfmt_elf_mmap change
by John Johansen
· 8 years ago
11c236b
apparmor: add a default null dfa
by John Johansen
· 8 years ago
6604d4c
apparmor: allow policydb to be used as the file dfa
by John Johansen
· 8 years ago
293a488
apparmor: add get_dfa() fn
by John Johansen
· 8 years ago
474d6b75
apparmor: prepare to support newer versions of policy
by John Johansen
· 8 years ago
5ebfb12
apparmor: add support for force complain flag to support learning mode
by John Johansen
· 8 years ago
abbf873
apparmor: remove paranoid load switch
by John Johansen
· 8 years ago
181f7c9
apparmor: name null-XXX profiles after the executable
by John Johansen
· 8 years ago
30b026a
apparmor: pass gfp_t parameter into profile allocation
by John Johansen
· 8 years ago
73688d1
apparmor: refactor prepare_ns() and make usable from different views
by John Johansen
· 8 years ago
5fd1b95
apparmor: update policy_destroy to use new debug asserts
by John Johansen
· 8 years ago
d102d89
apparmor: pass gfp param into aa_policy_init()
by John Johansen
· 8 years ago
bbe4a7c
apparmor: constify policy name and hname
by John Johansen
· 8 years ago
6e474e3
apparmor: rename hname_tail to basename
by John Johansen
· 8 years ago
efeee83
apparmor: rename mediated_filesystem() to path_mediated_fs()
by John Johansen
· 8 years ago
680cd62
apparmor: add debug assert AA_BUG and Kconfig to control debug info
by John Johansen
· 8 years ago
57e36bb
apparmor: add macro for bug asserts to check that a lock is held
by John Johansen
· 8 years ago
92b6d8e
apparmor: allow ns visibility question to consider subnses
by John Johansen
· 8 years ago
31617dd
apparmor: add fn to lookup profiles by fqname
by John Johansen
· 8 years ago
3b0aaf5
apparmor: add lib fn to find the "split" for fqnames
by John Johansen
· 8 years ago
9a2d40c
apparmor: add strn version of aa_find_ns
by John Johansen
· 8 years ago
1741e9e
apparmor: add strn version of lookup_profile fn
by John Johansen
· 8 years ago
8399588
apparmor: rename replacedby to proxy
by John Johansen
· 8 years ago
d97d51d
apparmor: rename PFLAG_INVALID to PFLAG_STALE
by John Johansen
· 8 years ago
121d4a9
apparmor: rename sid to secid
by John Johansen
· 8 years ago
98849df
apparmor: rename namespace to ns to improve code line lengths
by John Johansen
· 8 years ago
cff281f
apparmor: split apparmor policy namespaces code into its own file
by John Johansen
· 8 years ago
fe6bb31
apparmor: split out shared policy_XXX fns to lib
by John Johansen
· 8 years ago
12557dc
apparmor: move lib definitions into separate lib include
by John Johansen
· 8 years ago
8486adf
apparmor: use designated initializers
by Kees Cook
· 8 years ago
a7f6c1b
AppArmor: Use GFP_KERNEL for __aa_kvmalloc().
by Tetsuo Handa
· 8 years ago
6b1ffa0
locking/atomic, kref: Use kref_get_unless_zero() more
by Peter Zijlstra
· 8 years ago
b21507e
proc,security: move restriction on writing /proc/pid/attr nodes to proc
by Stephen Smalley
· 8 years ago
3d40658
apparmor: fix change_hat not finding hat after policy replacement
by John Johansen
· 8 years ago
078cd82
fs: Replace CURRENT_TIME with current_time() for inode timestamps
by Deepa Dinamani
· 8 years ago
7616ac7
apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling
by Arnd Bergmann
· 8 years ago
d4d03f7
apparmor: fix arg_size computation for when setprocattr is null terminated
by John Johansen
· 8 years ago
e89b808
apparmor: fix oops, validate buffer size in apparmor_setprocattr()
by Vegard Nossum
· 8 years ago
f4ee2de
apparmor: do not expose kernel stack
by Heinrich Schuchardt
· 8 years ago
58acf9d
apparmor: fix module parameters can be changed after policy is locked
by John Johansen
· 8 years ago
5f20fdf
apparmor: fix oops in profile_unpack() when policy_db is not present
by John Johansen
· 8 years ago
3197f5a
apparmor: don't check for vmalloc_addr if kvzalloc() failed
by John Johansen
· 8 years ago
1575617
apparmor: add missing id bounds check on dfa verification
by John Johansen
· 8 years ago
ff11847
apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task
by Jeff Mahoney
· 9 years ago
38dbd7d
apparmor: use list_next_entry instead of list_entry_next
by Geliang Tang
· 9 years ago
de7c4cc
apparmor: fix refcount race when finding a child profile
by John Johansen
· 9 years ago
0b938a2
apparmor: fix ref count leak when profile sha1 hash is read
by John Johansen
· 9 years ago
23ca7b6
apparmor: check that xindex is in trans_table bounds
by John Johansen
· 9 years ago
f7da2de
apparmor: ensure the target profile name is always audited
by John Johansen
· 9 years ago
7ee6da2
apparmor: fix audit full profile hname on successful load
by John Johansen
· 9 years ago
bf15cf0
apparmor: fix log failures for all profiles in a set
by John Johansen
· 9 years ago
f351841
apparmor: fix put() parent ref after updating the active ref
by John Johansen
· 9 years ago
6059f71
apparmor: add parameter to control whether policy hashing is used
by John Johansen
· 10 years ago
bd35db8
apparmor: internal paths should be treated as disconnected
by John Johansen
· 10 years ago
f2e561d
apparmor: fix disconnected bind mnts reconnection
by John Johansen
· 10 years ago
d671e890
apparmor: fix update the mtime of the profile file on replacement
by John Johansen
· 10 years ago
Next »