summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2017-01-19Merge remote-tracking branch 'tip/auto-latest'Stephen Rothwell2-8/+2
2017-01-19Merge remote-tracking branch 'selinux/next'Stephen Rothwell9-276/+329
2017-01-19Merge remote-tracking branch 'keys/keys-next'Stephen Rothwell5-0/+405
2017-01-19LSM: Add /sys/kernel/security/lsmCasey Schaufler9-9/+71
2017-01-16apparmor: fix undefined reference to `aa_g_hash_policy'John Johansen1-1/+1
2017-01-16apparmor: replace remaining BUG_ON() asserts with AA_BUG()John Johansen4-5/+5
2017-01-16apparmor: fix restricted endian type warnings for policy unpackJohn Johansen1-6/+6
2017-01-16apparmor: fix restricted endian type warnings for dfa unpackJohn Johansen2-12/+12
2017-01-16apparmor: add check for apparmor enabled in module parameters missing itJohn Johansen1-0/+10
2017-01-16apparmor: add per cpu work buffers to avoid allocating buffers at every hookJohn Johansen2-1/+103
2017-01-16apparmor: sysctl to enable unprivileged user ns AppArmor policy loadingTyler Hicks2-1/+47
2017-01-16apparmor: support querying extended trusted helper extra dataWilliam Hua5-0/+245
2017-01-16apparmor: update cap audit to check SECURITY_CAP_NOAUDITJohn Johansen1-6/+10
2017-01-16apparmor: make computing policy hashes conditional on kernel parameterJohn Johansen2-29/+32
2017-01-16apparmor: convert change_profile to use fqname later to give better controlJohn Johansen5-66/+28
2017-01-16apparmor: fix change_hat debug outputJohn Johansen1-4/+5
2017-01-16apparmor: remove unused op parameter from simple_write_to_buffer()John Johansen1-6/+3
2017-01-16apparmor: change aad apparmor_audit_data macro to a fn macroJohn Johansen12-161/+155
2017-01-16apparmor: change op from int to const char *John Johansen10-134/+84
2017-01-16apparmor: rename context abreviation cxt to the more standard ctxJohn Johansen5-144/+150
2017-01-16apparmor: fail task profile update if current_cred isn't real_credJohn Johansen1-0/+3
2017-01-16apparmor: add per policy ns .load, .replace, .remove interface filesJohn Johansen2-22/+130
2017-01-16apparmor: pass the subject profile into profile replace/removeJohn Johansen3-16/+21
2017-01-16apparmor: audit policy ns specified in policy loadJohn Johansen3-24/+77
2017-01-16apparmor: allow introspecting the loaded policy pre internal transformJohn Johansen8-58/+278
2017-01-16apparmor: add ns name to the audit data for policy loadsJohn Johansen2-10/+25
2017-01-16apparmor: add profile and ns params to aa_may_manage_policy()John Johansen3-14/+12
2017-01-16apparmor: add ns being viewed as a param to policy_admin_capable()John Johansen3-10/+16
2017-01-16apparmor: add ns being viewed as a param to policy_view_capable()John Johansen4-8/+35
2017-01-16apparmor: allow specifying the profile doing the managementJohn Johansen1-11/+21
2017-01-16apparmor: allow introspecting the policy namespace nameJohn Johansen1-0/+24
2017-01-16apparmor: Make aa_remove_profile() callable from a different viewJohn Johansen3-5/+7
2017-01-16apparmor: track ns level so it can be used to help in view checksJohn Johansen1-0/+1
2017-01-16apparmor: add special .null file used to "close" fds at execJohn Johansen3-1/+81
2017-01-16apparmor: provide userspace flag indicating binfmt_elf_mmap changeJohn Johansen1-0/+1
2017-01-16apparmor: add a default null dfaJohn Johansen6-2/+46
2017-01-16apparmor: allow policydb to be used as the file dfaJohn Johansen1-4/+8
2017-01-16apparmor: add get_dfa() fnJohn Johansen1-0/+15
2017-01-16apparmor: prepare to support newer versions of policyJohn Johansen2-10/+25
2017-01-16apparmor: add support for force complain flag to support learning modeJohn Johansen1-1/+3
2017-01-16apparmor: remove paranoid load switchJohn Johansen2-16/+10
2017-01-16apparmor: name null-XXX profiles after the executableJohn Johansen3-17/+47
2017-01-16apparmor: pass gfp_t parameter into profile allocationJohn Johansen4-8/+9
2017-01-16apparmor: refactor prepare_ns() and make usable from different viewsJohn Johansen5-38/+79
2017-01-16apparmor: update policy_destroy to use new debug assertsJohn Johansen1-9/+2
2017-01-16apparmor: pass gfp param into aa_policy_init()John Johansen4-7/+7
2017-01-16apparmor: constify policy name and hnameJohn Johansen3-4/+4
2017-01-16apparmor: rename hname_tail to basenameJohn Johansen3-4/+4
2017-01-16apparmor: rename mediated_filesystem() to path_mediated_fs()John Johansen2-8/+8
2017-01-16apparmor: add debug assert AA_BUG and Kconfig to control debug infoJohn Johansen3-4/+43