aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/ss/services.c
AgeCommit message (Expand)AuthorFilesLines
2024-04-30selinux: avoid printk_ratelimit()Christian Göttsche1-2/+1
2023-11-21selinux: introduce an initial SID for early boot processesOndrej Mosnacek1-1/+12
2023-08-09selinux: make left shifts well definedChristian Göttsche1-6/+6
2023-08-09selinux: update type for number of class permissions in services codeChristian Göttsche1-1/+1
2023-08-03selinux: avoid implicit conversions in services codeChristian Göttsche1-11/+12
2023-07-19selinux: update my email addressStephen Smalley1-1/+1
2023-07-19selinux: drop avtab_search()Christian Göttsche1-7/+6
2023-07-18selinux: use consistent type for AV rule specifierChristian Göttsche1-1/+1
2023-05-08selinux: small cleanups in selinux_audit_rule_init()Paul Moore1-20/+18
2023-05-08selinux: adjust typos in commentsChristian Göttsche1-1/+1
2023-03-14selinux: stop passing selinux_state pointers and their offspringStephen Smalley1-205/+141
2022-12-13Merge tag 'selinux-pr-20221212' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-31/+23
2022-11-09selinux: remove the sidtab context conversion indirect callsPaul Moore1-30/+21
2022-10-19selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()GONG, Ruiqi1-2/+3
2022-06-13selinux: fix memleak in security_read_state_kernel()Xiu Jianfeng1-1/+8
2022-05-03selinux: declare data arrays constChristian Göttsche1-2/+2
2022-05-03selinux: fix indentation level of mls_ops blockChristian Göttsche1-21/+21
2022-04-04selinux: Remove redundant assignmentsMichal Orzel1-1/+0
2022-02-18selinux: drop return statement at end of void functionsChristian Göttsche1-2/+0
2022-01-26selinux: drop cast to same typeChristian Göttsche1-1/+1
2022-01-25selinux: declare path parameters of _genfs_sid constChristian Göttsche1-3/+3
2021-10-13selinux: fix all of the W=1 build warningsPaul Moore1-4/+10
2021-10-11selinux: fix race condition when computing ocontext SIDsOndrej Mosnacek1-85/+77
2021-07-14selinux: return early for possible NULL audit buffersAustin Kim1-0/+2
2021-06-11selinux: Fix kernel-docYang Li1-1/+22
2021-05-10selinux: Remove redundant assignment to rcJiapeng Chong1-4/+0
2021-05-01Merge tag 'landlock_v34' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds1-1/+2
2021-04-27Merge tag 'selinux-pr-20210426' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2021-04-22LSM: Infrastructure management of the superblockCasey Schaufler1-1/+2
2021-04-09Merge tag 'selinux-pr-20210409' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-37/+120
2021-04-07selinux: fix race between old and new sidtabOndrej Mosnacek1-37/+120
2021-03-22Merge tag 'selinux-pr-20210322' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-24/+39
2021-03-18selinux: fix variable scope issue in live sidtab conversionOndrej Mosnacek1-24/+39
2021-03-08selinux: measure state and policy capabilitiesLakshmi Ramasubramanian1-1/+1
2021-02-21Merge tag 'integrity-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-9/+55
2021-01-14selinux: include a consumer of the new IMA critical data hookLakshmi Ramasubramanian1-9/+55
2021-01-12selinux: drop the unnecessary aurule_callback variableOndrej Mosnacek1-7/+3
2020-10-27selinux: allow dontauditx and auditallowx rules to take effect without allowxbauen11-3/+1
2020-09-11selinux: access policycaps with READ_ONCE/WRITE_ONCEStephen Smalley1-1/+2
2020-08-31selinux: simplify away security_policydb_len()Ondrej Mosnacek1-23/+4
2020-08-27selinux: move policy mutex to selinux_state, use in lockdep checksStephen Smalley1-29/+8
2020-08-26selinux: fix error handling bugs in security_load_policy()Dan Carpenter1-11/+23
2020-08-25selinux: convert policy read-write lock to RCUStephen Smalley1-209/+278
2020-08-19selinux: avoid dereferencing the policy prior to initializationStephen Smalley1-0/+60
2020-08-19selinux: fix allocation failure check on newpolicy->sidtabColin Ian King1-1/+1
2020-08-17selinux: refactor changing booleansStephen Smalley1-62/+101
2020-08-17selinux: move policy commit after updating selinuxfsStephen Smalley1-44/+41
2020-08-17selinux: encapsulate policy state, refactor policy loadStephen Smalley1-189/+214
2020-08-17scripts/selinux,selinux: update mdp to enable policy capabilitiesStephen Smalley1-11/+1
2020-08-04Merge tag 'selinux-pr-20200803' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-19/+19
2020-07-09selinux: prepare for inlining of hashtab functionsOndrej Mosnacek1-2/+2
2020-07-08selinux: specialize symtab insert and search functionsOndrej Mosnacek1-17/+17
2020-06-10selinux: fix double freeTom Rix1-0/+4
2020-05-01selinux: do not allocate hashtabs dynamicallyOndrej Mosnacek1-22/+22
2020-04-17selinux: move context hashing under sidtabOndrej Mosnacek1-33/+26
2020-04-17selinux: hash context structure directlyOndrej Mosnacek1-31/+4
2020-04-17selinux: store role transitions in a hash tableOndrej Mosnacek1-11/+10
2020-04-14selinux: fix warning Comparison to boolZou Wei1-2/+2
2020-02-27selinux: remove unused initial SIDs and improve handlingStephen Smalley1-13/+13
2020-02-22selinux: optimize storage of filename transitionsOndrej Mosnacek1-6/+10
2020-02-11selinux: generalize evaluate_cond_node()Ondrej Mosnacek1-4/+2
2020-02-11selinux: convert cond_list to arrayOndrej Mosnacek1-14/+14
2020-02-10selinux: allow kernfs symlinks to inherit parent directory contextChristian Göttsche1-1/+2
2020-02-10selinux: simplify evaluate_cond_node()Ondrej Mosnacek1-10/+4
2020-02-10selinux: move status variables out of selinux_ssOndrej Mosnacek1-2/+0
2020-01-16selinux: do not allocate ancillary buffer on first loadOndrej Mosnacek1-15/+13
2020-01-10selinux: treat atomic flags more carefullyOndrej Mosnacek1-19/+19
2019-12-24selinux: remove set but not used variable 'sidtab'YueHaibing1-8/+0
2019-12-23selinux: ensure the policy has been loaded before reading the sidtab statsPaul Moore1-0/+6
2019-12-09selinux: cache the SID -> context string translationOndrej Mosnacek1-54/+84
2019-12-09selinux: sidtab reverse lookup hash tableJeff Vander Stoep1-24/+72
2019-10-08Merge tag 'selinux-pr-20191007' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+8
2019-10-03selinux: fix context string corruption in convert_context()Ondrej Mosnacek1-1/+8
2019-09-23Merge tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-3/+3
2019-08-05selinux: policydb - rename type_val_to_struct_arrayOndrej Mosnacek1-3/+3
2019-07-08Merge tag 'selinux-pr-20190702' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-14/+19
2019-07-01selinux: format all invalid context as untrustedRichard Guy Briggs1-10/+19
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 372Thomas Gleixner1-3/+1
2019-05-21selinux: remove some no-op BUG_ONsOndrej Mosnacek1-4/+0
2019-03-25selinux: remove useless assignmentsOndrej Mosnacek1-5/+2
2019-03-12selinux: convert to kvmallocKent Overstreet1-15/+7
2019-03-07Merge tag 'audit-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-2/+1
2019-03-07Merge tag 'selinux-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-5/+32
2019-01-31audit: remove unused actx param from audit_rule_matchRichard Guy Briggs1-2/+1
2019-01-25selinux: log invalid contexts in AVCsOndrej Mosnacek1-5/+32
2019-01-08SELinux: Remove unused selinux_is_enabledCasey Schaufler1-1/+0
2018-12-05selinux: overhaul sidtab to fix bug and improve performanceOndrej Mosnacek1-71/+51
2018-12-05selinux: use separate table for initial SID lookupOndrej Mosnacek1-38/+50
2018-11-26selinux: make "selinux_policycap_names[]" const char *Alexey Dobriyan1-1/+1
2018-11-20selinux: refactor sidtab conversionOndrej Mosnacek1-21/+1
2018-09-05selinux: refactor mls_context_to_sid() and make it stricterJann Horn1-8/+4
2018-06-19selinux: Cleanup printk logging in servicespeter enderborg1-36/+35
2018-06-12treewide: kzalloc() -> kcalloc()Kees Cook1-1/+1
2018-06-06Merge tag 'audit-pr-20180605' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-6/+6
2018-05-29selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover1-1/+1
2018-05-14audit: use inline function to get audit contextRichard Guy Briggs1-6/+6
2018-03-20selinux: wrap AVC stateStephen Smalley1-4/+5
2018-03-20selinux: fix handling of uninitialized selinux state in get_bools/classesStephen Smalley1-0/+13
2018-03-02selinux: rename the {is,set}_enforcing() functionsPaul Moore1-3/+3
2018-03-01selinux: wrap global selinux stateStephen Smalley1-467/+611
2017-12-05selinux: skip bounded transition processing if the policy isn't loadedPaul Moore1-0/+3
2017-11-28selinux: ensure the context is NUL terminated in security_context_to_sid_core()Paul Moore1-10/+8
2017-09-20selinux: Use kmem_cache for hashtab_nodeKyeongdon Kim1-0/+4
2017-08-17selinux: update my email addressStephen Smalley1-1/+1
2017-08-02selinux: Generalize support for NNP/nosuid SELinux domain transitionsStephen Smalley1-1/+6
2017-06-09selinux: use kmem_cache for ebitmapJunil Lee1-0/+4
2017-05-23selinux: Add IB Port SMP access vectorDaniel Jurgens1-0/+41
2017-05-23selinux: Implement Infiniband PKey "Access" access vectorDaniel Jurgens1-0/+40
2017-05-23selinux: log policy capability state when a policy is loadedStephen Smalley1-0/+23
2017-03-29selinux: Remove unnecessary check of array base in selinux_set_mapping()Matthias Kaehlcke1-1/+1
2017-03-02selinux: wrap cgroup seclabel support with its own policy capabilityStephen Smalley1-0/+4
2017-01-09selinux: support distinctions among all network address familiesStephen Smalley1-0/+3
2016-05-31selinux: Only apply bounds checking to source typesStephen Smalley1-48/+22
2016-04-14selinux: Change bool variable name to index.Prarit Bhargava1-3/+3
2015-12-24selinux: export validatetrans decisionsAndrew Perepechko1-7/+27
2015-10-21selinux: use sprintf return valueRasmus Villemoes1-4/+1
2015-10-21selinux: use kstrdup() in security_get_bools()Rasmus Villemoes1-7/+1
2015-10-21selinux: use kmemdup in security_sid_to_context_core()Rasmus Villemoes1-2/+2
2015-10-21selinux: introduce security_context_str_to_sidRasmus Villemoes1-0/+5
2015-07-13selinux: extended permissions for ioctlsJeff Vander Stoep1-20/+193
2015-04-06selinux: reconcile security_netlbl_secattr_to_sid() and mls_import_netlbl_cat()Paul Moore1-5/+1
2014-09-22selinux: normalize audit log formattingRichard Guy Briggs1-6/+8
2014-06-23selinux: no recursive read_lock of policy_rwlock in security_genfs_sid()Waiman Long1-9/+32
2014-03-10selinux: add gfp argument to security_xfrm_policy_alloc and fix callersNikolay Aleksandrov1-2/+4
2014-02-10Merge branch 'stable-3.14' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-0/+4
2014-02-05SELinux: Fix kernel BUG on empty security contexts.Stephen Smalley1-0/+4
2014-01-23Merge git://git.infradead.org/users/eparis/auditLinus Torvalds1-8/+4
2014-01-13selinux: call WARN_ONCE() instead of calling audit_log_start()Richard Guy Briggs1-8/+4
2013-12-13selinux: revert 102aefdda4d8275ce7d7100bc16c88c74272b260Paul Moore1-38/+4
2013-11-19SELinux: security_load_policy: Silence frame-larger-than warningTim Gardner1-22/+32
2013-08-28selinux: consider filesystem subtype in policiesAnand Avati1-4/+38
2013-07-25Add SELinux policy capability for always checking packet and peer classes.Chris PeBenito1-0/+3
2013-07-25SELinux: pass a superblock to security_fs_useEric Paris1-12/+9
2013-07-25SELinux: change sbsec->behavior to shortEric Paris1-1/+1
2012-09-21userns: Convert selinux to use kuid and kgid where appropriateEric W. Biederman1-1/+1
2012-04-09SELinux: avc: remove the useless fields in avc_add_callbackWanlong Gao1-4/+2
2012-04-09SELinux: possible NULL deref in context_struct_to_stringEric Paris1-3/+5
2012-04-09SELinux: add default_type statementsEric Paris1-4/+10
2012-04-09SELinux: allow default source/target selectors for user/role/rangeEric Paris1-7/+25
2011-09-09selinux: sparse fix: fix warnings in netlink codeJames Morris1-2/+0
2011-09-09selinux: sparse fix: move selinux_complete_initJames Morris1-1/+0
2011-08-01doc: Update the email address for Paul Moore in various source filesPaul Moore1-1/+1
2011-05-26selinux: don't pass in NULL avd to avc_has_perm_noauditLinus Torvalds1-1/+2
2011-05-24Merge branch 'master' of git://git.infradead.org/users/eparis/selinux into fo...James Morris1-32/+40
2011-04-28SELinux: put name based create rules in a hashtableEric Paris1-10/+10
2011-04-28SELinux: skip filename trans rules if ttype does not match parent dirEric Paris1-0/+9
2011-04-28SELinux: rename filename_compute_type argument to *type instead of *conEric Paris1-3/+3
2011-04-28SELinux: fix comment to state filename_compute_type takes an objname not a qstrEric Paris1-1/+1
2011-04-25SELinux: security_read_policy should take a size_t not ssize_tEric Paris1-1/+1
2011-04-07selinux: Fix regression for XorgStephen Smalley1-1/+1
2011-04-01selinux: add type_transition with name extension support for selinuxfsKohei Kaigai1-8/+9
2011-03-31Fix common misspellingsLucas De Marchi1-2/+2
2011-03-29selinux: Fix regression for XorgStephen Smalley1-1/+1
2011-03-28SELinux: Compute role in newcontext for all classesHarry Ciao1-11/+9
2011-03-03SELinux: Socket retains creator role and MLS attributeHarry Ciao1-4/+24
2011-02-01SELinux: Use dentry name in new object labelingEric Paris1-14/+31
2010-11-30selinux: convert part of the sym_val_to_name array to use flex_arrayEric Paris1-19/+19
2010-11-30selinux: convert type_val_to_struct to flex_arrayEric Paris1-5/+12
2010-11-30selinux: rework security_netlbl_secattr_to_sidEric Paris1-21/+21
2010-11-30SELinux: standardize return code handling in selinuxfs.cEric Paris1-171/+157
2010-10-21selinux: include vmalloc.h for vmalloc_userStephen Rothwell1-0/+1
2010-10-21selinux: implement mmap on /selinux/policyEric Paris1-1/+1
2010-10-21SELinux: allow userspace to read policy back out of the kernelEric Paris1-0/+48
2010-10-21security: secid_to_secctx returns len when data is NULLEric Paris1-2/+9
2010-10-21selinux: fast status update interface (/selinux/status)KaiGai Kohei1-0/+3
2010-08-02selinux: convert the policy type_attr_map to flex_arrayEric Paris1-2/+5
2010-04-21SELinux: return error codes on policy load failureEric Paris1-15/+22
2010-04-09Security: Fix coding style in security/wzt.wzt@gmail.com1-6/+6
2010-02-22selinux: libsepol: remove dead code in check_avtab_hierarchy_callback()KaiGai Kohei1-4/+39
2010-02-16security: fix a couple of sparse warningsJames Morris1-2/+3
2010-02-04selinux: allow MLS->non-MLS and vice versa upon policy reloadGuido Trentalancia1-6/+56
2010-02-04selinux: load the initial SIDs upon every policy loadGuido Trentalancia1-4/+12
2010-01-25selinux: remove dead code in type_attribute_bounds_av()KaiGai Kohei1-39/+4
2010-01-18Merge branch 'master' into nextJames Morris1-1/+1
2010-01-18selinux: change the handling of unknown classesStephen Smalley1-105/+81
2009-12-08security/selinux/ss: correct size computationJulia Lawall1-2/+2
2009-12-07Merge branch 'for-next' into for-linusJiri Kosina1-1/+1
2009-12-04tree-wide: fix assorted typos all over the placeAndré Goddard Rosa1-1/+1
2009-11-24SELinux: print denials for buggy kernel with unknown permsEric Paris1-0/+7
2009-10-20SELinux: fix locking issue introduced with c6d3aaa4e35c71a3Stephen Smalley1-3/+7
2009-10-07selinux: drop remapping of netlink classesStephen Smalley1-25/+0
2009-10-07selinux: dynamic class/perm discoveryStephen Smalley1-253/+287
2009-06-19Merge branch 'master' into nextJames Morris1-25/+5
2009-06-19Add audit messages on type boundary violationsKaiGai Kohei1-19/+117
2009-06-18cleanup in ss/services.cKaiGai Kohei1-3/+3
2009-04-02Permissive domain in userspace object managerKaiGai Kohei1-25/+5
2009-02-14SELinux: remove unused av.decided fieldEric Paris1-2/+0
2009-01-04audit: validate comparison operations, store them in sane formAl Viro1-13/+13
2008-10-11Merge branch 'master' of git://git.infradead.org/users/pcmoore/lblnet-2.6_nex...James Morris1-3/+10
2008-10-10netlabel: Changes to the NetLabel security attributes to allow LSMs to pass f...Paul Moore1-1/+2
2008-10-10selinux: Fix a problem in security_netlbl_sid_to_secattr()Paul Moore1-2/+8
2008-10-04selinux: Fix an uninitialized variable BUG/panic in selinux_secattr_to_sid()Paul Moore1-7/+4
2008-10-04selinux: Fix an uninitialized variable BUG/panic in selinux_secattr_to_sid()Paul Moore1-7/+4
2008-09-21Merge branch 'master' into nextJames Morris1-3/+3
2008-09-04SELinux: memory leak in security_context_to_sid_coreEric Paris1-3/+3
2008-08-29SELinux: add boundary support and thread context assignmentKaiGai Kohei1-1/+171
2008-08-15selinux: Unify for- and while-loop styleVesa-Matti Kari1-4/+4
2008-07-15Revert "SELinux: allow fstype unknown to policy to use xattrs if present"James Morris1-19/+8
2008-07-14SELinux: allow fstype unknown to policy to use xattrs if presentEric Paris1-8/+19
2008-07-14SELinux: more user friendly unknown handling printkEric Paris1-0/+7
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 20:31:03 +0000