aboutsummaryrefslogtreecommitdiffstats
path: root/security/apparmor
AgeCommit message (Expand)AuthorFilesLines
2022-12-14Merge tag 'apparmor-pr-2022-12-14' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds35-914/+1632
2022-12-13Merge tag 'lsm-pr-20221212' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2-18/+14
2022-12-13Merge tag 'landlock-6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-0/+6
2022-12-12Merge tag 'fs.vfsuid.conversion.v6.2' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds3-13/+24
2022-12-12apparmor: test: make static symbols visible during kunit testingRae Moar5-168/+196
2022-11-18lsm,fs: fix vfs_getxattr_alloc() return type and caller error pathsPaul Moore1-2/+1
2022-11-04lsm: make security_socket_getpeersec_stream() sockptr_t safePaul Moore1-16/+13
2022-11-01apparmor: Fix uninitialized symbol 'array_size' in policy_unpack_test.cJohn Johansen1-2/+2
2022-11-01apparmor: Add __init annotation to aa_{setup/teardown}_dfa_engine()Xiu Jianfeng1-2/+2
2022-11-01apparmor: Fix memleak in alloc_ns()Xiu Jianfeng1-1/+1
2022-10-26apparmor: use type safe idmapping helpersChristian Brauner3-13/+24
2022-10-25apparmor: Fix memleak issue in unpack_profile()Xiu Jianfeng1-3/+12
2022-10-25apparmor: fix a memleak in free_ruleset()Gaosheng Cui1-0/+1
2022-10-25apparmor: Fix spelling of function name in comment blockYang Li1-1/+1
2022-10-25apparmor: Use pointer to struct aa_label for lbs_credXiu Jianfeng1-2/+2
2022-10-25AppArmor: Fix kernel-docJiapeng Chong1-1/+1
2022-10-25LSM: Fix kernel-docJiapeng Chong1-1/+1
2022-10-25AppArmor: Fix kernel-docJiapeng Chong1-1/+1
2022-10-25apparmor: Fix loading of child before parentJohn Johansen1-9/+78
2022-10-24apparmor: refactor code that alloc null profilesJohn Johansen4-28/+43
2022-10-24apparmor: fix obsoleted comments for aa_getprocattr() and audit_resource()Gaosheng Cui2-6/+7
2022-10-24apparmor: remove useless static inline functionsGaosheng Cui2-19/+0
2022-10-19security: Create file_truncate hook from path_truncate hookGünther Noack1-0/+6
2022-10-10apparmor: Fix unpack_profile() warn: passing zero to 'ERR_PTR'John Johansen1-5/+16
2022-10-10apparmor: fix uninitialize table variable in error in unpack_trans_tableJohn Johansen1-1/+1
2022-10-04apparmor: store return value of unpack_perms_table() to signed variableMuhammad Usama Anjum1-4/+8
2022-10-03apparmor: Fix kunit test for out of bounds arrayJohn Johansen1-2/+1
2022-10-03apparmor: Fix decompression of rawdata for read back to userspaceJohn Johansen2-4/+5
2022-10-03apparmor: Fix undefined references to zstd_ symbolsJohn Johansen3-5/+15
2022-10-03apparmor: make sure the decompression ctx is promperly initializedJohn Johansen1-1/+5
2022-10-03apparmor: Remove unnecessary size check when unpacking trans_tableJohn Johansen1-3/+7
2022-10-03apparmor: Fix doc comment for compute_fpermsJohn Johansen1-2/+2
2022-10-03apparmor: make __aa_path_perm() staticXiu Jianfeng2-6/+4
2022-10-03apparmor: Simplify obtain the newest label on a credGaosheng Cui2-14/+1
2022-10-03apparmor: Fix regression in stacking due to label flagsJohn Johansen1-5/+7
2022-10-03apparmor: fix aa_class_names[] to match reserved classesJohn Johansen1-1/+16
2022-10-03apparmor: rework profile->rules to be a listJohn Johansen15-57/+142
2022-10-03apparmor: refactor profile rules and attachmentsJohn Johansen18-239/+308
2022-10-03apparmor: verify loaded permission bits masks don't overlapJohn Johansen1-4/+30
2022-10-03apparmor: cleanup: move perm accumulation into perms.hJohn Johansen2-52/+53
2022-10-03apparmor: make sure perm indexes are accumulatedJohn Johansen3-2/+25
2022-10-03apparmor: verify permission table indexesJohn Johansen1-1/+34
2022-10-03apparmor: add the ability for policy to specify a permission tableJohn Johansen2-11/+98
2022-10-03apparmor: make unpack_array return a trianary valueJohn Johansen2-22/+33
2022-10-03apparmor: group dfa policydb unpackingJohn Johansen1-38/+63
2022-10-03apparmor: make transition table unpack generic so it can be reusedJohn Johansen1-10/+12
2022-10-03apparmor: add user mode flagJohn Johansen5-5/+9
2022-10-03apparmor: add mediation class information to auditingJohn Johansen14-13/+48
2022-10-03apparmor: extend permissions to support a label and tag stringJohn Johansen7-27/+32
2022-10-03apparmor: isolate policy backwards compatibility to its own fileJohn Johansen5-287/+359
2022-10-03apparmor: extend xindex sizeJohn Johansen3-17/+16
2022-10-03apparmor: move dfa perm macros into policy_unpackJohn Johansen2-51/+49
2022-10-03apparmor: extend policydb permission set by making use of the xbitsJohn Johansen1-4/+27
2022-10-03apparmor: fix apparmor mediating locking non-fs unix socketsJohn Johansen1-4/+9
2022-10-03apparmor: Fix abi check to include v8 abiJohn Johansen1-1/+1
2022-10-03apparmor: preparse for state being more than just an integerJohn Johansen15-102/+101
2022-10-03apparmor: convert policy lookup to use accept as an indexJohn Johansen7-24/+33
2022-10-03apparmor: cleanup shared permission structJohn Johansen2-12/+9
2022-10-03apparmor: convert xmatch lookup to use accept as an indexJohn Johansen2-4/+7
2022-10-03apparmor: convert fperm lookup to use accept as an indexJohn Johansen2-19/+44
2022-10-03apparmor: convert xmatch to using the new shared policydb structJohn Johansen6-29/+28
2022-10-03apparmor: combine file_rules and aa_policydb into a single shared structJohn Johansen7-59/+40
2022-10-03apparmor: compute policydb permission on profile loadJohn Johansen9-86/+90
2022-10-03apparmor: convert xmatch to use aa_perms structureJohn Johansen3-7/+13
2022-10-03apparmor: rework and cleanup fperm computationJohn Johansen1-32/+38
2022-10-03apparmor: move fperm computation into policy_unpackJohn Johansen3-98/+98
2022-10-03apparmor: compute xmatch permissions on profile loadMike Salvatore4-3/+26
2022-10-03apparmor: compute file permissions on profile loadMike Salvatore5-48/+110
2022-10-03apparmor: expose compression level limits in sysfsJon Tourville1-0/+16
2022-10-03apparmor: use zstd compression for profile dataJon Tourville4-102/+81
2022-10-03apparmor: reserve mediation classesJohn Johansen1-1/+8
2022-10-03apparmor: fix lockdep warning when removing a namespaceJohn Johansen1-1/+1
2022-10-03apparmor: fix a memleak in multi_transaction_new()Gaosheng Cui1-1/+3
2022-09-01->getprocattr(): attribute name is const char *, TYVM...Al Viro1-1/+1
2022-07-20apparmor: correct config reference to intended oneLukas Bulwahn1-1/+1
2022-07-19apparmor: move ptrace mediation to more logical task.{h,c}John Johansen5-128/+133
2022-07-19apparmor: extend policydb permission set by making use of the xbitsJohn Johansen4-5/+25
2022-07-19apparmor: allow label to carry debug flagsJohn Johansen6-8/+20
2022-07-19apparmor: fix overlapping attachment computationJohn Johansen2-2/+2
2022-07-19apparmor: fix setting unconfined mode on a loaded profileJohn Johansen1-5/+7
2022-07-19apparmor: Fix some kernel-doc commentsYang Li1-6/+6
2022-07-19apparmor: Mark alloc_unconfined() as staticSouptick Joarder (HPE)1-1/+1
2022-07-13apparmor: disable showing the mode as part of a secid to secctxJohn Johansen3-6/+20
2022-07-13apparmor: Convert secid mapping to XArrays instead of IDRMatthew Wilcox3-32/+13
2022-07-13apparmor: add a kernel label to use on kernel objectsJohn Johansen4-13/+37
2022-07-09apparmor: test: Remove some casts which are no-longer requiredDavid Gow1-6/+6
2022-07-09apparmor: Fix memleak in aa_simple_write_to_buffer()Xiu Jianfeng1-1/+1
2022-07-09apparmor: fix reference count leak in aa_pivotroot()Xin Xiong1-0/+1
2022-07-09apparmor: Fix some kernel-doc commentsYang Li1-2/+1
2022-07-09apparmor: Fix undefined reference to `zlib_deflate_workspacesize'John Johansen2-31/+40
2022-07-09apparmor: fix aa_label_asxprint return checkTom Rix1-3/+3
2022-07-09apparmor: Fix some kernel-doc commentsYang Li1-4/+4
2022-07-09apparmor: Fix some kernel-doc commentsYang Li1-2/+3
2022-07-09apparmor: Fix match_mnt_path_str() and match_mnt() kernel-doc commentYang Li1-2/+2
2022-07-09apparmor: Use struct_size() helper in kmalloc()Gustavo A. R. Silva1-1/+1
2022-07-09apparmor: Fix failed mount permission check error messageJohn Johansen1-3/+4
2022-07-09security/apparmor: remove redundant ret variableMinghao Chi1-4/+1
2022-07-09apparmor: fix quiet_denied for file rulesJohn Johansen1-1/+1
2022-07-09apparmor: resolve uninitialized symbol warnings in policy_unpack_test.cMike Salvatore1-8/+8
2022-07-09apparmor: don't create raw_sha1 symlink if sha1 hashing is disabledJohn Johansen1-8/+9
2022-07-09apparmor: Enable tuning of policy paranoid load for embedded systemsJohn Johansen3-2/+15
2022-07-09apparmor: make export of raw binary profile to userspace optionalJohn Johansen7-52/+111
2022-07-09apparmor: Update help description of policy hash for introspectionJohn Johansen1-1/+4
2022-07-09lsm: Fix kernel-docYang Li1-5/+5
2022-07-09apparmor: Fix kernel-docYang Li3-4/+4
2022-07-09apparmor: fix absroot causing audited secids to begin with =John Johansen2-3/+9
2022-05-25Merge tag 'linux-kselftest-kunit-5.19-rc1' of git://git.kernel.org/pub/scm/li...Linus Torvalds1-3/+3
2022-05-23LSM: Remove double path_rename hook calls for RENAME_EXCHANGEMickaël Salaün1-5/+25
2022-04-04apparmor: test: Use NULL macrosRicardo Ribalda1-3/+3
2022-03-10tracehook: Remove tracehook.hEric W. Biederman1-1/+0
2021-11-22lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()Paul Moore1-3/+10
2021-11-11Merge tag 'apparmor-pr-2021-11-10' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds11-66/+90
2021-11-03apparmor: remove duplicated 'Returns:' commentsAustin Kim1-2/+0
2021-11-03apparmor: remove unneeded one-line hook wrappersFlorian Westphal1-18/+2
2021-11-03apparmor: Use struct_size() helper in kzalloc()Gustavo A. R. Silva2-4/+2
2021-11-03apparmor: fix zero-length compiler warning in AA_BUG()John Johansen1-1/+6
2021-11-03apparmor: use per file locks for transactional queriesHamza Mahfooz1-6/+5
2021-11-03apparmor: fix doc warningChenXiaoSong1-1/+1
2021-11-03apparmor: Remove the repeated declarationShaokun Zhang1-4/+0
2021-11-03apparmor: avoid -Wempty-body warningArnd Bergmann1-1/+1
2021-11-01apparmor: Fix internal policy capable check for policy managementJohn Johansen1-1/+1
2021-05-17apparmor: use get_unaligned() only for multi-byte wordsArnd Bergmann1-1/+1
2021-05-02Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-2/+2
2021-03-24apparmor:match_mn() - constify devpath argumentAl Viro1-2/+2
2021-03-22lsm: separate security_task_getsecid() into subjective and objective variantsPaul Moore1-1/+2
2021-02-07apparmor: fix error checkTom Rix1-2/+2
2021-02-07security: apparmor: delete repeated words in commentsRandy Dunlap2-2/+2
2021-02-07security: apparmor: file.h: delete duplicated wordRandy Dunlap1-1/+1
2021-02-07apparmor: switch to apparmor to internal capable check for policy managementJohn Johansen1-1/+17
2021-02-07apparmor: update policy capable checks to use a labelJohn Johansen5-23/+51
2021-01-24apparmor: handle idmapped mountsChristian Brauner3-10/+24
2021-01-24fs: make helpers idmap mount awareChristian Brauner1-1/+2
2021-01-24xattr: handle idmapped mountsTycho Andersen1-2/+2
2020-12-15apparmor: remove duplicate macro list_entry_is_head()Andy Shevchenko1-3/+0
2020-12-03security: add const qualifier to struct sock in various placesFlorian Westphal3-5/+5
2020-08-23treewide: Use fallthrough pseudo-keywordGustavo A. R. Silva2-3/+3
2020-08-11Merge tag 'for-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris...Linus Torvalds1-1/+1
2020-08-07mm, treewide: rename kzfree() to kfree_sensitive()Waiman Long5-25/+25
2020-08-06Replace HTTP links with HTTPS ones: securityAlexander A. Klimov1-1/+1
2020-07-21audit: purge audit_log_string from the intra-kernel audit APIRichard Guy Briggs4-53/+42
2020-06-09Merge tag 'linux-kselftest-kunit-5.8-rc1' of git://git.kernel.org/pub/scm/lin...Linus Torvalds1-1/+2
2020-06-07Merge tag 'apparmor-pr-2020-06-07' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds11-119/+185
2020-06-07apparmor: Fix memory leak of profile proxyJohn Johansen3-6/+9
2020-06-07apparmor: fix introspection of of task mode for unconfined tasksJohn Johansen1-2/+2
2020-06-07apparmor: check/put label on apparmor_sk_clone_security()Mauricio Faria de Oliveira1-0/+5
2020-06-05apparmor: fix introspection of of task mode for unconfined tasksJohn Johansen1-2/+2
2020-06-05apparmor: check/put label on apparmor_sk_clone_security()Mauricio Faria de Oliveira1-0/+5
2020-06-04Merge branch 'exec-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/eb...Linus Torvalds3-7/+4
2020-06-01security: apparmor: default KUNIT_* fragments to KUNIT_ALL_TESTSAnders Roxell1-1/+2
2020-05-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netDavid S. Miller3-4/+5
2020-05-21apparmor: Fix use-after-free in aa_audit_rule_initNavid Emamdoost1-1/+2
2020-05-21apparmor: Fix aa_label refcnt leak in policy_updateXiyu Yang1-1/+2
2020-05-21apparmor: fix potential label refcnt leak in aa_change_profileXiyu Yang1-2/+1
2020-05-20exec: Factor security_bprm_creds_for_exec out of security_bprm_set_credsEric W. Biederman3-7/+4
2020-05-15apparmor: Use true and false for bool variableZou Wei2-33/+33
2020-05-15security/apparmor/label.c: Clean code by removing redundant instructionsMateusz Nosek1-6/+0
2020-05-15apparmor: Replace zero-length array with flexible-arrayGustavo A. R. Silva1-1/+1
2020-04-27sysctl: pass kernel pointers to ->proc_handlerChristoph Hellwig1-1/+1
2020-04-08apparmor: ensure that dfa state tables have entriesJohn Johansen1-0/+5
2020-03-25.gitignore: add SPDX License IdentifierMasahiro Yamada1-0/+1
2020-03-25.gitignore: remove too obvious commentsMasahiro Yamada1-3/+0
2020-01-29Merge tag 'linux-kselftest-5.6-rc1-kunit' of git://git.kernel.org/pub/scm/lin...Linus Torvalds3-0/+627
2020-01-29Merge branch 'work.openat2' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-2/+4
2020-01-21apparmor: remove duplicate check of xattrs on profile attachment.John Johansen1-17/+0
2020-01-21apparmor: add outofband transition and use it in xattr matchJohn Johansen4-7/+62
2020-01-21apparmor: fail unpack if profile mode is unknownJohn Johansen1-0/+4
2020-01-21apparmor: fix nnp subset test for unconfinedJohn Johansen3-4/+39
2020-01-21apparmor: remove useless aafs_create_symlinkJohn Johansen1-41/+9
2020-01-18apparmor: add consistency check between state and dfa diff encode flagsJohn Johansen1-0/+6
2020-01-18apparmor: add a valid state flags checkJohn Johansen2-0/+8
2020-01-18AppArmor: Remove semicolonVasyl Gomonovych1-1/+1
2020-01-18apparmor: Replace two seq_printf() calls by seq_puts() in aa_label_seq_xprint()Markus Elfring1-2/+2
2020-01-10kunit: building kunit as a module breaks allmodconfigAlan Maguire1-1/+1
2020-01-09apparmor: add AppArmor KUnit tests for policy unpackMike Salvatore3-0/+627
2020-01-04apparmor: fix aa_xattrs_match() may sleep while holding a RCU lockJohn Johansen3-42/+46
2020-01-02apparmor: only get a label reference if the fast path check failsJohn Johansen1-4/+8
2020-01-02apparmor: fix bind mounts aborting with -ENOMEMPatrick Steinhardt1-1/+1
2019-12-08namei: allow nd_jump_link() to produce errorsAleksa Sarai1-2/+4
2019-12-03Merge tag 'apparmor-pr-2019-12-03' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds15-165/+526
2019-11-22apparmor: make it so work buffers can be allocated from atomic contextJohn Johansen6-38/+62
2019-11-22apparmor: reduce rcu_read_lock scope for aa_file_perm mediationJohn Johansen1-3/+3
2019-11-22apparmor: fix wrong buffer allocation in aa_new_mountJohn Johansen1-4/+4
2019-11-22apparmor: fix unsigned len comparison with less than zeroColin Ian King1-5/+7
2019-07-19Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds1-5/+15
2019-07-08Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds1-4/+4
2019-07-04vfs: Convert apparmorfs to use the new mount APIDavid Howells1-5/+15
2019-06-20apparmor: increase left match history buffer sizeJohn Johansen2-5/+4
2019-06-20apparmor: Switch to GFP_KERNEL where possibleSebastian Andrzej Siewior3-12/+12
2019-06-20apparmor: Use a memory pool instead per-CPU cachesSebastian Andrzej Siewior5-111/+164
2019-06-20apparmor: Force type-casting of current->real_credBharath Vedartham1-1/+1
2019-06-18apparmor: reset pos on failure to unpack for various functionsMike Salvatore1-8/+39
2019-06-18apparmor: enforce nullbyte at end of tag stringJann Horn1-1/+1
2019-06-18apparmor: fix PROFILE_MEDIATES for untrusted inputJohn Johansen1-1/+10
2019-06-17locking/lockdep: Rename lockdep_assert_held_exclusive() -> lockdep_assert_hel...Nikolay Borisov1-4/+4
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441Thomas Gleixner44-222/+44
2019-05-21treewide: Add SPDX license identifier - Makefile/KconfigThomas Gleixner1-0/+1
2019-05-07Merge branch 'work.icache' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds1-8/+2
2019-05-06Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-2/+0
2019-05-05Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds1-4/+9
2019-05-01apparmor: switch to ->free_inode()Al Viro1-8/+2
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-31 14:18:00 +0000