2017-05-30 |
Richard Guy Briggs | audit: add ambient capabilities to CAPSET and BPRM_FCAPS... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-23 |
Richard Guy Briggs | audit: unswing cap_* fields in PATH records Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Paul Moore | audit: fix the RCU locking for the auditd_connection... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Paul Moore | audit: use kmem_cache to manage the audit_buffer cache Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Deepa Dinamani | audit: Use timespec64 to represent audit timestamps Acked-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Paul Moore | audit: store the auditd PID as a pid struct instead... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Paul Moore | audit: kernel generated netlink traffic should have... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Paul Moore | audit: combine audit_receive() and audit_receive_skb() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Elena Reshetova | audit: convert audit_watch.count from atomic_t to refcount_t Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Elena Reshetova | audit: convert audit_tree.count from atomic_t to refcount_t Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Richard Guy Briggs | audit: normalize NETFILTER_PKT Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Richard Guy Briggs | netfilter: use consistent ipv4 network offset in xt_AUDIT Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Richard Guy Briggs | audit: log module name on delete_module Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Nicholas Mc Guire | audit: remove unnecessary semicolon in audit_watch_handle_ev... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Nicholas Mc Guire | audit: remove unnecessary semicolon in audit_mark_handle_event() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-05-02 |
Nicholas Mc Guire | audit: remove unnecessary semicolon in audit_field_valid() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-04-10 |
Paul Moore | audit: make sure we don't let the retry queue grow... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-03-27 |
Paul Moore | audit: move audit_signal_info() into kernel/auditsc.c Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-03-21 |
Paul Moore | audit: fix auditd/kernel connection state tracking Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-02-14 |
Paul Moore | audit: remove unnecessary curly braces from switch... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-02-13 |
Richard Guy Briggs | audit: log module name on init_module Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-02-08 |
Antonio Murdaca | selinux: allow changing labels for cgroupfs Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-02-07 |
Stephen Smalley | selinux: fix off-by-one in setprocattr Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-18 |
Richard Guy Briggs | audit: log 32-bit socketcalls Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-18 |
Richard Guy Briggs | audit: add feature audit_lost reset Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-12 |
Stephen Smalley | security,selinux,smack: kill security_task_wait hook Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-12 |
Stephen Smalley | selinux: drop unused socket security classes Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-09 |
Gary Tierney | selinux: default to security isid in sel_make_bools... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-09 |
Gary Tierney | selinux: log errors when loading new policy Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-09 |
Stephen Smalley | proc,security: move restriction on writing /proc/pid... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-09 |
Stephen Smalley | selinux: clean up cred usage and simplify Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-09 |
Stephen Smalley | selinux: allow context mounts on tmpfs, ramfs, devpts... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-09 |
Stephen Smalley | selinux: handle ICMPv6 consistently with ICMP Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-09 |
Yongqin Liu | selinux: add security in-core xattr support for tracefs Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-09 |
Stephen Smalley | selinux: support distinctions among all network address... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2017-01-03 |
Jan Kara | audit: Fix sleep in atomic CC: Paul Moore <paul@paul-moore.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-23 |
Jan Kara | fsnotify: Remove fsnotify_duplicate_mark() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-21 |
Paul Moore | selinux: use the kernel headers when building scripts... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Steve Grubb | audit: Make AUDIT_ANOM_ABEND event normalized Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Steve Grubb | audit: Make AUDIT_KERNEL event conform to the specification Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Richard Guy Briggs | audit: use proper refcount locking on audit_sock Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Paul Moore | netns: avoid disabling irq for netns id Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Paul Moore | audit: don't ever sleep on a command record/message Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Paul Moore | audit: handle a clean auditd shutdown with grace Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Paul Moore | audit: wake up kauditd_thread after auditd registers Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Paul Moore | audit: rework audit_log_start() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Paul Moore | audit: rework the audit queue handling Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Paul Moore | audit: rename the queues and kauditd related functions Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Paul Moore | audit: queue netlink multicast sends just like we do... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Paul Moore | audit: fixup audit_init() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-12-14 |
Richard Guy Briggs | audit: move kaudit thread start from auditd registration... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-29 |
Richard Guy Briggs | audit: add support for session ID user filter Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-22 |
Andreas Gruenbacher | selinux: Convert isec->lock into a spinlock Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-21 |
Stephen Smalley | selinux: keep SELinux in sync with new capability definitions Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-20 |
Stephen Smalley | selinux: normalize input to /sys/fs/selinux/enforce Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-20 |
Steve Grubb | audit: fix formatting of AUDIT_CONFIG_CHANGE events Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-20 |
Richard Guy Briggs | audit: skip sessionid sentinel value when auto-incrementing Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-14 |
Andreas Gruenbacher | selinux: Clean up initialization of isec->sclass Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-14 |
Andreas Gruenbacher | proc: Pass file mode to proc_pid_make_inode Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-14 |
Andreas Gruenbacher | selinux: Minor cleanups Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-14 |
Richard Guy Briggs | audit: tame initialization warning len_abuf in audit_log_exe... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-14 |
Tetsuo Handa | SELinux: Use GFP_KERNEL for selinux_parse_opts_str(). Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-11-03 |
Alexey Dobriyan | audit: less stack usage for /proc/*/loginuid Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-09-29 |
Richard Guy Briggs | audit: add exclude filter extension to feature bitmap Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-09-19 |
Vivek Goyal | lsm,audit,selinux: Introduce a new audit data type... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-09-13 |
Wei Yongjun | selinux: fix error return code in policydb_read() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-31 |
Mateusz Guzik | audit: fix exe_file access in audit_exe_compare Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-31 |
Mateusz Guzik | mm: introduce get_task_exe_file Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-30 |
Paul Moore | audit: consistently record PIDs with task_tgid_nr() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-30 |
William Roberts | selinux: fix overflow and 0 length allocations Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-29 |
William Roberts | selinux: initialize structures Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-29 |
William Roberts | selinux: detect invalid ebitmap Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-19 |
William Roberts | selinux: drop SECURITY_SELINUX_POLICYDB_VERSION_MAX Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-10 |
Vivek Goyal | selinux: Implement dentry_create_files_as() hook Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-09 |
Vivek Goyal | security, overlayfs: Provide hook to correctly label... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-09 |
Vivek Goyal | selinux: Pass security pointer to determine_inode_label() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-09 |
Vivek Goyal | selinux: Implementation for inode_copy_up_xattr() hook Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-09 |
Vivek Goyal | security,overlayfs: Provide security hook for copy... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-09 |
Vivek Goyal | selinux: Implementation for inode_copy_up() hook Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-09 |
Vivek Goyal | security, overlayfs: provide copy up security hook... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-08 |
William Roberts | selinux: print leading 0x on ioctlcmd audits Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-08-08 |
Javier Martinez... | security: Use IS_ENABLED() instead of checking for... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-07-20 |
Paul Moore | audit: fix a double fetch in audit_log_single_execve_arg() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-07-14 |
Steve Grubb | audit: fix whitespace in CWD record Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-28 |
Richard Guy Briggs | audit: move audit_get_tty to reduce scope and kabi... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-28 |
Richard Guy Briggs | audit: move calcs after alloc and check when logging... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | netlabel: Implement CALIPSO config functions for SMACK. Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | calipso: Add a label cache. Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | calipso: Add validation of CALIPSO option. Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | netlabel: Pass a family parameter to netlbl_skbuff_err(). Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | calipso: Allow the lsm to label the skbuff directly. Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | ipv6: constify the skb pointer of ipv6_find_tlv(). Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | calipso: Allow request sockets to be relabelled by... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | ipv6: Allow request socks to contain IPv6 options. Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | netlabel: Prevent setsockopt() from changing the hop... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | calipso: Set the calipso socket label to match the... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | netlabel: Move bitmap manipulation functions to the... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | ipv6: Add ipv6_renew_options_kern() that accepts a... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | netlabel: Add support for removing a CALIPSO DOI. Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2016-06-27 |
Huw Davies | netlabel: Add support for creating a CALIPSO protocol... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
next |