2022-11-18 |
Paul Moore | lsm,fs: fix vfs_getxattr_alloc() return type and caller... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-11-16 |
Wang Weiyang | device_cgroup: Roll back to original exceptions after... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-11-16 |
Kees Cook | LSM: Better reporting of actual LSMs at boot Cc: Paul Moore <paul@paul-moore.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-11-05 |
Paul Moore | lsm: make security_socket_getpeersec_stream() sockptr_t... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-10-28 |
Bo Liu | audit: Fix some kernel-doc warnings Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-10-25 |
Gaosheng Cui | lsm: remove obsoleted comments for security hooks Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-10-17 |
Paul Moore | fs: edit a comment made in bad taste Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-09-20 |
Paul Moore | selinux: remove runtime disable message in the install_polic... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-09-20 |
Greg Kroah-Hartman | selinux: use "grep -E" instead of "egrep" Cc: Paul Moore <paul@paul-moore.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-09-14 |
Xu Panda | selinux: remove the unneeded result variable Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-09-14 |
Nathan Lynch | lockdown: ratelimit denial messages Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-09-07 |
Xiu Jianfeng | audit: remove selinux_audit_rule_update() declaration Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-30 |
Christian Göttsche | selinux: declare read-only parameters const Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-30 |
Christian Göttsche | selinux: use int arrays for boolean values Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-30 |
ye xingchen | selinux: remove an unneeded variable in sel_make_class_dir_e... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-30 |
Ondrej Mosnacek | userfaultfd: open userfaultfds with O_RDONLY Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-29 |
wuchi | audit: use time_after to compare time Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-26 |
Richard Guy Briggs | audit: free audit_proctitle only on task exit Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-26 |
Richard Guy Briggs | audit: explicitly check audit_context->context enum... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-26 |
Richard Guy Briggs | audit: audit_context pid unused, context enum comment fix Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-26 |
Casey Schaufler | Smack: Provide read control for io_uring_cmd Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-26 |
Paul Moore | /dev/null: add IORING_OP_URING_CMD support Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-26 |
Paul Moore | selinux: implement the security_uring_cmd() LSM hook Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-26 |
Luis Chamberlain | lsm,io_uring: add LSM hooks for the new uring_cmd file op Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-25 |
Richard Guy Briggs | audit: move audit_return_fixup before the filters Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-22 |
Gaosheng Cui | audit: fix potential double free on error path from... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-16 |
Frederick Lawler | selinux: Implement userns_create hook Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-16 |
Frederick Lawler | selftests/bpf: Add tests verifying bpf lsm userns_create... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-16 |
Frederick Lawler | bpf-lsm: Make bpf_lsm_userns_create() sleepable Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-16 |
Frederick Lawler | security, lsm: Introduce security_create_user_ns() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-16 |
Jilin Yuan | audit: fix repeated words in comments Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-08-16 |
Xiu Jianfeng | lsm: clean up redundant NULL pointer check Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-07-08 |
Paul Moore | MAINTAINERS: update the LSM maintainer info Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-21 |
Xiu Jianfeng | selinux: selinux_add_opt() callers free memory Suggested-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-16 |
Christian Göttsche | selinux: free contexts previously transferred in selinux_add... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-15 |
Christian Göttsche | audit: free module name Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-15 |
Xiu Jianfeng | selinux: Add boundary check in put_entry() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-13 |
Xiu Jianfeng | selinux: fix memleak in security_read_state_kernel() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-13 |
Randy Dunlap | docs: selinux: add '=' signs to kernel boot options Cc: Paul Moore <paul@paul-moore.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-13 |
Christian Göttsche | mm: create security context for memfd_secret inodes Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-13 |
Xiu Jianfeng | audit: make is_audit_feature_set() static Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-10 |
Jonas Lindner | selinux: fix typos in comments Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-07 |
Christian Göttsche | selinux: drop unnecessary NULL check Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-07 |
GONG, Ruiqi | selinux: add __randomize_layout to selinux_audit_data Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-06-07 |
Shreenidhi Shedi | audit: remove redundant data_len check Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-05-17 |
Ondrej Mosnacek | selinux: fix bad cleanup on error in hashtab_duplicate() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-05-17 |
Julian Orth | audit,io_uring,io-wq: call __audit_uring_exit for dummy... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-05-13 |
Christian Göttsche | security: declare member holding string literal const Reviewed-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-05-03 |
Christian Göttsche | selinux: log anon inode class name Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-05-03 |
Christian Göttsche | selinux: declare data arrays const Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-05-03 |
Christian Göttsche | selinux: fix indentation level of mls_ops block Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-05-03 |
Christian Göttsche | selinux: include necessary headers in headers Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-05-03 |
Christian Göttsche | selinux: avoid extra semicolon Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-05-03 |
Christian Göttsche | selinux: update parameter documentation Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-05-03 |
Christian Göttsche | selinux: resolve checkpatch errors Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-04-14 |
Paul Moore | selinux: don't sleep when CONFIG_SECURITY_SELINUX_CHECKREQPR... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-04-04 |
Paul Moore | selinux: checkreqprot is deprecated, add some ssleep... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-04-04 |
Paul Moore | selinux: runtime disable is deprecated, add some ssleep... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-04-04 |
Michal Orzel | selinux: Remove redundant assignments Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-03-02 |
Paul Moore | selinux: shorten the policy capability enum names Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-28 |
Wan Jiabing | docs: fix 'make htmldocs' warning in SCTP.rst Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-25 |
Richard Haines | selinux: allow FIOCLEX and FIONCLEX with policy capability Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-22 |
Ondrej Mosnacek | selinux: fix misuse of mutex_is_locked() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-22 |
Richard Guy Briggs | audit: log AUDIT_TIME_* records only from rules Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-18 |
Christian Göttsche | selinux: use correct type for context length Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-18 |
Christian Göttsche | selinux: drop return statement at end of void functions Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-15 |
Ondrej Mosnacek | security: implement sctp_assoc_established hook in... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-15 |
Ondrej Mosnacek | security: add sctp_assoc_established hook Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-09 |
Paul Moore | audit: don't deref the syscall args when checking the... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-04 |
Ondrej Mosnacek | selinux: parse contexts for mount options early Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-02 |
Vratislav Bendel | selinux: fix double free of cond_list on error paths Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-02 |
Paul Moore | selinux: various sparse fixes Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-01 |
Scott Mayhew | selinux: try to use preparsed sid before calling parse_sid() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-02-01 |
Scott Mayhew | selinux: Fix selinux_sb_mnt_opts_compat() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-28 |
Casey Schaufler | LSM: general protection fault in legacy_parse_param Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-27 |
Paul Moore | selinux: fix a type cast problem in cred_init_security() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-26 |
Christian Göttsche | selinux: drop unused macro Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-26 |
Christian Göttsche | selinux: simplify cred_init_security Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-26 |
Christian Göttsche | selinux: do not discard const qualifier in cast Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-26 |
Christian Göttsche | selinux: drop unused parameter of avtab_insert_node Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-26 |
Christian Göttsche | selinux: drop cast to same type Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-26 |
Christian Göttsche | selinux: enclose macro arguments in parenthesis Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-26 |
Christian Göttsche | selinux: declare name parameter of hash_eval const Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-26 |
Christian Göttsche | selinux: declare path parameters of _genfs_sid const Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-26 |
Christian Göttsche | selinux: check return value of sel_make_avc_files Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-25 |
GONG, Ruiqi | selinux: access superblock_security_struct in LSM blob way Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2022-01-25 |
Paul Moore | audit: improve audit queue handling when "audit=1"... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-12-27 |
Tom Rix | selinux: initialize proto variable in selinux_ip_postroute_c... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-12-21 |
Paul Moore | selinux: minor tweaks to selinux_add_opt() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-12-21 |
Bernard Zhao | selinux: fix potential memleak in selinux_add_opt() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-12-20 |
Xiu Jianfeng | audit: replace zero-length array with flexible-array... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-12-20 |
Xiu Jianfeng | audit: use struct_size() helper in audit_[send|make... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-12-16 |
Scott Mayhew | selinux: fix sleeping function called from invalid... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-12-15 |
Paul Moore | audit: improve robustness of the audit queue handling Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-12-15 |
Paul Moore | audit: ensure userspace is penalized the same as the... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-12-14 |
Xiu Jianfeng | audit: use struct_size() helper in kmalloc() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-12-06 |
Ondrej Mosnacek | security,selinux: remove security_add_mnt_opt() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-12-06 |
Xiu Jianfeng | selinux: Use struct_size() helper in kmalloc() Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-11-22 |
Paul Moore | lsm: security_task_getsecid_subj() -> security_current_getse... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
2021-11-19 |
Ondrej Mosnacek | selinux: fix NULL-pointer dereference when hashtab... Signed-off-by: Paul Moore <paul@paul-moore.com>
|
commit | commitdiff | tree |
next |