| 2019-03-19 |
Stephen Smalley | scripts/selinux: fix build
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2019-03-18 |
Stephen Smalley | scripts/selinux: modernize mdp
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2019-02-05 |
Stephen Smalley | selinux: fix avc audit messages
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2019-01-11 |
Stephen Smalley | selinux: stop passing MAY_NOT_BLOCK to the AVC upon...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2019-01-11 |
Stephen Smalley | selinux: avoid silent denials in permissive mode under...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2019-01-11 |
Stephen Smalley | selinux: fix GPF on invalid policy
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2018-09-04 |
Stephen Smalley | selinux: fix mounting of cgroup2 under older policies
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2018-04-09 |
Stephen Smalley | selinux: fix missing dput() before selinuxfs unmount
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2018-03-20 |
Stephen Smalley | selinux: wrap AVC state
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2018-03-20 |
Stephen Smalley | selinux: wrap selinuxfs state
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2018-03-20 |
Stephen Smalley | selinux: fix handling of uninitialized selinux state...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2018-03-06 |
Stephen Smalley | usb, signal, security: only pass the cred, not the...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2018-03-01 |
Stephen Smalley | selinux: wrap global selinux state
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-08-17 |
Stephen Smalley | lsm_audit: update my email address
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-08-17 |
Stephen Smalley | selinux: update my email address
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-08-02 |
Stephen Smalley | selinux: Generalize support for NNP/nosuid SELinux...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-07-31 |
Stephen Smalley | selinux: genheaders should fail if too many permissions...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-05-23 |
Stephen Smalley | selinux: log policy capability state when a policy...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-05-23 |
Stephen Smalley | selinux: do not check open permission on sockets
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-05-23 |
Stephen Smalley | selinux: add a map permission check for mmap
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-05-23 |
Stephen Smalley | selinux: only invoke capabilities and selinux for CAP_MAC_AD...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-03-29 |
Stephen Smalley | fs: switch order of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-03-05 |
Stephen Smalley | selinux: fix kernel BUG on prlimit(..., NULL, NULL)
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-03-05 |
Stephen Smalley | prlimit,security,selinux: add a security hook for prlimit
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-03-01 |
Stephen Smalley | selinux: wrap cgroup seclabel support with its own...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-03-01 |
Stephen Smalley | timerfd: Only check CAP_WAKE_ALARM when it is needed
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-02-08 |
Stephen Smalley | selinux: fix off-by-one in setprocattr
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-02-07 |
Stephen Smalley | selinux: fix off-by-one in setprocattr
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-01-12 |
Stephen Smalley | security,selinux,smack: kill security_task_wait hook
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-01-12 |
Stephen Smalley | selinux: drop unused socket security classes
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-01-09 |
Stephen Smalley | proc,security: move restriction on writing /proc/pid...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-01-09 |
Stephen Smalley | selinux: clean up cred usage and simplify
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-01-09 |
Stephen Smalley | selinux: allow context mounts on tmpfs, ramfs, devpts...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-01-09 |
Stephen Smalley | selinux: handle ICMPv6 consistently with ICMP
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2017-01-09 |
Stephen Smalley | selinux: support distinctions among all network address...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2016-11-21 |
Stephen Smalley | selinux: keep SELinux in sync with new capability definitions
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2016-11-20 |
Stephen Smalley | selinux: normalize input to /sys/fs/selinux/enforce
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2016-05-31 |
Stephen Smalley | selinux: Only apply bounds checking to source types
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2016-04-26 |
Stephen Smalley | selinux: apply execstack check on thread stacks
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2016-04-26 |
Stephen Smalley | selinux: distinguish non-init user namespace capability...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-11-24 |
Stephen Smalley | selinux: fix bug in conditional rules handling
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-10-29 |
Stephen Smalley | lkdtm: fix ACCESS_USERSPACE test
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-10-06 |
Stephen Smalley | x86/mm: Warn on W^X mappings
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-10-02 |
Stephen Smalley | x86/mm: Set NX on gap between __ex_table and rodata
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-08-07 |
Stephen Smalley | ipc: use private shmem or hugetlbfs inodes for shm...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-07-13 |
Stephen Smalley | selinux: Augment BUG_ON assertion for secclass_map.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-07-13 |
Stephen Smalley | selinux: initialize sock security class to default...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-07-10 |
Stephen Smalley | selinux: fix mprotect PROT_EXEC regression caused by...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-07-08 |
Stephen Smalley | net/tipc: initialize security state for new connection...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-06-11 |
Stephen Smalley | net/unix: support SCM_SECURITY for stream sockets
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-06-04 |
Stephen Smalley | selinux: Remove unused permission definitions
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-06-04 |
Stephen Smalley | selinux: enable genfscon labeling for sysfs and pstore...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-06-04 |
Stephen Smalley | selinux: enable per-file labeling for debugfs files.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-06-04 |
Stephen Smalley | selinux: update netlink socket classes
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-04-07 |
Stephen Smalley | selinux: increase avtab max buckets
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-04-07 |
Stephen Smalley | selinux: convert avtab hash table to flex_array
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-02-28 |
Stephen Smalley | security/yama: Remove unnecessary selects from Kconfig.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2015-01-25 |
Stephen Smalley | Add security hooks to binder and implement the hooks...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2014-10-15 |
Stephen Smalley | selinux: fix inode security list corruption
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2014-08-28 |
Stephen Smalley | selinux: Permit bounded transitions under NO_NEW_PRIVS...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2014-06-03 |
Stephen Smalley | selinux: Report permissive mode in avc: denied messages.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2014-05-01 |
Stephen Smalley | selinux: Report permissive mode in avc: denied messages.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2014-02-05 |
Stephen Smalley | SELinux: Fix kernel BUG on empty security contexts.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2013-07-25 |
Stephen Smalley | SELinux: Enable setting security contexts on rootfs...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2011-04-07 |
Stephen Smalley | selinux: Fix regression for Xorg
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2011-03-28 |
Stephen Smalley | selinux: Fix regression for Xorg
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2010-04-28 |
Stephen Smalley | selinux: generalize disabling of execmem for plt-in...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2010-04-14 |
Stephen Smalley | SELinux: Reduce max avtab size to avoid page allocation...
|
commit | commitdiff | tree |
| 2010-03-15 |
Stephen Smalley | SELinux: Reduce max avtab size to avoid page allocation...
|
commit | commitdiff | tree |
| 2010-02-02 |
Stephen Smalley | selinux: Only audit permissions specified in policy
|
commit | commitdiff | tree |
| 2010-01-24 |
Stephen Smalley | selinux: convert range transition list to a hashtab
|
commit | commitdiff | tree |
| 2010-01-17 |
Stephen Smalley | selinux: change the handling of unknown classes
|
commit | commitdiff | tree |
| 2009-10-20 |
Stephen Smalley | SELinux: fix locking issue introduced with c6d3aaa4e35c71a3
|
commit | commitdiff | tree |
| 2009-10-07 |
Stephen Smalley | selinux: drop remapping of netlink classes
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2009-10-07 |
Stephen Smalley | selinux: generate flask headers during kernel build
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2009-10-07 |
Stephen Smalley | selinux: dynamic class/perm discovery
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2009-06-22 |
Stephen Smalley | selinux: restore optimization to selinux_file_permission
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2009-05-19 |
Stephen Smalley | selinux: remove obsolete read buffer limit from sel_read_bool
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2009-05-04 |
Stephen Smalley | selinux: Fix send_sigiotask hook
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-12-19 |
Stephen Smalley | SELinux: correctly detect proc filesystems of the form...
|
commit | commitdiff | tree |
| 2008-09-29 |
Stephen Smalley | selinux: use default proc sid on symlinks
|
commit | commitdiff | tree |
| 2008-09-11 |
Stephen Smalley | Update selinux info in MAINTAINERS and Kconfig help...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-08-01 |
Stephen Smalley | Re: BUG at security/selinux/avc.c:883 (was: Re: linux...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-07-14 |
Stephen Smalley | selinux: change handling of invalid classes (Was: Re...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-07-14 |
Stephen Smalley | selinux: fix endianness bug in network node address...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-07-14 |
Stephen Smalley | selinux: simplify ioctl checking
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-07-14 |
Stephen Smalley | SELinux: enable processes with mac_admin to get the...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-07-14 |
Stephen Smalley | Security: split proc ptrace checking into read vs....
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-07-14 |
Stephen Smalley | SELinux: fix sleeping allocation in security_context_to_sid
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-07-14 |
Stephen Smalley | selinux: support deferred mapping of contexts
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-04-07 |
Stephen Smalley | SELinux: more GFP_NOFS fixups to prevent selinux from...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-04-02 |
Stephen Smalley | selinux: handle files opened with flags 3 by checking...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-02-11 |
Stephen Smalley | selinux: support 64-bit capabilities
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2008-01-26 |
Stephen Smalley | selinux: fix labeling of /proc/net inodes
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2007-12-05 |
Stephen Smalley | SELinux: detect dead booleans
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2007-12-05 |
Stephen Smalley | SELinux: do not clear f_op when removing entries
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2007-11-07 |
Stephen Smalley | SELinux: add more validity checks on policy load
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2007-08-31 |
Stephen Smalley | SELinux: clear parent death signal on SID transitions
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2007-07-12 |
Stephen Smalley | SELinux: allow preemption between transition permission...
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| 2007-04-26 |
Stephen Smalley | selinux: preserve boolean values across policy reloads
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
| next |
git.samba.org / sfrench / cifs-2.6.git / search