aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux (unfollow)
AgeCommit message (Expand)AuthorFilesLines
2019-03-12selinux: convert to kvmallocKent Overstreet6-144/+62
2019-03-11security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblockJ. Bruce Fields1-1/+4
2019-03-11selinux: add the missing walk_size + len check in selinux_sctp_bind_connectXin Long1-0/+3
2019-02-28introduce cloning of fs_contextAl Viro1-0/+39
2019-02-28selinux: Implement the new mount API LSM hooksDavid Howells2-10/+49
2019-02-22doc: sctp: Merge and clean up rst filesKees Cook1-1/+1
2019-02-05selinux: fix avc audit messagesStephen Smalley1-3/+3
2019-01-31audit: remove unused actx param from audit_rule_matchRichard Guy Briggs2-5/+2
2019-01-28selinux: replace BUG_ONs with WARN_ONs in avc.cOndrej Mosnacek1-2/+4
2019-01-25selinux: log invalid contexts in AVCsOndrej Mosnacek3-5/+50
2019-01-25selinux: replace some BUG_ON()s with a WARN_ON()Ondrej Mosnacek1-2/+3
2019-01-25selinux: inline some AVC functions used only onceOndrej Mosnacek1-82/+58
2019-01-18LSM: Make lsm_early_cred() and lsm_early_task() local functions.Tetsuo Handa1-1/+0
2019-01-10selinux: do not override context on context mountsOndrej Mosnacek1-1/+8
2019-01-10selinux: never allow relabeling on context mountsOndrej Mosnacek1-9/+31
2019-01-10selinux: stop passing MAY_NOT_BLOCK to the AVC upon follow_linkStephen Smalley3-30/+4
2019-01-10selinux: avoid silent denials in permissive mode under RCU walkStephen Smalley3-3/+25
2019-01-10selinux: fix GPF on invalid policyStephen Smalley1-1/+2
2019-01-10LSM: generalize flag passing to security_capableMicah Morton1-9/+9
2019-01-08LSM: Infrastructure management of the ipc security blobCasey Schaufler2-87/+15
2019-01-08SELinux: Abstract use of ipc security blobsCasey Schaufler2-9/+22
2019-01-08LSM: Infrastructure management of the inode securityCasey Schaufler2-36/+10
2019-01-08SELinux: Abstract use of inode security blobCasey Schaufler3-15/+21
2019-01-08LSM: Infrastructure management of the file securityCasey Schaufler2-24/+3
2019-01-08SELinux: Abstract use of file security blobCasey Schaufler2-9/+14
2019-01-08Infrastructure management of the cred security blobCasey Schaufler2-42/+13
2019-01-08SELinux: Remove unused selinux_is_enabledCasey Schaufler5-29/+1
2019-01-08SELinux: Remove cred security blob poisoningCasey Schaufler1-6/+0
2019-01-08SELinux: Abstract use of cred security blobCasey Schaufler3-29/+34
2019-01-08selinux: Remove SECURITY_SELINUX_BOOTPARAM_VALUEKees Cook2-19/+1
2019-01-08LSM: Separate idea of "major" LSM from "exclusive" LSMKees Cook1-1/+1
2019-01-08LSM: Lift LSM selection out of individual LSMsKees Cook1-10/+0
2019-01-08LSM: Plumb visibility into optional "enabled" stateKees Cook1-0/+1
2019-01-08LSM: Introduce LSM_FLAG_LEGACY_MAJORKees Cook1-0/+1
2018-12-21LSM: new method: ->sb_add_mnt_opt()Al Viro1-26/+19
2018-12-21selinux: rewrite selinux_sb_eat_lsm_opts()Al Viro1-92/+54
2018-12-21selinux: regularize Opt_... names a bitAl Viro1-8/+8
2018-12-21selinux: switch away from match_token()Al Viro1-27/+55
2018-12-21selinux: new helper - selinux_add_opt()Al Viro1-73/+53
2018-12-21selinux: switch to private struct selinux_mnt_optsAl Viro1-161/+101
2018-12-21LSM: hide struct security_mnt_opts from any generic codeAl Viro1-15/+37
2018-12-21selinux: kill selinux_sb_get_mnt_opts()Al Viro1-147/+51
2018-12-21LSM: turn sb_eat_lsm_opts() into a methodAl Viro1-1/+15
2018-12-21selinux; don't open-code a loop in sb_finish_set_opts()Al Viro1-4/+2
2018-12-21LSM: split ->sb_set_mnt_opts() out of ->sb_kern_mount()Al Viro1-9/+1
2018-12-21LSM: lift extracting and parsing LSM options into the caller of ->sb_remount()Al Viro1-35/+12
2018-12-21LSM: lift parsing LSM options into the caller of ->sb_kern_mount()Al Viro1-21/+3
2018-12-20selinux: expand superblock_doinit() callsAl Viro1-30/+24
2018-12-20vfs: Suppress MS_* flag defs within the kernel unless explicitly enabledDavid Howells1-0/+1
2018-12-19net: use skb_sec_path helper in more placesFlorian Westphal1-2/+2