search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
first · prev · next
fork: reorder permissions when violating number of processes limits
2013-07-03 Eric Parisfork: reorder permissions when violating number of...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-05-08 Eric Parisaudit: fix message spacing printing auid
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-05-08 Eric ParisRevert "audit: move kaudit thread start from auditd...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-30 Eric Parisaudit: fix event coverage of AUDIT_ANOM_LINK
 commit | commitdiff | tree
2013-04-30 Eric Parisaudit: use spin_lock in audit_receive_msg to process...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-30 Eric Parisaudit: do not needlessly take a lock in tty_audit_exit
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-30 Eric Parisaudit: do not needlessly take a spinlock in copy_signal
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-30 Eric Parisaudit: use spin_lock_irqsave/restore in audit tty code
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-30 Eric Parishelper for some session id stuff
 commit | commitdiff | tree
2013-04-30 Eric Parisaudit: use a consistent audit helper to log lsm information
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-30 Eric Parisaudit: push loginuid and sessionid processing down
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-30 Eric Parisaudit: stop pushing loginid, uid, sessionid as arguments
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-30 Eric Parisaudit: remove the old depricated kernel interface
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-30 Eric Parisaudit: make validity checking generic
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-16 Eric Parisaudit: allow checking the type of audit message in...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-16 Eric Parisaudit: fix build break when AUDIT_DEBUG == 2
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-11 Eric ParisAudit: do not print error when LSMs disabled
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2013-04-11 Eric Parisaudit: use data= not msg= for AUDIT_USER_TTY messages
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-12-11 Eric Parisinotify: automatically restart syscalls
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-12-11 Eric Parisfsnotify: make fasync generic for both inotify and...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-11-09 Eric Parisfanotify: fix missing break
test case. Eric Paris confirmed it was a bug and posted...
Cc: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-10-12 Eric Parisaudit: make audit_compare_dname_path use parent_len...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-07-16 Eric ParisSELinux: do not check open perms if they are not known...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-07-16 Eric ParisSELinux: include definition of new capabilities
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-18 Eric Parisfcaps: clear the same personality flags as suid when...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: remove unused common_audit_data in flush_unauthoriz...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: unify the selinux_audit_data and selinux_late_audit...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: remove auditdeny from selinux_audit_data
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisLSM: do not initialize common_audit_data to 0
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisLSM: BUILD_BUG_ON if the common_audit_data union ever...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisLSM: remove the task field from common_audit_data
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric Parisapparmor: move task from common_audit_data to apparmor_audit...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisLSM: remove the COMMON_AUDIT_DATA_INIT type expansion
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: move common_audit_data to a noinline slow...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: remove inode_has_perm_noadp
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: delay initialization of audit data in selinux_inode...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: if sel_make_bools errors don't leave inconsistent...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: remove needless sel_div function
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: possible NULL deref in context_struct_to_string
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: audit failed attempts to set invalid labels
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: rename dentry_open to file_open
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: check OPEN on truncate calls
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: add default_type statements
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: allow default source/target selectors for...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: include flow.h where used rather than get...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: loosen DAC perms on reading policy
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-09 Eric ParisSELinux: allow seek operations on the file exposing...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-03 Eric ParisSELinux: do not allocate stack space for AVC data unless...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-03 Eric ParisSELinux: remove avd from slow_avc_audit()
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-03 Eric ParisSELinux: remove avd from selinux_audit_data
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-03 Eric ParisLSM: shrink the common_audit_data data union
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-04-03 Eric ParisLSM: shrink sizeof LSM specific portion of common_audit_data
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-02-21 Eric ParisARM/audit: include audit header and fix audit arch
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-02-16 Eric ParisIMA: fix audit res field to indicate 1 for success...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: allow interfield comparison between gid and...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: complex interfield comparison helper
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: allow interfield comparison in audit rules
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: do not call audit_getname on error
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: only allow tasks to set their loginuid if it...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: remove task argument to audit_set_loginuid
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: allow audit matching on inode gid
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: allow matching on obj_uid
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: remove audit_finish_fork as it can't be called
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: reject entry,always rules
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: inline audit_free to simplify the look of generic...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: drop audit_set_macxattr as it doesn't do anything
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: inline checks for not needing to collect aux...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: drop some potentially inadvisable likely notations
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: remove AUDIT_SETUP_CONTEXT as it isn't used
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: inline audit_syscall_entry to reduce burden...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: ia32entry.S sign extend error codes when calling...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric ParisAudit: push audit success and retcode into arch ptrace.h
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisseccomp: audit abnormal end to a process due to seccomp
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: check current inode and containing object when...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: drop the meaningless and format breaking word...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: dynamically allocate audit_names when not enough...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-17 Eric Parisaudit: make filetype matching consistent with other...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Pariscapabilities: remove __cap_full_set definition
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Parissecurity: remove the security_netlink_recv hook as...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Parisptrace: do not audit capability check when outputing...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Pariscapabilities: remove task_ns_* functions
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Pariscapabitlies: ns_capable can use the cap helpers rather...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Pariscapabilities: style only - move capable below ns_capable
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Pariscapabilites: introduce new has_ns_capabilities_noaudit
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Pariscapabilities: call has_ns_capability from has_capability
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Pariscapabilities: remove all _real_ interfaces
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Pariscapabilities: introduce security_capable_noaudit
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Pariscapabilities: reverse arguments to security_capable
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2012-01-05 Eric Pariscapabilities: remove the task from capable LSM hook...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2011-05-26 Eric ParisMerge commit 'v2.6.39' into 20110526
 commit | commitdiff | tree
2011-05-26 Eric Paristmpfs: fix XATTR N overriding POSIX_ACL Y
 commit | commitdiff | tree
2011-05-25 Eric Parisxattr.h: expose string defines to userspace
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2011-05-25 Eric Paristmpfs: implement generic xattr support
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2011-05-12 Eric ParisSELinux: delete debugging printks from filename_trans...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2011-04-28 Eric Parisflex_arrays: allow zero length flex arrays
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2011-04-28 Eric Parisflex_array: flex_array_prealloc takes a number of elements...
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2011-04-28 Eric ParisSELinux: pass last path component in may_create
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2011-04-28 Eric ParisSELinux: introduce path_has_perm
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2011-04-28 Eric Parisflex_array: allow 0 length elements
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
2011-04-28 Eric Parisflex_arrays: allow zero length flex arrays
Signed-off-by: Eric Paris <eparis@redhat.com>
 commit | commitdiff | tree
next
Linus' kernel tree