search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
first · prev · next
SELinux: Add network ingress and egress control permission checks
2008-01-29 Paul MooreSELinux: Add network ingress and egress control permission...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreNetLabel: Add auditing to the static labeling mechanism
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreNetLabel: Introduce static network labels for unlabeled...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreSELinux: Allow NetLabel to directly cache SIDs
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreSELinux: Enable dynamic enable/disable of the network...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreSELinux: Better integration between peer labeling subsystems
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreSELinux: Add a new peer class and permissions to the...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreSELinux: Add a capabilities bitmap to SELinux policy...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreSELinux: Add a network node caching mechanism similar...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreSELinux: Only store the network interface's ifindex
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreSELinux: Convert the netif code to use ifindex values
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreNetLabel: Add IP address family information to the...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreNetLabel: Add secid token support to the NetLabel secattr...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreNetLabel: Consolidate the LSM domain mapping/hashing...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreNetLabel: Cleanup the LSM domain hash functions
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-29 Paul MooreNetLabel: Remove unneeded RCU read locks
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-28 Paul Moore[XFRM]: Drop packets when replay counter would overflow
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-28 Paul Moore[XFRM]: RFC4303 compliant auditing
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-28 Paul Moore[XFRM]: Assorted IPsec fixups
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-28 Paul Moore[IPSEC]: SPD auditing fix to include the netmask/prefix...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-21 Paul Mooreselinux: fix memory leak in netlabel code
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2008-01-09 Paul Moore[NET]: Clone the sk_buff 'iif' field in __skb_clone()
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-12-20 Paul Moore[XFRM]: Audit function arguments misordered
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-12-14 Paul Moore[XFRM]: Display the audited SPI value in host byte...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-10-26 Paul Moore[NetLabel]: correct usage of RCU locking
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-10-10 Paul Moore[CIPSO]: remove duplicated code in the cipso_v4_*_getattr...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-08-08 Paul Moore[NetLabel]: add missing rcu_dereference() calls in...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-08-02 Paul MooreNet/Security: fix memory leaks from security_secid_to_secctx()
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-08-02 Paul MooreSELinux: remove redundant pointer checks before calling...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-08-02 Paul MooreSELinux: restore proper NetLabel caching behavior
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-07-19 Paul MooreSELinux: use SECINITSID_NETMSG instead of SECINITSID_UNLABEL...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-07-19 Paul MooreSELinux: enable dynamic activation/deactivation of...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-07-12 Paul MooreSELinux: use SECINITSID_NETMSG instead of SECINITSID_UNLABEL...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-06-08 Paul Moore[CIPSO]: Fix several unaligned kernel accesses in the...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-06-08 Paul Moore[NetLabel]: consolidate the struct socket/sock handling...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-04-26 Paul MooreSELinux: move security_skb_extlbl_sid() out of the...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-04-26 Paul MooreSELinux: rename selinux_netlabel.h to netlabel.h
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-04-26 Paul MooreSELinux: extract the NetLabel SELinux support from...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-04-26 Paul MooreNetLabel: convert a BUG_ON in the CIPSO code to a runtime...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-04-26 Paul MooreNetLabel: cleanup and document CIPSO constants
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-03-12 Paul Moore[NetLabel]: parse the CIPSO ranged tag on incoming...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-03-03 Paul Moore[NetLabel]: Verify sensitivity level has a valid CIPSO...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-01-09 Paul Moore[INET]: style updates for the inet_sock->is_icsk assignment fix
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-01-09 Paul MooreNetLabel: correct CIPSO tag handling when adding new...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-01-09 Paul MooreNetLabel: correct locking in selinux_netlbl_socket_setsid()
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2007-01-09 Paul Moore[INET]: Fix incorrect "inet_sock->is_icsk" assignment.
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-22 Paul MooreNetLabel: correctly fill in unused CIPSOv4 level and...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-22 Paul MooreNetLabel: perform input validation earlier on CIPSOv4...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-07 Paul Moore[NETLIK]: Add a pointer to the Generic Netlink wiki...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: add the ranged tag to the CIPSOv4 protocol
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: add the enumerated tag to the CIPSOv4 protocol
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: convert to an extensibile/sparse category...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: honor the audit_enabled flag
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreSELinux: peer secid consolidation for external network...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: SELinux cleanups
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: use cipso_v4_doi_search() for local CIPSOv4...
Signed-of-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: use the correct CIPSOv4 MLS label limits
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: return the correct error for translated CIPSOv4...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: fixup the handling of CIPSOv4 tags to allow...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: add tag verification when adding new CIPSOv4...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: check for a CIPSOv4 option before we do call...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: make netlbl_lsm_secattr struct easier/quicker...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: change netlbl_secattr_init() to return void
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: convert the unlabeled accept flag to use RCU
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-12-03 Paul MooreNetLabel: use gfp_t instead of int where it makes sense
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-11-06 Paul Moore[NETLABEL]: Fix build failure.
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-10-30 Paul Moore[NetLabel]: protect the CIPSOv4 socket option from...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-10-16 Paul MooreNetLabel: the CIPSOv4 passthrough mapping does not...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-10-16 Paul MooreNetLabel: better error handling involving mls_export_cat()
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-10-16 Paul MooreNetLabel: only deref the CIPSOv4 standard map fields...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-30 Paul Moore[NetLabel]: audit fixups due to delayed feedback
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-29 Paul Moore[NetLabel]: add audit support for configuration changes
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-25 Paul Moore[NetLabel]: update docs with website information
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-25 Paul Moore[NetLabel]: rework the Netlink attribute handling ...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-25 Paul Moore[NetLabel]: rework the Netlink attribute handling ...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-25 Paul Moore[Netlink]: add nla_validate_nested()
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-25 Paul Moore[NETLINK]: add nla_for_each_nested() to the interface...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-25 Paul Moore[NetLabel]: change the SELinux permissions
Signed-of-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-25 Paul Moore[NetLabel]: make the CIPSOv4 cache spinlocks bottom...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-25 Paul Moore[NetLabel]: correct improper handling of non-NetLabel...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: add some missing #includes to various header...
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: uninline selinux_netlbl_inode_permission()
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: Cleanup ebitmap_import()
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: Comment corrections.
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: remove unused function prototypes
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: Correctly initialize the NetLabel fields.
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: tie NetLabel into the Kconfig system
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: CIPSOv4 and Unlabeled packet integration
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: core NetLabel subsystem
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: CIPSOv4 engine
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: core network changes
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
2006-09-22 Paul Moore[NetLabel]: documentation
Signed-off-by: Paul Moore <paul.moore@hp.com>
 commit | commitdiff | tree
(deprecated) Btrfs devel tree