2020-03-12 |
Stephen Smalley | MAINTAINERS: Update my email address Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2020-02-28 |
Stephen Smalley | selinux: remove unused initial SIDs and improve handling Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2020-02-10 |
Stephen Smalley | Documentation,selinux: deprecate setting checkreqprot... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2020-01-20 |
Stephen Smalley | selinux: fix regression introduced by move_mount(2... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2020-01-10 |
Stephen Smalley | selinux: make default_noexec read-only after init Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2020-01-07 |
Stephen Smalley | Documentation,selinux: fix references to old selinuxfs... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-12-19 |
Stephen Smalley | selinux: randomize layout of key structures Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-12-19 |
Stephen Smalley | selinux: clean up selinux_enabled/disabled/enforcing_boot Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-12-10 |
Stephen Smalley | security: only build lsm_audit if CONFIG_SECURITY=y Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-12-09 |
Stephen Smalley | selinux: clean up selinux_inode_permission MAY_NOT_BLOCK... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-12-09 |
Stephen Smalley | selinux: fall back to ref-walk if audit is required Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-12-09 |
Stephen Smalley | selinux: revert "stop passing MAY_NOT_BLOCK to the... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-12-09 |
Stephen Smalley | security,lockdown,selinux: implement SELinux lockdown Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-09-04 |
Stephen Smalley | selinux: fix residual uses of current_security() for... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-03-19 |
Stephen Smalley | scripts/selinux: fix build Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-03-18 |
Stephen Smalley | scripts/selinux: modernize mdp Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-02-05 |
Stephen Smalley | selinux: fix avc audit messages Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-01-11 |
Stephen Smalley | selinux: stop passing MAY_NOT_BLOCK to the AVC upon... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-01-11 |
Stephen Smalley | selinux: avoid silent denials in permissive mode under... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2019-01-11 |
Stephen Smalley | selinux: fix GPF on invalid policy Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2018-09-04 |
Stephen Smalley | selinux: fix mounting of cgroup2 under older policies Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2018-04-09 |
Stephen Smalley | selinux: fix missing dput() before selinuxfs unmount Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2018-03-20 |
Stephen Smalley | selinux: wrap AVC state Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2018-03-20 |
Stephen Smalley | selinux: wrap selinuxfs state Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2018-03-20 |
Stephen Smalley | selinux: fix handling of uninitialized selinux state... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2018-03-06 |
Stephen Smalley | usb, signal, security: only pass the cred, not the... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2018-03-01 |
Stephen Smalley | selinux: wrap global selinux state Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-08-17 |
Stephen Smalley | lsm_audit: update my email address Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-08-17 |
Stephen Smalley | selinux: update my email address Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-08-02 |
Stephen Smalley | selinux: Generalize support for NNP/nosuid SELinux... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-07-31 |
Stephen Smalley | selinux: genheaders should fail if too many permissions... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-05-23 |
Stephen Smalley | selinux: log policy capability state when a policy... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-05-23 |
Stephen Smalley | selinux: do not check open permission on sockets Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-05-23 |
Stephen Smalley | selinux: add a map permission check for mmap Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-05-23 |
Stephen Smalley | selinux: only invoke capabilities and selinux for CAP_MAC_AD... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-03-29 |
Stephen Smalley | fs: switch order of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-03-05 |
Stephen Smalley | selinux: fix kernel BUG on prlimit(..., NULL, NULL) Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-03-05 |
Stephen Smalley | prlimit,security,selinux: add a security hook for prlimit Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-03-01 |
Stephen Smalley | selinux: wrap cgroup seclabel support with its own... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-03-01 |
Stephen Smalley | timerfd: Only check CAP_WAKE_ALARM when it is needed Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-02-08 |
Stephen Smalley | selinux: fix off-by-one in setprocattr Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-02-07 |
Stephen Smalley | selinux: fix off-by-one in setprocattr Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-01-12 |
Stephen Smalley | security,selinux,smack: kill security_task_wait hook Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-01-12 |
Stephen Smalley | selinux: drop unused socket security classes Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-01-09 |
Stephen Smalley | proc,security: move restriction on writing /proc/pid... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-01-09 |
Stephen Smalley | selinux: clean up cred usage and simplify Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-01-09 |
Stephen Smalley | selinux: allow context mounts on tmpfs, ramfs, devpts... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-01-09 |
Stephen Smalley | selinux: handle ICMPv6 consistently with ICMP Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2017-01-09 |
Stephen Smalley | selinux: support distinctions among all network address... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2016-11-21 |
Stephen Smalley | selinux: keep SELinux in sync with new capability definitions Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2016-11-20 |
Stephen Smalley | selinux: normalize input to /sys/fs/selinux/enforce Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2016-05-31 |
Stephen Smalley | selinux: Only apply bounds checking to source types Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2016-04-26 |
Stephen Smalley | selinux: apply execstack check on thread stacks Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2016-04-26 |
Stephen Smalley | selinux: distinguish non-init user namespace capability... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-11-24 |
Stephen Smalley | selinux: fix bug in conditional rules handling Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-10-29 |
Stephen Smalley | lkdtm: fix ACCESS_USERSPACE test Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-10-06 |
Stephen Smalley | x86/mm: Warn on W^X mappings Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-10-02 |
Stephen Smalley | x86/mm: Set NX on gap between __ex_table and rodata Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-08-07 |
Stephen Smalley | ipc: use private shmem or hugetlbfs inodes for shm... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-07-13 |
Stephen Smalley | selinux: Augment BUG_ON assertion for secclass_map. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-07-13 |
Stephen Smalley | selinux: initialize sock security class to default... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-07-10 |
Stephen Smalley | selinux: fix mprotect PROT_EXEC regression caused by... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-07-08 |
Stephen Smalley | net/tipc: initialize security state for new connection... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-06-11 |
Stephen Smalley | net/unix: support SCM_SECURITY for stream sockets Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-06-04 |
Stephen Smalley | selinux: Remove unused permission definitions Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-06-04 |
Stephen Smalley | selinux: enable genfscon labeling for sysfs and pstore... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-06-04 |
Stephen Smalley | selinux: enable per-file labeling for debugfs files. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-06-04 |
Stephen Smalley | selinux: update netlink socket classes Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-04-07 |
Stephen Smalley | selinux: increase avtab max buckets Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-04-07 |
Stephen Smalley | selinux: convert avtab hash table to flex_array Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-02-28 |
Stephen Smalley | security/yama: Remove unnecessary selects from Kconfig. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2015-01-25 |
Stephen Smalley | Add security hooks to binder and implement the hooks... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2014-10-15 |
Stephen Smalley | selinux: fix inode security list corruption Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2014-08-28 |
Stephen Smalley | selinux: Permit bounded transitions under NO_NEW_PRIVS... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2014-06-03 |
Stephen Smalley | selinux: Report permissive mode in avc: denied messages. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2014-05-01 |
Stephen Smalley | selinux: Report permissive mode in avc: denied messages. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2014-02-05 |
Stephen Smalley | SELinux: Fix kernel BUG on empty security contexts. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2013-07-25 |
Stephen Smalley | SELinux: Enable setting security contexts on rootfs... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2011-04-07 |
Stephen Smalley | selinux: Fix regression for Xorg Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2011-03-28 |
Stephen Smalley | selinux: Fix regression for Xorg Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2010-04-28 |
Stephen Smalley | selinux: generalize disabling of execmem for plt-in... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2010-04-14 |
Stephen Smalley | SELinux: Reduce max avtab size to avoid page allocation...
|
commit | commitdiff | tree |
2010-03-15 |
Stephen Smalley | SELinux: Reduce max avtab size to avoid page allocation...
|
commit | commitdiff | tree |
2010-02-02 |
Stephen Smalley | selinux: Only audit permissions specified in policy
|
commit | commitdiff | tree |
2010-01-24 |
Stephen Smalley | selinux: convert range transition list to a hashtab
|
commit | commitdiff | tree |
2010-01-17 |
Stephen Smalley | selinux: change the handling of unknown classes
|
commit | commitdiff | tree |
2009-10-20 |
Stephen Smalley | SELinux: fix locking issue introduced with c6d3aaa4e35c71a3
|
commit | commitdiff | tree |
2009-10-07 |
Stephen Smalley | selinux: drop remapping of netlink classes Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2009-10-07 |
Stephen Smalley | selinux: generate flask headers during kernel build Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2009-10-07 |
Stephen Smalley | selinux: dynamic class/perm discovery Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2009-06-22 |
Stephen Smalley | selinux: restore optimization to selinux_file_permission Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2009-05-19 |
Stephen Smalley | selinux: remove obsolete read buffer limit from sel_read_bool Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2009-05-04 |
Stephen Smalley | selinux: Fix send_sigiotask hook Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2008-12-19 |
Stephen Smalley | SELinux: correctly detect proc filesystems of the form...
|
commit | commitdiff | tree |
2008-09-29 |
Stephen Smalley | selinux: use default proc sid on symlinks
|
commit | commitdiff | tree |
2008-09-11 |
Stephen Smalley | Update selinux info in MAINTAINERS and Kconfig help... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2008-08-01 |
Stephen Smalley | Re: BUG at security/selinux/avc.c:883 (was: Re: linux... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2008-07-14 |
Stephen Smalley | selinux: change handling of invalid classes (Was: Re... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2008-07-14 |
Stephen Smalley | selinux: fix endianness bug in network node address... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
2008-07-14 |
Stephen Smalley | selinux: simplify ioctl checking Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
commit | commitdiff | tree |
next |