linux-net/security/apparmor/include at 2d9da9b188b8cd3b579d7ef5ba5d334be9dd38fc - linux-net - Gitea: Git with a cup of tea

git/linux-net

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/ synced 2026-05-02 18:15:03 -04:00

Files

History

John Johansen 2d9da9b188 apparmor: allow restricting unprivileged change_profile

unprivileged unconfined can use change_profile to alter the confinement
set by the mac admin.

Allow restricting unprivileged unconfined by still allowing change_profile
but stacking the change against unconfined. This allows unconfined to
still apply system policy but allows the task to enter the new confinement.

If unprivileged unconfined is required a sysctl is provided to switch
to the previous behavior.

Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>

2023-10-18 15:48:44 -07:00

..

apparmor.h

apparmor: Fix undefined references to zstd_ symbols

2022-10-03 14:49:04 -07:00

apparmorfs.h

apparmor: make export of raw binary profile to userspace optional

2022-07-09 15:13:59 -07:00

audit.h

apparmor: pass cred through to audit info.

2023-10-18 15:30:38 -07:00

capability.h

apparmor: pass cred through to audit info.

2023-10-18 15:30:38 -07:00

cred.h

apparmor: Simplify obtain the newest label on a cred

2022-10-03 14:49:04 -07:00

crypto.h

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441

2019-06-05 17:37:17 +02:00

domain.h

apparmor: extend permissions to support a label and tag string

2022-10-03 14:49:03 -07:00

file.h

apparmor: pass cred through to audit info.

2023-10-18 15:30:38 -07:00

ipc.h

apparmor: pass cred through to audit info.

2023-10-18 15:30:38 -07:00

label.h

apparmor: refactor profile rules and attachments

2022-10-03 14:49:04 -07:00

lib.h

apparmor: refcount the pdb

2023-10-18 15:30:47 -07:00

match.h

apparmor: refcount the pdb

2023-10-18 15:30:47 -07:00

mount.h

apparmor: pass cred through to audit info.

2023-10-18 15:30:38 -07:00

net.h

apparmor: pass cred through to audit info.

2023-10-18 15:30:38 -07:00

path.h

apparmor: allow label to carry debug flags

2022-07-19 02:55:45 -07:00

perms.h

apparmor: combine common_audit_data and apparmor_audit_data

2023-10-18 15:30:29 -07:00

policy_compat.h

apparmor: isolate policy backwards compatibility to its own file

2022-10-03 14:49:03 -07:00

policy_ns.h

apparmor: remove unused functions in policy_ns.c/.h

2023-10-15 21:44:31 -07:00

policy_unpack.h

Merge tag 'apparmor-pr-2022-12-14' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor

2022-12-14 13:42:09 -08:00

policy.h

apparmor: allow restricting unprivileged change_profile

2023-10-18 15:48:44 -07:00

procattr.h

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441

2019-06-05 17:37:17 +02:00

resource.h

apparmor: pass cred through to audit info.

2023-10-18 15:30:38 -07:00

secid.h

apparmor: disable showing the mode as part of a secid to secctx

2022-07-13 17:18:29 -07:00

sig_names.h

apparmor: audit unknown signal numbers

2018-02-09 11:30:01 -08:00

task.h

apparmor: pass cred through to audit info.

2023-10-18 15:30:38 -07:00