aboutsummaryrefslogtreecommitdiff
path: root/security/apparmor/ipc.c
AgeCommit message (Collapse)AuthorFilesLines
2013-10-29apparmor: fix capability to not use the current task, during reportingJohn Johansen1-5/+4
Mediation is based off of the cred but auditing includes the current task which may not be related to the actual request. Signed-off-by: John Johansen <[email protected]>
2013-04-28apparmor: add utility function to get an arbitrary tasks profile.John Johansen1-9/+4
Signed-off-by: John Johansen <[email protected]> Acked-by: Steve Beattie <[email protected]>
2012-04-09LSM: do not initialize common_audit_data to 0Eric Paris1-1/+1
It isn't needed. If you don't set the type of the data associated with that type it is a pretty obvious programming bug. So why waste the cycles? Signed-off-by: Eric Paris <[email protected]>
2012-04-09LSM: remove the COMMON_AUDIT_DATA_INIT type expansionEric Paris1-1/+1
Just open code it so grep on the source code works better. Signed-off-by: Eric Paris <[email protected]>
2012-04-03LSM: shrink sizeof LSM specific portion of common_audit_dataEric Paris1-4/+6
Linus found that the gigantic size of the common audit data caused a big perf hit on something as simple as running stat() in a loop. This patch requires LSMs to declare the LSM specific portion separately rather than doing it in a union. Thus each LSM can be responsible for shrinking their portion and don't have to pay a penalty just because other LSMs have a bigger space requirement. Signed-off-by: Eric Paris <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
2011-09-09apparmor: sparse fix: include ipc.hJames Morris1-0/+1
Include ipc.h to eliminate sparse warnings. security/apparmor/ipc.c:61:5: warning: symbol 'aa_may_ptrace' was not declared. Should it be static? security/apparmor/ipc.c:83:5: warning: symbol 'aa_ptrace' was not declared. Should it be static Signed-off-by: James Morris <[email protected]> Acked-by: John Johansen <[email protected]>
2010-08-02AppArmor: fix build warnings for non-const use of get_task_credJames Morris1-1/+1
Fix build warnings for non-const use of get_task_cred. Signed-off-by: James Morris <[email protected]>
2010-08-02AppArmor: mediation of non file objectsJohn Johansen1-0/+114
ipc: AppArmor ipc is currently limited to mediation done by file mediation and basic ptrace tests. Improved mediation is a wip. rlimits: AppArmor provides basic abilities to set and control rlimits at a per profile level. Only resources specified in a profile are controled or set. AppArmor rules set the hard limit to a value <= to the current hard limit (ie. they can not currently raise hard limits), and if necessary will lower the soft limit to the new hard limit value. AppArmor does not track resource limits to reset them when a profile is left so that children processes inherit the limits set by the parent even if they are not confined by the same profile. Capabilities: AppArmor provides a per profile mask of capabilities, that will further restrict. Signed-off-by: John Johansen <[email protected]> Signed-off-by: James Morris <[email protected]>
Powered by cgit, Gruvboxed by Blaster4385.