summaryrefslogtreecommitdiffstats
path: root/security/tomoyo/Makefile (follow)
Commit message (Collapse)AuthorAgeFilesLines
* TOMOYO: Allow using UID/GID etc. of current thread as conditions.Tetsuo Handa2011-07-111-1/+1
| | | | | | | | This patch adds support for permission checks using current thread's UID/GID etc. in addition to pathnames. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
* TOMOYO: Add built-in policy support.Tetsuo Handa2011-06-291-0/+47
| | | | | | | | | | To be able to start using enforcing mode from the early stage of boot sequence, this patch adds support for built-in policy configuration (and next patch adds support for activating access control without calling external policy loader program). Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
* TOMOYO: Add auditing interface.Tetsuo Handa2011-06-291-1/+1
| | | | | | | | | | Add /sys/kernel/security/tomoyo/audit interface. This interface generates audit logs in the form of domain policy so that /usr/sbin/tomoyo-auditd can reuse audit logs for appending to /sys/kernel/security/tomoyo/domain_policy interface. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
* TOMOYO: Merge path_group and number_group.Tetsuo Handa2010-08-021-1/+1
| | | | | | | Use common code for "path_group" and "number_group". Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
* TOMOYO: Split files into some pieces.Tetsuo Handa2010-08-021-1/+1
| | | | | | | security/tomoyo/common.c became too large to read. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
* TOMOYO: Add mount restriction.Tetsuo Handa2010-08-021-1/+1
| | | | | | | | mount(2) has three string and one numeric parameters. Split mount restriction code from security/tomoyo/file.c . Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
* TOMOYO: Add numeric values grouping support.Tetsuo Handa2010-08-021-1/+1
| | | | | | | | This patch adds numeric values grouping support, which is useful for grouping numeric values such as file's UID, DAC's mode, ioctl()'s cmd number. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
* TOMOYO: Add pathname grouping support.Tetsuo Handa2010-05-171-1/+1
| | | | | | | | This patch adds pathname grouping support, which is useful for grouping pathnames that cannot be represented using /\{dir\}/ pattern. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
* TOMOYO: Add garbage collector.Tetsuo Handa2010-02-141-1/+1
| | | | | | | | | This patch adds garbage collector support to TOMOYO. Elements are protected by "struct srcu_struct tomoyo_ss". Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
* Kconfig and MakefileKentaro Takeda2009-02-121-0/+1
TOMOYO uses LSM hooks for pathname based access control and securityfs support. Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-04 23:40:34 +0100