mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 14:25:52 +00:00
Code Issues Releases Wiki Activity
414 Commits 23 Branches 113 Tags
30a2252adf18b1012c9fa38a24b4c259b33acb7e
Commit Graph

414 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Steve Beattie
30a2252adf Add some basic tests for openat(). Need to add tests that delete the 
opened directory before the openat() call occurs.
 2007-03-13 11:57:36 +00:00
Steve Beattie
3f32351793 Misc cleanups. 2007-03-13 11:32:04 +00:00
Jesse Michael
c0b7fc812d add minor cleanup to match up with recommendations from the kernel 
CodingStyle documentation
 2007-03-12 18:39:53 +00:00
Dominic Reynolds
8fb0f8f3d1 Fixes for BZ 179656, 233768. Add new capabilities rating to sverity.db, 
localization fixes in SubDomain.pm and Reports.pm.
 2007-03-12 14:12:40 +00:00
Steve Beattie
7b391f3d5c Add a testcase to verify when clone() is allowed. 2007-03-08 23:40:10 +00:00
Steve Beattie
b0733fb3a4 Based on a patch from jjohansen@suse.de, does s/constrained/confined/ in 
comments and descriptions. A later patch will fix it for the few
testcases that actually check the value in /proc/pid/attr/current.
 2007-03-08 21:23:17 +00:00
Steve Beattie
19235e440a Patch by jjohansen@suse.de: fix the syscall_chroot test to work even 
when chroot pathnames are reported against the namespace root instead of
the chroot root.
 2007-03-08 21:00:12 +00:00
John Johansen
b787d8ac21 Patches against test suite to match the for-mainline branch 2007-03-08 17:15:12 +00:00
Steve Beattie
23f05801f6 Add testcases for fchmod/fchown and clean up some formatting in the 
original chmod/chown tests.
 2007-03-08 00:09:47 +00:00
Steve Beattie
ad542aba23 Add a test for cap net_bind_service w/tcp. Alas, this test is still 
disabled.
 2007-03-07 18:54:28 +00:00
Steve Beattie
beac286a5c Run fork.c through lindent. 2007-03-06 20:13:31 +00:00
Andreas Gruenbacher
0c7f8233e8 Rename mount-consistent-d_cache.diff to mount-consistent-d_path.diff. 2007-03-01 21:18:35 +00:00
Andreas Gruenbacher
7df0fde677 Add proposal for unlink permission checking. 2007-03-01 06:16:18 +00:00
Andreas Gruenbacher
da080ef1a4 Add parentheses. 2007-03-01 06:06:51 +00:00
Andreas Gruenbacher
76e0141e21 Fix link-subset-check.diff and add more rigid link-subset-check-2.diff variant for discussion. 2007-03-01 05:02:27 +00:00
Andreas Gruenbacher
584a4a2bbd Make the computation of exec_mode more obvious. 2007-03-01 04:15:51 +00:00
Steve Beattie
065b7bf660 Add a couple of testcases to the hardlink test. 2007-02-28 17:39:53 +00:00
Andreas Gruenbacher
c20016faf5 Make nfsd compile again after file-handle-ops-2.diff. 2007-02-27 23:47:47 +00:00
Andreas Gruenbacher
e4d1ddd10c Really add file-handle-ops-2.diff now. 2007-02-27 22:16:11 +00:00
Andreas Gruenbacher
ba440ad5b8 Ad xattr hook changes needed for proper file descriptor handling. Add file-handle-ops-2.diff for handling xattrs and file read/write. 2007-02-27 22:13:49 +00:00
Andreas Gruenbacher
6184196ce2 Remove junk from constrained-to-confined.diff. 2007-02-27 09:45:27 +00:00
Andreas Gruenbacher
59454ecf49 Add mount-consistent-d_cache.diff and file-handle-ops.diff. Update to last link-subset-check.diff proposal. Minor rediffs to get rid of offsets. 2007-02-27 08:42:00 +00:00
John Johansen
3bc6bf34ab add fixes to locking and more minor cleanups 2007-02-27 05:09:23 +00:00
John Johansen
f3ba454d8c Add dfa support to the parser 2007-02-27 02:29:16 +00:00
Andreas Gruenbacher
06a239c9c8 Enable fix-aa_register.diff. Add no-new-namespaces.diff. 2007-02-24 18:14:47 +00:00
Andreas Gruenbacher
bd442e3869 Add clarify-audit-status-handling.diff. Fix 247679 in link-subset-check.diff. Uncomment ptrace.diff and link-subset-check.diff in series.conf. 2007-02-23 22:33:00 +00:00
Andreas Gruenbacher
4ca2496f50 d_namespace_path fix; rename aa_get_pathname back to aa_get_name. Add tell-files-from-dirs.diff. 2007-02-23 07:38:14 +00:00
Andreas Gruenbacher
79f88b5458 Add tentative aa_link refinement. Comment out this patch and the ptrace patch for now. 2007-02-23 06:28:15 +00:00
Andreas Gruenbacher
0b96655a5c Allow confined processes th ptrace other processes if they have CAP_SYS_PTRACE. 2007-02-23 05:11:21 +00:00
Andreas Gruenbacher
487a7b4e73 Two minor cleanups / improvements 2007-02-22 04:45:15 +00:00
John Johansen
353f21162e fix link permission checks to emit message in complain mode when profile is missing necessary link permissions 2007-02-22 01:04:50 +00:00
John Johansen
6946b405c1 fix link permission checks to emit message in complain mode when profile is missing necessary link permissions 2007-02-22 01:04:11 +00:00
Andreas Gruenbacher
ee4c70b261 Add tentative aa_register fix. 2007-02-21 08:34:17 +00:00
Andreas Gruenbacher
d462346781 Add locking documentation 2007-02-21 01:16:40 +00:00
Andreas Gruenbacher
0f97882aa3 Another bunch of cleanups, including a big locking rewrite. 2007-02-21 01:08:46 +00:00
John Johansen
8eb8d6df7d convert syscall rejects to use GFP_ATOMIC allocations, the GFP_KERNEL allocations can cause spinlock recursion in these hooks. 2007-02-20 07:41:23 +00:00
Andreas Gruenbacher
8779ffa8f3 Revert breakage triggered by Neil's review comment on the LKML. 2007-02-17 09:07:54 +00:00
Tony Jones
de1a855d5c Be nice and check for nulls 2007-02-16 02:13:18 +00:00
Andreas Gruenbacher
e2f747eca4 Zap redundant kernel command line __setup() code. Some fuzz/offset rediffs. 2007-02-16 01:34:49 +00:00
Andreas Gruenbacher
0e6adf7ce3 Revert series change 2007-02-15 21:57:40 +00:00
Andreas Gruenbacher
15a0bad179 Don't change the messages: this would break audit. 2007-02-15 21:57:14 +00:00
Andreas Gruenbacher
8075045c37 Update comments. 2007-02-15 21:43:21 +00:00
Andreas Gruenbacher
01c123fbca Also add command line parameter for apparmor_path_max 2007-02-15 21:38:03 +00:00
Andreas Gruenbacher
4adfbfb821 Make the maximum pathname size (apparmor_path_max) configurable. Some subsequent refreshes. 2007-02-15 21:12:39 +00:00
Andreas Gruenbacher
6de6de7bc3 Add other fixes from Steve. 2007-02-15 11:55:00 +00:00
Andreas Gruenbacher
3982066011 Incorporate feedback from Steve. 2007-02-15 11:03:05 +00:00
Andreas Gruenbacher
597f751050 Some more minor cleanups 2007-02-15 03:46:53 +00:00
Tony Jones
e4c5a59fa4 Add more hooks to test module. 2007-02-15 01:42:31 +00:00
Andreas Gruenbacher
91adace6df Follow-up rediff 2007-02-13 06:12:44 +00:00
Andreas Gruenbacher
836c7eae7e cap_combine() used instead of cap_raise(). 2007-02-13 03:36:16 +00:00