summaryrefslogtreecommitdiffstats
path: root/security/landlock
AgeCommit message (Expand)AuthorLines
2025-01-17landlock: Optimize file path walks and prepare for audit supportMickaël Salaün-17/+27
2025-01-17landlock: Align partial refer access checks with final onesMickaël Salaün-1/+13
2025-01-17landlock: Simplify initially denied access rightsMickaël Salaün-11/+19
2025-01-17landlock: Move access typesMickaël Salaün-46/+68
2025-01-17landlock: Factor out check_access_path()Mickaël Salaün-21/+11
2025-01-14landlock: Use scoped guards for ruleset in landlock_add_rule()Mickaël Salaün-10/+4
2025-01-14landlock: Use scoped guards for rulesetMickaël Salaün-29/+23
2025-01-14landlock: Constify get_mode_access()Mickaël Salaün-1/+1
2025-01-14landlock: Handle weird filesMickaël Salaün-6/+5
2024-11-18Merge tag 'pull-fd' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds-31/+14
2024-11-09landlock: Optimize scope enforcementMickaël Salaün-3/+15
2024-11-09landlock: Refactor network access mask managementMickaël Salaün-22/+6
2024-11-09landlock: Refactor filesystem access mask managementMickaël Salaün-32/+75
2024-11-03fdget(), trivial conversionsAl Viro-18/+8
2024-11-03fdget_raw() users: switch to CLASS(fd_raw)Al Viro-13/+6
2024-09-24Merge tag 'landlock-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds-9/+269
2024-09-23Merge tag 'pull-stable-struct_fd' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds-11/+11
2024-09-16landlock: Add signal scopingTahera Fahimi-2/+90
2024-09-16landlock: Add abstract UNIX socket scopingTahera Fahimi-8/+180
2024-08-12introduce fd_file(), convert all accessors to it.Al Viro-11/+11
2024-08-12lsm: add the inode_free_security_rcu() LSM implementation hookPaul Moore-3/+6
2024-07-27Merge tag 'landlock-6.11-rc1-houdini-fix' of git://git.kernel.org/pub/scm/lin...Linus Torvalds-2/+9
2024-07-24landlock: Don't lose track of restrictions on cred_transferJann Horn-2/+9
2024-07-18landlock: Various documentation improvementsGünther Noack-8/+9
2024-07-08landlock: Use bit-fields for storing handled layer access masksGünther Noack-21/+9
2024-05-31landlock: Fix d_parent walkMickaël Salaün-2/+11
2024-05-13landlock: Add IOCTL access right for character and block devicesGünther Noack-5/+224
2024-03-08landlock: Use f_cred in security_file_open() hookMickaël Salaün-7/+11
2024-03-08landlock: Rename "ptrace" files to "task"Mickaël Salaün-9/+9
2024-03-08landlock: Simplify current_check_access_socket()Mickaël Salaün-4/+3
2024-03-07landlock: Warn once if a Landlock action is requested while disabledMickaël Salaün-3/+15
2024-02-27landlock: Add support for KUnit testsMickaël Salaün-0/+255
2024-02-26landlock: Fix asymmetric private inodes referringMickaël Salaün-2/+2
2024-01-09Merge tag 'landlock-6.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds-16/+17
2024-01-03landlock: Optimize the number of calls to get_access_mask slightlyGünther Noack-2/+3
2024-01-03landlock: Remove remaining "inline" modifiers in .c files [v6.6]Günther Noack-1/+1
2024-01-03landlock: Remove remaining "inline" modifiers in .c files [v6.1]Günther Noack-9/+9
2024-01-03landlock: Remove remaining "inline" modifiers in .c files [v5.15]Günther Noack-4/+4
2023-11-12LSM: Identify modules by more than nameCasey Schaufler-4/+11
2023-10-26landlock: Support network rules with TCP bind and connectKonstantin Meskhidze-24/+414
2023-10-26landlock: Refactor landlock_add_rule() syscallKonstantin Meskhidze-44/+45
2023-10-26landlock: Refactor layer helpersKonstantin Meskhidze-42/+66
2023-10-26landlock: Move and rename layer helpersKonstantin Meskhidze-115/+129
2023-10-26landlock: Refactor merge/inherit_ruleset helpersKonstantin Meskhidze-42/+74
2023-10-26landlock: Refactor landlock_find_rule/insert_rule helpersKonstantin Meskhidze-54/+165
2023-10-26landlock: Allow FS topology changes for domains without such rule typeMickaël Salaün-40/+60
2023-10-26landlock: Make ruleset's access masks more genericKonstantin Meskhidze-20/+50
2023-08-18landlock: Annotate struct landlock_rule with __counted_byKees Cook-1/+1
2023-06-12hostfs: Fix ephemeral inodesMickaël Salaün-1/+1
2023-03-20selinux: remove the runtime disable functionalityPaul Moore-5/+5
generated by cgit v1.2.3 (git 2.46.0) at 2026-05-27 16:50:45 +0000