<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/security/apparmor/include/apparmorfs.h, branch v4.12</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>apparmor: add per policy ns .load, .replace, .remove interface files</title>
<updated>2017-01-16T09:18:44+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2017-01-16T08:42:58+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=b7fd2c0340eacbee892425e9007647568b7f2a3c'/>
<id>b7fd2c0340eacbee892425e9007647568b7f2a3c</id>
<content type='text'>
Having per policy ns interface files helps with containers restoring
policy.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Having per policy ns interface files helps with containers restoring
policy.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: allow introspecting the loaded policy pre internal transform</title>
<updated>2017-01-16T09:18:42+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2017-01-16T08:42:55+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=5ac8c355ae0013d82b3a07b49aebeadfce9b6e52'/>
<id>5ac8c355ae0013d82b3a07b49aebeadfce9b6e52</id>
<content type='text'>
Store loaded policy and allow introspecting it through apparmorfs. This
has several uses from debugging, policy validation, and policy checkpoint
and restore for containers.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Store loaded policy and allow introspecting it through apparmorfs. This
has several uses from debugging, policy validation, and policy checkpoint
and restore for containers.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: add special .null file used to "close" fds at exec</title>
<updated>2017-01-16T09:18:35+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2017-01-16T08:42:45+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=a71ada305801e940ff69c2c58489778760e5148b'/>
<id>a71ada305801e940ff69c2c58489778760e5148b</id>
<content type='text'>
Borrow the special null device file from selinux to "close" fds that
don't have sufficient permissions at exec time.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Borrow the special null device file from selinux to "close" fds that
don't have sufficient permissions at exec time.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: rename namespace to ns to improve code line lengths</title>
<updated>2017-01-16T08:42:16+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2017-01-16T08:42:16+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=98849dff90e270af3b34889b9e08252544f40b5b'/>
<id>98849dff90e270af3b34889b9e08252544f40b5b</id>
<content type='text'>
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: add the ability to report a sha1 hash of loaded policy</title>
<updated>2013-08-14T18:42:08+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2013-08-14T18:27:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=f8eb8a1324e81927b2c64823b2fc38386efd3fef'/>
<id>f8eb8a1324e81927b2c64823b2fc38386efd3fef</id>
<content type='text'>
Provide userspace the ability to introspect a sha1 hash value for each
profile currently loaded.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Provide userspace the ability to introspect a sha1 hash value for each
profile currently loaded.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: add an optional profile attachment string for profiles</title>
<updated>2013-08-14T18:42:07+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2013-07-11T04:17:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=556d0be74b19cb6288e5eb2f3216eac247d87968'/>
<id>556d0be74b19cb6288e5eb2f3216eac247d87968</id>
<content type='text'>
Add the ability to take in and report a human readable profile attachment
string for profiles so that attachment specifications can be easily
inspected.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add the ability to take in and report a human readable profile attachment
string for profiles so that attachment specifications can be easily
inspected.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
Acked-by: Seth Arnold &lt;seth.arnold@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: add interface files for profiles and namespaces</title>
<updated>2013-08-14T18:42:07+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2013-07-11T04:13:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=0d259f043f5f60f74c4fd020aac190cb6450e918'/>
<id>0d259f043f5f60f74c4fd020aac190cb6450e918</id>
<content type='text'>
Add basic interface files to access namespace and profile information.
The interface files are created when a profile is loaded and removed
when the profile or namespace is removed.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add basic interface files to access namespace and profile information.
The interface files are created when a profile is loaded and removed
when the profile or namespace is removed.

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>AppArmor: add "file" details to securityfs</title>
<updated>2012-02-27T19:38:18+00:00</updated>
<author>
<name>Kees Cook</name>
<email>kees@ubuntu.com</email>
</author>
<published>2012-01-27T00:29:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=a9bf8e9fd561ba9ff1f0f2a1d96e439fcedaaaa4'/>
<id>a9bf8e9fd561ba9ff1f0f2a1d96e439fcedaaaa4</id>
<content type='text'>
Create the "file" directory in the securityfs for tracking features
related to files.

Signed-off-by: Kees Cook &lt;kees@ubuntu.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Create the "file" directory in the securityfs for tracking features
related to files.

Signed-off-by: Kees Cook &lt;kees@ubuntu.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>AppArmor: add initial "features" directory to securityfs</title>
<updated>2012-02-27T19:38:17+00:00</updated>
<author>
<name>Kees Cook</name>
<email>kees@outflux.net</email>
</author>
<published>2012-01-27T00:29:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=e74abcf3359d0130e99a6511ac484a3ea9e6e988'/>
<id>e74abcf3359d0130e99a6511ac484a3ea9e6e988</id>
<content type='text'>
This adds the "features" subdirectory to the AppArmor securityfs
to display boolean features flags and the known capability mask.

Signed-off-by: Kees Cook &lt;kees@ubuntu.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This adds the "features" subdirectory to the AppArmor securityfs
to display boolean features flags and the known capability mask.

Signed-off-by: Kees Cook &lt;kees@ubuntu.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>AppArmor: refactor securityfs to use structures</title>
<updated>2012-02-27T19:38:09+00:00</updated>
<author>
<name>Kees Cook</name>
<email>kees@outflux.net</email>
</author>
<published>2012-01-27T00:29:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=9acd494be9387b0608612cd139967201dd7a4e12'/>
<id>9acd494be9387b0608612cd139967201dd7a4e12</id>
<content type='text'>
Use a file tree structure to represent the AppArmor securityfs.

Signed-off-by: Kees Cook &lt;kees@ubuntu.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Use a file tree structure to represent the AppArmor securityfs.

Signed-off-by: Kees Cook &lt;kees@ubuntu.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
