TWxSoftware/twx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5bfcbd22ee
twx-linux/security/apparmor
History
John Johansen 5bfcbd22ee apparmor: Enable tuning of policy paranoid load for embedded systems 
AppArmor by default does an extensive check on loaded policy that
can take quite some time on limited resource systems. Allow
disabling this check for embedded systems where system images are
readonly and have checksumming making the need for the embedded
policy to be fully checked to be redundant.

Note: basic policy checks are still done.

Signed-off-by: John Johansen <john.johansen@canonical.com>
2022-07-09 15:13:59 -07:00
..
include apparmor: make export of raw binary profile to userspace optional 2022-07-09 15:13:59 -07:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
apparmorfs.c apparmor: make export of raw binary profile to userspace optional 2022-07-09 15:13:59 -07:00
audit.c audit: purge audit_log_string from the intra-kernel audit API 2020-07-21 11:12:31 -04:00
capability.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
crypto.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
domain.c tracehook: Remove tracehook.h 2022-03-10 16:51:51 -06:00
file.c apparmor: handle idmapped mounts 2021-01-24 14:27:20 +01:00
ipc.c audit: purge audit_log_string from the intra-kernel audit API 2020-07-21 11:12:31 -04:00
Kconfig apparmor: Enable tuning of policy paranoid load for embedded systems 2022-07-09 15:13:59 -07:00
label.c apparmor: Fix kernel-doc 2022-07-09 15:13:59 -07:00
lib.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
lsm.c apparmor: Enable tuning of policy paranoid load for embedded systems 2022-07-09 15:13:59 -07:00
Makefile apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
match.c apparmor: ensure that dfa state tables have entries 2020-04-08 04:42:48 -07:00
mount.c apparmor:match_mn() - constify devpath argument 2021-03-24 14:11:29 -04:00
net.c security: add const qualifier to struct sock in various places 2020-12-03 12:56:03 -08:00
nulldfa.in apparmor: cleanup add proper line wrapping to nulldfa.in 2018-02-09 11:30:01 -08:00
path.c security: apparmor: delete repeated words in comments 2021-02-07 04:15:46 -08:00
policy_ns.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
policy_unpack_test.c apparmor: test: Use NULL macros 2022-04-04 14:29:29 -06:00
policy_unpack.c apparmor: Enable tuning of policy paranoid load for embedded systems 2022-07-09 15:13:59 -07:00
policy.c apparmor: make export of raw binary profile to userspace optional 2022-07-09 15:13:59 -07:00
procattr.c apparmor: Fix kernel-doc 2022-07-09 15:13:59 -07:00
resource.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
secid.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
stacksplitdfa.in apparmor: use the dfa to do label parse string splitting 2018-02-09 11:30:01 -08:00
task.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00