aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2023-09-18Merge remote-tracking branch 'brauner/vfs.all' into kdevopsJeff Layton1-4/+1
2023-09-12selinux: fix handling of empty opts in selinux_fs_context_submount()Ondrej Mosnacek1-2/+8
2023-09-11selinuxfs: free sb->s_fs_info after shutting down the super blockChristoph Hellwig1-4/+1
2023-09-08Merge tag 'landlock-6.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-1/+1
2023-09-04Merge tag 'tomoyo-pr-20230903' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds3-7/+5
2023-08-30Merge tag 'Smack-for-6.6' of https://github.com/cschaufler/smack-nextLinus Torvalds1-2/+2
2023-08-30Merge tag 'integrity-v6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds5-30/+16
2023-08-30Merge tag 'lsm-pr-20230829' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds9-83/+162
2023-08-30Merge tag 'selinux-pr-20230829' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds34-286/+276
2023-08-29Merge tag 'mm-stable-2023-08-28-18-26' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds1-5/+2
2023-08-29Merge tag 'net-next-6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds2-3/+3
2023-08-29Merge tag 'tpmdd-v6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkk...Linus Torvalds10-14/+94
2023-08-28Merge tag 's390-6.6-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/...Linus Torvalds1-2/+2
2023-08-28Merge tag 'hardening-v6.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds3-4/+26
2023-08-28Merge tag 'v6.6-vfs.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vf...Linus Torvalds3-0/+87
2023-08-28Merge tag 'v6.6-vfs.ctime' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds4-10/+16
2023-08-25LoadPin: Annotate struct dm_verity_loadpin_trusted_root_digest with __counted_byKees Cook1-2/+1
2023-08-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-1/+1
2023-08-22Merge tag 'selinux-pr-20230821' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2023-08-21selinux: use vma_is_initial_stack() and vma_is_initial_heap()Kefeng Wang1-5/+2
2023-08-18selinux: set next pointer before attaching to listChristian Göttsche1-1/+1
2023-08-18integrity: Annotate struct ima_rule_opt_list with __counted_byKees Cook1-2/+2
2023-08-18s390/ipl: fix virtual vs physical address confusionAlexander Gordeev1-2/+2
2023-08-18landlock: Annotate struct landlock_rule with __counted_byKees Cook1-1/+1
2023-08-17KEYS: Replace all non-returning strlcpy with strscpyAzeem Shaikh1-1/+1
2023-08-17integrity: PowerVM support for loading third party code signing keysNayna Jain3-0/+30
2023-08-17integrity: PowerVM machine keyring enablementNayna Jain1-1/+3
2023-08-17integrity: check whether imputed trust is enabledNayna Jain4-6/+22
2023-08-17integrity: remove global variable from machine_keyring.cNayna Jain1-2/+2
2023-08-17integrity: ignore keys failing CA restrictions on non-UEFI platformNayna Jain1-1/+1
2023-08-17integrity: PowerVM support for loading CA keys on machine keyringNayna Jain3-0/+30
2023-08-17integrity: Enforce digitalSignature usage in the ima and evm keyringsEric Snowberg3-4/+6
2023-08-15selinux: prevent KMSAN warning in selinux_inet_conn_request()Andrew Kanner1-0/+1
2023-08-15hardening: Move BUG_ON_DATA_CORRUPTION to hardening optionsMarco Elver1-0/+10
2023-08-15list: Introduce CONFIG_LIST_HARDENEDMarco Elver1-0/+13
2023-08-15lsm: constify the 'file' parameter in security_binder_transfer_file()Khadija Kamran2-5/+5
2023-08-15vfs, security: Fix automount superblock LSM init problem, preventing NFS sb s...David Howells3-0/+87
2023-08-13tomoyo: remove unused function declarationGONG, Ruiqi1-2/+0
2023-08-10Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-1/+1
2023-08-09selinux: use unsigned iterator in nlmsgtab codeChristian Göttsche1-1/+2
2023-08-09selinux: avoid implicit conversions in policydb codeChristian Göttsche1-32/+37
2023-08-09selinux: avoid implicit conversions in selinuxfs codeChristian Göttsche1-7/+7
2023-08-09selinux: make left shifts well definedChristian Göttsche1-6/+6
2023-08-09selinux: update type for number of class permissions in services codeChristian Göttsche2-2/+2
2023-08-09selinux: avoid implicit conversions in avtab codeChristian Göttsche1-12/+12
2023-08-09selinux: revert SECINITSID_INIT supportPaul Moore6-64/+1
2023-08-08lsm: constify the 'target' parameter in security_capget()Khadija Kamran4-4/+4
2023-08-08selinux: use GFP_KERNEL while reading binary policyChristian Göttsche1-5/+5
2023-08-08selinux: update comment on selinux_hooks[]Xiu Jianfeng1-4/+0
2023-08-07smackfs: Prevent underflow in smk_set_cipso()Dan Carpenter1-1/+1
2023-08-07security: smack: smackfs: fix typo (lables->labels)Tóth János1-1/+1
2023-08-07sysctl: set variable key_sysctls storage-class-specifier to staticTom Rix1-1/+1
2023-08-07kexec_lock: Replace kexec_mutex() by kexec_lock() in two commentsWenyu Liu1-1/+1
2023-08-05tomoyo: refactor deprecated strncpyJustin Stitt1-3/+2
2023-08-03selinux: avoid implicit conversions in services codeChristian Göttsche3-16/+18
2023-08-03selinux: avoid implicit conversions in mls codeChristian Göttsche1-4/+6
2023-08-03selinux: use identical iterator type in hashtab_duplicate()Christian Göttsche1-1/+2
2023-08-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-3/+8
2023-08-01ima: require signed IMA policy when UEFI secure boot is enabledCoiby Xu1-0/+3
2023-08-01integrity: Always reference the blacklist keyring with appraisalEric Snowberg2-17/+12
2023-08-01ima: Remove deprecated IMA_TRUSTED_KEYRING KconfigNayna Jain1-12/+0
2023-07-31lsm: add comment block for security_sk_classify_flow LSM hookKhadija Kamran1-0/+7
2023-07-28selinux: move debug functions into debug configurationChristian Göttsche5-3/+20
2023-07-28security: keys: perform capable check only on privileged operationsChristian Göttsche1-3/+8
2023-07-28selinux: log about VM being executable by defaultChristian Göttsche1-0/+2
2023-07-26security: Fix ret values doc for security_inode_init_security()Roberto Sassu1-2/+2
2023-07-24selinux: convert to ctime accessor functionsJeff Layton1-1/+1
2023-07-24security: convert to ctime accessor functionsJeff Layton1-1/+1
2023-07-24apparmor: convert to ctime accessor functionsJeff Layton2-5/+5
2023-07-23tomoyo: add format attributes to functionsChristian Göttsche2-2/+3
2023-07-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski2-12/+25
2023-07-20selinux: fix a 0/NULL mistmatch in ad_net_init_from_iif()Paul Moore1-1/+1
2023-07-20selinux: introduce SECURITY_SELINUX_DEBUG configurationChristian Göttsche2-4/+13
2023-07-19selinux: introduce and use lsm_ad_net_init*() helpersPaolo Abeni1-41/+43
2023-07-19selinux: update my email addressStephen Smalley25-25/+25
2023-07-19selinux: add missing newlines in pr_err() statementsChristian Göttsche2-4/+4
2023-07-19selinux: drop avtab_search()Christian Göttsche4-42/+8
2023-07-18selinux: de-brand SELinuxStephen Smalley4-11/+11
2023-07-18selinux: avoid implicit conversions regarding enforcing statusChristian Göttsche3-6/+7
2023-07-18selinux: fix implicit conversions in the symtabChristian Göttsche2-2/+2
2023-07-18selinux: use consistent type for AV rule specifierChristian Göttsche3-3/+3
2023-07-18selinux: avoid implicit conversions in the LSM hooksChristian Göttsche1-16/+10
2023-07-18selinux: avoid implicit conversions in the AVC codeChristian Göttsche1-7/+8
2023-07-18selinux: avoid implicit conversions in the netif codeChristian Göttsche1-2/+2
2023-07-18selinux: consistently use u32 as sequence number type in the status codeChristian Göttsche2-2/+2
2023-07-18selinux: avoid avtab overflowsChristian Göttsche1-2/+2
2023-07-18selinux: check for multiplication overflow in put_entry()Christian Göttsche1-2/+5
2023-07-17security: keys: Modify mismatched function nameJiapeng Chong1-1/+1
2023-07-17keys: Fix linking a duplicate key to a keyring's assoc_arrayPetr Pavlu1-11/+24
2023-07-14security: Constify sk in the sk_getsecid hook.Guillaume Nault2-3/+3
2023-07-10selinux: introduce an initial SID for early boot processesOndrej Mosnacek6-2/+65
2023-07-10selinux: cleanup the policycap accessor functionsPaul Moore1-24/+11
2023-07-10evm: Support multiple LSMs providing an xattrRoberto Sassu3-7/+37
2023-07-10evm: Align evm_inode_init_security() definition with LSM infrastructureRoberto Sassu2-8/+12
2023-07-10smack: Set the SMACK64TRANSMUTE xattr in smack_inode_init_security()Roberto Sassu2-18/+29
2023-07-10security: Allow all LSMs to provide xattrs for inode_init_security hookRoberto Sassu3-44/+71
2023-07-10lsm: fix typo in security_file_lock() comment headerPairman Guo1-1/+1
2023-07-10apparmor: update ctime whenever the mtime changes on an inodeJeff Layton2-6/+12
2023-07-07Merge tag 'apparmor-pr-2023-07-06' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds8-68/+110
2023-07-06apparmor: Fix kernel-doc header for verify_dfa_accept_indexJohn Johansen1-1/+1
2023-07-06apparmor: fix: kzalloc perms tables for shared dfasJohn Johansen2-4/+35
2023-07-06apparmor: fix profile verification and enable itJohn Johansen2-25/+27
2023-07-06apparmor: fix policy_compat permission remap with extended permissionsJohn Johansen1-12/+19
2023-07-06apparmor: aa_buffer: Convert 1-element array to flexible arrayKees Cook1-4/+4
2023-07-06apparmor: add missing failure check in compute_xmatch_permsJohn Johansen1-0/+2
2023-07-06apparmor: fix missing error check for rhashtable_insert_fastDanila Chernetsov1-2/+7
2023-07-06apparmor: Return directly after a failed kzalloc() in two functionsMarkus Elfring1-5/+5
2023-07-06AppArmor: Fix some kernel-doc commentsYang Li1-1/+1
2023-07-06apparmor: fix use of strcpy in policy_unpack_testRae Moar1-7/+6
2023-07-04Merge tag 'core_guards_for_6.5_rc1' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds1-3/+3
2023-06-30Merge tag 'powerpc-6.5-1' of git://git.kernel.org/pub/scm/linux/kernel/git/po...Linus Torvalds1-14/+26
2023-06-29Merge tag 'slab-for-6.5' of git://git.kernel.org/pub/scm/linux/kernel/git/vba...Linus Torvalds1-8/+0
2023-06-28Merge tag 'v6.5-rc1-sysctl-next' of git://git.kernel.org/pub/scm/linux/kernel...Linus Torvalds1-0/+7
2023-06-28Merge tag 'mm-stable-2023-06-24-19-15' of git://git.kernel.org/pub/scm/linux/...bisectLinus Torvalds1-1/+1
2023-06-27Merge tag 'Smack-for-6.5' of https://github.com/cschaufler/smack-nextLinus Torvalds2-16/+48
2023-06-27Merge tag 'integrity-v6.5' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds7-16/+32
2023-06-27Merge tag 'lsm-pr-20230626' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds5-16/+15
2023-06-27Merge tag 'selinux-pr-20230626' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds21-92/+144
2023-06-27Merge tag 'landlock-6.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-1/+1
2023-06-26Merge tag 'fsverity-for-linus' of git://git.kernel.org/pub/scm/fs/fsverity/linuxLinus Torvalds1-19/+12
2023-06-26apparmor: Free up __cleanup() namePeter Zijlstra1-3/+3
2023-06-21device_cgroup: Fix kernel-doc warnings in device_cgroupGaosheng Cui1-1/+0
2023-06-21security/integrity: fix pointer to ESL data and its size on pseriesNayna Jain1-14/+26
2023-06-20SafeSetID: fix UID printed instead of GIDAlexander Mikhalitsyn1-1/+1
2023-06-14fsverity: rework fsverity_get_digest() againEric Biggers1-19/+12
2023-06-12hostfs: Fix ephemeral inodesMickaël Salaün1-1/+1
2023-06-09mm/gup: remove vmas parameter from get_user_pages_remote()Lorenzo Stoakes1-1/+1
2023-06-08sysctl: move security keys sysctl registration to its own fileLuis Chamberlain1-0/+7
2023-06-06ima: Fix build warningsRoberto Sassu2-1/+5
2023-06-06evm: Fix build warningsRoberto Sassu2-2/+2
2023-06-05selinux: avoid bool as identifier nameChristian Göttsche2-5/+5
2023-06-05evm: Complete description of evm_inode_setattr()Roberto Sassu1-0/+2
2023-06-02selinux: fix Makefile for versions of make < v4.3Paul Moore1-3/+14
2023-06-01selinux: don't use make's grouped targets feature yetPaul Moore1-1/+5
2023-06-01integrity: Fix possible multiple allocation in integrity_inode_get()Tianjia Zhang1-6/+9
2023-05-30selinux: make labeled NFS work when mounted before policy loadOndrej Mosnacek2-17/+42
2023-05-30selinux: cleanup exit_sel_fs() declarationXiu Jianfeng1-1/+0
2023-05-25lsm: fix a number of misspellingsPaul Moore4-14/+14
2023-05-24mm/slab: remove HAVE_HARDENED_USERCOPY_ALLOCATORVlastimil Babka1-8/+0
2023-05-23IMA: use vfs_getattr_nosec to get the i_versionJeff Layton2-7/+14
2023-05-23selinux: deprecated fs oconChristian Göttsche2-1/+5
2023-05-18selinux: make header files self-includingChristian Göttsche2-0/+4
2023-05-18selinux: keep context struct members in syncChristian Göttsche1-0/+1
2023-05-18selinux: Implement mptcp_add_subflow hookPaolo Abeni2-2/+22
2023-05-18security, lsm: Introduce security_mptcp_add_subflow()Paolo Abeni1-0/+17
2023-05-11smack: Record transmuting in smk_transmutedRoberto Sassu2-12/+30
2023-05-11smack: Retrieve transmuting information in smack_inode_getsecurity()Roberto Sassu1-4/+18
2023-05-08selinux: small cleanups in selinux_audit_rule_init()Paul Moore1-20/+18
2023-05-08selinux: declare read-only data arrays constChristian Göttsche3-3/+3
2023-05-08selinux: retain const qualifier on string literal in avtab_hash_eval()Christian Göttsche2-2/+2
2023-05-08selinux: drop return at end of void function avc_insert()Christian Göttsche1-1/+0
2023-05-08selinux: avc: drop unused function avc_disable()Christian Göttsche2-22/+0
2023-05-08selinux: adjust typos in commentsChristian Göttsche6-6/+6
2023-05-08selinux: do not leave dangling pointer behindChristian Göttsche1-0/+1
2023-05-08selinux: more Makefile tweaksPaul Moore1-10/+9
2023-04-29Merge tag 'integrity-v6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds1-1/+1
2023-04-27Merge tag 'mm-stable-2023-04-27-15-30' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds1-1/+1
2023-04-27Merge tag 'sysctl-6.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/m...Linus Torvalds3-21/+3
2023-04-26Merge tag 'net-next-6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds1-3/+3
2023-04-24Merge tag 'docs-6.4' of git://git.lwn.net/linuxLinus Torvalds1-1/+1
2023-04-24Merge tag 'tpmdd-v6.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/j...Linus Torvalds2-3/+28
2023-04-24Merge tag 'Smack-for-6.4' of https://github.com/cschaufler/smack-nextLinus Torvalds1-40/+24
2023-04-24Merge tag 'tomoyo-pr-20230424' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds3-48/+4
2023-04-24Merge tag 'lsm-pr-20230420' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds4-118/+2639
2023-04-24Merge tag 'selinux-pr-20230420' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds34-1223/+727
2023-04-24integrity: machine keyring CA configurationEric Snowberg2-3/+28
2023-04-13yama: simplfy sysctls with register_sysctl()Luis Chamberlain1-7/+1
2023-04-13loadpin: simplify sysctls use with register_sysctl()Luis Chamberlain1-7/+1
2023-04-13apparmor: simplify sysctls with register_sysctl_init()Luis Chamberlain1-7/+1
2023-04-12selinux: ensure av_permissions.h is built when neededPaul Moore1-1/+1
2023-04-12selinux: fix Makefile dependencies of flask.hOndrej Mosnacek1-2/+2
2023-04-05mm, treewide: redefine MAX_ORDER sanelyKirill A. Shutemov1-1/+1
2023-04-05Smack: Improve mount process memory useCasey Schaufler1-39/+23
2023-04-04selinux: stop returning node from avc_insert()Stephen Smalley1-13/+11
2023-03-30docs: move x86 documentation into Documentation/arch/Jonathan Corbet1-1/+1
2023-03-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-3/+6
2023-03-23security: Remove security_old_inode_init_security()Roberto Sassu1-11/+0
2023-03-21keys: Do not cache key in task struct if key is requested from kernel threadDavid Howells1-3/+6
2023-03-20selinux: remove the runtime disable functionalityPaul Moore18-163/+29
2023-03-20selinux: remove the 'checkreqprot' functionalityPaul Moore4-56/+11
2023-03-18af_unix: preserve const qualifier in unix_sk()Eric Dumazet1-1/+1
2023-03-17inet: preserve const qualifier in inet_sk()Eric Dumazet1-2/+2
2023-03-15IMA: allow/fix UML buildsRandy Dunlap1-1/+1
2023-03-14selinux: stop passing selinux_state pointers and their offspringStephen Smalley18-995/+651
2023-03-10security: Remove integrity from the LSM list in KconfigRoberto Sassu1-7/+9
2023-03-10Revert "integrity: double check iint_cache was initialized"Roberto Sassu1-8/+0
2023-03-10security: Introduce LSM_ORDER_LAST and set it for the integrity LSMRoberto Sassu2-3/+10
2023-03-08device_cgroup: Fix typo in devcgroup_css_alloc descriptionKamalesh Babulal1-1/+1
2023-03-08lsm: fix a badly named parameter in security_get_getsecurity()Paul Moore1-5/+5
2023-03-08lsm: fix doc warnings in the LSM hook commentsPaul Moore1-16/+17
2023-03-08smack_lsm: remove unnecessary type castingXU pengfei1-1/+1
2023-03-08selinux: uninline unlikely parts of avc_has_perm_noaudit()Paul Moore1-28/+57
2023-03-06lsm: styling fixes to security/security.cPaul Moore1-84/+98
2023-03-06lsm: move the remaining LSM hook comments to security/security.cPaul Moore1-0/+231
2023-03-06lsm: move the io_uring hook comments to security/security.cPaul Moore1-0/+26
2023-03-06lsm: move the perf hook comments to security/security.cPaul Moore1-0/+39
2023-03-06lsm: move the bpf hook comments to security/security.cPaul Moore1-0/+65
2023-03-06lsm: move the audit hook comments to security/security.cPaul Moore1-0/+41
2023-03-06lsm: move the binder hook comments to security/security.cPaul Moore1-0/+36
2023-03-06lsm: move the sysv hook comments to security/security.cPaul Moore1-0/+191
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 18:12:08 +0000