aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2023-04-29Merge tag 'integrity-v6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds1-1/+1
2023-04-27Merge tag 'mm-stable-2023-04-27-15-30' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds1-1/+1
2023-04-27Merge tag 'sysctl-6.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/m...Linus Torvalds3-21/+3
2023-04-26Merge tag 'net-next-6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds1-3/+3
2023-04-24Merge tag 'docs-6.4' of git://git.lwn.net/linuxLinus Torvalds1-1/+1
2023-04-24Merge tag 'tpmdd-v6.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/j...Linus Torvalds2-3/+28
2023-04-24Merge tag 'Smack-for-6.4' of https://github.com/cschaufler/smack-nextLinus Torvalds1-40/+24
2023-04-24Merge tag 'tomoyo-pr-20230424' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds3-48/+4
2023-04-24Merge tag 'lsm-pr-20230420' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds4-118/+2639
2023-04-24Merge tag 'selinux-pr-20230420' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds34-1223/+727
2023-04-24integrity: machine keyring CA configurationEric Snowberg2-3/+28
2023-04-13yama: simplfy sysctls with register_sysctl()Luis Chamberlain1-7/+1
2023-04-13loadpin: simplify sysctls use with register_sysctl()Luis Chamberlain1-7/+1
2023-04-13apparmor: simplify sysctls with register_sysctl_init()Luis Chamberlain1-7/+1
2023-04-12selinux: ensure av_permissions.h is built when neededPaul Moore1-1/+1
2023-04-12selinux: fix Makefile dependencies of flask.hOndrej Mosnacek1-2/+2
2023-04-05mm, treewide: redefine MAX_ORDER sanelyKirill A. Shutemov1-1/+1
2023-04-05Smack: Improve mount process memory useCasey Schaufler1-39/+23
2023-04-04selinux: stop returning node from avc_insert()Stephen Smalley1-13/+11
2023-03-30docs: move x86 documentation into Documentation/arch/Jonathan Corbet1-1/+1
2023-03-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-3/+6
2023-03-23security: Remove security_old_inode_init_security()Roberto Sassu1-11/+0
2023-03-21keys: Do not cache key in task struct if key is requested from kernel threadDavid Howells1-3/+6
2023-03-20selinux: remove the runtime disable functionalityPaul Moore18-163/+29
2023-03-20selinux: remove the 'checkreqprot' functionalityPaul Moore4-56/+11
2023-03-18af_unix: preserve const qualifier in unix_sk()Eric Dumazet1-1/+1
2023-03-17inet: preserve const qualifier in inet_sk()Eric Dumazet1-2/+2
2023-03-15IMA: allow/fix UML buildsRandy Dunlap1-1/+1
2023-03-14selinux: stop passing selinux_state pointers and their offspringStephen Smalley18-995/+651
2023-03-10security: Remove integrity from the LSM list in KconfigRoberto Sassu1-7/+9
2023-03-10Revert "integrity: double check iint_cache was initialized"Roberto Sassu1-8/+0
2023-03-10security: Introduce LSM_ORDER_LAST and set it for the integrity LSMRoberto Sassu2-3/+10
2023-03-08device_cgroup: Fix typo in devcgroup_css_alloc descriptionKamalesh Babulal1-1/+1
2023-03-08lsm: fix a badly named parameter in security_get_getsecurity()Paul Moore1-5/+5
2023-03-08lsm: fix doc warnings in the LSM hook commentsPaul Moore1-16/+17
2023-03-08smack_lsm: remove unnecessary type castingXU pengfei1-1/+1
2023-03-08selinux: uninline unlikely parts of avc_has_perm_noaudit()Paul Moore1-28/+57
2023-03-06lsm: styling fixes to security/security.cPaul Moore1-84/+98
2023-03-06lsm: move the remaining LSM hook comments to security/security.cPaul Moore1-0/+231
2023-03-06lsm: move the io_uring hook comments to security/security.cPaul Moore1-0/+26
2023-03-06lsm: move the perf hook comments to security/security.cPaul Moore1-0/+39
2023-03-06lsm: move the bpf hook comments to security/security.cPaul Moore1-0/+65
2023-03-06lsm: move the audit hook comments to security/security.cPaul Moore1-0/+41
2023-03-06lsm: move the binder hook comments to security/security.cPaul Moore1-0/+36
2023-03-06lsm: move the sysv hook comments to security/security.cPaul Moore1-0/+191
2023-03-06lsm: move the key hook comments to security/security.cPaul Moore1-0/+40
2023-03-06lsm: move the xfrm hook comments to security/security.cPaul Moore1-0/+103
2023-03-06lsm: move the Infiniband hook comments to security/security.cPaul Moore1-0/+34
2023-03-06lsm: move the SCTP hook comments to security/security.cPaul Moore1-0/+43
2023-03-06lsm: move the socket hook comments to security/security.cPaul Moore1-0/+322
2023-03-06lsm: move the AF_UNIX hook comments to security/security.cPaul Moore1-1/+41
2023-03-06lsm: move the netlink hook comments to security/security.cPaul Moore1-0/+13
2023-03-06lsm: move the task hook comments to security/security.cPaul Moore1-0/+334
2023-03-06lsm: move the file hook comments to security/security.cPaul Moore1-0/+151
2023-03-06lsm: move the kernfs hook comments to security/security.cPaul Moore1-0/+10
2023-03-06lsm: move the inode hook comments to security/security.cPaul Moore1-0/+524
2023-03-06lsm: move the filesystem hook comments to security/security.cPaul Moore1-0/+181
2023-03-06lsm: move the fs_context hook comments to security/security.cPaul Moore1-0/+23
2023-03-06lsm: move the program execution hook comments to security/security.cPaul Moore1-0/+69
2023-03-01capability: just use a 'u64' instead of a 'u32[2]' arrayLinus Torvalds2-37/+52
2023-03-01tomoyo: replace tomoyo_round2() with kmalloc_size_roundup()Vlastimil Babka3-48/+4
2023-02-25Merge tag 'powerpc-6.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/po...Linus Torvalds1-15/+32
2023-02-23Merge tag 'mm-stable-2023-02-20-13-37' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds2-13/+4
2023-02-22Merge tag 'Smack-for-6.3' of https://github.com/cschaufler/smack-nextLinus Torvalds1-3/+14
2023-02-22Merge tag 'integrity-v6.3' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds7-32/+62
2023-02-21Merge tag 'v6.3-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/...Linus Torvalds1-25/+5
2023-02-21smackfs: Added check catlenDenis Arefev1-3/+14
2023-02-21Merge tag 'hardening-v6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds2-37/+55
2023-02-20Merge tag 'fs.idmapped.v6.3' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds19-165/+163
2023-02-20Merge tag 'tpm-v6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jar...Linus Torvalds1-37/+100
2023-02-15apparmor: Fix regression in compat permissions for getattrJohn Johansen1-2/+1
2023-02-13integrity/powerpc: Support loading keys from PLPKSRussell Currey1-7/+10
2023-02-13integrity/powerpc: Improve error handling & reporting when loading certsRussell Currey1-6/+20
2023-02-13KEYS: DH: Use crypto_wait_reqHerbert Xu1-25/+5
2023-02-13KEYS: Add new function key_create()Thomas Weißschuh1-37/+100
2023-02-12powerpc/secvar: Use u64 in secvar_operationsMichael Ellerman1-2/+2
2023-02-09mm: replace vma->vm_flags direct modifications with modifier callsSuren Baghdasaryan1-3/+3
2023-02-08randstruct: disable Clang 15 supportEric Biggers1-0/+3
2023-01-31ima: Introduce MMAP_CHECK_REQPROT hookRoberto Sassu5-6/+32
2023-01-31ima: Align ima_file_mmap() parameters with mmap_file LSM hookRoberto Sassu2-5/+9
2023-01-31evm: call dump_security_xattr() in all cases to remove code duplicationXiu Jianfeng1-17/+16
2023-01-19LoadPin: Allow filesystem switch when not enforcingKees Cook1-5/+11
2023-01-19LoadPin: Move pin reporting cleanly out of lockingKees Cook1-9/+6
2023-01-19LoadPin: Refactor sysctl initializationKees Cook1-16/+19
2023-01-19LoadPin: Refactor read-only check into a helperKees Cook1-12/+21
2023-01-19fs: port vfs{g,u}id helpers to mnt_idmapChristian Brauner1-6/+3
2023-01-19fs: port i_{g,u}id_into_vfs{g,u}id() to mnt_idmapChristian Brauner4-14/+11
2023-01-19fs: port i_{g,u}id_{needs_}update() to mnt_idmapChristian Brauner1-3/+2
2023-01-19fs: port privilege checking helpers to mnt_idmapChristian Brauner1-3/+2
2023-01-19fs: port inode_owner_or_capable() to mnt_idmapChristian Brauner1-3/+2
2023-01-19fs: port acl to mnt_idmapChristian Brauner5-26/+26
2023-01-19fs: port xattr to mnt_idmapChristian Brauner13-94/+99
2023-01-19fs: port ->permission() to pass mnt_idmapChristian Brauner9-16/+17
2023-01-19fs: port ->mkdir() to pass mnt_idmapChristian Brauner1-1/+1
2023-01-19fs: port ->setattr() to pass mnt_idmapChristian Brauner3-6/+7
2023-01-18mm: new primitive kvmemdup()Hao Sun1-10/+1
2023-01-18ima: fix ima_delete_rules() kernel-doc warningRandy Dunlap1-1/+2
2023-01-18ima: return IMA digest value only when IMA_COLLECTED flag is setMatt Bobrowski1-1/+1
2023-01-18ima: fix error handling logic when file measurement failedMatt Bobrowski2-2/+2
2023-01-13tomoyo: Update website linkTetsuo Handa1-1/+1
2023-01-13tomoyo: Remove "select SRCU"Paul E. McKenney1-1/+0
2023-01-09tomoyo: Omit use of bin2cMasahiro Yamada2-8/+8
2023-01-07tomoyo: avoid unneeded creation of builtin-policy.hMasahiro Yamada1-0/+2
2023-01-07tomoyo: fix broken dependency on *.conf.defaultMasahiro Yamada1-1/+1
2022-12-23Merge tag 'hardening-v6.2-rc1-fixes' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2-12/+21
2022-12-21Merge tag 'fs.vfsuid.ima.v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-0/+24
2022-12-14security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6Nathan Chancellor1-0/+3
2022-12-14LoadPin: Ignore the "contents" argument of the LSM hooksKees Cook1-12/+18
2022-12-14Merge tag 'apparmor-pr-2022-12-14' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds35-914/+1632
2022-12-13Merge tag 'integrity-v6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds7-25/+57
2022-12-13Merge tag 'lsm-pr-20221212' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds14-80/+131
2022-12-13Merge tag 'selinux-pr-20221212' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-47/+52
2022-12-13Merge tag 'landlock-6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds8-57/+213
2022-12-13mnt_idmapping: move ima-only helpers to imaChristian Brauner1-0/+24
2022-12-12Merge tag 'fs.vfsuid.conversion.v6.2' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds5-54/+68
2022-12-12Merge tag 'fs.acl.rework.v6.2' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds5-65/+225
2022-12-12Merge tag 'pull-iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-2/+2
2022-12-12Merge tag 'linux-kselftest-kunit-next-6.2-rc1' of git://git.kernel.org/pub/sc...Linus Torvalds5-168/+196
2022-12-12apparmor: test: make static symbols visible during kunit testingRae Moar5-168/+196
2022-12-08KEYS: trusted: tee: Make registered shm dependency explicitSumit Garg1-1/+2
2022-11-28ima: Fix hash dependency to correct algorithmTianjia Zhang1-1/+1
2022-11-25use less confusing names for iov_iter direction initializersAl Viro1-2/+2
2022-11-18lsm,fs: fix vfs_getxattr_alloc() return type and caller error pathsPaul Moore8-31/+34
2022-11-16device_cgroup: Roll back to original exceptions after copy failureWang Weiyang1-4/+29
2022-11-16LSM: Better reporting of actual LSMs at bootKees Cook1-9/+36
2022-11-16ima: Fix misuse of dereference of pointer in template_desc_init_fields()Xiu Jianfeng1-2/+2
2022-11-16integrity: Fix memory leakage in keyring allocation error pathGUO Zihua1-1/+5
2022-11-09selinux: remove the sidtab context conversion indirect callsPaul Moore4-44/+45
2022-11-04lsm: make security_socket_getpeersec_stream() sockptr_t safePaul Moore4-35/+32
2022-11-03ima: Fix memory leak in __ima_inode_hash()Roberto Sassu1-1/+6
2022-11-02ima: Handle -ESTALE returned by ima_filter_rule_match()GUO Zihua1-9/+32
2022-11-02ima: Simplify ima_lsm_copy_ruleGUO Zihua1-7/+3
2022-11-02ima: Fix a potential NULL pointer access in ima_restore_measurement_listHuaxin Lu1-1/+4
2022-11-01apparmor: Fix uninitialized symbol 'array_size' in policy_unpack_test.cJohn Johansen1-2/+2
2022-11-01apparmor: Add __init annotation to aa_{setup/teardown}_dfa_engine()Xiu Jianfeng1-2/+2
2022-11-01efi: Add iMac Pro 2017 to uefi skip cert quirkAditya Garg1-0/+1
2022-11-01apparmor: Fix memleak in alloc_ns()Xiu Jianfeng1-1/+1
2022-10-31Merge tag 'lsm-pr-20221031' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-2/+4
2022-10-28evm: remove dead code in evm_inode_set_acl()Christian Brauner1-3/+2
2022-10-28capabilities: fix potential memleak on error path from vfs_getxattr_alloc()Gaosheng Cui1-2/+4
2022-10-28audit: Fix some kernel-doc warningsBo Liu1-0/+1
2022-10-26ima: use type safe idmapping helpersChristian Brauner1-16/+18
2022-10-26apparmor: use type safe idmapping helpersChristian Brauner3-13/+24
2022-10-26caps: use type safe idmapping helpersChristian Brauner1-25/+26
2022-10-25apparmor: Fix memleak issue in unpack_profile()Xiu Jianfeng1-3/+12
2022-10-25apparmor: fix a memleak in free_ruleset()Gaosheng Cui1-0/+1
2022-10-25apparmor: Fix spelling of function name in comment blockYang Li1-1/+1
2022-10-25apparmor: Use pointer to struct aa_label for lbs_credXiu Jianfeng1-2/+2
2022-10-25AppArmor: Fix kernel-docJiapeng Chong1-1/+1
2022-10-25LSM: Fix kernel-docJiapeng Chong1-1/+1
2022-10-25AppArmor: Fix kernel-docJiapeng Chong1-1/+1
2022-10-25apparmor: Fix loading of child before parentJohn Johansen1-9/+78
2022-10-24apparmor: refactor code that alloc null profilesJohn Johansen4-28/+43
2022-10-24apparmor: fix obsoleted comments for aa_getprocattr() and audit_resource()Gaosheng Cui2-6/+7
2022-10-24apparmor: remove useless static inline functionsGaosheng Cui2-19/+0
2022-10-20evm: remove evm_xattr_acl_change()Christian Brauner1-64/+0
2022-10-20integrity: implement get and set acl hookChristian Brauner3-3/+110
2022-10-20smack: implement get, set and remove acl hookChristian Brauner1-0/+71
2022-10-20selinux: implement get, set and remove acl hookChristian Brauner1-0/+22
2022-10-20security: add get, remove and set acl hookChristian Brauner1-0/+25
2022-10-19KEYS: encrypted: fix key instantiation with user-provided dataNikolaus Voss1-3/+3
2022-10-19selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()GONG, Ruiqi3-5/+6
2022-10-19landlock: Support file truncationGünther Noack6-12/+132
2022-10-19landlock: Document init_layer_masks() helperGünther Noack1-0/+13
2022-10-19landlock: Refactor check_access_path_dual() into is_access_to_paths_allowed()Günther Noack1-45/+44
2022-10-19security: Create file_truncate hook from path_truncate hookGünther Noack3-0/+24
2022-10-17selinux: increase the deprecation sleep for checkreqprot and runtime disablePaul Moore1-2/+2
2022-10-10Merge tag 'mm-stable-2022-10-08' of git://git.kernel.org/pub/scm/linux/kernel...Linus Torvalds1-0/+4
2022-10-10apparmor: Fix unpack_profile() warn: passing zero to 'ERR_PTR'John Johansen1-5/+16
2022-10-10Merge tag 'tpmdd-next-v6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2022-10-10apparmor: fix uninitialize table variable in error in unpack_trans_tableJohn Johansen1-1/+1
2022-10-09Merge tag 'powerpc-6.1-1' of git://git.kernel.org/pub/scm/linux/kernel/git/po...Linus Torvalds1-0/+2
2022-10-06Merge tag 'pull-path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds4-5/+5
2022-10-06Merge tag 'pull-tomoyo' of git://git.kernel.org/pub/scm/linux/kernel/git/viro...Linus Torvalds4-10/+5
2022-10-05security/keys: Remove inconsistent __user annotationVincenzo Frascino1-1/+1
2022-10-04Merge tag 'net-next-6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds1-2/+0
2022-10-04Merge tag 'landlock-6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds2-21/+21
2022-10-04apparmor: store return value of unpack_perms_table() to signed variableMuhammad Usama Anjum1-4/+8
2022-10-03Merge tag 'fs.acl.rework.prep.v6.1' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds1-3/+14
2022-10-03Merge tag 'lsm-pr-20221003' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds5-14/+18
2022-10-03Merge tag 'selinux-pr-20221003' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds6-53/+46
2022-10-03Merge tag 'integrity-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds2-5/+9
2022-10-03Merge tag 'Smack-for-6.1' of https://github.com/cschaufler/smack-nextLinus Torvalds2-12/+17
2022-10-03Merge tag 'hardening-v6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds3-6/+31
2022-10-03apparmor: Fix kunit test for out of bounds arrayJohn Johansen1-2/+1
2022-10-03apparmor: Fix decompression of rawdata for read back to userspaceJohn Johansen2-4/+5
2022-10-03apparmor: Fix undefined references to zstd_ symbolsJohn Johansen3-5/+15
2022-10-03apparmor: make sure the decompression ctx is promperly initializedJohn Johansen1-1/+5
2022-10-03apparmor: Remove unnecessary size check when unpacking trans_tableJohn Johansen1-3/+7
2022-10-03apparmor: Fix doc comment for compute_fpermsJohn Johansen1-2/+2
2022-10-03apparmor: make __aa_path_perm() staticXiu Jianfeng2-6/+4
2022-10-03apparmor: Simplify obtain the newest label on a credGaosheng Cui2-14/+1
2022-10-03apparmor: Fix regression in stacking due to label flagsJohn Johansen1-5/+7
2022-10-03apparmor: fix aa_class_names[] to match reserved classesJohn Johansen1-1/+16
2022-10-03apparmor: rework profile->rules to be a listJohn Johansen15-57/+142
2022-10-03apparmor: refactor profile rules and attachmentsJohn Johansen18-239/+308
2022-10-03apparmor: verify loaded permission bits masks don't overlapJohn Johansen1-4/+30
2022-10-03apparmor: cleanup: move perm accumulation into perms.hJohn Johansen2-52/+53
2022-10-03apparmor: make sure perm indexes are accumulatedJohn Johansen3-2/+25
2022-10-03apparmor: verify permission table indexesJohn Johansen1-1/+34
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 19:15:58 +0000