aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2021-05-12trusted-keys: match tpm_get_ops on all return pathsBen Boeckel1-3/+3
2021-05-12KEYS: trusted: Fix memory leak on object tdColin Ian King1-3/+5
2021-05-05Merge tag 'safesetid-5.13' of git://github.com/micah-morton/linuxLinus Torvalds1-3/+0
2021-05-02Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-2/+2
2021-05-01Merge tag 'landlock_v34' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds25-75/+2468
2021-05-01Merge tag 'integrity-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds5-4/+15
2021-04-29Merge tag 'net-next-5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/ne...Linus Torvalds1-1/+4
2021-04-28Merge tag 'devicetree-for-5.13' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2-10/+3
2021-04-27Merge tag 'fixes-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/jmor...Linus Torvalds1-18/+34
2021-04-27Merge tag 'selinux-pr-20210426' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds14-73/+303
2021-04-26LSM: SafeSetID: Fix code specification by scripts/checkpatch.plYanwei Gao1-3/+0
2021-04-26Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-16/+14
2021-04-26Merge tag 'keys-cve-2020-26541-v3' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds2-2/+29
2021-04-26Merge tag 'queue' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/tpmddLinus Torvalds2-13/+16
2021-04-26Merge tag 'tpmdd-next-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds7-327/+1038
2021-04-22landlock: Enable user space to infer supported featuresMickaël Salaün1-4/+13
2021-04-22landlock: Add syscall implementationsMickaël Salaün2-1/+443
2021-04-22fs,security: Add sb_delete hookMickaël Salaün1-0/+5
2021-04-22landlock: Support filesystem access-controlMickaël Salaün8-2/+781
2021-04-22LSM: Infrastructure management of the superblockCasey Schaufler6-70/+84
2021-04-22landlock: Add ptrace restrictionsMickaël Salaün4-1/+137
2021-04-22landlock: Set up the security framework and manage credentialsMickaël Salaün7-6/+178
2021-04-22landlock: Add ruleset and domain managementMickaël Salaün4-1/+652
2021-04-22landlock: Add object managementMickaël Salaün6-0/+185
2021-04-21selinux: add proper NULL termination to the secclass_map permissionsPaul Moore1-2/+3
2021-04-21KEYS: trusted: fix TPM trusted keys for generic frameworkJames Bottomley2-13/+16
2021-04-21KEYS: trusted: Fix TPM reservation for seal/unsealJames Bottomley1-1/+1
2021-04-20ima: Fix fall-through warnings for ClangGustavo A. R. Silva2-0/+3
2021-04-17Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-2/+2
2021-04-16kasan: remove redundant config optionWalter Wu1-2/+2
2021-04-15security: commoncap: clean up kernel-doc commentsRandy Dunlap1-17/+33
2021-04-14KEYS: trusted: Fix missing null return from kzalloc callColin Ian King1-2/+4
2021-04-14KEYS: trusted: Introduce TEE based Trusted KeysSumit Garg3-0/+324
2021-04-14KEYS: trusted: Add generic trusted keys frameworkSumit Garg3-297/+424
2021-04-14security: keys: trusted: Make sealed key properly interoperableJames Bottomley1-15/+38
2021-04-14security: keys: trusted: use ASN.1 TPM2 key format for the blobsJames Bottomley5-8/+221
2021-04-14security: keys: trusted: fix TPM2 authorizationsJames Bottomley2-10/+32
2021-04-09Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski8-113/+194
2021-04-09Merge tag 'selinux-pr-20210409' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds6-112/+185
2021-04-09integrity: Add declarations to init_once void arguments.Jiele Zhao1-1/+1
2021-04-09ima: Fix function name error in comment.Jiele Zhao1-1/+1
2021-04-09ima: enable loading of build time generated key on .ima keyringNayna Jain1-0/+2
2021-04-07selinux: fix race between old and new sidtabOndrej Mosnacek3-37/+145
2021-04-02selinux: fix cond_list corruption when changing booleansOndrej Mosnacek3-69/+33
2021-04-02selinux: make nslot handling in avtab more robustOndrej Mosnacek1-10/+11
2021-03-28tomoyo: don't special case PF_IO_WORKER for PF_KTHREADJens Axboe1-1/+1
2021-03-26ima: Support EC keys for signature verificationStefan Berger1-16/+14
2021-03-25Merge tag 'integrity-v5.12-fix' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-0/+8
2021-03-25Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netDavid S. Miller4-52/+60
2021-03-24security: commoncap: fix -Wstringop-overread warningArnd Bergmann1-1/+1
2021-03-24apparmor:match_mn() - constify devpath argumentAl Viro1-2/+2
2021-03-24ima: Fix the error code for restoring the PCR valueLi Huafei1-2/+2
2021-03-22smack: differentiate between subjective and objective task credentialsPaul Moore2-14/+44
2021-03-22selinux: clarify task subjective and objective credentialsPaul Moore1-39/+73
2021-03-22lsm: separate security_task_getsecid() into subjective and objective variantsPaul Moore6-14/+24
2021-03-22ima: without an IMA policy loaded, return quicklyMimi Zohar1-0/+6
2021-03-22integrity: double check iint_cache was initializedMimi Zohar1-0/+8
2021-03-22lsm,selinux: add new hook to compare new mount to an existing mountOlga Kornievskaia2-0/+63
2021-03-22Merge tag 'selinux-pr-20210322' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds3-41/+59
2021-03-18selinuxfs: unify policy load error reportingOndrej Mosnacek1-6/+3
2021-03-18selinux: fix variable scope issue in live sidtab conversionOndrej Mosnacek3-33/+55
2021-03-18selinux: don't log MAC_POLICY_LOAD record on failed policy loadOndrej Mosnacek1-2/+1
2021-03-12Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file cap...Eric W. Biederman1-11/+1
2021-03-11nexthop: Add netlink defines and enumerators for resilient NH groupsIdo Schimmel1-1/+4
2021-03-11integrity: Load mokx variables into the blacklist keyringEric Snowberg1-2/+18
2021-03-11certs: Add EFI_CERT_X509_GUID support for dbx entriesEric Snowberg1-0/+11
2021-03-08selinux: fix misspellings using codespell toolXiong Zhenwu1-1/+1
2021-03-08selinux: fix misspellings using codespell toolXiong Zhenwu1-1/+1
2021-03-08selinux: measure state and policy capabilitiesLakshmi Ramasubramanian4-5/+96
2021-03-08selinux: Allow context mounts for unpriviliged overlayfsVivek Goyal1-1/+2
2021-03-08powerpc: Move arch independent ima kexec functions to drivers/of/kexec.cLakshmi Ramasubramanian2-4/+1
2021-03-08powerpc: Move ima buffer fields to struct kimageLakshmi Ramasubramanian1-6/+2
2021-02-23Merge tag 'keys-misc-20210126' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds8-21/+18
2021-02-23Merge tag 'idmapped-mounts-v5.12' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds18-115/+240
2021-02-22Merge branch 'userns-for-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+11
2021-02-22Merge branch 'work.audit' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-2/+3
2021-02-21Merge tag 'tpmdd-next-v5.12-rc1-v2' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds2-8/+36
2021-02-21Merge tag 'Smack-for-v5.12' of git://github.com/cschaufler/smack-nextLinus Torvalds1-2/+19
2021-02-21Merge tag 'integrity-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds16-52/+301
2021-02-21Merge tag 'selinux-pr-20210215' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds16-51/+141
2021-02-21Merge tag 'tomoyo-pr-20210215' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds3-25/+25
2021-02-16KEYS: trusted: Reserve TPM for seal and unseal operationsJarkko Sakkinen1-4/+18
2021-02-16KEYS: trusted: Fix migratable=1 failingJarkko Sakkinen1-1/+1
2021-02-16KEYS: trusted: Fix incorrect handling of tpm_get_random()Jarkko Sakkinen1-3/+17
2021-02-12integrity: Make function integrity_add_key() staticWei Yongjun1-2/+2
2021-02-10Merge branch 'ima-kexec-fixes' into next-integrityMimi Zohar1-0/+3
2021-02-10ima: Free IMA measurement buffer after kexec syscallLakshmi Ramasubramanian1-0/+2
2021-02-10ima: Free IMA measurement buffer on errorLakshmi Ramasubramanian1-0/+1
2021-02-02smackfs: restrict bytes count in smackfs write functionsSabyrzhan Tasbolatov1-2/+19
2021-02-01tomoyo: recognize kernel threads correctlyTetsuo Handa1-1/+1
2021-02-01tomoyo: ignore data race while checking quotaTetsuo Handa3-24/+24
2021-01-28cap: fix conversions on getxattrMiklos Szeredi1-24/+43
2021-01-26IMA: Measure kernel version in early bootRaphael Gianotti1-0/+5
2021-01-24ima: handle idmapped mountsChristian Brauner7-40/+68
2021-01-24apparmor: handle idmapped mountsChristian Brauner3-10/+24
2021-01-24fs: make helpers idmap mount awareChristian Brauner2-2/+3
2021-01-24commoncap: handle idmapped mountsChristian Brauner4-37/+84
2021-01-24xattr: handle idmapped mountsTycho Andersen7-20/+24
2021-01-24acl: handle idmapped mountsChristian Brauner1-7/+38
2021-01-24inode: make init and permission helpers idmapped mount awareChristian Brauner1-2/+2
2021-01-24capability: handle idmapped mountsChristian Brauner1-2/+3
2021-01-21certs: Fix blacklist flag type confusionDavid Howells2-3/+4
2021-01-21KEYS: remove redundant memsetTom Rix1-2/+0
2021-01-21security: keys: delete repeated words in commentsRandy Dunlap2-3/+3
2021-01-21security/keys: use kvfree_sensitive()Denis Efremov1-6/+3
2021-01-21watch_queue: Drop references to /dev/watch_queueGabriel Krisman Bertazi1-4/+4
2021-01-21keys: Remove outdated __user annotationsJann Horn1-3/+3
2021-01-21security: keys: Fix fall-through warnings for ClangGustavo A. R. Silva1-0/+1
2021-01-16make dump_common_audit_data() safe to be called from RCU pathwalkAl Viro1-2/+3
2021-01-16dump_common_audit_data(): fix racy accesses to ->d_nameAl Viro1-2/+5
2021-01-14selinux: include a consumer of the new IMA critical data hookLakshmi Ramasubramanian5-10/+127
2021-01-14IMA: define a builtin critical data measurement policyLakshmi Ramasubramanian1-0/+12
2021-01-14IMA: extend critical data hook to limit the measurement based on a labelTushar Sugandhi1-3/+5
2021-01-14IMA: limit critical data measurement based on a labelTushar Sugandhi1-3/+34
2021-01-14IMA: add policy rule to measure critical dataTushar Sugandhi1-4/+25
2021-01-14IMA: define a hook to measure kernel integrity critical dataTushar Sugandhi3-1/+26
2021-01-14IMA: add support to measure buffer data hashTushar Sugandhi5-9/+30
2021-01-14IMA: generalize keyring specific measurement constructsTushar Sugandhi4-26/+35
2021-01-14selinux: teach SELinux about anonymous inodesDaniel Colascione2-0/+59
2021-01-14security: add inode_init_security_anon() LSM hookLokesh Gidra1-0/+8
2021-01-13selinux: fall back to SECURITY_FS_USE_GENFS if no xattr supportOndrej Mosnacek1-25/+52
2021-01-13evm: Fix memleak in init_descDinghao Liu1-2/+5
2021-01-12selinux: mark selinux_xfrm_refcount as __read_mostlyOndrej Mosnacek1-1/+1
2021-01-12selinux: mark some global variables __ro_after_initOndrej Mosnacek6-12/+12
2021-01-12selinux: make selinuxfs_mount staticOndrej Mosnacek2-2/+1
2021-01-12selinux: drop the unnecessary aurule_callback variableOndrej Mosnacek1-7/+3
2021-01-12selinux: remove unused global variablesOndrej Mosnacek4-4/+0
2021-01-04selinux: fix inconsistency between inode_getxattr and inode_listsecurityAmir Goldstein1-0/+4
2021-01-04selinux: handle MPTCP consistently with TCPPaolo Abeni1-1/+2
2020-12-29capabilities: Don't allow writing ambiguous v3 file capabilitiesEric W. Biederman1-1/+11
2020-12-24Merge tag 'Smack-for-5.11-io_uring-fix' of git://github.com/cschaufler/smack-...Linus Torvalds1-2/+3
2020-12-24Merge tag 'efi_updates_for_v5.11' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds2-0/+77
2020-12-22Smack: Handle io_uring kernel thread privilegesCasey Schaufler1-2/+3
2020-12-17Merge tag 'ovl-update-5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-2/+1
2020-12-16Merge tag 'Smack-for-5.11' of git://github.com/cschaufler/smack-nextLinus Torvalds2-5/+5
2020-12-16Merge tag 'integrity-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds6-37/+54
2020-12-16Merge tag 'selinux-pr-20201214' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds6-28/+35
2020-12-16Merge tag 'audit-pr-20201214' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-5/+0
2020-12-15apparmor: remove duplicate macro list_entry_is_head()Andy Shevchenko1-3/+0
2020-12-15Merge tag 'net-next-5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/ne...Linus Torvalds10-35/+70
2020-12-14Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds3-3/+3
2020-12-14Merge tag 'tomoyo-pr-20201214' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds8-41/+44
2020-12-14vfs: move cap_convert_nscap() call into vfs_setxattr()Miklos Szeredi1-2/+1
2020-12-12Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klasse...Jakub Kicinski1-0/+1
2020-12-06tomoyo: Fix typo in comments.Tetsuo Handa5-7/+7
2020-12-04Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextJakub Kicinski1-24/+54
2020-12-03security: add const qualifier to struct sock in various placesFlorian Westphal7-11/+11
2020-11-29ima: Don't modify file descriptor mode on the flyRoberto Sassu1-15/+5
2020-11-27tomoyo: Fix null pointer checkZheng Zengkai3-6/+4
2020-11-27xfrm: redact SA secret with lockdown confidentialityAntony Antony1-0/+1
2020-11-26ima: Implement ima_inode_hashKP Singh1-24/+54
2020-11-23lsm,selinux: pass flowi_common instead of flowi to the LSM hooksPaul Moore4-17/+19
2020-11-23selinux: Fix fall-through warnings for ClangGustavo A. R. Silva1-0/+1
2020-11-23keys: Provide the original description to the key preparserDavid Howells1-0/+2
2020-11-20ima: select ima-buf template for buffer measurementLakshmi Ramasubramanian4-16/+37
2020-11-20crypto: sha - split sha.h into sha1.h and sha2.hEric Biggers3-3/+3
2020-11-19Merge https://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-1/+3
2020-11-16security/smack: remove unused varible 'rc'Alex Shi1-2/+1
2020-11-14Merge tag 'selinux-pr-20201113' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+3
2020-11-14Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextJakub Kicinski1-0/+2
2020-11-13Smack: fix kernel-doc interface on functionsAlex Shi1-3/+4
2020-11-12selinux: Fix error return code in sel_ib_pkey_sid_slow()Chen Zhou1-1/+3
2020-11-12selinux: drop super_block backpointer from superblock_security_structOndrej Mosnacek2-4/+2
2020-11-06bpf: Implement task local storageKP Singh1-0/+2
2020-11-06ima: generalize x86/EFI arch glue for other EFI architecturesChester Lin2-0/+77
2020-11-05selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handlingPaul Moore1-18/+13
2020-11-03tomoyo: Limit wildcard recursion depth.Tetsuo Handa1-25/+30
2020-11-02ima: defer arch_ima_get_secureboot() call to IMA init timeArd Biesheuvel2-6/+12
2020-10-29ima: Replace zero-length array with flexible-array memberGustavo A. R. Silva1-1/+1
2020-10-28tomoyo: fix clang pointer arithmetic warningArnd Bergmann1-3/+3
2020-10-27selinux: allow dontauditx and auditallowx rules to take effect without allowxbauen11-3/+1
2020-10-27selinux: fix error initialization in inode_doinit_with_dentry()Tianyue Ren1-3/+16
2020-10-27audit: trigger accompanying records when no rules presentRichard Guy Briggs1-5/+0
2020-10-25Merge tag 'safesetid-5.10' of git://github.com/micah-morton/linuxLinus Torvalds3-109/+309
2020-10-17task_work: cleanup notification modesJens Axboe2-2/+2
2020-10-15Merge tag 'net-next-5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/ne...Linus Torvalds1-0/+6
2020-10-15Merge tag 'integrity-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds8-67/+161
2020-10-15Merge tag 'char-misc-5.10-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds7-35/+110
2020-10-13Merge tag 'selinux-pr-20201012' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds17-498/+1068
2020-10-13Merge tag 'Smack-for-5.10' of git://github.com/cschaufler/smack-nextLinus Torvalds4-149/+200
2020-10-13Merge tag 'tomoyo-pr-20201012' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds1-6/+23
2020-10-13LSM: SafeSetID: Fix warnings reported by test botThomas Cedeno2-14/+14
2020-10-13LSM: SafeSetID: Add GID security policy handlingThomas Cedeno3-109/+309
2020-10-13Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-3/+11
2020-10-12Merge branch 'work.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds3-41/+3
2020-10-12Merge tag 'efi-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-19/+66
2020-10-12tomoyo: Loosen pathname/domainname validation.Tetsuo Handa1-6/+23
2020-10-05Smack: Remove unnecessary variable initializationCasey Schaufler1-1/+1
2020-10-05fs/kernel_file_read: Add "offset" arg for partial readsKees Cook2-2/+3
2020-10-05IMA: Add support for file reads without contentsScott Branden1-6/+16
2020-10-05LSM: Add "contents" flag to kernel_read_file hookKees Cook4-8/+28
2020-10-05firmware_loader: Use security_post_load_data()Kees Cook1-10/+10
2020-10-05LSM: Introduce kernel_post_load_data() hookKees Cook4-6/+42
2020-10-05fs/kernel_read_file: Add file_size output argumentKees Cook2-2/+2
2020-10-05fs/kernel_read_file: Switch buffer size arg to size_tKees Cook2-2/+2
2020-10-05fs/kernel_read_file: Remove redundant size argumentKees Cook2-4/+7
2020-10-05fs/kernel_read_file: Split into separate include fileScott Branden7-0/+7
2020-10-05fs/kernel_read_file: Remove FIRMWARE_PREALLOC_BUFFER enumKees Cook3-6/+4
2020-10-03security/keys: remove compat_keyctl_instantiate_key_iovChristoph Hellwig3-40/+3
2020-10-03iov_iter: transparently handle compat iovecs in import_iovecChristoph Hellwig1-3/+2
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-17 05:44:42 +0000