aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2021-02-23Merge tag 'keys-misc-20210126' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds8-21/+18
2021-02-23Merge tag 'idmapped-mounts-v5.12' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds18-115/+240
2021-02-22Merge branch 'userns-for-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+11
2021-02-22Merge branch 'work.audit' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-2/+3
2021-02-21Merge tag 'tpmdd-next-v5.12-rc1-v2' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds2-8/+36
2021-02-21Merge tag 'Smack-for-v5.12' of git://github.com/cschaufler/smack-nextLinus Torvalds1-2/+19
2021-02-21Merge tag 'integrity-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds16-52/+301
2021-02-21Merge tag 'selinux-pr-20210215' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds16-51/+141
2021-02-21Merge tag 'tomoyo-pr-20210215' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds3-25/+25
2021-02-16KEYS: trusted: Reserve TPM for seal and unseal operationsJarkko Sakkinen1-4/+18
2021-02-16KEYS: trusted: Fix migratable=1 failingJarkko Sakkinen1-1/+1
2021-02-16KEYS: trusted: Fix incorrect handling of tpm_get_random()Jarkko Sakkinen1-3/+17
2021-02-12integrity: Make function integrity_add_key() staticWei Yongjun1-2/+2
2021-02-10Merge branch 'ima-kexec-fixes' into next-integrityMimi Zohar1-0/+3
2021-02-10ima: Free IMA measurement buffer after kexec syscallLakshmi Ramasubramanian1-0/+2
2021-02-10ima: Free IMA measurement buffer on errorLakshmi Ramasubramanian1-0/+1
2021-02-02smackfs: restrict bytes count in smackfs write functionsSabyrzhan Tasbolatov1-2/+19
2021-02-01tomoyo: recognize kernel threads correctlyTetsuo Handa1-1/+1
2021-02-01tomoyo: ignore data race while checking quotaTetsuo Handa3-24/+24
2021-01-28cap: fix conversions on getxattrMiklos Szeredi1-24/+43
2021-01-26IMA: Measure kernel version in early bootRaphael Gianotti1-0/+5
2021-01-24ima: handle idmapped mountsChristian Brauner7-40/+68
2021-01-24apparmor: handle idmapped mountsChristian Brauner3-10/+24
2021-01-24fs: make helpers idmap mount awareChristian Brauner2-2/+3
2021-01-24commoncap: handle idmapped mountsChristian Brauner4-37/+84
2021-01-24xattr: handle idmapped mountsTycho Andersen7-20/+24
2021-01-24acl: handle idmapped mountsChristian Brauner1-7/+38
2021-01-24inode: make init and permission helpers idmapped mount awareChristian Brauner1-2/+2
2021-01-24capability: handle idmapped mountsChristian Brauner1-2/+3
2021-01-21certs: Fix blacklist flag type confusionDavid Howells2-3/+4
2021-01-21KEYS: remove redundant memsetTom Rix1-2/+0
2021-01-21security: keys: delete repeated words in commentsRandy Dunlap2-3/+3
2021-01-21security/keys: use kvfree_sensitive()Denis Efremov1-6/+3
2021-01-21watch_queue: Drop references to /dev/watch_queueGabriel Krisman Bertazi1-4/+4
2021-01-21keys: Remove outdated __user annotationsJann Horn1-3/+3
2021-01-21security: keys: Fix fall-through warnings for ClangGustavo A. R. Silva1-0/+1
2021-01-16make dump_common_audit_data() safe to be called from RCU pathwalkAl Viro1-2/+3
2021-01-16dump_common_audit_data(): fix racy accesses to ->d_nameAl Viro1-2/+5
2021-01-14selinux: include a consumer of the new IMA critical data hookLakshmi Ramasubramanian5-10/+127
2021-01-14IMA: define a builtin critical data measurement policyLakshmi Ramasubramanian1-0/+12
2021-01-14IMA: extend critical data hook to limit the measurement based on a labelTushar Sugandhi1-3/+5
2021-01-14IMA: limit critical data measurement based on a labelTushar Sugandhi1-3/+34
2021-01-14IMA: add policy rule to measure critical dataTushar Sugandhi1-4/+25
2021-01-14IMA: define a hook to measure kernel integrity critical dataTushar Sugandhi3-1/+26
2021-01-14IMA: add support to measure buffer data hashTushar Sugandhi5-9/+30
2021-01-14IMA: generalize keyring specific measurement constructsTushar Sugandhi4-26/+35
2021-01-14selinux: teach SELinux about anonymous inodesDaniel Colascione2-0/+59
2021-01-14security: add inode_init_security_anon() LSM hookLokesh Gidra1-0/+8
2021-01-13selinux: fall back to SECURITY_FS_USE_GENFS if no xattr supportOndrej Mosnacek1-25/+52
2021-01-13evm: Fix memleak in init_descDinghao Liu1-2/+5
2021-01-12selinux: mark selinux_xfrm_refcount as __read_mostlyOndrej Mosnacek1-1/+1
2021-01-12selinux: mark some global variables __ro_after_initOndrej Mosnacek6-12/+12
2021-01-12selinux: make selinuxfs_mount staticOndrej Mosnacek2-2/+1
2021-01-12selinux: drop the unnecessary aurule_callback variableOndrej Mosnacek1-7/+3
2021-01-12selinux: remove unused global variablesOndrej Mosnacek4-4/+0
2021-01-04selinux: fix inconsistency between inode_getxattr and inode_listsecurityAmir Goldstein1-0/+4
2021-01-04selinux: handle MPTCP consistently with TCPPaolo Abeni1-1/+2
2020-12-29capabilities: Don't allow writing ambiguous v3 file capabilitiesEric W. Biederman1-1/+11
2020-12-24Merge tag 'Smack-for-5.11-io_uring-fix' of git://github.com/cschaufler/smack-...Linus Torvalds1-2/+3
2020-12-24Merge tag 'efi_updates_for_v5.11' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds2-0/+77
2020-12-22Smack: Handle io_uring kernel thread privilegesCasey Schaufler1-2/+3
2020-12-17Merge tag 'ovl-update-5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-2/+1
2020-12-16Merge tag 'Smack-for-5.11' of git://github.com/cschaufler/smack-nextLinus Torvalds2-5/+5
2020-12-16Merge tag 'integrity-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds6-37/+54
2020-12-16Merge tag 'selinux-pr-20201214' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds6-28/+35
2020-12-16Merge tag 'audit-pr-20201214' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-5/+0
2020-12-15apparmor: remove duplicate macro list_entry_is_head()Andy Shevchenko1-3/+0
2020-12-15Merge tag 'net-next-5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/ne...Linus Torvalds10-35/+70
2020-12-14Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds3-3/+3
2020-12-14Merge tag 'tomoyo-pr-20201214' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds8-41/+44
2020-12-14vfs: move cap_convert_nscap() call into vfs_setxattr()Miklos Szeredi1-2/+1
2020-12-12Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klasse...Jakub Kicinski1-0/+1
2020-12-06tomoyo: Fix typo in comments.Tetsuo Handa5-7/+7
2020-12-04Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextJakub Kicinski1-24/+54
2020-12-03security: add const qualifier to struct sock in various placesFlorian Westphal7-11/+11
2020-11-29ima: Don't modify file descriptor mode on the flyRoberto Sassu1-15/+5
2020-11-27tomoyo: Fix null pointer checkZheng Zengkai3-6/+4
2020-11-27xfrm: redact SA secret with lockdown confidentialityAntony Antony1-0/+1
2020-11-26ima: Implement ima_inode_hashKP Singh1-24/+54
2020-11-23lsm,selinux: pass flowi_common instead of flowi to the LSM hooksPaul Moore4-17/+19
2020-11-23selinux: Fix fall-through warnings for ClangGustavo A. R. Silva1-0/+1
2020-11-23keys: Provide the original description to the key preparserDavid Howells1-0/+2
2020-11-20ima: select ima-buf template for buffer measurementLakshmi Ramasubramanian4-16/+37
2020-11-20crypto: sha - split sha.h into sha1.h and sha2.hEric Biggers3-3/+3
2020-11-19Merge https://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-1/+3
2020-11-16security/smack: remove unused varible 'rc'Alex Shi1-2/+1
2020-11-14Merge tag 'selinux-pr-20201113' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+3
2020-11-14Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextJakub Kicinski1-0/+2
2020-11-13Smack: fix kernel-doc interface on functionsAlex Shi1-3/+4
2020-11-12selinux: Fix error return code in sel_ib_pkey_sid_slow()Chen Zhou1-1/+3
2020-11-12selinux: drop super_block backpointer from superblock_security_structOndrej Mosnacek2-4/+2
2020-11-06bpf: Implement task local storageKP Singh1-0/+2
2020-11-06ima: generalize x86/EFI arch glue for other EFI architecturesChester Lin2-0/+77
2020-11-05selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handlingPaul Moore1-18/+13
2020-11-03tomoyo: Limit wildcard recursion depth.Tetsuo Handa1-25/+30
2020-11-02ima: defer arch_ima_get_secureboot() call to IMA init timeArd Biesheuvel2-6/+12
2020-10-29ima: Replace zero-length array with flexible-array memberGustavo A. R. Silva1-1/+1
2020-10-28tomoyo: fix clang pointer arithmetic warningArnd Bergmann1-3/+3
2020-10-27selinux: allow dontauditx and auditallowx rules to take effect without allowxbauen11-3/+1
2020-10-27selinux: fix error initialization in inode_doinit_with_dentry()Tianyue Ren1-3/+16
2020-10-27audit: trigger accompanying records when no rules presentRichard Guy Briggs1-5/+0
2020-10-25Merge tag 'safesetid-5.10' of git://github.com/micah-morton/linuxLinus Torvalds3-109/+309
2020-10-17task_work: cleanup notification modesJens Axboe2-2/+2
2020-10-15Merge tag 'net-next-5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/ne...Linus Torvalds1-0/+6
2020-10-15Merge tag 'integrity-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds8-67/+161
2020-10-15Merge tag 'char-misc-5.10-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds7-35/+110
2020-10-13Merge tag 'selinux-pr-20201012' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds17-498/+1068
2020-10-13Merge tag 'Smack-for-5.10' of git://github.com/cschaufler/smack-nextLinus Torvalds4-149/+200
2020-10-13Merge tag 'tomoyo-pr-20201012' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds1-6/+23
2020-10-13LSM: SafeSetID: Fix warnings reported by test botThomas Cedeno2-14/+14
2020-10-13LSM: SafeSetID: Add GID security policy handlingThomas Cedeno3-109/+309
2020-10-13Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-3/+11
2020-10-12Merge branch 'work.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds3-41/+3
2020-10-12Merge tag 'efi-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-19/+66
2020-10-12tomoyo: Loosen pathname/domainname validation.Tetsuo Handa1-6/+23
2020-10-05Smack: Remove unnecessary variable initializationCasey Schaufler1-1/+1
2020-10-05fs/kernel_file_read: Add "offset" arg for partial readsKees Cook2-2/+3
2020-10-05IMA: Add support for file reads without contentsScott Branden1-6/+16
2020-10-05LSM: Add "contents" flag to kernel_read_file hookKees Cook4-8/+28
2020-10-05firmware_loader: Use security_post_load_data()Kees Cook1-10/+10
2020-10-05LSM: Introduce kernel_post_load_data() hookKees Cook4-6/+42
2020-10-05fs/kernel_read_file: Add file_size output argumentKees Cook2-2/+2
2020-10-05fs/kernel_read_file: Switch buffer size arg to size_tKees Cook2-2/+2
2020-10-05fs/kernel_read_file: Remove redundant size argumentKees Cook2-4/+7
2020-10-05fs/kernel_read_file: Split into separate include fileScott Branden7-0/+7
2020-10-05fs/kernel_read_file: Remove FIRMWARE_PREALLOC_BUFFER enumKees Cook3-6/+4
2020-10-03security/keys: remove compat_keyctl_instantiate_key_iovChristoph Hellwig3-40/+3
2020-10-03iov_iter: transparently handle compat iovecs in import_iovecChristoph Hellwig1-3/+2
2020-09-25integrity: Asymmetric digsig supports SM2-with-SM3 algorithmTianjia Zhang1-3/+11
2020-09-22Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netDavid S. Miller1-1/+2
2020-09-22Smack: Fix build when NETWORK_SECMARK is not setCasey Schaufler1-0/+7
2020-09-16ima: Fix NULL pointer dereference in ima_file_hashKP Singh1-0/+10
2020-09-16integrity: Load certs from the EFI MOK config tableLenny Szubowicz1-0/+22
2020-09-16integrity: Move import of MokListRT certs to a separate routineLenny Szubowicz1-19/+44
2020-09-15Merge tag 'fixes-v5.9a' of git://git.kernel.org/pub/scm/linux/kernel/git/jmor...Linus Torvalds1-1/+2
2020-09-15selinux: Add helper functions to get and set checkreqprotLakshmi Ramasubramanian3-5/+16
2020-09-15evm: Check size of security.evm before using itRoberto Sassu1-0/+6
2020-09-15ima: Remove semicolon at the end of ima_get_binary_runtime_size()Roberto Sassu1-1/+1
2020-09-15ima: Don't ignore errors from crypto_shash_update()Roberto Sassu1-0/+2
2020-09-15ima: Use kmemdup rather than kmalloc+memcpyAlex Dewar1-5/+4
2020-09-11Smack: Use the netlabel cacheCasey Schaufler4-38/+68
2020-09-11Smack: Set socket labels only onceCasey Schaufler2-89/+98
2020-09-11Smack: Consolidate uses of secmark into a functionCasey Schaufler1-28/+33
2020-09-11selinux: access policycaps with READ_ONCE/WRITE_ONCEStephen Smalley2-8/+9
2020-09-09integrity: include keyring name for unknown key requestBruno Meneguele1-2/+8
2020-09-09ima: limit secure boot feedback scope for appraiseBruno Meneguele1-9/+16
2020-09-08integrity: invalid kernel parameters feedbackBruno Meneguele4-4/+16
2020-09-08ima: add check for enforced appraise optionBruno Meneguele1-0/+2
2020-09-04Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski12-38/+30
2020-08-31integrity: Use current_uid() in integrity_audit_message()Denis Efremov1-1/+1
2020-08-31ima: Fail rule parsing when asymmetric key measurement isn't supportableTyler Hicks1-2/+4
2020-08-31ima: Pre-parse the list of keyrings in a KEY_CHECK ruleTyler Hicks1-45/+93
2020-08-31selinux: simplify away security_policydb_len()Ondrej Mosnacek3-30/+10
2020-08-27selinux: move policy mutex to selinux_state, use in lockdep checksStephen Smalley4-43/+22
2020-08-26selinux: fix error handling bugs in security_load_policy()Dan Carpenter1-11/+23
2020-08-25bpf: Implement bpf_local_storage for inodesKP Singh1-0/+6
2020-08-25selinux: convert policy read-write lock to RCUStephen Smalley4-218/+280
2020-08-24selinux: delete repeated words in commentsRandy Dunlap1-3/+3
2020-08-23treewide: Use fallthrough pseudo-keywordGustavo A. R. Silva12-38/+30
2020-08-21selinux: add basic filtering for audit trace eventsPeter Enderborg1-13/+15
2020-08-21selinux: add tracepoint on audited eventsThiƩbaud Weksteen1-0/+5
2020-08-21selinux: Create new booleans and class dirs out of treeDaniel Burgener1-23/+90
2020-08-21selinux: Standardize string literal usage for selinuxfs directory namesDaniel Burgener1-4/+6
2020-08-21selinux: Refactor selinuxfs directory populating functionsDaniel Burgener1-20/+25
2020-08-21selinux: Create function for selinuxfs directory cleanupDaniel Burgener1-14/+25
2020-08-20selinux: permit removing security.selinux xattr before policy loadStephen Smalley1-0/+3
2020-08-20device_cgroup: Fix RCU list debugging warningAmol Grover1-1/+2
2020-08-20selinux: fix memdup.cocci warningskernel test robot1-3/+2
2020-08-19selinux: avoid dereferencing the policy prior to initializationStephen Smalley1-0/+60
2020-08-19selinux: fix allocation failure check on newpolicy->sidtabColin Ian King1-1/+1
2020-08-17selinux: refactor changing booleansStephen Smalley8-64/+368
2020-08-17selinux: move policy commit after updating selinuxfsStephen Smalley6-80/+104
2020-08-17selinux: encapsulate policy state, refactor policy loadStephen Smalley2-192/+221
2020-08-17scripts/selinux,selinux: update mdp to enable policy capabilitiesStephen Smalley4-26/+40
2020-08-12Merge branch 'akpm' (patches from Andrew)Linus Torvalds1-1/+1
2020-08-12mm/gup: remove task_struct pointer for all gup codePeter Xu1-1/+1
2020-08-11Merge tag 'for-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris...Linus Torvalds10-10/+10
2020-08-07mm, treewide: rename kzfree() to kfree_sensitive()Waiman Long10-62/+62
2020-08-06Replace HTTP links with HTTPS ones: securityAlexander A. Klimov10-10/+10
2020-08-06Merge tag 'integrity-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds12-140/+283
2020-08-06Merge tag 'Smack-for-5.9' of git://github.com/cschaufler/smack-nextLinus Torvalds1-3/+16
2020-08-04Merge tag 'cap-checkpoint-restore-v5.9' of git://git.kernel.org/pub/scm/linux...Linus Torvalds1-2/+3
2020-08-04Merge branch 'exec-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/eb...Linus Torvalds3-5/+5
2020-08-04Merge tag 'audit-pr-20200803' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds5-55/+49
2020-08-04Merge tag 'selinux-pr-20200803' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds14-161/+240
2020-08-04Merge tag 'var-init-v5.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-4/+25
2020-08-03Merge tag 'for-5.9/block-20200802' of git://git.kernel.dk/linux-blockLinus Torvalds1-0/+1
2020-07-27integrity: remove redundant initialization of variable retColin Ian King1-1/+1
2020-07-27Smack: prevent underflow in smk_set_cipso()Dan Carpenter1-1/+1
2020-07-27Smack: fix another vsscanf out of boundsDan Carpenter1-0/+4
2020-07-21audit: purge audit_log_string from the intra-kernel audit APIRichard Guy Briggs5-55/+44
2020-07-21exec: Implement kernel_execveEric W. Biederman3-5/+5
2020-07-20ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtimeBruno Meneguele2-1/+7
2020-07-20ima: AppArmor satisfies the audit rule requirementsTyler Hicks1-1/+1
2020-07-20ima: Rename internal filter rule functionsTyler Hicks2-25/+21
2020-07-20ima: Support additional conditionals in the KEXEC_CMDLINE hook functionTyler Hicks7-22/+28
2020-07-20ima: Use the common function to detect LSM conditionals in a ruleTyler Hicks1-9/+2
2020-07-20ima: Move comprehensive rule validation checks out of the token parserTyler Hicks3-46/+37
2020-07-20ima: Use correct type for the args_p member of ima_rule_entry.lsm elementsTyler Hicks1-9/+9
2020-07-20ima: Shallow copy the args_p member of ima_rule_entry.lsm elementsTyler Hicks1-10/+8
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 20:03:33 +0000