aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2015-09-17Merge branch 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds1-1/+1
2015-09-12Merge branch 'for-mingo' of git://git.kernel.org/pub/scm/linux/kernel/git/pau...Ingo Molnar1-1/+1
2015-09-10mm: mark most vm_operations_struct constKirill A. Shutemov1-1/+1
2015-09-08Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds20-362/+1732
2015-09-04fs: create and use seq_show_option for escapingKees Cook1-1/+1
2015-09-04capabilities: add a securebit to disable PR_CAP_AMBIENT_RAISEAndy Lutomirski1-1/+2
2015-09-04capabilities: ambient capabilitiesAndy Lutomirski2-10/+93
2015-09-03security/device_cgroup: Fix RCU_LOCKDEP_WARN() conditionPaul E. McKenney1-1/+1
2015-09-01Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds1-1/+1
2015-08-31Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds1-3/+3
2015-08-26LSM: restore certain default error codesJan Beulich1-5/+6
2015-08-15Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris12-110/+907
2015-08-14Merge branch 'smack-for-4.3' of https://github.com/cschaufler/smack-next into...James Morris1-14/+18
2015-08-12Smack - Fix build error with bringup unconfiguredCasey Schaufler1-14/+18
2015-08-12Merge branch 'for-mingo' of git://git.kernel.org/pub/scm/linux/kernel/git/pau...Ingo Molnar1-3/+3
2015-08-11Merge branch 'smack-for-4.3' of https://github.com/cschaufler/smack-next into...James Morris4-208/+807
2015-08-10Kernel threads excluded from smack checksRoman Kubiak1-0/+6
2015-08-04Adding YAMA hooks also when YAMA is not stacked.Salvatore Mesoraca1-0/+1
2015-07-31Smack: Three symbols that should be staticCasey Schaufler2-3/+3
2015-07-28Smack: IPv6 host labelingCasey Schaufler3-160/+578
2015-07-28Yama: remove needless CONFIG_SECURITY_YAMA_STACKEDKees Cook4-43/+14
2015-07-28KEYS: ensure we free the assoc array edit if edit is validColin Ian King1-3/+5
2015-07-22rcu: Rename rcu_lockdep_assert() to RCU_LOCKDEP_WARN()Paul E. McKenney1-3/+3
2015-07-22sysfs: fix simple_return.cocci warningskbuild test robot1-5/+1
2015-07-22smack: allow mount opts setting over filesystems with binary mount dataVivek Trivedi2-40/+219
2015-07-13selinux: Create a common helper to determine an inode label [ver #3]David Howells1-46/+41
2015-07-13selinux: Augment BUG_ON assertion for secclass_map.Stephen Smalley1-1/+2
2015-07-13selinux: initialize sock security class to default valueStephen Smalley1-0/+1
2015-07-13selinux: reduce locking overhead in inode_free_security()Waiman Long1-3/+14
2015-07-13selinux: extended permissions for ioctlsJeff Vander Stoep11-60/+834
2015-07-13security: add ioctl specific auditing to lsm_auditJeff Vander Stoep1-0/+15
2015-07-11Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...James Morris2-1/+8
2015-07-10selinux: fix mprotect PROT_EXEC regression caused by mm changeStephen Smalley1-1/+2
2015-07-10vfs: Commit to never having exectuables on proc and sysfs.Eric W. Biederman1-1/+1
2015-07-09selinux: don't waste ebitmap space when importing NetLabel categoriesPaul Moore1-0/+6
2015-07-04Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-13/+6
2015-07-03Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds3-16/+13
2015-07-01Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds2-4/+4
2015-07-01sysfs: Create mountpoints with sysfs_create_mount_pointEric W. Biederman3-16/+13
2015-06-27Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/auditLinus Torvalds1-1/+1
2015-06-27Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds28-2427/+1767
2015-06-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-3/+0
2015-06-23make simple_positive() publicAl Viro1-13/+6
2015-06-18netfilter: Remove spurios included of netfilter.hEric W Biederman1-3/+0
2015-06-16ima: update builtin policiesMimi Zohar1-9/+56
2015-06-16ima: extend "mask" policy matching supportMimi Zohar1-5/+15
2015-06-16ima: add support for new "euid" policy conditionMimi Zohar1-4/+23
2015-06-16ima: fix ima_show_template_data_ascii()Mimi Zohar3-4/+5
2015-06-13Merge branch 'smack-for-4.2-stacked' of https://github.com/cschaufler/smack-n...James Morris1-7/+9
2015-06-12Smack: freeing an error pointer in smk_write_revoke_subj()Dan Carpenter1-7/+9
2015-06-05selinux: fix setting of security labels on NFSJ. Bruce Fields1-0/+1
2015-06-04selinux: Remove unused permission definitionsStephen Smalley1-14/+8
2015-06-04selinux: enable genfscon labeling for sysfs and pstore filesStephen Smalley1-1/+3
2015-06-04selinux: enable per-file labeling for debugfs files.Stephen Smalley2-22/+22
2015-06-04selinux: update netlink socket classesStephen Smalley2-10/+32
2015-06-04signals: don't abuse __flush_signals() in selinux_bprm_committed_creds()Oleg Nesterov1-2/+4
2015-06-04selinux: Print 'sclass' as string when unrecognized netlink message occursMarek Milkovic1-2/+3
2015-06-03Merge branch 'smack-for-4.2-stacked' of https://github.com/cschaufler/smack-n...James Morris4-186/+314
2015-06-02Smack: allow multiple labels in onlycapRafal Krypa3-69/+160
2015-06-02Smack: fix seq operations in smackfsRafal Krypa1-30/+22
2015-05-29lsm: rename duplicate labels in LSM_AUDIT_DATA_TASK audit message typeRichard Guy Briggs1-1/+1
2015-05-28kernel/params: constify struct kernel_param_ops usesLuis R. Rodriguez2-4/+4
2015-05-21ima: pass iint to ima_add_violation()Roberto Sassu5-9/+13
2015-05-21ima: wrap event related data to the new ima_event_data structureRoberto Sassu5-79/+61
2015-05-21integrity: add validity checks for 'path' parameterDmitry Kasatkin3-2/+5
2015-05-21evm: fix potential race when removing xattrsDmitry Kasatkin1-4/+3
2015-05-21evm: labeling pseudo filesystems exceptionMimi Zohar1-0/+11
2015-05-21ima: remove definition of IMA_X509_PATHDmitry Kasatkin1-7/+1
2015-05-21ima: limit file hash setting by user to fix and log modesDmitry Kasatkin1-2/+6
2015-05-21ima: do not measure or appraise the NSFS filesystemMimi Zohar1-0/+2
2015-05-21ima: skip measurement of cgroupfs files and update documentationRoberto Sassu1-0/+2
2015-05-15smack: pass error code through pointersLukasz Pawelczyk3-97/+139
2015-05-15Smack: ignore private inode for smack_file_receiveSeung-Woo Kim1-0/+3
2015-05-13ima: cleanup ima_init_policy() a littleDan Carpenter1-10/+6
2015-05-12LSM: Remove unused capability.cCasey Schaufler1-1158/+0
2015-05-12LSM: Switch to lists of hooksCasey Schaufler11-321/+570
2015-05-12LSM: Add security module hook list headsCasey Schaufler5-402/+406
2015-05-12LSM: Introduce security hook calling MacrosCasey Schaufler1-207/+226
2015-05-12LSM: Split security.hCasey Schaufler7-7/+7
2015-05-11security: make inode_follow_link RCU-walk awareNeilBrown3-6/+20
2015-05-11security/selinux: pass 'flags' arg to avc_audit() and avc_has_perm_flags()NeilBrown3-4/+25
2015-05-10SECURITY: remove nameidata arg from inode_follow_link.NeilBrown3-5/+4
2015-04-26Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds16-117/+117
2015-04-17tomoyo: reduce mmap_sem hold for mm->exe_fileDavidlohr Bueso1-5/+8
2015-04-15Merge branch 'akpm' (patches from Andrew)Linus Torvalds1-0/+1
2015-04-15kernel: conditionally support non-root users, groups and capabilitiesIulia Manda1-0/+1
2015-04-15VFS: security/: d_inode() annotationsDavid Howells4-12/+12
2015-04-15VFS: security/: d_backing_inode() annotationsDavid Howells12-105/+105
2015-04-15Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds16-115/+324
2015-04-15Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds5-43/+24
2015-04-15lsm: copy comm before calling audit_log to avoid race in string printingRichard Guy Briggs1-6/+9
2015-04-14Merge branch 'for-linus-1' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds12-106/+64
2015-04-13selinux/nlmsg: add a build time check for rtnl/xfrm cmdsNicolas Dichtel1-0/+3
2015-04-13Merge branch 'tomoyo-cleanup' of git://git.kernel.org/pub/scm/linux/kernel/gi...James Morris4-45/+15
2015-04-12selinux/nlmsg: add XFRM_MSG_MAPPINGNicolas Dichtel1-0/+1
2015-04-12selinux/nlmsg: add XFRM_MSG_MIGRATENicolas Dichtel1-0/+1
2015-04-12selinux/nlmsg: add XFRM_MSG_REPORTNicolas Dichtel1-0/+1
2015-04-11Merge branch 'for-davem' into for-nextAl Viro5-44/+12
2015-04-11switch keyctl_instantiate_key_common() to iov_iterAl Viro3-72/+40
2015-04-11switch security_inode_getattr() to struct path *Al Viro8-30/+20
2015-04-11constify tomoyo_realpath_from_path()Al Viro2-4/+4
2015-04-08selinux/nlmsg: add XFRM_MSG_[NEW|GET]SADINFONicolas Dichtel1-0/+2
2015-04-08selinux/nlmsg: add XFRM_MSG_GETSPDINFONicolas Dichtel1-0/+1
2015-04-08selinux/nlmsg: add XFRM_MSG_NEWSPDINFONicolas Dichtel1-0/+1
2015-04-08selinux/nlmsg: add RTM_GETNSIDNicolas Dichtel1-0/+1
2015-04-08selinux/nlmsg: add RTM_NEWNSID and RTM_GETNSIDNicolas Dichtel1-0/+2
2015-04-07tomoyo: Do not generate empty policy filesMichal Marek3-29/+5
2015-04-07tomoyo: Use if_changed when generating builtin-policy.hMichal Marek1-18/+11
2015-04-07tomoyo: Use bin2c to generate builtin-policy.hMichal Marek2-10/+11
2015-04-06selinux: increase avtab max bucketsStephen Smalley1-1/+1
2015-04-06selinux: Use a better hash function for avtabJohn Brooks2-5/+38
2015-04-06selinux: convert avtab hash table to flex_arrayStephen Smalley2-13/+22
2015-04-06selinux: reconcile security_netlbl_secattr_to_sid() and mls_import_netlbl_cat()Paul Moore2-12/+4
2015-04-06selinux: remove unnecessary pointer reassignmentJeff Vander Stoep1-4/+2
2015-04-04netfilter: Make nf_hookfn use nf_hook_state.David S. Miller2-25/+11
2015-04-02Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-1/+1
2015-03-27Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...James Morris1-1/+1
2015-03-25selinux: fix sel_write_enforce broken return valueJoe Perches1-1/+1
2015-03-23smack: Fix gcc warning from unused smack_syslog_lock mutex in smackfs.cPaul Gortmaker1-1/+0
2015-03-23Smack: Allow an unconfined label in bringup modeCasey Schaufler4-17/+182
2015-03-23Smack: getting the Smack security context of keysJosé Bollo1-0/+31
2015-03-23Smack: Assign smack_known_web as default smk_in label for kernel thread's socketMarcin Lis1-1/+15
2015-03-20Revert "selinux: add a skb_owned_by() hook"Eric Dumazet3-18/+0
2015-03-03Merge tag 'yama-4.0' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/li...James Morris2-10/+5
2015-02-27security/yama: Remove unnecessary selects from Kconfig.Stephen Smalley1-2/+0
2015-02-27Yama: do not modify global sysctl table entryKees Cook1-8/+5
2015-02-22Merge branch 'for-linus-2' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds7-23/+21
2015-02-22VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)David Howells2-3/+3
2015-02-22SELinux: Use d_is_positive() rather than testing dentry->d_inodeDavid Howells1-2/+2
2015-02-22Smack: Use d_is_positive() rather than testing dentry->d_inodeDavid Howells1-2/+2
2015-02-22TOMOYO: Use d_is_dir() rather than d_inode and S_ISDIR()David Howells1-3/+1
2015-02-22Apparmor: Use d_is_positive/negative() rather than testing dentry->d_inodeDavid Howells1-1/+1
2015-02-22Apparmor: mediated_filesystem() should use dentry->d_sb not inode->i_sbDavid Howells2-12/+12
2015-02-19Merge branch 'kconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/mmare...Linus Torvalds2-3/+3
2015-02-17Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds2-54/+4
2015-02-16Merge branch 'smack-for-3.20-rebased' of git://git.gitorious.org/smack-next/k...James Morris1-0/+16
2015-02-16Don't leak a key reference if request_key() tries to use a revoked keyringDavid Jeffery1-0/+1
2015-02-15Merge tag 'char-misc-3.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds4-0/+125
2015-02-12Merge branch 'for-3.20/bdi' of git://git.kernel.dk/linux-blockLinus Torvalds1-7/+6
2015-02-11Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds11-107/+281
2015-02-11Smack: secmark connectionsCasey Schaufler1-0/+16
2015-02-04SELinux: fix error code in policydb_init()Dan Carpenter1-2/+6
2015-02-04selinux: add security in-core xattr support for pstore and debugfsMark Salyzyn1-17/+8
2015-02-04selinux: quiet the filesystem labeling behavior messagePaul Moore1-4/+0
2015-02-04selinux: Remove unused function avc_sidcmp()Rickard Strandqvist1-5/+0
2015-02-02ima: /proc/keys is now mandatoryDavid Howells1-1/+0
2015-01-29Merge tag 'keys-next-20150123' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris2-26/+0
2015-01-25file->f_path.dentry is pinned down for as long as the file is open...Al Viro1-5/+1
2015-01-25selinuxfs: don't open-code d_genocide()Al Viro1-49/+3
2015-01-25Add security hooks to binder and implement the hooks for SELinux.Stephen Smalley4-0/+125
2015-01-23Smack: Repair netfilter dependencyCasey Schaufler1-1/+1
2015-01-22KEYS: Make /proc/keys unconditional if CONFIG_KEYS=yDavid Howells2-26/+0
2015-01-21smack: fix possible use after frees in task_security() callersAndrey Ryabinin2-11/+23
2015-01-21Merge branch 'for-mingo' of git://git.kernel.org/pub/scm/linux/kernel/git/pau...Ingo Molnar1-0/+1
2015-01-20smack: Add missing logging in bidirectional UDS connect checkRafal Krypa1-1/+1
2015-01-20Smack: secmark support for netfilterCasey Schaufler5-8/+196
2015-01-20Smack: Rework file hooksCasey Schaufler1-21/+19
2015-01-20fs: introduce f_op->mmap_capabilities for nommu mmap supportChristoph Hellwig1-7/+6
2015-01-19smack: Fix a bidirectional UDS connect check typoZbigniew Jasinski1-1/+3
2015-01-19smack: introduce a special case for tmpfs in smack_d_instantiate()Łukasz Stelmach1-2/+14
2015-01-19smack: fix logic in smack_inode_init_security functionLukasz Pawelczyk1-3/+2
2015-01-19smack: miscellaneous small fixes in function commentsLukasz Pawelczyk1-5/+9
2015-01-07kconfig: use bool instead of boolean for type definition attributesChristoph Jaeger2-3/+3
2015-01-06rcu: Make SRCU optional by using CONFIG_SRCUPranith Kumar1-0/+1
2015-01-05KEYS: close race between key lookup and freeingSasha Levin1-2/+2
2014-12-16KEYS: remove a bogus NULL checkDan Carpenter1-6/+4
2014-12-16Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris2-2/+5
2014-12-14Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds15-133/+326
2014-12-10Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds6-13/+13
2014-12-08Merge branch 'iov_iter' into for-nextAl Viro4-6/+13
2014-12-06ima: Fix build failure on powerpc when TCG_IBMVTPM dependencies are not metMichael Ellerman1-1/+1
2014-12-06KEYS: Fix stale key registration at error pathTakashi Iwai1-1/+4
2014-12-05Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris1-6/+5
2014-12-01KEYS: request_key() should reget expired keys rather than give EKEYEXPIREDDavid Howells3-2/+5
2014-12-01KEYS: Simplify KEYRING_SEARCH_{NO,DO}_STATE_CHECK flagsDavid Howells3-3/+6
2014-12-01KEYS: Fix the size of the key description passed to/from userspaceDavid Howells1-30/+26
2014-12-01selinux: Remove security_ops externYao Dongdong1-2/+0
2014-11-27Merge branch 'smack-for-3.19' of git://git.gitorious.org/smack-next/kernel in...James Morris2-12/+18
2014-11-21security: smack: fix out-of-bounds access in smk_parse_smack()Andrey Ryabinin1-4/+3
2014-11-19kill f_dentry usesAl Viro4-6/+6
2014-11-19assorted conversions to %p[dD]Al Viro1-4/+4
2014-11-19Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris12-119/+308
2014-11-19Merge commit 'v3.17' into nextJames Morris10-50/+17
2014-11-17VFS: refactor vfs_read()Dmitry Kasatkin1-7/+3
2014-11-17ima: require signature based appraisalDmitry Kasatkin2-0/+13
2014-11-17integrity: provide a hook to load keys when rootfs is readyDmitry Kasatkin1-0/+11
2014-11-17ima: load x509 certificate from the kernelDmitry Kasatkin4-2/+44
2014-11-17integrity: provide a function to load x509 certificate from the kernelDmitry Kasatkin2-1/+37
2014-11-17integrity: define a new function integrity_read_file()Dmitry Kasatkin3-32/+85
2014-11-13Merge branch 'stable-3.18' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-3/+4
2014-11-12selinux: convert WARN_ONCE() to printk() in selinux_nlmsg_perm()Richard Guy Briggs1-3/+4
2014-11-03move d_rcu from overlapping d_child to overlapping d_aliasAl Viro1-3/+3
2014-10-31Security: smack: replace kzalloc with kmem_cache for inode_smackRohit1-3/+10
2014-10-29Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/zoh...James Morris3-3/+9
2014-10-28Smack: Lock mode for the floor and hat labelsCasey Schaufler1-5/+5
2014-10-28evm: check xattr value length and type in evm_inode_setxattr()Dmitry Kasatkin1-3/+6
2014-10-28ima: check xattr value length and type in the ima_inode_setxattr()Dmitry Kasatkin2-0/+3
2014-10-16Merge branch 'stable-3.18' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-1/+1
2014-10-15selinux: fix inode security list corruptionStephen Smalley1-1/+1
2014-10-14security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.cBehan Webster1-28/+19
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 19:32:07 +0000