aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2018-11-29Merge tag 'selinux-pr-20181129' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+12
2018-11-29selinux: add support for RTM_NEWCHAIN, RTM_DELCHAIN, and RTM_GETCHAINPaul Moore1-1/+12
2018-11-15Merge tag 'selinux-pr-20181115' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2-3/+10
2018-11-13selinux: fix non-MLS handling in mls_context_to_sid()Paul Moore1-3/+7
2018-11-13integrity: support new struct public_key_signature encoding fieldMimi Zohar1-0/+1
2018-11-13selinux: check length properly in SCTP bind hookOndrej Mosnacek1-0/+3
2018-11-02Merge tag 'apparmor-pr-2018-11-01' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds12-17/+291
2018-11-01apparmor: clean an indentation issue, remove extraneous spaceColin Ian King1-1/+1
2018-11-01apparmor: fix checkpatch error in Parse secmark policyJohn Johansen1-1/+1
2018-10-26KEYS: Move trusted.h to include/keys [ver #2]Denis Kenzior2-137/+1
2018-10-26KEYS: trusted: Expose common functionality [ver #2]Denis Kenzior2-5/+21
2018-10-26KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2]David Howells5-0/+405
2018-10-25Merge branch 'next-loadpin' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2-13/+17
2018-10-25Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jm...Linus Torvalds2-7/+11
2018-10-25Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds9-43/+54
2018-10-24Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds8-25/+50
2018-10-24Merge tag 'selinux-pr-20181022' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-111/+88
2018-10-24Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds4-4/+4
2018-10-18Merge tag 'loadpin-security-next' of https://git.kernel.org/pub/scm/linux/ker...James Morris2-13/+17
2018-10-18LoadPin: Rename boot param "enabled" to "enforce"Kees Cook2-12/+13
2018-10-18LoadPin: Report friendly block device nameKees Cook1-1/+4
2018-10-12apparmor: add #ifdef checks for secmark filteringArnd Bergmann2-0/+12
2018-10-10LSM: Don't ignore initialization failuresKees Cook1-1/+3
2018-10-10LSM: Provide init debugging infrastructureKees Cook1-0/+18
2018-10-10LSM: Record LSM name in struct lsm_infoKees Cook5-0/+5
2018-10-10LSM: Convert security_initcall() into DEFINE_LSM()Kees Cook5-5/+15
2018-10-10LSM: Convert from initcall to struct lsm_infoKees Cook2-9/+6
2018-10-10LSM: Remove initcall tracingKees Cook1-7/+1
2018-10-10LSM: Rename .security_initcall section to .lsm_infoKees Cook1-2/+2
2018-10-10LSM: Correctly announce start of LSM initializationKees Cook1-1/+2
2018-10-10ima: open a new file instance if no read permissionsGoldwyn Rodrigues1-20/+34
2018-10-10ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers1-3/+3
2018-10-10security/integrity: remove unnecessary 'init_keyring' variableEric Biggers1-7/+1
2018-10-10security/integrity: constify some read-only dataEric Biggers8-13/+16
2018-10-03signal: Distinguish between kernel_siginfo and siginfoEric W. Biederman4-4/+4
2018-10-03apparmor: Fix uninitialized value in aa_split_fqnameZubin Mithra1-2/+4
2018-10-03apparmor: don't try to replace stale label in ptraceme checkJann Horn1-2/+2
2018-10-03apparmor: Replace spin_is_locked() with lockdepLance Roy1-1/+1
2018-10-03apparmor: Allow filtering based on secmark policyMatthew Garrett2-1/+177
2018-10-03apparmor: Parse secmark policyMatthew Garrett4-0/+77
2018-10-03apparmor: Add a wildcard secidMatthew Garrett2-2/+4
2018-09-25Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct membe...Lubomir Rintel1-1/+1
2018-09-18Smack: Mark expected switch fall-throughGustavo A. R. Silva1-1/+1
2018-09-18Smack: ptrace capability use fixesCasey Schaufler1-3/+10
2018-09-18Smack: remove set but not used variable 'root_inode'YueHaibing1-3/+0
2018-09-14Revert "x86/mm/legacy: Populate the user page-table with user pgd's"Joerg Roedel1-1/+1
2018-09-13selinux: Add __GFP_NOWARN to allocation at str_read()Tetsuo Handa1-1/+1
2018-09-13apparmor: don't try to replace stale label in ptrace access checkJann Horn2-2/+4
2018-09-07apparmor: Fix network performance issue in aa_label_sk_permTony Jones1-6/+9
2018-09-06Merge tag 'apparmor-pr-2018-09-06' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-1/+0
2018-09-05selinux: refactor mls_context_to_sid() and make it stricterJann Horn3-110/+82
2018-09-04uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member nameRandy Dunlap1-1/+1
2018-09-04selinux: fix mounting of cgroup2 under older policiesStephen Smalley1-0/+5
2018-09-04security: tomoyo: Fix obsolete functionDing Xiang1-1/+2
2018-09-04Merge tag 'v4.19-rc2' into next-generalJames Morris46-383/+427
2018-09-03apparmor: fix bad debug check in apparmor_secid_to_secctx()John Johansen1-1/+0
2018-08-29security/capabilities: remove check for -EINVALChristian Brauner1-3/+0
2018-08-24Merge tag 'apparmor-pr-2018-08-23' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds7-44/+20
2018-08-24Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-1/+1
2018-08-22apparmor: remove no-op permission check in policy_unpackJohn Johansen1-32/+0
2018-08-22init: allow initcall tables to be emitted using relative referencesArd Biesheuvel1-7/+10
2018-08-21apparmor: fix an error code in __aa_create_ns()Dan Carpenter1-1/+1
2018-08-15Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds12-46/+108
2018-08-15Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmor...Linus Torvalds4-16/+10
2018-08-15Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jm...Linus Torvalds1-6/+16
2018-08-15Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-1/+1
2018-08-15Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-1/+1
2018-08-15Merge tag 'kbuild-v4.19' of git://git.kernel.org/pub/scm/linux/kernel/git/mas...Linus Torvalds1-1/+1
2018-08-15Merge tag 'selinux-pr-20180814' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds13-189/+198
2018-08-15Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds7-17/+192
2018-08-15Merge tag 'hardened-usercopy-v4.19-rc1' of git://git.kernel.org/pub/scm/linux...Linus Torvalds1-1/+0
2018-08-13Merge branch 'work.open3' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds8-22/+22
2018-08-11cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias()Eddie.Horng1-1/+1
2018-08-07selinux: cleanup dentry and inodes on error in selinuxfsnixiaoming1-8/+25
2018-08-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linuxHerbert Xu3-47/+38
2018-07-30Merge branch 'smack-for-4.19-a' of https://github.com/cschaufler/next-smack i...James Morris1-6/+16
2018-07-28ima: Get rid of ima_used_chip and use ima_tpm_chip != NULL insteadStefan Berger4-8/+4
2018-07-28ima: Use tpm_default_chip() and call TPM functions with a tpm_chipStefan Berger4-9/+7
2018-07-23net: sched: introduce chain object to uapiJiri Pirko1-1/+1
2018-07-23Smack: Inform peer that IPv6 traffic has been blockedPiotr Sawicki1-0/+4
2018-07-23Smack: Check UDP-Lite and DCCP protocols during IPv6 handlingPiotr Sawicki1-1/+3
2018-07-23Smack: Fix handling of IPv4 traffic received by PF_INET6 socketsPiotr Sawicki1-5/+9
2018-07-22EVM: fix return value check in evm_write_xattrs()Wei Yongjun1-2/+2
2018-07-20apparmor: Fix failure to audit context info in build_change_hatJohn Johansen1-1/+1
2018-07-19apparmor: Fully initialize aa_perms struct when answering userspace queryTyler Hicks1-4/+1
2018-07-19apparmor: Check buffer bounds when mapping permissions maskTyler Hicks3-6/+17
2018-07-20x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for x86_32Joerg Roedel1-1/+1
2018-07-18integrity: prevent deadlock during digsig verification.Mikhail Kurinnoi2-1/+29
2018-07-18evm: Allow non-SHA1 digital signaturesMatthew Garrett4-31/+46
2018-07-18evm: Don't deadlock if a crypto algorithm is unavailableMatthew Garrett1-1/+2
2018-07-18integrity: silence warning when CONFIG_SECURITYFS is not enabledSudeep Holla1-3/+6
2018-07-18ima: Differentiate auditing policy rules from "audit" actionsStefan Berger1-2/+2
2018-07-18ima: Do not audit if CONFIG_INTEGRITY_AUDIT is not setStefan Berger3-1/+21
2018-07-18ima: Use audit_log_format() rather than audit_log_string()Stefan Berger2-7/+2
2018-07-18ima: Call audit_log_string() rather than logging it untrustedStefan Berger1-1/+1
2018-07-17security: check for kstrdup() failure in lsm_append()Eric Biggers1-0/+2
2018-07-17security: export security_kernel_load_data functionArnd Bergmann1-0/+1
2018-07-17selinux: constify write_op[]Eric Biggers1-1/+1
2018-07-18kbuild: move bin2c back to scripts/ from scripts/basic/Masahiro Yamada1-1/+1
2018-07-16ima: based on policy warn about loading firmware (pre-allocated buffer)Mimi Zohar1-0/+8
2018-07-16module: replace the existing LSM hook in init_moduleMimi Zohar3-13/+31
2018-07-16ima: add build time policyMimi Zohar2-3/+101
2018-07-16ima: based on policy require signed firmware (sysfs fallback)Mimi Zohar1-1/+9
2018-07-16ima: based on policy require signed kexec kernel imagesMimi Zohar4-1/+36
2018-07-16security: define new LSM hook named security_kernel_load_dataMimi Zohar1-0/+5
2018-07-12IMA: don't propagate opened through the entire thingAl Viro3-12/+12
2018-07-12->file_open(): lose cred argumentAl Viro5-9/+9
2018-07-12security_file_open(): lose cred argumentAl Viro1-2/+2
2018-07-09crypto: remove redundant type flags from tfm allocationEric Biggers1-1/+1
2018-07-02usercopy: Do not select BUG with HARDENED_USERCOPYKamal Mostafa1-1/+0
2018-06-30Merge tag 'selinux-pr-20180629' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-45/+33
2018-06-28selinux: move user accesses in selinuxfs out of locked regionsJann Horn1-45/+33
2018-06-26dh key: fix rounding up KDF output lengthEric Biggers1-2/+4
2018-06-23Smack: Mark inode instant in smack_task_to_inodeCasey Schaufler1-0/+1
2018-06-19selinux: Cleanup printk logging in netnodepeter enderborg1-3/+2
2018-06-19selinux: Cleanup printk logging in avcpeter enderborg1-1/+1
2018-06-19selinux: Cleanup printk logging in netifpeter enderborg1-7/+4
2018-06-19selinux: Cleanup printk logging in netportpeter enderborg1-3/+2
2018-06-19selinux: Cleanup printk logging in sidtabpeter enderborg1-3/+2
2018-06-19selinux: Cleanup printk logging in netlinkpeter enderborg1-1/+1
2018-06-19selinux: Cleanup printk logging in selinuxfspeter enderborg1-5/+5
2018-06-19selinux: Cleanup printk logging in servicespeter enderborg1-36/+35
2018-06-19selinux: Cleanup printk logging in avtabpeter enderborg1-25/+26
2018-06-19selinux: Cleanup printk logging in hookspeter enderborg1-35/+33
2018-06-19selinux: Cleanup printk logging in policydbpeter enderborg1-45/+46
2018-06-19selinux: Cleanup printk logging in ebitmappeter enderborg1-8/+7
2018-06-19selinux: Cleanup printk logging in conditionalpeter enderborg1-8/+8
2018-06-15docs: Fix some broken referencesMauro Carvalho Chehab1-1/+1
2018-06-15docs: fix broken references with multiple hintsMauro Carvalho Chehab1-1/+1
2018-06-14Merge tag 'apparmor-pr-2018-06-13' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds14-71/+310
2018-06-12treewide: kzalloc() -> kcalloc()Kees Cook2-2/+2
2018-06-12treewide: kmalloc() -> kmalloc_array()Kees Cook1-1/+1
2018-06-07Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jm...Linus Torvalds1-7/+5
2018-06-07Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds13-83/+362
2018-06-07apparmor: fix ptrace read checkJohn Johansen1-1/+2
2018-06-07apparmor: fix memory leak when deduping profile loadJohn Johansen1-0/+3
2018-06-07apparmor: fix mediation of prlimitJohn Johansen1-1/+1
2018-06-07apparmor: fixup secid map conversion to using IDRJohn Johansen4-8/+29
2018-06-07apparmor: Use an IDR to allocate apparmor secidsMatthew Wilcox1-103/+11
2018-06-07apparmor: Fix memory leak of rule on error exit pathTyler Hicks1-2/+4
2018-06-07apparmor: modify audit rule support to support profile stacksJohn Johansen1-17/+10
2018-06-07apparmor: Add support for audit rule filteringMatthew Garrett3-1/+107
2018-06-07apparmor: Convert to use match_string() helperAndy Shevchenko1-14/+11
2018-06-07apparmor: improve get_buffers macro by using get_cpu_ptrJohn Johansen1-17/+16
2018-06-06Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds2-2/+6
2018-06-06Merge tag 'audit-pr-20180605' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds6-14/+17
2018-06-06Merge tag 'selinux-pr-20180605' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-6/+12
2018-06-06Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds5-23/+64
2018-06-05Merge branch 'smack-for-4.18' of https://github.com/cschaufler/next-smack int...James Morris1-7/+5
2018-06-05Smack: Fix memory leak in smack_inode_getsecctxCasey Schaufler1-7/+5
2018-06-04Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2-3/+8
2018-06-04Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-4/+3
2018-06-04Merge branch 'hch.procfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-32/+2
2018-06-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-1/+1
2018-06-01EVM: unlock on error path in evm_read_xattrs()Dan Carpenter1-1/+3
2018-05-31EVM: prevent array underflow in evm_write_xattrs()Dan Carpenter1-1/+1
2018-05-31EVM: Fix null dereference on xattr when xattr fails to allocateColin Ian King1-2/+4
2018-05-31EVM: fix memory leak of temporary buffer 'temp'Colin Ian King1-0/+2
2018-05-31IMA: use list_splice_tail_init_rcu() instead of its open coded variantPetko Manolov1-15/+2
2018-05-31ima: use match_string() helperYisheng Xie1-7/+4
2018-05-30Merge tag 'selinux-pr-20180530' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2018-05-29selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover1-1/+1
2018-05-26Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-4/+16
2018-05-24capabilities: Allow privileged user in s_user_ns to set security.* xattrsEric W. Biederman1-2/+6
2018-05-22ima: fix updating the ima_appraise flagMimi Zohar1-9/+19
2018-05-22ima: based on policy verify firmware signatures (pre-allocated buffer)Mimi Zohar1-0/+1
2018-05-22ima: define a new policy condition based on the filesystem nameMimi Zohar1-1/+24
2018-05-21Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-22/+28
2018-05-21Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds1-4/+16
2018-05-18EVM: Allow runtime modification of the set of verified xattrsMatthew Garrett4-4/+188
2018-05-18EVM: turn evm_config_xattrnames into a listMatthew Garrett3-39/+57
2018-05-17Merge tag 'selinux-pr-20180516' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-22/+28
2018-05-17integrity: Add an integrity directory in securityfsMatthew Garrett4-4/+52
2018-05-17ima: Remove unused variable ima_initializedPetr Vorel2-6/+2
2018-05-17ima: Unify loggingPetr Vorel3-2/+9
2018-05-17ima: Reflect correct permissions for policyPetr Vorel1-0/+2
2018-05-16proc: introduce proc_create_seq{,_data}Christoph Hellwig1-32/+2
2018-05-14audit: use inline function to get audit contextRichard Guy Briggs6-14/+17
2018-05-14selinux: correctly handle sa_family cases in selinux_sctp_bind_connect()Alexey Kodanev1-1/+2
2018-05-14selinux: fix address family in bind() and connect() to match address/portAlexey Kodanev1-11/+7
2018-05-14selinux: add AF_UNSPEC and INADDR_ANY checks to selinux_socket_bind()Alexey Kodanev1-10/+19
2018-05-14__inode_security_revalidate() never gets NULL opt_dentryAl Viro1-4/+3
2018-05-13fix breakage caused by d_find_alias() semantics changeAl Viro1-4/+16
2018-05-11dh key: get rid of stack allocated array for zeroesTycho Andersen1-3/+3
2018-05-11dh key: get rid of stack allocated arrayTycho Andersen1-19/+10
2018-05-11big key: get rid of stack array allocationTycho Andersen1-1/+10
2018-05-08apparmor: fix '*seclen' is never less than zeroJohn Johansen1-9/+11
2018-05-04smack: provide socketpair callbackTom Gundersen1-0/+22
2018-05-04selinux: provide socketpair callbackDavid Herrmann1-0/+13
2018-05-04security: add hook for socketpair()David Herrmann1-0/+6
2018-05-03net: initial AF_XDP skeletonBjörn Töpel2-2/+6
2018-05-03evm: Don't update hmacs in user ns mountsSeth Forshee1-1/+2
2018-05-03apparmor: fix typo "preconfinement"Zygmunt Krynicki1-1/+1
2018-05-03apparmor: fix typo "independent"Zygmunt Krynicki1-1/+1
2018-05-03apparmor: fix typo "traverse"Zygmunt Krynicki1-1/+1
2018-05-03apparmor: fix typo "type"Zygmunt Krynicki1-1/+1
2018-05-03apparmor: fix typo "replace"Zygmunt Krynicki1-1/+1
2018-05-03apparmor: fix typo "comparison"Zygmunt Krynicki1-3/+3
2018-05-03apparmor: fix typo "loosen"Zygmunt Krynicki1-1/+1
2018-05-02apparmor: add the ability to get a task's secidJohn Johansen1-0/+8
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-17 09:06:43 +0000