aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2024-03-05Merge tag 'integrity-v6.8-fix' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-1/+2
2024-03-01tomoyo: fix UAF write bug in tomoyo_write_control()Tetsuo Handa1-1/+2
2024-02-29Merge tag 'landlock-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-2/+2
2024-02-27Merge tag 'lsm-pr-20240227' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2-2/+2
2024-02-26landlock: Fix asymmetric private inodes referringMickaël Salaün1-2/+2
2024-02-23apparmor: fix lsm_get_self_attr()Mickaël Salaün1-1/+1
2024-02-23selinux: fix lsm_get_self_attr()Mickaël Salaün1-1/+1
2024-02-16Merge tag 'lsm-pr-20240215' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-2/+5
2024-02-16integrity: eliminate unnecessary "Problem loading X.509 certificate" msgCoiby Xu1-1/+2
2024-02-14lsm: fix integer overflow in lsm_set_self_attr() syscallJann Horn1-2/+5
2024-02-01Merge tag 'lsm-pr-20240131' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-5/+40
2024-01-30lsm: fix default return value of the socket_getpeersec_*() hooksOndrej Mosnacek1-4/+27
2024-01-26lsm: fix the logic in security_inode_getsecctx()Ondrej Mosnacek1-1/+13
2024-01-24Merge tag 'integrity-v6.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-4/+0
2024-01-24Revert "KEYS: encrypted: Add check for strsep"Mimi Zohar1-4/+0
2024-01-24exec: Check __FMODE_EXEC instead of in_execve for LSMsKees Cook2-2/+5
2024-01-19Merge tag 'apparmor-pr-2024-01-18' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds9-74/+54
2024-01-11Merge tag 'pull-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds1-6/+1
2024-01-11Merge tag 'for-6.8/io_uring-2024-01-08' of git://git.kernel.dk/linuxLinus Torvalds2-2/+2
2024-01-10Merge tag 'header_cleanup-2024-01-10' of https://evilpiepirate.org/git/bcachefsLinus Torvalds2-0/+2
2024-01-09Merge tag 'integrity-v6.8' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds4-7/+51
2024-01-09Merge tag 'landlock-6.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds2-16/+17
2024-01-09Merge tag 'lsm-pr-20240105' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds21-69/+769
2024-01-09Merge tag 'selinux-pr-20240105' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds19-600/+538
2024-01-09Merge tag 'mm-nonmm-stable-2024-01-09-10-33' of git://git.kernel.org/pub/scm/...Linus Torvalds1-2/+2
2024-01-09Merge tag 'mm-stable-2024-01-08-15-31' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds1-1/+1
2024-01-09apparmor: Fix memory leak in unpack_profile()Gaosheng Cui1-0/+2
2024-01-08mm, treewide: rename MAX_ORDER to MAX_PAGE_ORDERKirill A. Shutemov1-1/+1
2024-01-08Merge tag 'vfs-6.8.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-3/+2
2024-01-08Merge tag 'vfs-6.8.rw' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfsLinus Torvalds1-8/+2
2024-01-04selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socketMickaël Salaün1-0/+7
2024-01-04apparmor: avoid crash when parsed profile name is emptyFedor Pchelkin1-0/+4
2024-01-04apparmor: fix possible memory leak in unpack_trans_tableFedor Pchelkin2-4/+4
2024-01-03apparmor: Fix move_mount mediation by detecting if source is detachedJohn Johansen2-0/+5
2024-01-03apparmor: free the allocated pdb objectsFedor Pchelkin1-6/+7
2024-01-03landlock: Optimize the number of calls to get_access_mask slightlyGünther Noack1-2/+3
2024-01-03landlock: Remove remaining "inline" modifiers in .c files [v6.6]Günther Noack1-1/+1
2024-01-03landlock: Remove remaining "inline" modifiers in .c files [v6.1]Günther Noack1-9/+9
2024-01-03landlock: Remove remaining "inline" modifiers in .c files [v5.15]Günther Noack2-4/+4
2023-12-29apparmor: Fix ref count leak in task_killJohn Johansen1-1/+0
2023-12-24lsm: new security_file_ioctl_compat() hookAlfred Piccioni4-0/+48
2023-12-22selinux: fix style issues in security/selinux/include/initial_sid_to_string.hPaul Moore1-29/+28
2023-12-22selinux: fix style issues in security/selinux/include/xfrm.hPaul Moore1-2/+2
2023-12-22selinux: fix style issues in security/selinux/include/security.hPaul Moore1-80/+75
2023-12-22selinux: fix style issues with security/selinux/include/policycap_names.hPaul Moore1-0/+3
2023-12-22selinux: fix style issues in security/selinux/include/policycap.hPaul Moore1-0/+1
2023-12-22selinux: fix style issues in security/selinux/include/objsec.hPaul Moore1-64/+65
2023-12-22selinux: fix style issues with security/selinux/include/netlabel.hPaul Moore1-33/+20
2023-12-22selinux: fix style issues in security/selinux/include/netif.hPaul Moore1-2/+2
2023-12-22selinux: fix style issues in security/selinux/include/ima.hPaul Moore1-1/+1
2023-12-22selinux: fix style issues in security/selinux/include/conditional.hPaul Moore1-2/+2
2023-12-22selinux: fix style issues in security/selinux/include/classmap.hPaul Moore1-210/+132
2023-12-22selinux: fix style issues in security/selinux/include/avc_ss.hPaul Moore1-1/+1
2023-12-22selinux: align avc_has_perm_noaudit() prototype with definitionPaul Moore1-1/+1
2023-12-22selinux: fix style issues in security/selinux/include/avc.hPaul Moore1-26/+15
2023-12-22selinux: fix style issues in security/selinux/include/audit.hPaul Moore1-1/+0
2023-12-21apparmorfs: don't duplicate kfree_link()Al Viro1-6/+1
2023-12-21keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiryDavid Howells4-22/+37
2023-12-20shm: Slim down dependenciesKent Overstreet2-0/+2
2023-12-20kexec_file: print out debugging message if requiredBaoquan He1-2/+2
2023-12-20evm: add support to disable EVM on unsupported filesystemsMimi Zohar1-1/+34
2023-12-20evm: don't copy up 'security.evm' xattrMimi Zohar2-1/+8
2023-12-15cred: get rid of CONFIG_DEBUG_CREDENTIALSJens Axboe1-6/+0
2023-12-12fsnotify: optionally pass access range in file permission hooksAmir Goldstein1-7/+1
2023-12-12fsnotify: split fsnotify_perm() into two hooksAmir Goldstein1-2/+2
2023-12-12io_uring: split out cmd api into a separate headerPavel Begunkov2-2/+2
2023-12-07selinux: remove the wrong comment about multithreaded process handlingMunehisa Kamata1-1/+0
2023-12-05iov_iter: replace import_single_range() with import_ubuf()Jens Axboe1-2/+2
2023-12-05iov_iter: remove unused 'iov' argument from import_single_range()Jens Axboe1-2/+1
2023-11-27KEYS: encrypted: Add check for strsepChen Ni1-0/+4
2023-11-27ima: Remove EXPERIMENTAL from KconfigEric Snowberg1-1/+1
2023-11-27ima: Reword IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARYEric Snowberg1-5/+5
2023-11-26apparmor: cleanup network hook commentsJohn Johansen1-44/+16
2023-11-21selinux: introduce an initial SID for early boot processesOndrej Mosnacek7-2/+76
2023-11-20selinux: refactor avtab_node comparisonsJacob Satterfield1-60/+41
2023-11-19apparmor: add missing params to aa_may_ptrace kernel-doc commentsJohn Johansen1-0/+2
2023-11-19apparmor: declare nulldfa as staticJohn Johansen1-1/+1
2023-11-19apparmor: declare stack_msg as staticJohn Johansen1-1/+1
2023-11-19apparmor: switch SECURITY_APPARMOR_HASH from sha1 to sha256Dimitri John Ledkov3-17/+17
2023-11-16selinux: update filenametr_hash() to use full_name_hash()Paul Moore1-9/+2
2023-11-16selinux: saner handling of policy reloadsAl Viro1-78/+66
2023-11-12lsm: mark the lsm_id variables are marked as staticPaul Moore9-9/+9
2023-11-12lsm: convert security_setselfattr() to use memdup_user()Paul Moore1-8/+3
2023-11-12lsm: align based on pointer length in lsm_fill_user_ctx()Paul Moore1-1/+1
2023-11-12lsm: consolidate buffer size handling into lsm_fill_user_ctx()Paul Moore4-74/+63
2023-11-12lsm: correct error codes in security_getselfattr()Paul Moore1-2/+2
2023-11-12lsm: cleanup the size counters in security_getselfattr()Paul Moore1-1/+2
2023-11-12lsm: don't yet account for IMA in LSM_CONFIG_COUNT calculationRoberto Sassu1-1/+0
2023-11-12SELinux: Add selfattr hooksCasey Schaufler1-27/+107
2023-11-12AppArmor: Add selfattr hooksCasey Schaufler3-11/+92
2023-11-12Smack: implement setselfattr and getselfattr hooksCasey Schaufler1-5/+90
2023-11-12LSM: Helpers for attribute names and filling lsm_ctxCasey Schaufler2-0/+65
2023-11-12LSM: Create lsm_list_modules system callCasey Schaufler1-0/+39
2023-11-12LSM: syscalls for current process attributesCasey Schaufler3-0/+210
2023-11-12proc: Use lsmids instead of lsm names for attrsCasey Schaufler1-8/+7
2023-11-12LSM: Maintain a table of LSM attribute dataCasey Schaufler1-0/+37
2023-11-12LSM: Identify modules by more than nameCasey Schaufler17-20/+92
2023-11-03Merge tag 'apparmor-pr-2023-11-03' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds32-848/+1336
2023-11-03Merge tag 'landlock-6.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds10-301/+923
2023-11-02Merge tag 'mm-nonmm-stable-2023-11-02-14-08' of git://git.kernel.org/pub/scm/...Linus Torvalds1-1/+1
2023-11-02Merge tag 'v6.7-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/...Linus Torvalds2-3/+2
2023-11-02Merge tag 'integrity-v6.7' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds5-34/+81
2023-11-01Merge tag 'for-6.7/block-2023-10-30' of git://git.kernel.dk/linuxLinus Torvalds1-0/+1
2023-10-31ima: detect changes to the backing overlay fileMimi Zohar3-1/+22
2023-10-31integrity: fix indentation of config attributesPrasad Pandit1-22/+22
2023-10-31ima: annotate iint mutex to avoid lockdep false positive warningsAmir Goldstein1-11/+37
2023-10-30Merge tag 'lsm-pr-20231030' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds5-16/+16
2023-10-30Merge tag 'selinux-pr-20231030' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds7-30/+33
2023-10-30Merge tag 'tpmdd-v6.7' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkk...Linus Torvalds4-63/+30
2023-10-30Merge tag 'hardening-v6.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-3/+3
2023-10-30Merge tag 'vfs-6.7.ctime' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs...Linus Torvalds4-7/+8
2023-10-26landlock: Support network rules with TCP bind and connectKonstantin Meskhidze9-24/+414
2023-10-26landlock: Refactor landlock_add_rule() syscallKonstantin Meskhidze1-44/+45
2023-10-26landlock: Refactor layer helpersKonstantin Meskhidze3-42/+66
2023-10-26landlock: Move and rename layer helpersKonstantin Meskhidze3-115/+129
2023-10-26landlock: Refactor merge/inherit_ruleset helpersKonstantin Meskhidze1-42/+74
2023-10-26landlock: Refactor landlock_find_rule/insert_rule helpersKonstantin Meskhidze3-54/+165
2023-10-26landlock: Allow FS topology changes for domains without such rule typeMickaël Salaün3-40/+60
2023-10-26landlock: Make ruleset's access masks more genericKonstantin Meskhidze5-20/+50
2023-10-24keys: Remove unused extern declarationsYueHaibing1-7/+0
2023-10-24integrity: powerpc: Do not select CA_MACHINE_KEYRINGMichal Suchanek1-2/+0
2023-10-24KEYS: trusted: tee: Refactor register SHM usageSumit Garg1-44/+20
2023-10-24KEYS: trusted: Rollback init_trusted() consistentlyJarkko Sakkinen1-10/+10
2023-10-23apparmor: Fix some kernel-doc commentsYang Li1-2/+2
2023-10-23apparmor: Fix one kernel-doc commentYang Li1-1/+1
2023-10-23apparmor: Fix some kernel-doc commentsYang Li1-2/+2
2023-10-22apparmor: mark new functions staticArnd Bergmann1-2/+2
2023-10-20ima: Add __counted_by for struct modsig and use struct_size()Gustavo A. R. Silva1-3/+3
2023-10-18apparmor: Fix regression in mount mediationJohn Johansen3-22/+51
2023-10-18apparmor: cache buffers on percpu list if there is lock contentionJohn Johansen1-5/+62
2023-10-18apparmor: add io_uring mediationGeorgia Garcia6-2/+131
2023-10-18apparmor: add user namespace creation mediationJohn Johansen7-2/+75
2023-10-18apparmor: allow restricting unprivileged change_profileJohn Johansen5-0/+39
2023-10-18apparmor: advertise disconnected.path is availableJohn Johansen1-0/+1
2023-10-18apparmor: refcount the pdbJohn Johansen15-210/+260
2023-10-18apparmor: provide separate audit messages for file and policy checksJohn Johansen1-5/+11
2023-10-18apparmor: pass cred through to audit info.John Johansen20-211/+388
2023-10-18apparmor: rename audit_data->label to audit_data->subj_labelJohn Johansen10-18/+17
2023-10-18apparmor: combine common_audit_data and apparmor_audit_dataJohn Johansen15-245/+257
2023-10-18apparmor: rename SK_CTX() to aa_sock and make it an inline fnJohn Johansen2-11/+16
2023-10-18treewide: mark stuff as __ro_after_initAlexey Dobriyan1-1/+1
2023-10-18security: convert to new timestamp accessorsJeff Layton1-1/+1
2023-10-18selinux: convert to new timestamp accessorsJeff Layton1-1/+1
2023-10-18apparmor: convert to new timestamp accessorsJeff Layton2-5/+6
2023-10-15apparmor: Optimize retrieving current task secidVinicius Costa Gomes1-2/+2
2023-10-15apparmor: remove unused functions in policy_ns.c/.hXiu Jianfeng2-51/+0
2023-10-15apparmor: remove unneeded #ifdef in decompress_zstd()Xiu Jianfeng1-2/+0
2023-10-11security/keys: export key_lookup()Hannes Reinecke1-0/+1
2023-10-10KEYS: trusted: Remove redundant static calls usageSumit Garg1-8/+5
2023-10-04lsm: fix a spelling mistakePaul Moore1-1/+1
2023-10-03selinux: simplify avtab_insert_node() prototypeJacob Satterfield1-13/+7
2023-09-27ima: rework CONFIG_IMA dependency blockArnd Bergmann1-12/+6
2023-09-26ima: Finish deprecation of IMA_TRUSTED_KEYRING KconfigOleksandr Tymoshenko1-2/+2
2023-09-15KEYS: encrypted: Do not include crypto/algapi.hHerbert Xu1-1/+1
2023-09-15evm: Do not include crypto/algapi.hHerbert Xu1-2/+1
2023-09-14lsm: constify 'sb' parameter in security_sb_kern_mount()Khadija Kamran2-2/+2
2023-09-14lsm: constify 'bprm' parameter in security_bprm_committed_creds()Khadija Kamran4-4/+4
2023-09-13lsm: constify 'bprm' parameter in security_bprm_committing_creds()Khadija Kamran3-3/+3
2023-09-13lsm: constify 'file' parameter in security_bprm_creds_from_file()Khadija Kamran2-3/+3
2023-09-13lsm: constify 'sb' parameter in security_quotactl()Khadija Kamran2-3/+3
2023-09-13selinux: hweight optimization in avtab_read_itemJacob Satterfield1-5/+2
2023-09-13selinux: improve role transition hashingChristian Göttsche1-1/+1
2023-09-13selinux: simplify avtab slot calculationChristian Göttsche1-7/+1
2023-09-13selinux: improve debug configurationChristian Göttsche2-0/+12
2023-09-13selinux: print sum of chain lengths^2 for hash tablesChristian Göttsche4-3/+9
2023-09-12selinux: fix handling of empty opts in selinux_fs_context_submount()Ondrej Mosnacek1-2/+8
2023-09-12selinux: Annotate struct sidtab_str_cache with __counted_byKees Cook1-1/+1
2023-09-08Merge tag 'landlock-6.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-1/+1
2023-09-04Merge tag 'tomoyo-pr-20230903' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds3-7/+5
2023-08-30Merge tag 'Smack-for-6.6' of https://github.com/cschaufler/smack-nextLinus Torvalds1-2/+2
2023-08-30Merge tag 'integrity-v6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds5-30/+16
2023-08-30Merge tag 'lsm-pr-20230829' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds9-83/+162
2023-08-30Merge tag 'selinux-pr-20230829' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds34-286/+276
2023-08-29Merge tag 'mm-stable-2023-08-28-18-26' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds1-5/+2
2023-08-29Merge tag 'net-next-6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds2-3/+3
2023-08-29Merge tag 'tpmdd-v6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkk...Linus Torvalds10-14/+94
2023-08-28Merge tag 's390-6.6-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/...Linus Torvalds1-2/+2
2023-08-28Merge tag 'hardening-v6.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds3-4/+26
2023-08-28Merge tag 'v6.6-vfs.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vf...Linus Torvalds3-0/+87
2023-08-28Merge tag 'v6.6-vfs.ctime' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds4-10/+16
2023-08-25LoadPin: Annotate struct dm_verity_loadpin_trusted_root_digest with __counted_byKees Cook1-2/+1
2023-08-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-1/+1
2023-08-22apparmor: fix invalid reference on profile->disconnectedGeorgia Garcia2-2/+4
2023-08-22Merge tag 'selinux-pr-20230821' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2023-08-21selinux: use vma_is_initial_stack() and vma_is_initial_heap()Kefeng Wang1-5/+2
2023-08-18selinux: set next pointer before attaching to listChristian Göttsche1-1/+1
2023-08-18integrity: Annotate struct ima_rule_opt_list with __counted_byKees Cook1-2/+2
2023-08-18s390/ipl: fix virtual vs physical address confusionAlexander Gordeev1-2/+2
2023-08-18landlock: Annotate struct landlock_rule with __counted_byKees Cook1-1/+1
2023-08-17KEYS: Replace all non-returning strlcpy with strscpyAzeem Shaikh1-1/+1
2023-08-17integrity: PowerVM support for loading third party code signing keysNayna Jain3-0/+30
2023-08-17integrity: PowerVM machine keyring enablementNayna Jain1-1/+3
2023-08-17integrity: check whether imputed trust is enabledNayna Jain4-6/+22
2023-08-17integrity: remove global variable from machine_keyring.cNayna Jain1-2/+2
2023-08-17integrity: ignore keys failing CA restrictions on non-UEFI platformNayna Jain1-1/+1
2023-08-17integrity: PowerVM support for loading CA keys on machine keyringNayna Jain3-0/+30
2023-08-17integrity: Enforce digitalSignature usage in the ima and evm keyringsEric Snowberg3-4/+6
2023-08-15selinux: prevent KMSAN warning in selinux_inet_conn_request()Andrew Kanner1-0/+1
2023-08-15hardening: Move BUG_ON_DATA_CORRUPTION to hardening optionsMarco Elver1-0/+10
2023-08-15list: Introduce CONFIG_LIST_HARDENEDMarco Elver1-0/+13
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 18:38:29 +0000