aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2018-06-15docs: Fix some broken referencesMauro Carvalho Chehab1-1/+1
2018-06-15docs: fix broken references with multiple hintsMauro Carvalho Chehab1-1/+1
2018-06-14Merge tag 'apparmor-pr-2018-06-13' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds14-71/+310
2018-06-12treewide: kzalloc() -> kcalloc()Kees Cook2-2/+2
2018-06-12treewide: kmalloc() -> kmalloc_array()Kees Cook1-1/+1
2018-06-07Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jm...Linus Torvalds1-7/+5
2018-06-07Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds13-83/+362
2018-06-07apparmor: fix ptrace read checkJohn Johansen1-1/+2
2018-06-07apparmor: fix memory leak when deduping profile loadJohn Johansen1-0/+3
2018-06-07apparmor: fix mediation of prlimitJohn Johansen1-1/+1
2018-06-07apparmor: fixup secid map conversion to using IDRJohn Johansen4-8/+29
2018-06-07apparmor: Use an IDR to allocate apparmor secidsMatthew Wilcox1-103/+11
2018-06-07apparmor: Fix memory leak of rule on error exit pathTyler Hicks1-2/+4
2018-06-07apparmor: modify audit rule support to support profile stacksJohn Johansen1-17/+10
2018-06-07apparmor: Add support for audit rule filteringMatthew Garrett3-1/+107
2018-06-07apparmor: Convert to use match_string() helperAndy Shevchenko1-14/+11
2018-06-07apparmor: improve get_buffers macro by using get_cpu_ptrJohn Johansen1-17/+16
2018-06-06Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds2-2/+6
2018-06-06Merge tag 'audit-pr-20180605' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds6-14/+17
2018-06-06Merge tag 'selinux-pr-20180605' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-6/+12
2018-06-06Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds5-23/+64
2018-06-05Merge branch 'smack-for-4.18' of https://github.com/cschaufler/next-smack int...James Morris1-7/+5
2018-06-05Smack: Fix memory leak in smack_inode_getsecctxCasey Schaufler1-7/+5
2018-06-04Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2-3/+8
2018-06-04Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-4/+3
2018-06-04Merge branch 'hch.procfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-32/+2
2018-06-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-1/+1
2018-06-01EVM: unlock on error path in evm_read_xattrs()Dan Carpenter1-1/+3
2018-05-31EVM: prevent array underflow in evm_write_xattrs()Dan Carpenter1-1/+1
2018-05-31EVM: Fix null dereference on xattr when xattr fails to allocateColin Ian King1-2/+4
2018-05-31EVM: fix memory leak of temporary buffer 'temp'Colin Ian King1-0/+2
2018-05-31IMA: use list_splice_tail_init_rcu() instead of its open coded variantPetko Manolov1-15/+2
2018-05-31ima: use match_string() helperYisheng Xie1-7/+4
2018-05-30Merge tag 'selinux-pr-20180530' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2018-05-29selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover1-1/+1
2018-05-26Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-4/+16
2018-05-24capabilities: Allow privileged user in s_user_ns to set security.* xattrsEric W. Biederman1-2/+6
2018-05-22ima: fix updating the ima_appraise flagMimi Zohar1-9/+19
2018-05-22ima: based on policy verify firmware signatures (pre-allocated buffer)Mimi Zohar1-0/+1
2018-05-22ima: define a new policy condition based on the filesystem nameMimi Zohar1-1/+24
2018-05-21Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-22/+28
2018-05-21Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds1-4/+16
2018-05-18EVM: Allow runtime modification of the set of verified xattrsMatthew Garrett4-4/+188
2018-05-18EVM: turn evm_config_xattrnames into a listMatthew Garrett3-39/+57
2018-05-17Merge tag 'selinux-pr-20180516' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-22/+28
2018-05-17integrity: Add an integrity directory in securityfsMatthew Garrett4-4/+52
2018-05-17ima: Remove unused variable ima_initializedPetr Vorel2-6/+2
2018-05-17ima: Unify loggingPetr Vorel3-2/+9
2018-05-17ima: Reflect correct permissions for policyPetr Vorel1-0/+2
2018-05-16proc: introduce proc_create_seq{,_data}Christoph Hellwig1-32/+2
2018-05-14audit: use inline function to get audit contextRichard Guy Briggs6-14/+17
2018-05-14selinux: correctly handle sa_family cases in selinux_sctp_bind_connect()Alexey Kodanev1-1/+2
2018-05-14selinux: fix address family in bind() and connect() to match address/portAlexey Kodanev1-11/+7
2018-05-14selinux: add AF_UNSPEC and INADDR_ANY checks to selinux_socket_bind()Alexey Kodanev1-10/+19
2018-05-14__inode_security_revalidate() never gets NULL opt_dentryAl Viro1-4/+3
2018-05-13fix breakage caused by d_find_alias() semantics changeAl Viro1-4/+16
2018-05-11dh key: get rid of stack allocated array for zeroesTycho Andersen1-3/+3
2018-05-11dh key: get rid of stack allocated arrayTycho Andersen1-19/+10
2018-05-11big key: get rid of stack array allocationTycho Andersen1-1/+10
2018-05-08apparmor: fix '*seclen' is never less than zeroJohn Johansen1-9/+11
2018-05-04smack: provide socketpair callbackTom Gundersen1-0/+22
2018-05-04selinux: provide socketpair callbackDavid Herrmann1-0/+13
2018-05-04security: add hook for socketpair()David Herrmann1-0/+6
2018-05-03net: initial AF_XDP skeletonBjörn Töpel2-2/+6
2018-05-03evm: Don't update hmacs in user ns mountsSeth Forshee1-1/+2
2018-05-03apparmor: fix typo "preconfinement"Zygmunt Krynicki1-1/+1
2018-05-03apparmor: fix typo "independent"Zygmunt Krynicki1-1/+1
2018-05-03apparmor: fix typo "traverse"Zygmunt Krynicki1-1/+1
2018-05-03apparmor: fix typo "type"Zygmunt Krynicki1-1/+1
2018-05-03apparmor: fix typo "replace"Zygmunt Krynicki1-1/+1
2018-05-03apparmor: fix typo "comparison"Zygmunt Krynicki1-3/+3
2018-05-03apparmor: fix typo "loosen"Zygmunt Krynicki1-1/+1
2018-05-02apparmor: add the ability to get a task's secidJohn Johansen1-0/+8
2018-05-02apparmor: add support for mapping secids and using secctxesJohn Johansen6-25/+224
2018-04-24Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-0/+2
2018-04-17audit: normalize MAC_POLICY_LOAD recordRichard Guy Briggs1-1/+1
2018-04-17audit: normalize MAC_STATUS recordRichard Guy Briggs1-4/+10
2018-04-16security: selinux: Change return type to vm_fault_tSouptick Joarder1-1/+1
2018-04-13Merge tag 'apparmor-pr-2018-04-10' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds32-523/+2117
2018-04-11ipc/msg: introduce msgctl(MSG_STAT_ANY)Davidlohr Bueso2-0/+2
2018-04-11ipc/sem: introduce semctl(SEM_STAT_ANY)Davidlohr Bueso2-0/+2
2018-04-11ipc/shm: introduce shmctl(SHM_STAT_ANY)Davidlohr Bueso2-0/+2
2018-04-10commoncap: Handle memory allocation failure.Tetsuo Handa1-0/+2
2018-04-10Merge tag 'trace-v4.17' of git://git.kernel.org/pub/scm/linux/kernel/git/rost...Linus Torvalds1-1/+7
2018-04-09selinux: fix missing dput() before selinuxfs unmountStephen Smalley1-0/+1
2018-04-07Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds16-68/+207
2018-04-07Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jm...Linus Torvalds1-0/+2
2018-04-07Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds4-27/+35
2018-04-06Merge tag 'selinux-pr-20180403' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds28-1224/+2311
2018-04-06Merge branch 'akpm' (patches from Andrew)Linus Torvalds2-1/+1
2018-04-06Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-1/+0
2018-04-06init, tracing: instrument security and console initcall trace eventsAbderrahmane Benbachir1-1/+7
2018-04-05headers: untangle kmemleak.h from mm.hRandy Dunlap2-1/+1
2018-04-03Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds3-201/+120
2018-03-31Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextDavid S. Miller1-6/+1
2018-03-30apparmor: fix memory leak on buffer on error exit pathColin Ian King1-1/+3
2018-03-31security: convert security hooks to use hlistSargun Dhillon1-11/+11
2018-03-29security: Remove rtnl_lock() in selinux_xfrm_notify_policyload()Kirill Tkhai1-2/+0
2018-03-29net: Introduce net_rwsem to protect net_namespace_listKirill Tkhai1-0/+2
2018-03-28macro: introduce COUNT_ARGS() macroAlexei Starovoitov1-6/+1
2018-03-27ipc/smack: Tidy up from the change in type of the ipc security hooksEric W. Biederman1-139/+58
2018-03-27net: Drop pernet_operations::asyncKirill Tkhai2-2/+0
2018-03-27Merge branch 'smack-for-4.17' of git://github.com/cschaufler/next-smack into ...James Morris1-0/+2
2018-03-25ima: Fallback to the builtin hash algorithmPetr Vorel2-0/+15
2018-03-25ima: Add smackfs to the default appraise/measure listMartin Townsend1-0/+2
2018-03-25evm: check for remount ro in progress before writingSascha Hauer1-2/+6
2018-03-25ima: Improvements in ima_appraise_measurement()Thiago Jung Bauermann1-13/+22
2018-03-25ima: Simplify ima_eventsig_init()Thiago Jung Bauermann1-8/+3
2018-03-25integrity: Remove unused macro IMA_ACTION_RULE_FLAGSThiago Jung Bauermann1-1/+0
2018-03-25ima: drop vla in ima_audit_measurement()Tycho Andersen1-6/+10
2018-03-25ima: Fix Kconfig to select TPM 2.0 CRB interfaceJiandi An1-0/+1
2018-03-23apparmor: fix dangling symlinks to policy rawdata after replacementJohn Johansen1-31/+95
2018-03-23apparmor: Fix an error code in verify_table_headers()Dan Carpenter1-1/+1
2018-03-23apparmor: fix error returns checks by making size a ssize_tColin Ian King1-1/+1
2018-03-23evm: Constify *integrity_status_msg[]Hernán Gonzalez1-1/+1
2018-03-23evm: Move evm_hmac and evm_hash from evm_main.c to evm_crypto.cHernán Gonzalez3-4/+3
2018-03-23ima: fail signature verification based on policyMimi Zohar4-6/+14
2018-03-23ima: clear IMA_HASHMimi Zohar1-1/+1
2018-03-23ima: re-evaluate files on privileged mounted filesystemsMimi Zohar1-2/+11
2018-03-23ima: fail file signature verification on non-init mounted filesystemsMimi Zohar1-1/+14
2018-03-23IMA: Support using new creds in appraisal policyMatthew Garrett7-29/+79
2018-03-23security: Add a cred_getsecid hookMatthew Garrett3-0/+31
2018-03-22msg/security: Pass kern_ipc_perm not msg_queue into the msg_queue security hooksEric W. Biederman3-36/+36
2018-03-22shm/security: Pass kern_ipc_perm not shmid_kernel into the shm security hooksEric W. Biederman3-30/+30
2018-03-22sem/security: Pass kern_ipc_perm not sem_array into the sem security hooksEric W. Biederman3-30/+30
2018-03-23Merge tag 'v4.16-rc6' into next-generalJames Morris2-23/+88
2018-03-20selinux: wrap AVC stateStephen Smalley9-297/+512
2018-03-20selinux: wrap selinuxfs stateStephen Smalley1-177/+261
2018-03-20selinux: fix handling of uninitialized selinux state in get_bools/classesStephen Smalley1-0/+13
2018-03-13apparmor: remove POLICY_MEDIATES_SAFEJohn Johansen2-12/+2
2018-03-13apparmor: add base infastructure for socket mediationJohn Johansen13-8/+786
2018-03-07usb, signal, security: only pass the cred, not the secid, to kill_pid_info_as...Stephen Smalley4-16/+24
2018-03-02selinux: Fix ltp test connect-syscall failureRichard Haines1-12/+30
2018-03-02selinux: rename the {is,set}_enforcing() functionsPaul Moore6-14/+14
2018-03-01selinux: wrap global selinux stateStephen Smalley25-797/+1155
2018-02-28Smack: Handle CGROUP2 in the same way that CGROUPJosé Bollo1-0/+2
2018-02-27net: Convert smack_net_opsKirill Tkhai1-0/+1
2018-02-27net: Convert selinux_net_opsKirill Tkhai1-0/+1
2018-02-26selinux: fix typo in selinux_netlbl_sctp_sk_clone declarationArnd Bergmann1-1/+2
2018-02-26selinux: Add SCTP supportRichard Haines5-32/+408
2018-02-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller2-23/+88
2018-02-22integrity/security: fix digsig.c build error with header fileRandy Dunlap1-0/+1
2018-02-22security: Add support for SCTP security hooksRichard Haines1-0/+22
2018-02-22get rid of pointless includes of fs_struct.hAl Viro1-1/+0
2018-02-22KEYS: Use individual pages in big_key for crypto buffersDavid Howells1-23/+87
2018-02-12net: make getname() functions return length rather than use int* parameterDenys Vlasenko1-2/+3
2018-02-11vfs: do bulk POLL* -> EPOLL* replacementLinus Torvalds4-13/+13
2018-02-09apparmor: improve overlapping domain attachment resolutionJohn Johansen4-14/+158
2018-02-09apparmor: convert attaching profiles via xattrs to use dfa matchingJohn Johansen5-57/+43
2018-02-09apparmor: Add support for attaching profiles via xattr, presence and valueMatthew Garrett4-34/+217
2018-02-09apparmor: cleanup: simplify code to get ns symlink nameJohn Johansen1-19/+6
2018-02-09apparmor: cleanup create_aafs() error pathJohn Johansen1-20/+12
2018-02-09apparmor: dfa split verification of table headersJohn Johansen1-48/+68
2018-02-09apparmor: dfa add support for state differential encodingJohn Johansen2-1/+29
2018-02-09apparmor: dfa move character match into a macroJohn Johansen1-47/+27
2018-02-09apparmor: update domain transitions that are subsets of confinement at nnpJohn Johansen4-65/+110
2018-02-09apparmor: move context.h to cred.hJohn Johansen15-14/+14
2018-02-09apparmor: move task related defines and fns to task.X filesJohn Johansen6-98/+105
2018-02-09apparmor: cleanup, drop unused fn __aa_task_is_confined()John Johansen1-11/+0
2018-02-09apparmor: cleanup fixup description of aa_replace_profilesJohn Johansen1-2/+3
2018-02-09apparmor: rename tctx to ctxJohn Johansen3-30/+29
2018-02-09apparmor: drop cred_ctx and reference the label directlyJohn Johansen4-129/+47
2018-02-09apparmor: move task domain change info to task securityJohn Johansen4-52/+132
2018-02-09apparmor: rename task_ctx to the more accurate cred_ctxJohn Johansen5-46/+45
2018-02-09apparmor: audit unknown signal numbersJohn Johansen3-4/+12
2018-02-09apparmor: make signal label match work when matching stacked labelsJohn Johansen1-28/+12
2018-02-09security: apparmor: remove duplicate includesPravin Shedge1-1/+0
2018-02-09apparmor: root view labels should not be under user controlJohn Johansen1-3/+2
2018-02-09apparmor: cleanup add proper line wrapping to nulldfa.inJohn Johansen1-1/+107
2018-02-09apparmor: provide a bounded version of label_parseJohn Johansen2-11/+27
2018-02-09apparmor: use the dfa to do label parse string splittingJohn Johansen5-11/+170
2018-02-09apparmor: add first substr match to dfaJohn Johansen2-0/+124
2018-02-09apparmor: split load data into management struct and data blobJohn Johansen2-4/+11
2018-02-09apparmor: fix logging of the existence test for signalsJohn Johansen2-2/+4
2018-02-09apparmor: fix resource audit messages when auditing peerJohn Johansen1-4/+4
2018-02-09apparmor: fix display of .ns_name for containersJohn Johansen1-3/+1
2018-02-07Merge tag 'iversion-v4.16-2' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-1/+1
2018-02-06pids: introduce find_get_task_by_vpid() helperMike Rapoport1-8/+3
2018-02-03Merge tag 'usercopy-v4.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-0/+14
2018-02-02ima: re-initialize iint->atomic_flagsMimi Zohar1-0/+1
2018-02-01Merge tag 'char-misc-4.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-0/+1
2018-02-01iversion: Rename make inode_cmp_iversion{+raw} to inode_eq_iversion{+raw}Goffredo Baroncelli1-1/+1
2018-01-31Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-1/+1
2018-01-31Merge tag 'selinux-pr-20180130' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds3-14/+13
2018-01-31Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmor...Linus Torvalds4-21/+20
2018-01-31Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jm...Linus Torvalds3-12/+39
2018-01-31Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds11-105/+294
2018-01-30Merge branch 'misc.poll' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds5-9/+9
2018-01-30Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds1-7/+0
2018-01-29Merge tag 'iversion-v4.16-1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds2-2/+5
2018-01-29IMA: switch IMA over to new i_version APIJeff Layton2-2/+4
2018-01-18ima/policy: fix parsing of fsuuidMike Rapoport1-1/+1
2018-01-17Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller4-26/+41
2018-01-15usercopy: Allow strict enforcement of whitelistsKees Cook1-0/+14
2018-01-14Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel...Linus Torvalds1-1/+1
2018-01-14security/Kconfig: Correct the Documentation reference for PTIW. Trevor King1-1/+1
2018-01-12apparmor: Fix regression in profile conflict logicMatthew Garrett1-4/+5
2018-01-12apparmor: fix ptrace label match when matching stacked labelsJohn Johansen2-21/+35
2018-01-10Smack: Privilege check on key operationsCasey Schaufler3-11/+34
2018-01-09Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller3-13/+31
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-17 04:51:41 +0000