aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2016-06-16KEYS: potential uninitialized variableDan Carpenter1-1/+1
2016-06-03KEYS: Add placeholder for KDF usage with DHStephan Mueller4-6/+13
2016-05-27Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-1/+1
2016-05-27switch ->setxattr() to passing dentry and inode separatelyAl Viro1-1/+1
2016-05-26Yama: fix double-spinlock and user access in atomic contextJann Horn1-6/+63
2016-05-20security/integrity/ima/ima_policy.c: use %pU to output UUID in printable formatAndy Shevchenko1-12/+2
2016-05-19Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds34-185/+909
2016-05-17Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-1/+3
2016-05-17Merge branch 'work.const-path' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds13-106/+83
2016-05-17Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds4-14/+15
2016-05-17Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2-2/+2
2016-05-17LSM: LoadPin: provide enablement CONFIGKees Cook2-6/+15
2016-05-17Merge branch 'ovl-fixes' into for-linusAl Viro1-2/+2
2016-05-09Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-2/+2
2016-05-06Merge branch 'stable-4.7' of git://git.infradead.org/users/pcmoore/selinux in...James Morris5-60/+127
2016-05-06Merge tag 'keys-next-20160505' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris19-112/+516
2016-05-04Yama: use atomic allocations when reportingSasha Levin1-2/+2
2016-05-04Merge branch 'keys-trust' into keys-nextDavid Howells10-62/+128
2016-05-04ima: fix the string representation of the LSM/IMA hook enumeration orderingMimi Zohar1-2/+2
2016-05-01ima: add support for creating files using the mknodat syscallMimi Zohar2-1/+29
2016-05-01ima: fix ima_inode_post_setattrMimi Zohar2-1/+2
2016-04-26selinux: apply execstack check on thread stacksStephen Smalley1-2/+3
2016-04-26selinux: distinguish non-init user namespace capability checksStephen Smalley2-17/+25
2016-04-22security: Introduce security_settime64()Baolin Wang2-2/+2
2016-04-21LSM: LoadPin for kernel file loading restrictionsKees Cook6-0/+205
2016-04-21Yama: consolidate error reportingKees Cook1-10/+21
2016-04-20rtnetlink: add new RTM_GETSTATS message to dump link statsRoopa Prabhu1-1/+3
2016-04-19selinux: check ss_initialized before revalidating an inode labelPaul Moore1-1/+1
2016-04-19selinux: delay inode label lookup as long as possiblePaul Moore1-8/+13
2016-04-19selinux: don't revalidate an inode's label when explicitly setting itPaul Moore1-2/+11
2016-04-14selinux: Change bool variable name to index.Prarit Bhargava2-4/+4
2016-04-12KEYS: Add KEYCTL_DH_COMPUTE commandMat Martineau6-0/+193
2016-04-12Security: Keys: Big keys stored encryptedKirill Marinushkin2-18/+184
2016-04-12KEYS: user_update should use copy of payload made during preparsingDavid Howells1-31/+11
2016-04-12security: integrity: Remove select to deleted option PUBLIC_KEY_ALGO_RSAAndreas Ziegler1-1/+0
2016-04-11IMA: Use the the system trusted keyrings instead of .ima_mokDavid Howells4-53/+32
2016-04-11KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTEDDavid Howells3-39/+4
2016-04-11KEYS: Move the point of trust determination to __key_link()David Howells2-4/+35
2016-04-11KEYS: Add a facility to restrict new links into a keyringDavid Howells8-33/+124
2016-04-11->getxattr(): pass dentry and inode as separate argumentsAl Viro4-10/+11
2016-04-11security: drop the unused hook skb_owned_byPaolo Abeni1-1/+0
2016-04-10don't bother with ->d_inode->i_sb - it's always equal to ->d_sbAl Viro3-4/+4
2016-04-05selinux: restrict kernel module loadingJeff Vander Stoep2-1/+48
2016-04-05selinux: consolidate the ptrace parent lookup codePaul Moore1-21/+17
2016-04-05selinux: simply inode label states to INVALID and INITIALIZEDPaul Moore2-4/+3
2016-04-05selinux: don't revalidate inodes in selinux_socket_getpeersec_dgram()Paul Moore1-3/+5
2016-03-28constify ima_d_path()Al Viro2-2/+2
2016-03-28constify security_sb_pivotroot()Al Viro2-2/+2
2016-03-28constify security_path_chroot()Al Viro2-2/+2
2016-03-28constify security_path_{link,rename}Al Viro3-9/+9
2016-03-28apparmor: remove useless checks for NULL ->mntAl Viro1-2/+2
2016-03-28constify security_path_{mkdir,mknod,symlink}Al Viro3-9/+9
2016-03-28constify security_path_{unlink,rmdir}Al Viro3-6/+6
2016-03-28apparmor: constify common_perm_...()Al Viro1-4/+4
2016-03-28apparmor: constify aa_path_link()Al Viro2-2/+2
2016-03-28apparmor: new helper - common_path_perm()Al Viro1-35/+12
2016-03-28constify chmod_common/security_path_chmodAl Viro3-3/+3
2016-03-28constify security_sb_mount()Al Viro3-3/+3
2016-03-28constify chown_common/security_path_chownAl Viro3-3/+3
2016-03-28tomoyo: constify assorted struct path *Al Viro3-13/+13
2016-03-28apparmor_path_truncate(): path->mnt is never NULLAl Viro1-1/+1
2016-03-28constify security_path_truncate()Al Viro3-3/+3
2016-03-27[apparmor] constify struct path * in a bunch of helpersAl Viro5-8/+8
2016-03-20Merge branch 'mm-pkeys-for-linus' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds1-1/+8
2016-03-17Merge tag 'tty-4.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/greg...Linus Torvalds1-2/+2
2016-03-17Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds20-227/+450
2016-03-17Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-32/+50
2016-03-04Merge tag 'keys-next-20160303' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris5-25/+12
2016-03-04Merge branch 'stable-4.6' of git://git.infradead.org/users/pcmoore/selinux in...James Morris1-1/+1
2016-03-03X.509: Make algo identifiers text instead of enumDavid Howells2-4/+5
2016-03-03akcipher: Move the RSA DER encoding check to the crypto layerDavid Howells1-0/+1
2016-02-26Merge branch 'stable-4.5' of git://git.infradead.org/users/pcmoore/selinux in...James Morris1-1/+1
2016-02-26Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris13-163/+418
2016-02-22Merge branch 'smack-for-4.6' of https://github.com/cschaufler/smack-next into...James Morris1-32/+14
2016-02-21ima: require signed IMA policyMimi Zohar1-0/+7
2016-02-21ima: measure and appraise the IMA policy itselfMimi Zohar4-3/+24
2016-02-21ima: load policy using pathDmitry Kasatkin1-2/+43
2016-02-21ima: support for kexec image and initramfsMimi Zohar3-7/+27
2016-02-21ima: remove firmware and module specific cached status infoMimi Zohar5-39/+28
2016-02-21module: replace copy_module_from_fd with kernel versionMimi Zohar2-34/+13
2016-02-21security: define kernel_read_file hookMimi Zohar2-0/+29
2016-02-21firmware: replace call to fw_read_file_contents() with kernel versionMimi Zohar2-24/+10
2016-02-20ima: define a new hook to measure and appraise a file already in memoryMimi Zohar7-15/+57
2016-02-19selinux: Don't sleep inside inode_getsecid hookAndreas Gruenbacher1-1/+1
2016-02-18ima: calculate the hash of a buffer using aynchronous hash(ahash)Mimi Zohar1-2/+73
2016-02-18ima: provide buffer hash calculation functionDmitry Kasatkin2-0/+49
2016-02-18vfs: define kernel_read_file_id enumerationMimi Zohar1-2/+3
2016-02-18vfs: define a generic function to read a file from the kernelMimi Zohar1-0/+8
2016-02-18ima: use "ima_hooks" enum as function argumentMimi Zohar5-27/+37
2016-02-18ima: refactor ima_policy_show() to display "ima_hooks" rulesMimi Zohar1-27/+36
2016-02-18ima: separate 'security.ima' reading functionality from collectDmitry Kasatkin8-40/+33
2016-02-18security/keys: make big_key.c explicitly non-modularPaul Gortmaker1-14/+1
2016-02-18integrity: convert digsig to akcipher apiTadeusz Struk2-7/+4
2016-02-16smack: fix cache of access labelsJosé Bollo1-2/+6
2016-02-16mm/gup: Introduce get_user_pages_remote()Dave Hansen1-1/+8
2016-02-14Merge 4.5-rc4 into tty-nextGreg Kroah-Hartman2-1/+3
2016-02-12EVM: Use crypto_memneq() for digest comparisonsRyan Ware1-1/+2
2016-02-11Smack: Remove pointless hooksCasey Schaufler1-30/+8
2016-02-10KEYS: CONFIG_KEYS_DEBUG_PROC_KEYS is no longer an optionDavid Howells1-1/+0
2016-02-10tpm: fix checks for policy digest existence in tpm2_seal_trusted()Jarkko Sakkinen1-6/+5
2016-02-09KEYS: Add an alloc flag to convey the builtinness of a keyDavid Howells1-0/+2
2016-02-09selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tablesLorenzo Colitti1-0/+1
2016-02-09crypto: keys - Revert "convert public key to akcipher api"Herbert Xu2-4/+7
2016-02-08IMA: fix non-ANSI declaration of ima_check_policy()Colin Ian King1-1/+1
2016-02-06integrity: convert digsig to akcipher apiTadeusz Struk2-7/+4
2016-02-01Merge 4.5-rc2 into tty-nextGreg Kroah-Hartman1-1/+2
2016-01-28selinux: use absolute path to include directoryAndy Shevchenko1-1/+1
2016-01-28KEYS: Only apply KEY_FLAG_KEEP to a key if a parent keyring has it setDavid Howells1-1/+2
2016-01-27tty: Make tty_files_lock per-ttyPeter Hurley1-2/+2
2016-01-27KEYS: Use skcipherHerbert Xu1-32/+50
2016-01-22wrappers for ->i_mutex accessAl Viro3-11/+11
2016-01-20ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn1-1/+6
2016-01-20security: let security modules use PTRACE_MODE_* with bitmasksJann Horn2-7/+5
2016-01-20KEYS: Fix keyring ref leak in join_session_keyring()Yevgeny Pats1-0/+1
2016-01-17Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds29-160/+967
2016-01-14Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...James Morris1-8/+2
2016-01-12Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds4-168/+82
2016-01-11Merge branch 'work.xattr' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-2/+0
2016-01-10Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris3-21/+17
2016-01-08Merge branch 'for-linus' into work.miscAl Viro1-9/+9
2016-01-08selinux: Inode label revalidation performance fixAndreas Gruenbacher1-8/+2
2016-01-07KEYS: refcount bug fixMimi Zohar2-12/+8
2016-01-04fix the leak in integrity_read_file()Al Viro1-5/+6
2016-01-04selinuxfs: switch to memdup_user_nul()Al Viro1-73/+41
2016-01-04convert a bunch of open-coded instances of memdup_user_nul()Al Viro2-90/+35
2016-01-03ima: ima_write_policy() limit lockingPetko Manolov1-9/+9
2015-12-26Merge branch 'smack-for-4.5' of https://github.com/cschaufler/smack-next into...James Morris1-1/+23
2015-12-26Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...James Morris8-73/+274
2015-12-26Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris19-84/+623
2015-12-24IMA: policy can be updated zero timesSasha Levin3-0/+14
2015-12-24selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()Vladis Dronov1-4/+5
2015-12-24selinux: export validatetrans decisionsAndrew Perepechko4-8/+111
2015-12-24selinux: Revalidate invalid inode security labelsAndreas Gruenbacher1-8/+68
2015-12-24security: Add hook to invalidate inode security labelsAndreas Gruenbacher3-10/+34
2015-12-24selinux: Add accessor functions for inode->i_securityAndreas Gruenbacher1-41/+56
2015-12-24security: Make inode argument of inode_getsecid non-constAndreas Gruenbacher3-3/+3
2015-12-24security: Make inode argument of inode_getsecurity non-constAndreas Gruenbacher3-3/+3
2015-12-24selinux: Remove unused variable in selinux_inode_init_securityAndreas Gruenbacher1-2/+0
2015-12-20keys, trusted: seal with a TPM2 authorization policyJarkko Sakkinen1-0/+26
2015-12-20keys, trusted: select hash algorithm for TPM2 chipsJarkko Sakkinen2-1/+27
2015-12-20keys, trusted: fix: *do not* allow duplicate key optionsJarkko Sakkinen1-0/+3
2015-12-19KEYS: Fix race between read and revokeDavid Howells1-9/+9
2015-12-17Smack: type confusion in smak sendmsg() handlerRoman Kubiak1-1/+1
2015-12-15security/integrity: make ima/ima_mok.c explicitly non-modularPaul Gortmaker1-3/+2
2015-12-15ima: update appraise flags after policy update completesMimi Zohar1-2/+5
2015-12-15IMA: prevent keys on the .ima_blacklist from being removedMimi Zohar1-0/+2
2015-12-15KEYS: prevent keys from being removed from specified keyringsMimi Zohar2-11/+51
2015-12-15IMA: allow reading back the current IMA policyPetko Manolov4-8/+253
2015-12-15IMA: create machine owner and blacklist keyringsPetko Manolov4-0/+87
2015-12-15IMA: policy can now be updated multiple timesPetko Manolov3-28/+75
2015-12-15evm: EVM_LOAD_X509 depends on EVMArnd Bergmann1-1/+1
2015-12-15evm: reset EVM status when file attributes changeDmitry Kasatkin1-0/+13
2015-12-15evm: provide a function to set the EVM key from the kernelDmitry Kasatkin2-14/+46
2015-12-15evm: enable EVM when X509 certificate is loadedDmitry Kasatkin4-3/+14
2015-12-15evm: load an x509 certificate from the kernelDmitry Kasatkin4-0/+33
2015-12-13nfs: Move call to security_inode_listsecurity into nfs_listxattrAndreas Gruenbacher1-2/+0
2015-12-09Smack: File receive for socketsCasey Schaufler1-0/+22
2015-11-26Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...James Morris1-2/+2
2015-11-25KEYS: Fix handling of stored error in a negatively instantiated user keyDavid Howells3-2/+10
2015-11-24selinux: fix bug in conditional rules handlingStephen Smalley1-2/+2
2015-11-23integrity: define '.evm' as a builtin 'trusted' keyringDmitry Kasatkin7-22/+35
2015-11-10Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds3-9/+10
2015-11-08smack: use skb_to_full_sk() helperEric Dumazet1-4/+7
2015-11-08net: add skb_to_full_sk() helper and use it in selinux_netlbl_skbuff_setsid()Eric Dumazet2-15/+3
2015-11-06mm, page_alloc: rename __GFP_WAIT to __GFP_RECLAIMMel Gorman1-1/+1
2015-11-05Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds25-183/+393
2015-11-05selinux: fix random read in selinux_ip_postroute_compat()Eric Dumazet1-4/+14
2015-11-01Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller2-2/+7
2015-10-23Merge tag 'keys-next-20151021' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris13-75/+84
2015-10-22Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...James Morris5-45/+36
2015-10-22apparmor: clarify CRYPTO dependencyArnd Bergmann1-1/+1
2015-10-21selinux: Use a kmem_cache for allocation struct file_security_structSangwoo1-2/+6
2015-10-21selinux: ioctl_has_perm should be staticGeliang Tang1-1/+1
2015-10-21selinux: use sprintf return valueRasmus Villemoes1-4/+1
2015-10-21selinux: use kstrdup() in security_get_bools()Rasmus Villemoes1-7/+1
2015-10-21selinux: use kmemdup in security_sid_to_context_core()Rasmus Villemoes1-2/+2
2015-10-21selinux: remove pointless cast in selinux_inode_setsecurity()Rasmus Villemoes1-1/+1
2015-10-21selinux: introduce security_context_str_to_sidRasmus Villemoes4-25/+20
2015-10-21selinux: do not check open perm on ftruncate callJeff Vander Stoep1-1/+2
2015-10-21selinux: change CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE defaultPaul Moore1-2/+2
2015-10-21KEYS: Merge the type-specific data with the payload dataDavid Howells13-67/+82
2015-10-21keys: Be more consistent in selection of union members usedInsu Yun1-1/+1
2015-10-21KEYS: use kvfree() in add_keyGeliang Tang1-7/+1
2015-10-21Merge branch 'smack-for-4.4' of https://github.com/cschaufler/smack-next into...James Morris4-47/+238
2015-10-20Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris1-1/+1
2015-10-19Smack: limited capability for changing process labelZbigniew Jasinski4-41/+229
2015-10-19KEYS: Don't permit request_key() to construct a new keyringDavid Howells1-0/+3
2015-10-19keys, trusted: seal/unseal with TPM 2.0 chipsJarkko Sakkinen1-3/+33
2015-10-19keys, trusted: move struct trusted_key_options to trusted-type.hJarkko Sakkinen1-11/+0
2015-10-17Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/...Pablo Neira Ayuso1-4/+8
2015-10-16netfilter: remove hook owner refcountingFlorian Westphal2-7/+0
2015-10-15KEYS: Fix crash when attempt to garbage collect an uninstantiated keyringDavid Howells1-2/+4
2015-10-11net: synack packets can be attached to request socketsEric Dumazet1-4/+8
2015-10-09Smack: pipefs fix in smack_d_instantiateRoman Kubiak1-0/+3
2015-10-09Smack: Minor initialisation improvementJosé Bollo2-3/+3
2015-10-09smack: smk_ipv6_port_list should be staticGeliang Tang1-1/+1
2015-10-09Smack: fix a NULL dereference in wrong smack_import_entry() usageLukasz Pawelczyk1-2/+2
2015-10-09integrity: prevent loading untrusted certificates on the IMA trusted keyringDmitry Kasatkin1-1/+1
2015-10-02Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-4/+4
2015-09-26Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-1/+1
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 18:24:20 +0000