aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2015-03-27Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...James Morris1-1/+1
2015-03-25selinux: fix sel_write_enforce broken return valueJoe Perches1-1/+1
2015-02-22Merge branch 'for-linus-2' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds7-23/+21
2015-02-22VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)David Howells2-3/+3
2015-02-22SELinux: Use d_is_positive() rather than testing dentry->d_inodeDavid Howells1-2/+2
2015-02-22Smack: Use d_is_positive() rather than testing dentry->d_inodeDavid Howells1-2/+2
2015-02-22TOMOYO: Use d_is_dir() rather than d_inode and S_ISDIR()David Howells1-3/+1
2015-02-22Apparmor: Use d_is_positive/negative() rather than testing dentry->d_inodeDavid Howells1-1/+1
2015-02-22Apparmor: mediated_filesystem() should use dentry->d_sb not inode->i_sbDavid Howells2-12/+12
2015-02-19Merge branch 'kconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/mmare...Linus Torvalds2-3/+3
2015-02-17Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds2-54/+4
2015-02-16Merge branch 'smack-for-3.20-rebased' of git://git.gitorious.org/smack-next/k...James Morris1-0/+16
2015-02-16Don't leak a key reference if request_key() tries to use a revoked keyringDavid Jeffery1-0/+1
2015-02-15Merge tag 'char-misc-3.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds4-0/+125
2015-02-12Merge branch 'for-3.20/bdi' of git://git.kernel.dk/linux-blockLinus Torvalds1-7/+6
2015-02-11Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds11-107/+281
2015-02-11Smack: secmark connectionsCasey Schaufler1-0/+16
2015-02-04SELinux: fix error code in policydb_init()Dan Carpenter1-2/+6
2015-02-04selinux: add security in-core xattr support for pstore and debugfsMark Salyzyn1-17/+8
2015-02-04selinux: quiet the filesystem labeling behavior messagePaul Moore1-4/+0
2015-02-04selinux: Remove unused function avc_sidcmp()Rickard Strandqvist1-5/+0
2015-02-02ima: /proc/keys is now mandatoryDavid Howells1-1/+0
2015-01-29Merge tag 'keys-next-20150123' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris2-26/+0
2015-01-25file->f_path.dentry is pinned down for as long as the file is open...Al Viro1-5/+1
2015-01-25selinuxfs: don't open-code d_genocide()Al Viro1-49/+3
2015-01-25Add security hooks to binder and implement the hooks for SELinux.Stephen Smalley4-0/+125
2015-01-23Smack: Repair netfilter dependencyCasey Schaufler1-1/+1
2015-01-22KEYS: Make /proc/keys unconditional if CONFIG_KEYS=yDavid Howells2-26/+0
2015-01-21smack: fix possible use after frees in task_security() callersAndrey Ryabinin2-11/+23
2015-01-21Merge branch 'for-mingo' of git://git.kernel.org/pub/scm/linux/kernel/git/pau...Ingo Molnar1-0/+1
2015-01-20smack: Add missing logging in bidirectional UDS connect checkRafal Krypa1-1/+1
2015-01-20Smack: secmark support for netfilterCasey Schaufler5-8/+196
2015-01-20Smack: Rework file hooksCasey Schaufler1-21/+19
2015-01-20fs: introduce f_op->mmap_capabilities for nommu mmap supportChristoph Hellwig1-7/+6
2015-01-19smack: Fix a bidirectional UDS connect check typoZbigniew Jasinski1-1/+3
2015-01-19smack: introduce a special case for tmpfs in smack_d_instantiate()Ɓukasz Stelmach1-2/+14
2015-01-19smack: fix logic in smack_inode_init_security functionLukasz Pawelczyk1-3/+2
2015-01-19smack: miscellaneous small fixes in function commentsLukasz Pawelczyk1-5/+9
2015-01-07kconfig: use bool instead of boolean for type definition attributesChristoph Jaeger2-3/+3
2015-01-06rcu: Make SRCU optional by using CONFIG_SRCUPranith Kumar1-0/+1
2015-01-05KEYS: close race between key lookup and freeingSasha Levin1-2/+2
2014-12-16KEYS: remove a bogus NULL checkDan Carpenter1-6/+4
2014-12-16Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris2-2/+5
2014-12-14Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds15-133/+326
2014-12-10Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds6-13/+13
2014-12-08Merge branch 'iov_iter' into for-nextAl Viro4-6/+13
2014-12-06ima: Fix build failure on powerpc when TCG_IBMVTPM dependencies are not metMichael Ellerman1-1/+1
2014-12-06KEYS: Fix stale key registration at error pathTakashi Iwai1-1/+4
2014-12-05Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris1-6/+5
2014-12-01KEYS: request_key() should reget expired keys rather than give EKEYEXPIREDDavid Howells3-2/+5
2014-12-01KEYS: Simplify KEYRING_SEARCH_{NO,DO}_STATE_CHECK flagsDavid Howells3-3/+6
2014-12-01KEYS: Fix the size of the key description passed to/from userspaceDavid Howells1-30/+26
2014-12-01selinux: Remove security_ops externYao Dongdong1-2/+0
2014-11-27Merge branch 'smack-for-3.19' of git://git.gitorious.org/smack-next/kernel in...James Morris2-12/+18
2014-11-21security: smack: fix out-of-bounds access in smk_parse_smack()Andrey Ryabinin1-4/+3
2014-11-19kill f_dentry usesAl Viro4-6/+6
2014-11-19assorted conversions to %p[dD]Al Viro1-4/+4
2014-11-19Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris12-119/+308
2014-11-19Merge commit 'v3.17' into nextJames Morris10-50/+17
2014-11-17VFS: refactor vfs_read()Dmitry Kasatkin1-7/+3
2014-11-17ima: require signature based appraisalDmitry Kasatkin2-0/+13
2014-11-17integrity: provide a hook to load keys when rootfs is readyDmitry Kasatkin1-0/+11
2014-11-17ima: load x509 certificate from the kernelDmitry Kasatkin4-2/+44
2014-11-17integrity: provide a function to load x509 certificate from the kernelDmitry Kasatkin2-1/+37
2014-11-17integrity: define a new function integrity_read_file()Dmitry Kasatkin3-32/+85
2014-11-13Merge branch 'stable-3.18' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-3/+4
2014-11-12selinux: convert WARN_ONCE() to printk() in selinux_nlmsg_perm()Richard Guy Briggs1-3/+4
2014-11-03move d_rcu from overlapping d_child to overlapping d_aliasAl Viro1-3/+3
2014-10-31Security: smack: replace kzalloc with kmem_cache for inode_smackRohit1-3/+10
2014-10-29Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/zoh...James Morris3-3/+9
2014-10-28Smack: Lock mode for the floor and hat labelsCasey Schaufler1-5/+5
2014-10-28evm: check xattr value length and type in evm_inode_setxattr()Dmitry Kasatkin1-3/+6
2014-10-28ima: check xattr value length and type in the ima_inode_setxattr()Dmitry Kasatkin2-0/+3
2014-10-16Merge branch 'stable-3.18' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-1/+1
2014-10-15selinux: fix inode security list corruptionStephen Smalley1-1/+1
2014-10-14security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.cBehan Webster1-28/+19
2014-10-13ima: added support for new kernel cmdline parameter ima_template_fmtRoberto Sassu1-5/+34
2014-10-13ima: allocate field pointers array on demand in template_desc_init_fields()Roberto Sassu1-21/+13
2014-10-13ima: don't allocate a copy of template_fmt in template_desc_init_fields()Roberto Sassu1-13/+17
2014-10-13ima: display template format in meas. list if template name length is zeroRoberto Sassu2-5/+15
2014-10-13ima: added error messages to template-related functionsRoberto Sassu1-5/+17
2014-10-12Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds37-593/+912
2014-10-11ima: use atomic bit operations to protect policy update interfaceDmitry Kasatkin2-28/+18
2014-10-11ima: ignore empty and with whitespaces policy linesDmitry Kasatkin1-1/+2
2014-10-11ima: no need to allocate entry for commentDmitry Kasatkin1-8/+6
2014-10-11ima: report policy load statusDmitry Kasatkin1-0/+2
2014-10-11Merge tag 'locks-v3.18-1' of git://git.samba.org/jlayton/linuxLinus Torvalds4-9/+6
2014-10-07Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jik...Linus Torvalds1-1/+1
2014-10-07Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-2/+2
2014-10-07ima: use path names cacheDmitry Kasatkin2-3/+4
2014-10-07evm: skip replacing EVM signature with HMAC on read-only filesystemDmitry Kasatkin1-3/+8
2014-10-07integrity: add missing '__init' keyword for integrity_init_keyring()Dmitry Kasatkin2-2/+2
2014-10-07ima: check ima_policy_flag in the ima_file_free() hookDmitry Kasatkin3-7/+1
2014-10-06integrity: do zero padding of the key idDmitry Kasatkin1-1/+1
2014-10-02Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris6-47/+94
2014-10-01Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris5-83/+115
2014-09-22selinux: normalize audit log formattingRichard Guy Briggs1-6/+8
2014-09-22selinux: cleanup error reporting in selinux_nlmsg_perm()Richard Guy Briggs1-4/+3
2014-09-22Merge tag 'keys-next-20140922' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris12-71/+82
2014-09-18ima: detect violations for mmaped filesRoberto Sassu2-9/+5
2014-09-18ima: fix race condition on ima_rdwr_violation_check and process_measurementRoberto Sassu1-21/+33
2014-09-18Merge branch 'smack-for-3.18' of git://git.gitorious.org/smack-next/kernel in...James Morris5-274/+520
2014-09-17ima: added ima_policy_flag variableRoberto Sassu4-5/+34
2014-09-17ima: return an error code from ima_add_boot_aggregate()Roberto Sassu1-6/+15
2014-09-17ima: provide 'ima_appraise=log' kernel optionDmitry Kasatkin2-2/+5
2014-09-17ima: move keyring initialization to ima_init()Dmitry Kasatkin2-8/+6
2014-09-16KEYS: Make the key matching functions return boolDavid Howells3-8/+8
2014-09-16KEYS: Remove key_type::match in favour of overriding default by match_preparseDavid Howells9-23/+15
2014-09-16KEYS: Remove key_type::def_lookup_typeDavid Howells3-9/+5
2014-09-16KEYS: Preparse match dataDavid Howells7-44/+65
2014-09-16Merge tag 'keys-next-fixes-20140916' into keys-nextDavid Howells1-2/+2
2014-09-16Merge tag 'keys-fixes-20140916' into keys-nextDavid Howells1-0/+2
2014-09-16KEYS: Reinstate EPERM for a key type name beginning with a '.'David Howells1-0/+2
2014-09-16KEYS: Fix missing staticsDavid Howells1-2/+2
2014-09-10selinux: make the netif cache namespace awarePaul Moore4-36/+46
2014-09-09security: make security_file_set_fowner, f_setown and __f_setown void returnJeff Layton4-9/+6
2014-09-09integrity: make integrity files as 'integrity' moduleDmitry Kasatkin1-3/+3
2014-09-09integrity: base integrity subsystem kconfig options on integrityDmitry Kasatkin3-14/+18
2014-09-09integrity: move asymmetric keys config optionDmitry Kasatkin1-12/+12
2014-09-09ima: initialize only required templateDmitry Kasatkin1-24/+4
2014-09-09ima: remove usage of filename parameterDmitry Kasatkin2-14/+10
2014-09-09ima: remove unnecessary appraisal testDmitry Kasatkin1-2/+0
2014-09-09ima: add missing '__init' keywordsDmitry Kasatkin3-5/+3
2014-09-09ima: remove unnecessary extra variableDmitry Kasatkin1-4/+5
2014-09-09ima: simplify conditional statement to improve performanceDmitry Kasatkin1-4/+2
2014-09-09integrity: remove declaration of non-existing functionsDmitry Kasatkin2-10/+0
2014-09-09integrity: prevent flooding with 'Request for unknown key'Dmitry Kasatkin1-2/+3
2014-09-09ima: pass 'opened' flag to identify newly created filesDmitry Kasatkin3-12/+12
2014-09-09evm: properly handle INTEGRITY_NOXATTRS EVM statusDmitry Kasatkin1-0/+7
2014-09-09Documentation: Docbook: Fix generated DocBook/kernel-api.xmlMasanari Iida1-1/+1
2014-09-08selinux: register nf hooks with single nf_register_hooks callJiri Pirko1-25/+10
2014-09-08ima: provide flag to identify new empty filesDmitry Kasatkin3-7/+13
2014-09-08evm: prevent passing integrity check if xattr read failsDmitry Kasatkin1-3/+4
2014-09-03selinux: fix a problem with IPv6 traffic denials in selinux_ip_postroute()Paul Moore1-0/+1
2014-09-03KEYS: Increase root_maxkeys and root_maxbytes sizesSteve Dickson1-2/+2
2014-09-02evm: fix checkpatch warningsDmitry Kasatkin1-3/+0
2014-09-02ima: fix fallback to use new_sync_read()Dmitry Kasatkin1-4/+4
2014-09-02ima: prevent buffer overflow in ima_alloc_tfm()Dmitry Kasatkin1-1/+4
2014-09-02ima: fix ima_alloc_atfm()Mimi Zohar1-1/+4
2014-08-29Make Smack operate on smack_known struct where it still used char*Lukasz Pawelczyk4-255/+233
2014-08-29Fix a bidirectional UDS connect check typoLukasz Pawelczyk1-2/+2
2014-08-29Small fixes in comments describing function parametersLukasz Pawelczyk1-9/+9
2014-08-28Smack: Bring-up access modeCasey Schaufler5-27/+294
2014-08-28selinux: Permit bounded transitions under NO_NEW_PRIVS or NOSUID.Stephen Smalley1-12/+47
2014-08-27module: rename KERNEL_PARAM_FL_NOARG to avoid confusionJani Nikula1-2/+2
2014-08-26tomoyo: Fix pathname calculation breakage.Tetsuo Handa1-2/+3
2014-08-25Smack: Fix setting label on successful file openMarcin Niesluchowski1-1/+3
2014-08-09Merge branch 'stable-3.17' of git://git.infradead.org/users/pcmoore/selinuxLinus Torvalds3-6/+4
2014-08-08Smack: remove unneeded NULL-termination from securtity labelKonstantin Khlebnikov1-3/+3
2014-08-08Smack: handle zero-length security labels without panicKonstantin Khlebnikov2-3/+3
2014-08-08Smack: fix behavior of smack_inode_listsecurityKonstantin Khlebnikov1-5/+4
2014-08-07selinux: remove unused variabled in the netport, netnode, and netif cachesPaul Moore3-6/+4
2014-08-06Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds34-377/+781
2014-08-05Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2-8/+4
2014-08-05Merge tag 'v3.16' into nextPaul Moore27-175/+490
2014-08-04Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds2-31/+3
2014-08-02Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris5-102/+70
2014-08-01netlabel: shorter names for the NetLabel catmap funcs/structsPaul Moore5-26/+26
2014-08-01netlabel: fix the horribly broken catmap functionsPaul Moore2-82/+50
2014-08-01netlabel: fix a problem when setting bits below the previously lowest bitPaul Moore1-1/+1
2014-07-30Merge branch 'stable-3.16' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-11/+2
2014-07-28Revert "selinux: fix the default socket labeling in sock_graft()"Paul Moore1-11/+2
2014-07-28KEYS: revert encrypted key changeMimi Zohar1-1/+1
2014-07-25ima: add support for measuring and appraising firmwareMimi Zohar6-4/+41
2014-07-25security: introduce kernel_fw_from_file hookKees Cook2-0/+12
2014-07-24CAPABILITIES: remove undefined caps from all processesEric Paris1-0/+3
2014-07-24Merge tag 'keys-next-20140722' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris12-57/+209
2014-07-24commoncap: don't alloc the credential unless needed in cap_task_prctlTetsuo Handa1-42/+30
2014-07-22Merge branch 'keys-fixes' into keys-nextDavid Howells1-1/+14
2014-07-22Merge remote-tracking branch 'integrity/next-with-keys' into keys-nextDavid Howells6-4/+67
2014-07-22KEYS: request_key_auth: Provide key preparsingDavid Howells1-0/+13
2014-07-22KEYS: keyring: Provide key preparsingDavid Howells1-11/+23
2014-07-22KEYS: big_key: Use key preparsingDavid Howells1-16/+25
2014-07-22KEYS: user: Use key preparsingDavid Howells1-19/+22
2014-07-22KEYS: Call ->free_preparse() even after ->preparse() returns an errorDavid Howells1-5/+4
2014-07-22KEYS: Allow expiry time to be set when preparsing a keyDavid Howells1-0/+8
2014-07-22KEYS: struct key_preparsed_payload should have two payload pointersDavid Howells2-3/+5
2014-07-19Merge tag 'seccomp-3.17' of git://git.kernel.org/pub/scm/linux/kernel/git/kee...James Morris1-2/+2
2014-07-19Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris11-160/+101
2014-07-18sched: move no_new_privs into new atomic flagsKees Cook1-2/+2
2014-07-18KEYS: Provide a generic instantiation functionDavid Howells1-0/+30
2014-07-17KEYS: Allow special keys (eg. DNS results) to be invalidated by CAP_SYS_ADMINDavid Howells1-1/+14
2014-07-17ima: define '.ima' as a builtin 'trusted' keyringMimi Zohar5-2/+63
2014-07-17KEYS: special dot prefixed keyring name bug fixMimi Zohar1-2/+4
2014-07-17ima: provide double buffering for hash calculationDmitry Kasatkin1-16/+49
2014-07-17ima: introduce multi-page collect buffersDmitry Kasatkin1-2/+96
2014-07-17ima: use ahash API for file hash calculationDmitry Kasatkin1-4/+183
2014-07-17audit: fix dangling keywords in integrity ima message outputRichard Guy Briggs2-4/+4
2014-07-17ima: delay template descriptor lookup until useDmitry Kasatkin1-1/+2
2014-07-17ima: remove unnecessary i_mutex locking from ima_rdwr_violation_check()Dmitry Kasatkin1-4/+0
2014-07-16Merge tag 'v3.16-rc5' into timers/coreThomas Gleixner31-182/+510
2014-07-17Merge branch 'stable-3.16' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-2/+11
2014-07-16sched: Remove proliferation of wait_on_bit() action functionsNeilBrown2-31/+3
2014-07-15cgroup: rename cgroup_subsys->base_cftypes to ->legacy_cftypesTejun Heo1-1/+1
2014-07-10selinux: fix the default socket labeling in sock_graft()Paul Moore1-2/+11
2014-06-26selinux: reduce the number of calls to synchronize_net() when flushing cachesPaul Moore7-42/+23
2014-06-23selinux: no recursive read_lock of policy_rwlock in security_genfs_sid()Waiman Long1-9/+32
2014-06-19selinux: fix a possible memory leak in cond_read_node()Namhyung Kim1-1/+1
2014-06-19selinux: simple cleanup for cond_read_node()Namhyung Kim1-7/+2
2014-06-18security: Used macros from compiler.h instead of __attribute__((...))Gideon Israel Dsouza1-1/+2
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-12 05:14:41 +0000