aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2014-08-09Merge branch 'stable-3.17' of git://git.infradead.org/users/pcmoore/selinuxLinus Torvalds3-6/+4
2014-08-07selinux: remove unused variabled in the netport, netnode, and netif cachesPaul Moore3-6/+4
2014-08-06Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds34-377/+781
2014-08-05Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2-8/+4
2014-08-04Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds2-31/+3
2014-08-02Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris5-102/+70
2014-08-01netlabel: shorter names for the NetLabel catmap funcs/structsPaul Moore5-26/+26
2014-08-01netlabel: fix the horribly broken catmap functionsPaul Moore2-82/+50
2014-08-01netlabel: fix a problem when setting bits below the previously lowest bitPaul Moore1-1/+1
2014-07-30Merge branch 'stable-3.16' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-11/+2
2014-07-28Revert "selinux: fix the default socket labeling in sock_graft()"Paul Moore1-11/+2
2014-07-28KEYS: revert encrypted key changeMimi Zohar1-1/+1
2014-07-25ima: add support for measuring and appraising firmwareMimi Zohar6-4/+41
2014-07-25security: introduce kernel_fw_from_file hookKees Cook2-0/+12
2014-07-24CAPABILITIES: remove undefined caps from all processesEric Paris1-0/+3
2014-07-24Merge tag 'keys-next-20140722' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris12-57/+209
2014-07-24commoncap: don't alloc the credential unless needed in cap_task_prctlTetsuo Handa1-42/+30
2014-07-22Merge branch 'keys-fixes' into keys-nextDavid Howells1-1/+14
2014-07-22Merge remote-tracking branch 'integrity/next-with-keys' into keys-nextDavid Howells6-4/+67
2014-07-22KEYS: request_key_auth: Provide key preparsingDavid Howells1-0/+13
2014-07-22KEYS: keyring: Provide key preparsingDavid Howells1-11/+23
2014-07-22KEYS: big_key: Use key preparsingDavid Howells1-16/+25
2014-07-22KEYS: user: Use key preparsingDavid Howells1-19/+22
2014-07-22KEYS: Call ->free_preparse() even after ->preparse() returns an errorDavid Howells1-5/+4
2014-07-22KEYS: Allow expiry time to be set when preparsing a keyDavid Howells1-0/+8
2014-07-22KEYS: struct key_preparsed_payload should have two payload pointersDavid Howells2-3/+5
2014-07-19Merge tag 'seccomp-3.17' of git://git.kernel.org/pub/scm/linux/kernel/git/kee...James Morris1-2/+2
2014-07-19Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris11-160/+101
2014-07-18sched: move no_new_privs into new atomic flagsKees Cook1-2/+2
2014-07-18KEYS: Provide a generic instantiation functionDavid Howells1-0/+30
2014-07-17KEYS: Allow special keys (eg. DNS results) to be invalidated by CAP_SYS_ADMINDavid Howells1-1/+14
2014-07-17ima: define '.ima' as a builtin 'trusted' keyringMimi Zohar5-2/+63
2014-07-17KEYS: special dot prefixed keyring name bug fixMimi Zohar1-2/+4
2014-07-17ima: provide double buffering for hash calculationDmitry Kasatkin1-16/+49
2014-07-17ima: introduce multi-page collect buffersDmitry Kasatkin1-2/+96
2014-07-17ima: use ahash API for file hash calculationDmitry Kasatkin1-4/+183
2014-07-17audit: fix dangling keywords in integrity ima message outputRichard Guy Briggs2-4/+4
2014-07-17ima: delay template descriptor lookup until useDmitry Kasatkin1-1/+2
2014-07-17ima: remove unnecessary i_mutex locking from ima_rdwr_violation_check()Dmitry Kasatkin1-4/+0
2014-07-16Merge tag 'v3.16-rc5' into timers/coreThomas Gleixner31-182/+510
2014-07-17Merge branch 'stable-3.16' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-2/+11
2014-07-16sched: Remove proliferation of wait_on_bit() action functionsNeilBrown2-31/+3
2014-07-15cgroup: rename cgroup_subsys->base_cftypes to ->legacy_cftypesTejun Heo1-1/+1
2014-07-10selinux: fix the default socket labeling in sock_graft()Paul Moore1-2/+11
2014-06-26selinux: reduce the number of calls to synchronize_net() when flushing cachesPaul Moore7-42/+23
2014-06-23selinux: no recursive read_lock of policy_rwlock in security_genfs_sid()Waiman Long1-9/+32
2014-06-19selinux: fix a possible memory leak in cond_read_node()Namhyung Kim1-1/+1
2014-06-19selinux: simple cleanup for cond_read_node()Namhyung Kim1-7/+2
2014-06-18security: Used macros from compiler.h instead of __attribute__((...))Gideon Israel Dsouza1-1/+2
2014-06-18selinux: introduce str_read() helperNamhyung Kim1-96/+37
2014-06-17SELinux: use ARRAY_SIZEHimangi Saraogi1-4/+4
2014-06-17Merge tag 'v3.15' into nextPaul Moore34-235/+376
2014-06-13Merge branch 'serge-next-2' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds7-28/+114
2014-06-12ima: introduce ima_kernel_read()Dmitry Kasatkin1-1/+31
2014-06-12evm: prohibit userspace writing 'security.evm' HMAC valueMimi Zohar1-2/+10
2014-06-12ima: check inode integrity cache in violation checkDmitry Kasatkin1-2/+7
2014-06-12ima: prevent unnecessary policy checkingDmitry Kasatkin1-9/+4
2014-06-12evm: provide option to protect additional SMACK xattrsDmitry Kasatkin2-0/+22
2014-06-12evm: replace HMAC version with attribute maskDmitry Kasatkin4-11/+33
2014-06-12ima: prevent new digsig xattr from being replacedMimi Zohar1-3/+7
2014-06-12Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-1/+1
2014-06-12tomoyo: Use sensible time interfaceThomas Gleixner2-8/+4
2014-06-10Merge branch 'serge-next-1' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds23-133/+382
2014-06-09Merge branch 'for-3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c...Linus Torvalds1-20/+13
2014-06-03ima: audit log files opened with O_DIRECT flagMimi Zohar4-3/+19
2014-06-03selinux: conditionally reschedule in hashtab_insert while loading selinux policyDave Jones1-0/+3
2014-06-03selinux: conditionally reschedule in mls_convert_context while loading selinu...Dave Jones1-0/+2
2014-06-03selinux: reject setexeccon() on MNT_NOSUID applications with -EACCESPaul Moore1-2/+4
2014-06-03selinux: Report permissive mode in avc: denied messages.Stephen Smalley3-5/+11
2014-05-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller3-58/+159
2014-05-20Merge branch 'smack-for-3.16' of git://git.gitorious.org/smack-next/kernel in...James Morris4-73/+297
2014-05-16device_cgroup: use css_has_online_children() instead of has_children()Tejun Heo1-17/+2
2014-05-16device_cgroup: remove direct access to cgroup->childrenTejun Heo1-2/+10
2014-05-16cgroup: remove css_parent()Tejun Heo1-4/+4
2014-05-15selinux: conditionally reschedule in hashtab_insert while loading selinux policyDave Jones1-0/+3
2014-05-15selinux: conditionally reschedule in mls_convert_context while loading selinu...Dave Jones1-0/+2
2014-05-15selinux: reject setexeccon() on MNT_NOSUID applications with -EACCESPaul Moore1-2/+4
2014-05-13cgroup: replace cftype->write_string() with cftype->write()Tejun Heo1-7/+7
2014-05-13Merge branch 'for-3.15-fixes' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-43/+159
2014-05-12Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-3/+3
2014-05-06Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds2-15/+0
2014-05-06Warning in scanf string typingToralf Förster1-1/+1
2014-05-06nick kvfree() from apparmorAl Viro2-15/+0
2014-05-05device_cgroup: check if exception removal is allowedAristeu Rozanski1-3/+38
2014-05-04device_cgroup: fix the comment format for recently added functionsAristeu Rozanski1-17/+16
2014-05-01selinux: Report permissive mode in avc: denied messages.Stephen Smalley3-5/+11
2014-04-30Smack: Label cgroup files for systemdCasey Schaufler1-12/+18
2014-04-23Smack: Verify read access on file open - v3Casey Schaufler1-3/+16
2014-04-22audit: add netlink audit protocol bind to check capabilities on multicast joinRichard Guy Briggs1-1/+1
2014-04-22locks: rename file-private locks to "open file description locks"Jeff Layton1-3/+3
2014-04-21device_cgroup: rework device access check and exception checkingAristeu Rozanski1-40/+122
2014-04-15security: Convert use of typedef ctl_table to struct ctl_tableJoe Perches1-1/+1
2014-04-14Merge tag 'keys-20140314' of git://git.kernel.org/pub/scm/linux/kernel/git/dh...James Morris11-49/+45
2014-04-14Merge commit 'v3.14' into nextJames Morris15-53/+93
2014-04-12Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds3-4/+4
2014-04-12Merge git://git.infradead.org/users/eparis/auditLinus Torvalds2-5/+8
2014-04-11Smack: bidirectional UDS connect checkCasey Schaufler2-23/+27
2014-04-11Smack: Correctly remove SMACK64TRANSMUTE attributeCasey Schaufler1-6/+19
2014-04-11SMACK: Fix handling value==NULL in post setxattrJosé Bollo1-1/+3
2014-04-11bugfix patch for SMACKPankaj Kumar1-2/+2
2014-04-11Smack: adds smackfs/ptrace interfaceLukasz Pawelczyk4-2/+108
2014-04-11Smack: unify all ptrace accesses in the smackLukasz Pawelczyk1-13/+71
2014-04-11Smack: fix the subject/object order in smack_ptrace_traceme()Lukasz Pawelczyk3-9/+29
2014-04-11Minor improvement of 'smack_sb_kern_mount'José Bollo1-3/+5
2014-04-04Merge branch 'locks-3.15' of git://git.samba.org/jlayton/linuxLinus Torvalds1-0/+3
2014-04-04Merge branch 'cross-rename' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-2/+20
2014-04-03Merge branch 'for-3.15' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c...Linus Torvalds1-8/+4
2014-04-03Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds26-175/+208
2014-04-02Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-2/+3
2014-04-01get rid of pointless checks for NULL ->i_opAl Viro3-4/+4
2014-04-01vfs: add cross-renameMiklos Szeredi1-0/+16
2014-04-01security: add flags to rename hooksMiklos Szeredi1-2/+4
2014-03-31Merge branch 'compat' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/l...Linus Torvalds1-2/+2
2014-03-31Merge tag 'v3.14' into nextPaul Moore17-158/+260
2014-03-31locks: add new fcntl cmd values for handling file private locksJeff Layton1-0/+3
2014-03-25Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller8-29/+46
2014-03-20audit: anchor all pid references in the initial pid namespaceRichard Guy Briggs2-5/+8
2014-03-19selinux: correctly label /proc inodes in use before the policy is loadedPaul Moore1-9/+27
2014-03-19selinux: put the mmap() DAC controls before the MAC controlsPaul Moore1-12/+8
2014-03-19cgroup: drop const from @buffer of cftype->write_string()Tejun Heo1-2/+2
2014-03-18Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klasse...David S. Miller8-29/+46
2014-03-14Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-1/+5
2014-03-14smack: fix key permission verificationDmitry Kasatkin1-1/+6
2014-03-14KEYS: Move the flags representing required permission to linux/key.hDavid Howells11-48/+39
2014-03-12Merge branch 'next-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/zo...James Morris18-134/+153
2014-03-10selinux: add gfp argument to security_xfrm_policy_alloc and fix callersNikolay Aleksandrov8-29/+46
2014-03-09KEYS: Make the keyring cycle detector ignore other keyrings of the same nameDavid Howells1-1/+5
2014-03-07evm: enable key retention service automaticallyDmitry Kasatkin1-2/+3
2014-03-07ima: skip memory allocation for empty filesDmitry Kasatkin1-8/+12
2014-03-07evm: EVM does not use MD5Dmitry Kasatkin1-1/+0
2014-03-07ima: return d_name.name if d_path failsDmitry Kasatkin2-7/+2
2014-03-07integrity: fix checkpatch errorsDmitry Kasatkin11-70/+69
2014-03-07ima: fix erroneous removal of security.ima xattrDmitry Kasatkin1-2/+4
2014-03-07security: integrity: Use a more current logging styleJoe Perches7-11/+27
2014-03-07Merge tag 'v3.13' into for-3.15Eric Paris67-1633/+3320
2014-03-07ima: reduce memory usage when a template containing the n field is usedRoberto Sassu2-17/+13
2014-03-07ima: restore the original behavior for sending data with ima templateRoberto Sassu3-4/+10
2014-03-07Integrity: Pass commname via get_task_comm()Tetsuo Handa1-1/+2
2014-03-07ima: use static const char array definitionsMimi Zohar4-10/+10
2014-03-07security: have cap_dentry_init_security return errorJeff Layton1-1/+1
2014-03-06security/compat: convert to COMPAT_SYSCALL_DEFINEHeiko Carstens1-2/+2
2014-03-05Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-4/+4
2014-03-05selinux: correctly label /proc inodes in use before the policy is loadedPaul Moore1-9/+27
2014-03-04ima: new helper: file_inode(file)Libo Chen1-1/+1
2014-02-28selinux: put the mmap() DAC controls before the MAC controlsPaul Moore1-12/+8
2014-02-24Merge branch 'stable-3.14' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-4/+4
2014-02-20SELinux: bigendian problems with filename trans rulesEric Paris1-4/+4
2014-02-17security: cleanup Makefiles to use standard syntax for specifying sub-directo...Sam Ravnborg2-8/+8
2014-02-12flowcache: Make flow cache name space awareFan Du1-2/+3
2014-02-10Merge branch 'stable-3.14' of git://git.infradead.org/users/pcmoore/selinux i...James Morris2-0/+6
2014-02-08cgroup: clean up cgroup_subsys names and initializationTejun Heo1-6/+2
2014-02-06security: replace strict_strto*() with kstrto*()Jingoo Han7-12/+12
2014-02-05SELinux: Fix kernel BUG on empty security contexts.Stephen Smalley1-0/+4
2014-02-05selinux: add SOCK_DIAG_BY_FAMILY to the list of netlink message typesPaul Moore1-0/+2
2014-02-05Merge tag 'v3.13' into stable-3.14Paul Moore54-1239/+2802
2014-02-05security: select correct default LSM_MMAP_MIN_ADDR on arm on arm64Colin Cross1-1/+1
2014-01-23Merge git://git.infradead.org/users/eparis/auditLinus Torvalds2-11/+6
2014-01-23Merge tag 'v3.13' into nextPaul Moore54-1239/+2802
2014-01-21Merge branch 'for-3.14' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c...Linus Torvalds1-4/+3
2014-01-21Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds11-148/+366
2014-01-13smack: call WARN_ONCE() instead of calling audit_log_start()Richard Guy Briggs1-3/+2
2014-01-13selinux: call WARN_ONCE() instead of calling audit_log_start()Richard Guy Briggs1-8/+4
2014-01-12SELinux: Fix possible NULL pointer dereference in selinux_inode_permission()Steven Rostedt2-3/+22
2014-01-08Merge branch 'master' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris1-1/+13
2014-01-07SELinux: Fix memory leak upon loading policyTetsuo Handa1-1/+13
2014-01-07Merge branch 'master' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris7-39/+164
2014-01-06Merge to v3.13-rc7 for prerequisite changes in the Xen code for TPMJames Morris29-326/+361
2014-01-03ima: remove unneeded size_limit argument from ima_eventdigest_init_common()Roberto Sassu1-8/+6
2014-01-03ima: pass HASH_ALGO__LAST as hash algo in ima_eventdigest_init()Roberto Sassu1-2/+2
2014-01-03ima: change the default hash algorithm to SHA1 in ima_eventdigest_ng_init()Roberto Sassu1-1/+1
2013-12-31Smack: File receive audit correctionCasey Schaufler1-1/+1
2013-12-31Smack: Rationalize mount restrictionsCasey Schaufler1-54/+29
2013-12-23Smack: change rule cap checkCasey Schaufler1-1/+1
2013-12-23Smack: Make the syslog control configurableCasey Schaufler3-13/+99
2013-12-23selinux: selinux_setprocattr()->ptrace_parent() needs rcu_read_lock()Oleg Nesterov1-2/+2
2013-12-23selinux: fix broken peer recv checkChad Hanson1-1/+3
2013-12-19Smack: Prevent the * and @ labels from being used in SMACK64EXECCasey Schaufler1-16/+37
2013-12-16selinux: selinux_setprocattr()->ptrace_parent() needs rcu_read_lock()Oleg Nesterov1-2/+2
2013-12-16SELinux: remove duplicated include from hooks.cWei Yongjun1-1/+0
2013-12-15Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds3-42/+165
2013-12-15Revert "selinux: consider filesystem subtype in policies"Linus Torvalds2-60/+22
2013-12-13selinux: revert 102aefdda4d8275ce7d7100bc16c88c74272b260Paul Moore2-60/+22
2013-12-13Merge branch 'master' of git://git.infradead.org/users/pcmoore/selinux_fixes ...James Morris3-42/+165
2013-12-12selinux: process labeled IPsec TCP SYN-ACK packets properly in selinux_ip_pos...Paul Moore1-7/+35
2013-12-12selinux: look for IPsec labels on both inbound and outbound packetsPaul Moore3-14/+47
2013-12-12selinux: handle TCP SYN-ACK packets correctly in selinux_ip_postroute()Paul Moore1-15/+53
2013-12-12selinux: handle TCP SYN-ACK packets correctly in selinux_ip_output()Paul Moore1-2/+23
2013-12-12Merge tag 'keys-devel-20131210' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds3-17/+10
2013-12-11selinux: fix broken peer recv checkChad Hanson1-1/+3
2013-12-11smack: fix: allow either entry be missing on access/access2 check (v2)Jarkko Sakkinen1-14/+15
2013-12-10selinux: process labeled IPsec TCP SYN-ACK packets properly in selinux_ip_pos...Paul Moore1-7/+35
2013-12-09selinux: look for IPsec labels on both inbound and outbound packetsPaul Moore3-14/+47
2013-12-05cgroup: replace cftype->read_seq_string() with cftype->seq_show()Tejun Heo1-4/+3
2013-12-04selinux: fix possible memory leakGeyslan G. Bem1-4/+7
2013-12-04selinux: pull address family directly from the request_sock structPaul Moore1-5/+1
2013-12-04selinux: ensure that the cached NetLabel secattr matches the desired SIDPaul Moore1-1/+30
2013-12-04selinux: handle TCP SYN-ACK packets correctly in selinux_ip_postroute()Paul Moore1-15/+53
2013-12-04selinux: handle TCP SYN-ACK packets correctly in selinux_ip_output()Paul Moore1-2/+23
2013-12-02ima: properly free ima_template_entry structuresRoberto Sassu3-5/+19
2013-12-02ima: Do not free 'entry' before it is initializedChristoph Paasch1-1/+0
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 20:29:59 +0000