aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/security.h
AgeCommit message (Expand)AuthorFilesLines
2024-04-09security: allow finer granularity in permitting copy-up of security xattrsStefan Berger1-2/+2
2024-03-14lsm: use 32-bit compatible data types in LSM syscallsCasey Schaufler1-4/+4
2024-03-12Merge tag 'lsm-pr-20240312' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-0/+59
2024-02-15security: Introduce key_post_create_or_update hookRoberto Sassu1-0/+11
2024-02-15security: Introduce inode_post_remove_acl hookRoberto Sassu1-0/+8
2024-02-15security: Introduce inode_post_set_acl hookRoberto Sassu1-0/+7
2024-02-15security: Introduce inode_post_create_tmpfile hookRoberto Sassu1-0/+6
2024-02-15security: Introduce path_post_mknod hookRoberto Sassu1-0/+5
2024-02-15security: Introduce file_release hookRoberto Sassu1-0/+4
2024-02-15security: Introduce file_post_open hookRoberto Sassu1-0/+6
2024-02-15security: Introduce inode_post_removexattr hookRoberto Sassu1-0/+5
2024-02-15security: Introduce inode_post_setattr hookRoberto Sassu1-0/+7
2024-01-24bpf,lsm: Add BPF token LSM hooksAndrii Nakryiko1-0/+25
2024-01-24bpf,lsm: Refactor bpf_map_alloc/bpf_map_free LSM hooksAndrii Nakryiko1-2/+4
2024-01-24bpf,lsm: Refactor bpf_prog_alloc/bpf_prog_free LSM hooksAndrii Nakryiko1-5/+7
2023-12-24lsm: new security_file_ioctl_compat() hookAlfred Piccioni1-0/+9
2023-11-12lsm: consolidate buffer size handling into lsm_fill_user_ctx()Paul Moore1-4/+5
2023-11-12LSM: Helpers for attribute names and filling lsm_ctxCasey Schaufler1-0/+14
2023-11-12LSM: syscalls for current process attributesCasey Schaufler1-0/+19
2023-11-12proc: Use lsmids instead of lsm names for attrsCasey Schaufler1-6/+5
2023-11-12LSM: Maintain a table of LSM attribute dataCasey Schaufler1-0/+2
2023-09-14lsm: constify 'sb' parameter in security_sb_kern_mount()Khadija Kamran1-1/+1
2023-09-14lsm: constify 'bprm' parameter in security_bprm_committed_creds()Khadija Kamran1-2/+2
2023-09-13lsm: constify 'bprm' parameter in security_bprm_committing_creds()Khadija Kamran1-2/+2
2023-09-13lsm: constify 'file' parameter in security_bprm_creds_from_file()Khadija Kamran1-3/+3
2023-09-13lsm: constify 'sb' parameter in security_quotactl()Khadija Kamran1-2/+2
2023-08-30Merge tag 'lsm-pr-20230829' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-5/+6
2023-08-29Merge tag 'net-next-6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds1-2/+3
2023-08-15lsm: constify the 'file' parameter in security_binder_transfer_file()Khadija Kamran1-2/+2
2023-08-15vfs, security: Fix automount superblock LSM init problem, preventing NFS sb s...David Howells1-0/+6
2023-08-08lsm: constify the 'target' parameter in security_capget()Khadija Kamran1-3/+4
2023-07-14security: Constify sk in the sk_getsecid hook.Guillaume Nault1-2/+3
2023-05-18security, lsm: Introduce security_mptcp_add_subflow()Paolo Abeni1-0/+6
2023-04-24Merge tag 'v6.4/vfs.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vf...Linus Torvalds1-1/+1
2023-03-23security: Remove security_old_inode_init_security()Roberto Sassu1-12/+0
2023-03-16fs_context: drop the unused lsm_flags memberOndrej Mosnacek1-1/+1
2023-01-19fs: port acl to mnt_idmapChristian Brauner1-6/+6
2023-01-19fs: port xattr to mnt_idmapChristian Brauner1-12/+10
2023-01-19fs: port ->permission() to pass mnt_idmapChristian Brauner1-4/+4
2023-01-19fs: port ->setattr() to pass mnt_idmapChristian Brauner1-2/+2
2022-12-13Merge tag 'lsm-pr-20221212' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-4/+7
2022-12-13Merge tag 'landlock-6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-0/+6
2022-11-04lsm: make security_socket_getpeersec_stream() sockptr_t safePaul Moore1-4/+7
2022-10-20security: add get, remove and set acl hookChristian Brauner1-0/+29
2022-10-19security: Create file_truncate hook from path_truncate hookGünther Noack1-0/+6
2022-10-09Merge tag 'powerpc-6.1-1' of git://git.kernel.org/pub/scm/linux/kernel/git/po...Linus Torvalds1-0/+2
2022-10-06Merge tag 'pull-path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds1-2/+2
2022-10-03Merge tag 'lsm-pr-20221003' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-0/+6
2022-09-28powerpc/rtas: block error injection when locked downNathan Lynch1-0/+1
2022-09-28powerpc/pseries: block untrusted device tree changes when locked downNathan Lynch1-0/+1
2022-09-01->getprocattr(): attribute name is const char *, TYVM...Al Viro1-2/+2
2022-08-26lsm,io_uring: add LSM hooks for the new uring_cmd file opLuis Chamberlain1-0/+5
2022-08-16security, lsm: Introduce security_create_user_ns()Frederick Lawler1-0/+6
2022-08-02Merge tag 'safesetid-6.0' of https://github.com/micah-morton/linuxLinus Torvalds1-0/+7
2022-07-15security: Add LSM hook to setgroups() syscallMicah Morton1-0/+7
2022-06-26security: pass down mount idmapping to setattr hookChristian Brauner1-3/+5
2022-05-24lockdown: also lock down previous kgdb useDaniel Thompson1-0/+2
2022-02-15security: add sctp_assoc_established hookOndrej Mosnacek1-0/+8
2021-12-06security,selinux: remove security_add_mnt_opt()Ondrej Mosnacek1-8/+0
2021-11-22lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()Paul Moore1-2/+2
2021-11-12net,lsm,selinux: revert the security_sctp_assoc_established() hookPaul Moore1-7/+0
2021-11-03security: add sctp_assoc_established hookXin Long1-0/+7
2021-11-03security: pass asoc to sctp_assoc_request and sctp_sk_cloneXin Long1-5/+5
2021-10-20security: Return xattr name from security_dentry_init_security()Vivek Goyal1-2/+4
2021-10-14binder: use cred instead of task for getsecidTodd Kjos1-0/+5
2021-10-14binder: use cred instead of task for selinux checksTodd Kjos1-14/+14
2021-09-19lsm,io_uring: add LSM hooks to io_uringPaul Moore1-0/+16
2021-08-10bpf: Add lockdown check for probe_write_user helperDaniel Borkmann1-0/+1
2021-08-09bpf: Add _kernel suffix to internal lockdown_bpf_readDaniel Borkmann1-1/+1
2021-05-10selinux: delete selinux_xfrm_policy_lookup() useless argumentZhongjun Tan1-2/+2
2021-05-01Merge tag 'landlock_v34' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds1-0/+4
2021-04-22fs,security: Add sb_delete hookMickaël Salaün1-0/+4
2021-03-22lsm: separate security_task_getsecid() into subjective and objective variantsPaul Moore1-2/+8
2021-03-22lsm,selinux: add new hook to compare new mount to an existing mountOlga Kornievskaia1-0/+8
2021-02-23Merge tag 'idmapped-mounts-v5.12' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds1-20/+34
2021-01-24commoncap: handle idmapped mountsChristian Brauner1-20/+34
2021-01-14security: add inode_init_security_anon() LSM hookLokesh Gidra1-0/+10
2020-12-16Merge tag 'selinux-pr-20201214' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-9/+14
2020-12-12Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klasse...Jakub Kicinski1-0/+1
2020-12-11Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-1/+1
2020-12-10Merge tag 'fixes-v5.10a' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds1-1/+1
2020-12-04[SECURITY] fix namespaced fscaps when !CONFIG_SECURITYSerge Hallyn1-1/+1
2020-12-03security: add const qualifier to struct sock in various placesFlorian Westphal1-2/+2
2020-11-27xfrm: redact SA secret with lockdown confidentialityAntony Antony1-0/+1
2020-11-23lsm,selinux: pass flowi_common instead of flowi to the LSM hooksPaul Moore1-9/+14
2020-10-05LSM: Add "contents" flag to kernel_read_file hookKees Cook1-2/+4
2020-10-05LSM: Introduce kernel_post_load_data() hookKees Cook1-2/+12
2020-10-05fs/kernel_read_file: Split into separate include fileScott Branden1-0/+1
2020-06-14Merge tag 'LSM-add-setgid-hook-5.8-author-fix' of git://github.com/micah-mort...Linus Torvalds1-0/+9
2020-06-14security: Add LSM hooks to set*gid syscallsThomas Cedeno1-0/+9
2020-06-13Merge tag 'notifications-20200601' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-3/+27
2020-06-04Merge branch 'exec-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/eb...Linus Torvalds1-4/+11
2020-05-29exec: Compute file based creds only onceEric W. Biederman1-4/+5
2020-05-21exec: Convert security_bprm_set_creds into security_bprm_repopulate_credsEric W. Biederman1-4/+4
2020-05-20exec: Factor security_bprm_creds_for_exec out of security_bprm_set_credsEric W. Biederman1-0/+6
2020-05-19keys: Make the KEY_NEED_* perms an enum rather than a maskDavid Howells1-3/+3
2020-05-19security: Add hooks to rule on setting a watchDavid Howells1-0/+9
2020-05-19security: Add a hook for the point of notification insertionDavid Howells1-0/+15
2020-04-27sysctl: pass kernel pointers to ->proc_handlerChristoph Hellwig1-1/+1
2020-03-31Merge branch 'next-general' of git://git.kernel.org:/pub/scm/linux/kernel/git...Linus Torvalds1-1/+0
2020-02-21security: remove duplicated include from security.hYueHaibing1-1/+0
2019-12-09security,lockdown,selinux: implement SELinux lockdownStephen Smalley1-0/+2
2019-11-30Merge tag 'powerpc-5.5-1' of git://git.kernel.org/pub/scm/linux/kernel/git/po...Linus Torvalds1-0/+2
2019-11-11Merge tag 'v5.4-rc7' into perf/core, to pick up fixesIngo Molnar1-0/+1
2019-10-31efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMINJavier Martinez Canillas1-0/+1
2019-10-28powerpc/xmon: Restrict when kernel is locked downChristopher M. Riedl1-0/+2
2019-10-19perf/core: Fix !CONFIG_PERF_EVENTS build warnings and failuresIngo Molnar1-0/+1
2019-10-17perf_event: Add support for LSM and SELinux checksJoel Fernandes (Google)1-1/+37
2019-09-28Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-0/+59
2019-09-23Merge tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-2/+8
2019-08-19tracefs: Restrict tracefs when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19debugfs: Restrict debugfs when the kernel is locked downDavid Howells1-0/+1
2019-08-19lockdown: Lock down perf when in confidentiality modeDavid Howells1-0/+1
2019-08-19bpf: Restrict bpf when kernel lockdown is in confidentiality modeDavid Howells1-0/+1
2019-08-19lockdown: Lock down tracing and perf kprobes when in confidentiality modeDavid Howells1-0/+1
2019-08-19lockdown: Lock down /proc/kcoreDavid Howells1-0/+1
2019-08-19x86/mmiotrace: Lock down the testmmiotrace moduleDavid Howells1-0/+1
2019-08-19lockdown: Lock down module params that specify hardware parameters (eg. ioport)David Howells1-0/+1
2019-08-19lockdown: Lock down TIOCSSERIALDavid Howells1-0/+1
2019-08-19lockdown: Prohibit PCMCIA CIS storage when the kernel is locked downDavid Howells1-0/+1
2019-08-19ACPI: Limit access to custom_method when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19x86/msr: Restrict MSR access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19x86: Lock down IO port access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19PCI: Lock down BAR access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19hibernate: Disable when the kernel is locked downJosh Boyer1-0/+1
2019-08-19kexec_load: Disable at runtime if the kernel is locked downMatthew Garrett1-0/+1
2019-08-19lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19lockdown: Enforce module signatures if the kernel is locked downDavid Howells1-0/+1
2019-08-19security: Add a static lockdown policy LSMMatthew Garrett1-0/+3
2019-08-19security: Add a "locked down" LSM hookMatthew Garrett1-0/+32
2019-08-19security: Support early LSMsMatthew Garrett1-0/+6
2019-08-12fanotify, inotify, dnotify, security: add security hook for fs notificationsAaron Goidel1-2/+8
2019-06-14LSM: switch to blocking policy update notifiersJanne Karhunen1-6/+6
2019-05-07Merge branch 'work.mount-syscalls' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-0/+7
2019-03-20LSM: add new hook for kernfs node initializationOndrej Mosnacek1-0/+9
2019-03-20vfs: syscall: Add move_mount(2) to move mounts aroundDavid Howells1-0/+7
2019-03-12Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-1/+17
2019-03-07Merge tag 'audit-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-3/+2
2019-02-28introduce cloning of fs_contextAl Viro1-0/+6
2019-02-28vfs: Put security flags into the fs_context structDavid Howells1-1/+1
2019-02-28vfs: Add LSM hooks for the new mount APIDavid Howells1-0/+10
2019-01-31audit: remove unused actx param from audit_rule_matchRichard Guy Briggs1-3/+2
2019-01-10LSM: generalize flag passing to security_capableMicah Morton1-14/+14
2019-01-08procfs: add smack subdir to attrsCasey Schaufler1-5/+10
2018-12-21LSM: new method: ->sb_add_mnt_opt()Al Viro1-2/+4
2018-12-21LSM: bury struct security_mnt_optsAl Viro1-8/+0
2018-12-21LSM: hide struct security_mnt_opts from any generic codeAl Viro1-33/+10
2018-12-21LSM: split ->sb_set_mnt_opts() out of ->sb_kern_mount()Al Viro1-4/+2
2018-12-21new helper: security_sb_eat_lsm_opts()Al Viro1-25/+3
2018-12-21LSM: lift extracting and parsing LSM options into the caller of ->sb_remount()Al Viro1-2/+3
2018-12-21LSM: lift parsing LSM options into the caller of ->sb_kern_mount()Al Viro1-2/+4
2018-10-03signal: Distinguish between kernel_siginfo and siginfoEric W. Biederman1-3/+3
2018-08-15Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-0/+27
2018-07-16security: define new LSM hook named security_kernel_load_dataMimi Zohar1-0/+27
2018-07-12security_file_open(): lose cred argumentAl Viro1-3/+2
2018-05-04security: add hook for socketpair()David Herrmann1-0/+7
2018-04-24Merge tag 'v4.17-rc2' into next-generalJames Morris1-35/+58
2018-04-17security: remove security_settimeSargun Dhillon1-14/+0
2018-04-07Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-0/+1
2018-04-07Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-2/+2
2018-04-06Merge tag 'selinux-pr-20180403' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-0/+25
2018-03-23security: Add a cred_getsecid hookMatthew Garrett1-0/+1
2018-03-22msg/security: Pass kern_ipc_perm not msg_queue into the msg_queue security hooksEric W. Biederman1-13/+12
2018-03-22shm/security: Pass kern_ipc_perm not shmid_kernel into the shm security hooksEric W. Biederman1-11/+10
2018-03-22sem/security: Pass kern_ipc_perm not sem_array into the sem security hooksEric W. Biederman1-11/+10
2018-03-07usb, signal, security: only pass the cred, not the secid, to kill_pid_info_as...Stephen Smalley1-2/+2
2018-02-22security: Add support for SCTP security hooksRichard Haines1-0/+25
2017-11-02security: bpf: replace include of linux/bpf.h with forward declarationsJakub Kicinski1-1/+4
2017-10-20security: bpf: Add LSM hooks for bpf object related syscallChenbo Feng1-0/+45
2017-09-12Merge tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-6/+0
2017-09-11Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds1-0/+2
2017-09-01Introduce v3 namespaced file capabilitiesSerge E. Hallyn1-0/+2
2017-08-01LSM: drop bprm_secureexec hookKees Cook1-6/+0
2017-08-01commoncap: Refactor to remove bprm_secureexec hookKees Cook1-2/+1
2017-07-18LSM: Remove security_task_create() hook.Tetsuo Handa1-6/+0
2017-06-23Merge branch 'stable-4.13' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-2/+56
2017-06-09security/selinux: allow security_sb_clone_mnt_opts to enable/disable native l...Scott Mayhew1-2/+6
2017-06-08securityfs: add the ability to support symlinksJohn Johansen1-0/+12
2017-05-23IB/core: Enforce security on management datagramsDaniel Jurgens1-0/+6
2017-05-23selinux lsm IB/core: Implement LSM notification systemDaniel Jurgens1-0/+23
2017-05-23IB/core: Enforce PKey security on QPsDaniel Jurgens1-0/+21
2017-03-28LSM: Revive security_task_alloc() hook and per "struct task_struct" security ...Tetsuo Handa1-0/+7
2017-03-06prlimit,security,selinux: add a security hook for prlimitStephen Smalley1-0/+13
2017-02-23Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds1-2/+1
2017-01-24exec: Remove LSM_UNSAFE_PTRACE_CAPEric W. Biederman1-2/+1
2017-01-12security,selinux,smack: kill security_task_wait hookStephen Smalley1-6/+0
2017-01-09proc,security: move restriction on writing /proc/pid/attr nodes to procStephen Smalley1-2/+2
2016-09-19Merge branch 'stable-4.9' of git://git.infradead.org/users/pcmoore/selinux in...James Morris1-0/+24
2016-08-09module: Fully remove the kernel_module_from_file hookMickaël Salaün1-1/+0
2016-08-08security, overlayfs: Provide hook to correctly label newly created filesVivek Goyal1-0/+12
2016-08-08security,overlayfs: Provide security hook for copy up of xattrs for overlay fileVivek Goyal1-0/+6
2016-08-08security, overlayfs: provide copy up security hook for unioned filesVivek Goyal1-0/+6
2016-07-20qstr: constify dentry_init_securityAl Viro1-2/+2
2016-05-17Merge branch 'work.const-path' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-29/+29
2016-04-22security: Introduce security_settime64()Baolin Wang1-3/+17
2016-03-28constify security_sb_pivotroot()Al Viro1-3/+3
2016-03-28constify security_path_chroot()Al Viro1-2/+2
2016-03-28constify security_path_{link,rename}Al Viro1-6/+6
2016-03-28constify security_path_{mkdir,mknod,symlink}Al Viro1-6/+6
2016-03-28constify security_path_{unlink,rmdir}Al Viro1-4/+4
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-18 02:22:28 +0000