aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2024-04-03security: Place security_path_post_mknod() where the original IMA call wasRoberto Sassu1-2/+2
2024-04-01selinux: avoid dereference of garbage after mount failureChristian Göttsche1-5/+7
2024-03-14Merge tag 'mm-nonmm-stable-2024-03-14-09-36' of git://git.kernel.org/pub/scm/...Linus Torvalds1-2/+0
2024-03-14Merge tag 'lsm-pr-20240314' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds5-18/+24
2024-03-14Merge tag 'landlock-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds10-23/+293
2024-03-14lsm: handle the NULL buffer case in lsm_fill_user_ctx()Paul Moore1-1/+7
2024-03-14lsm: use 32-bit compatible data types in LSM syscallsCasey Schaufler5-17/+17
2024-03-12Merge tag 'lsm-pr-20240312' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds21-832/+1020
2024-03-12Merge tag 'selinux-pr-20240312' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds22-731/+724
2024-03-12Merge tag 'net-next-6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds2-26/+122
2024-03-12Merge tag 'Smack-for-6.9' of https://github.com/cschaufler/smack-nextLinus Torvalds1-46/+56
2024-03-08landlock: Use f_cred in security_file_open() hookMickaël Salaün1-7/+11
2024-03-08landlock: Rename "ptrace" files to "task"Mickaël Salaün4-9/+9
2024-03-08landlock: Simplify current_check_access_socket()Mickaël Salaün1-4/+3
2024-03-07Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski2-2/+4
2024-03-07landlock: Warn once if a Landlock action is requested while disabledMickaël Salaün1-3/+15
2024-03-05Merge tag 'integrity-v6.8-fix' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-1/+2
2024-03-01tomoyo: fix UAF write bug in tomoyo_write_control()Tetsuo Handa1-1/+2
2024-02-29Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski3-4/+4
2024-02-29Merge tag 'landlock-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-2/+2
2024-02-27Merge tag 'lsm-pr-20240227' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2-2/+2
2024-02-27landlock: Add support for KUnit testsMickaël Salaün4-0/+255
2024-02-26landlock: Fix asymmetric private inodes referringMickaël Salaün1-2/+2
2024-02-23selinux: fix style issues in security/selinux/ss/symtab.cPaul Moore1-1/+3
2024-02-23selinux: fix style issues in security/selinux/ss/symtab.hPaul Moore1-5/+4
2024-02-23selinux: fix style issues in security/selinux/ss/sidtab.cPaul Moore1-32/+37
2024-02-23selinux: fix style issues in security/selinux/ss/sidtab.hPaul Moore1-17/+19
2024-02-23selinux: fix style issues in security/selinux/ss/services.hPaul Moore1-1/+2
2024-02-23selinux: fix style issues in security/selinux/ss/policydb.cPaul Moore1-192/+213
2024-02-23selinux: fix style issues in security/selinux/ss/policydb.hPaul Moore1-97/+95
2024-02-23selinux: fix style issues in security/selinux/ss/mls_types.hPaul Moore1-16/+16
2024-02-23selinux: fix style issues in security/selinux/ss/mls.cPaul Moore1-50/+33
2024-02-23selinux: fix style issues in security/selinux/ss/mls.hPaul Moore1-39/+19
2024-02-23selinux: fix style issues in security/selinux/ss/hashtab.cPaul Moore1-12/+11
2024-02-23selinux: fix style issues in security/selinux/ss/hashtab.hPaul Moore1-18/+17
2024-02-23selinux: fix style issues in security/selinux/ss/ebitmap.cPaul Moore1-28/+28
2024-02-23selinux: fix style issues in security/selinux/ss/ebitmap.hPaul Moore1-19/+23
2024-02-23selinux: fix style issues in security/selinux/ss/context.hPaul Moore1-1/+1
2024-02-23selinux: fix style issues in security/selinux/ss/context.hPaul Moore1-19/+22
2024-02-23selinux: fix style issues in security/selinux/ss/constraint.hPaul Moore1-33/+34
2024-02-23selinux: fix style issues in security/selinux/ss/conditional.cPaul Moore1-35/+33
2024-02-23selinux: fix style issues in security/selinux/ss/conditional.hPaul Moore1-12/+11
2024-02-23selinux: fix style issues in security/selinux/ss/avtab.cPaul Moore1-54/+51
2024-02-23selinux: fix style issues in security/selinux/ss/avtab.hPaul Moore1-37/+37
2024-02-23apparmor: fix lsm_get_self_attr()Mickaël Salaün1-1/+1
2024-02-23selinux: fix lsm_get_self_attr()Mickaël Salaün1-1/+1
2024-02-22fortify: drop Clang version check for 12.0.1 or newerNathan Chancellor1-2/+0
2024-02-22treewide: update LLVM Bugzilla linksNathan Chancellor1-1/+1
2024-02-22Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-2/+5
2024-02-22lsm: use default hook return value in call_int_hook()Ondrej Mosnacek1-307/+225
2024-02-21lsm: fix typos in security/security.c comment headersPairman Guo1-4/+4
2024-02-16Merge tag 'lsm-pr-20240215' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-2/+5
2024-02-16integrity: eliminate unnecessary "Problem loading X.509 certificate" msgCoiby Xu1-1/+2
2024-02-15integrity: Remove LSMRoberto Sassu3-222/+2
2024-02-15ima: Make it independent from 'integrity' LSMRoberto Sassu9-116/+308
2024-02-15evm: Make it independent from 'integrity' LSMRoberto Sassu7-26/+81
2024-02-15evm: Move to LSM infrastructureRoberto Sassu2-49/+112
2024-02-15ima: Move IMA-Appraisal to LSM infrastructureRoberto Sassu4-22/+35
2024-02-15ima: Move to LSM infrastructureRoberto Sassu7-80/+79
2024-02-15integrity: Move integrity_kernel_module_request() to IMARoberto Sassu3-24/+34
2024-02-15security: Introduce key_post_create_or_update hookRoberto Sassu2-1/+25
2024-02-15security: Introduce inode_post_remove_acl hookRoberto Sassu1-0/+17
2024-02-15security: Introduce inode_post_set_acl hookRoberto Sassu1-0/+17
2024-02-15security: Introduce inode_post_create_tmpfile hookRoberto Sassu1-0/+15
2024-02-15security: Introduce path_post_mknod hookRoberto Sassu1-0/+14
2024-02-15security: Introduce file_release hookRoberto Sassu1-0/+11
2024-02-15security: Introduce file_post_open hookRoberto Sassu1-0/+17
2024-02-15security: Introduce inode_post_removexattr hookRoberto Sassu1-0/+14
2024-02-15security: Introduce inode_post_setattr hookRoberto Sassu1-0/+16
2024-02-15security: Align inode_setattr hook definition with EVMRoberto Sassu3-3/+6
2024-02-15evm: Align evm_inode_post_setxattr() definition with LSM infrastructureRoberto Sassu2-2/+4
2024-02-15evm: Align evm_inode_setxattr() definition with LSM infrastructureRoberto Sassu2-2/+3
2024-02-15evm: Align evm_inode_post_setattr() definition with LSM infrastructureRoberto Sassu1-1/+3
2024-02-15ima: Align ima_post_read_file() definition with LSM infrastructureRoberto Sassu1-1/+1
2024-02-15ima: Align ima_inode_removexattr() definition with LSM infrastructureRoberto Sassu2-2/+3
2024-02-15ima: Align ima_inode_setxattr() definition with LSM infrastructureRoberto Sassu2-3/+4
2024-02-15ima: Align ima_file_mprotect() definition with LSM infrastructureRoberto Sassu2-3/+5
2024-02-15ima: Align ima_inode_post_setattr() definition with LSM infrastructureRoberto Sassu1-1/+2
2024-02-14lsm: fix integer overflow in lsm_set_self_attr() syscallJann Horn1-2/+5
2024-02-14Smack: use init_task_smack() in smack_cred_transfer()Casey Schaufler1-6/+1
2024-02-02selinux: only filter copy-up xattrs following initializationDavid Disseldorp1-2/+3
2024-02-02selinux: correct return values in selinux_socket_getpeersec_dgram()Paul Moore1-6/+8
2024-02-01Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-5/+40
2024-02-01Merge tag 'lsm-pr-20240131' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-5/+40
2024-01-30lsm: fix default return value of the socket_getpeersec_*() hooksOndrej Mosnacek1-4/+27
2024-01-26Merge tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf...Jakub Kicinski2-26/+122
2024-01-26lsm: fix the logic in security_inode_getsecctx()Ondrej Mosnacek1-1/+13
2024-01-25selinux: reduce the object class calculations at inode init timePaul Moore1-5/+4
2024-01-24Merge tag 'integrity-v6.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-4/+0
2024-01-24bpf,selinux: Allocate bpf_security_struct per BPF tokenAndrii Nakryiko1-0/+25
2024-01-24bpf,lsm: Add BPF token LSM hooksAndrii Nakryiko1-0/+60
2024-01-24bpf,lsm: Refactor bpf_map_alloc/bpf_map_free LSM hooksAndrii Nakryiko2-9/+14
2024-01-24bpf,lsm: Refactor bpf_prog_alloc/bpf_prog_free LSM hooksAndrii Nakryiko2-17/+23
2024-01-24smack: Initialize the in-memory inode in smack_inode_init_security()Roberto Sassu1-1/+6
2024-01-24smack: Always determine inode labels in smack_inode_init_security()Roberto Sassu1-39/+39
2024-01-24smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()Roberto Sassu1-0/+9
2024-01-24smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()Roberto Sassu1-1/+2
2024-01-24Revert "KEYS: encrypted: Add check for strsep"Mimi Zohar1-4/+0
2024-01-24exec: Check __FMODE_EXEC instead of in_execve for LSMsKees Cook2-2/+5
2024-01-19Merge tag 'apparmor-pr-2024-01-18' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds9-74/+54
2024-01-11Merge tag 'pull-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds1-6/+1
2024-01-11Merge tag 'for-6.8/io_uring-2024-01-08' of git://git.kernel.dk/linuxLinus Torvalds2-2/+2
2024-01-10Merge tag 'header_cleanup-2024-01-10' of https://evilpiepirate.org/git/bcachefsLinus Torvalds2-0/+2
2024-01-09Merge tag 'integrity-v6.8' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds4-7/+51
2024-01-09Merge tag 'landlock-6.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds2-16/+17
2024-01-09Merge tag 'lsm-pr-20240105' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds21-69/+769
2024-01-09Merge tag 'selinux-pr-20240105' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds19-600/+538
2024-01-09Merge tag 'mm-nonmm-stable-2024-01-09-10-33' of git://git.kernel.org/pub/scm/...Linus Torvalds1-2/+2
2024-01-09Merge tag 'mm-stable-2024-01-08-15-31' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds1-1/+1
2024-01-09apparmor: Fix memory leak in unpack_profile()Gaosheng Cui1-0/+2
2024-01-08mm, treewide: rename MAX_ORDER to MAX_PAGE_ORDERKirill A. Shutemov1-1/+1
2024-01-08Merge tag 'vfs-6.8.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-3/+2
2024-01-08Merge tag 'vfs-6.8.rw' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfsLinus Torvalds1-8/+2
2024-01-04selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socketMickaël Salaün1-0/+7
2024-01-04apparmor: avoid crash when parsed profile name is emptyFedor Pchelkin1-0/+4
2024-01-04apparmor: fix possible memory leak in unpack_trans_tableFedor Pchelkin2-4/+4
2024-01-03apparmor: Fix move_mount mediation by detecting if source is detachedJohn Johansen2-0/+5
2024-01-03apparmor: free the allocated pdb objectsFedor Pchelkin1-6/+7
2024-01-03landlock: Optimize the number of calls to get_access_mask slightlyGünther Noack1-2/+3
2024-01-03landlock: Remove remaining "inline" modifiers in .c files [v6.6]Günther Noack1-1/+1
2024-01-03landlock: Remove remaining "inline" modifiers in .c files [v6.1]Günther Noack1-9/+9
2024-01-03landlock: Remove remaining "inline" modifiers in .c files [v5.15]Günther Noack2-4/+4
2023-12-29apparmor: Fix ref count leak in task_killJohn Johansen1-1/+0
2023-12-24lsm: new security_file_ioctl_compat() hookAlfred Piccioni4-0/+48
2023-12-22selinux: fix style issues in security/selinux/include/initial_sid_to_string.hPaul Moore1-29/+28
2023-12-22selinux: fix style issues in security/selinux/include/xfrm.hPaul Moore1-2/+2
2023-12-22selinux: fix style issues in security/selinux/include/security.hPaul Moore1-80/+75
2023-12-22selinux: fix style issues with security/selinux/include/policycap_names.hPaul Moore1-0/+3
2023-12-22selinux: fix style issues in security/selinux/include/policycap.hPaul Moore1-0/+1
2023-12-22selinux: fix style issues in security/selinux/include/objsec.hPaul Moore1-64/+65
2023-12-22selinux: fix style issues with security/selinux/include/netlabel.hPaul Moore1-33/+20
2023-12-22selinux: fix style issues in security/selinux/include/netif.hPaul Moore1-2/+2
2023-12-22selinux: fix style issues in security/selinux/include/ima.hPaul Moore1-1/+1
2023-12-22selinux: fix style issues in security/selinux/include/conditional.hPaul Moore1-2/+2
2023-12-22selinux: fix style issues in security/selinux/include/classmap.hPaul Moore1-210/+132
2023-12-22selinux: fix style issues in security/selinux/include/avc_ss.hPaul Moore1-1/+1
2023-12-22selinux: align avc_has_perm_noaudit() prototype with definitionPaul Moore1-1/+1
2023-12-22selinux: fix style issues in security/selinux/include/avc.hPaul Moore1-26/+15
2023-12-22selinux: fix style issues in security/selinux/include/audit.hPaul Moore1-1/+0
2023-12-21apparmorfs: don't duplicate kfree_link()Al Viro1-6/+1
2023-12-21keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiryDavid Howells4-22/+37
2023-12-20shm: Slim down dependenciesKent Overstreet2-0/+2
2023-12-20kexec_file: print out debugging message if requiredBaoquan He1-2/+2
2023-12-20evm: add support to disable EVM on unsupported filesystemsMimi Zohar1-1/+34
2023-12-20evm: don't copy up 'security.evm' xattrMimi Zohar2-1/+8
2023-12-15cred: get rid of CONFIG_DEBUG_CREDENTIALSJens Axboe1-6/+0
2023-12-12fsnotify: optionally pass access range in file permission hooksAmir Goldstein1-7/+1
2023-12-12fsnotify: split fsnotify_perm() into two hooksAmir Goldstein1-2/+2
2023-12-12io_uring: split out cmd api into a separate headerPavel Begunkov2-2/+2
2023-12-07selinux: remove the wrong comment about multithreaded process handlingMunehisa Kamata1-1/+0
2023-12-05iov_iter: replace import_single_range() with import_ubuf()Jens Axboe1-2/+2
2023-12-05iov_iter: remove unused 'iov' argument from import_single_range()Jens Axboe1-2/+1
2023-11-27KEYS: encrypted: Add check for strsepChen Ni1-0/+4
2023-11-27ima: Remove EXPERIMENTAL from KconfigEric Snowberg1-1/+1
2023-11-27ima: Reword IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARYEric Snowberg1-5/+5
2023-11-26apparmor: cleanup network hook commentsJohn Johansen1-44/+16
2023-11-21selinux: introduce an initial SID for early boot processesOndrej Mosnacek7-2/+76
2023-11-20selinux: refactor avtab_node comparisonsJacob Satterfield1-60/+41
2023-11-19apparmor: add missing params to aa_may_ptrace kernel-doc commentsJohn Johansen1-0/+2
2023-11-19apparmor: declare nulldfa as staticJohn Johansen1-1/+1
2023-11-19apparmor: declare stack_msg as staticJohn Johansen1-1/+1
2023-11-19apparmor: switch SECURITY_APPARMOR_HASH from sha1 to sha256Dimitri John Ledkov3-17/+17
2023-11-16selinux: update filenametr_hash() to use full_name_hash()Paul Moore1-9/+2
2023-11-16selinux: saner handling of policy reloadsAl Viro1-78/+66
2023-11-12lsm: mark the lsm_id variables are marked as staticPaul Moore9-9/+9
2023-11-12lsm: convert security_setselfattr() to use memdup_user()Paul Moore1-8/+3
2023-11-12lsm: align based on pointer length in lsm_fill_user_ctx()Paul Moore1-1/+1
2023-11-12lsm: consolidate buffer size handling into lsm_fill_user_ctx()Paul Moore4-74/+63
2023-11-12lsm: correct error codes in security_getselfattr()Paul Moore1-2/+2
2023-11-12lsm: cleanup the size counters in security_getselfattr()Paul Moore1-1/+2
2023-11-12lsm: don't yet account for IMA in LSM_CONFIG_COUNT calculationRoberto Sassu1-1/+0
2023-11-12SELinux: Add selfattr hooksCasey Schaufler1-27/+107
2023-11-12AppArmor: Add selfattr hooksCasey Schaufler3-11/+92
2023-11-12Smack: implement setselfattr and getselfattr hooksCasey Schaufler1-5/+90
2023-11-12LSM: Helpers for attribute names and filling lsm_ctxCasey Schaufler2-0/+65
2023-11-12LSM: Create lsm_list_modules system callCasey Schaufler1-0/+39
2023-11-12LSM: syscalls for current process attributesCasey Schaufler3-0/+210
2023-11-12proc: Use lsmids instead of lsm names for attrsCasey Schaufler1-8/+7
2023-11-12LSM: Maintain a table of LSM attribute dataCasey Schaufler1-0/+37
2023-11-12LSM: Identify modules by more than nameCasey Schaufler17-20/+92
2023-11-03Merge tag 'apparmor-pr-2023-11-03' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds32-848/+1336
2023-11-03Merge tag 'landlock-6.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds10-301/+923
2023-11-02Merge tag 'mm-nonmm-stable-2023-11-02-14-08' of git://git.kernel.org/pub/scm/...Linus Torvalds1-1/+1
2023-11-02Merge tag 'v6.7-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/...Linus Torvalds2-3/+2
2023-11-02Merge tag 'integrity-v6.7' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds5-34/+81
2023-11-01Merge tag 'for-6.7/block-2023-10-30' of git://git.kernel.dk/linuxLinus Torvalds1-0/+1
2023-10-31ima: detect changes to the backing overlay fileMimi Zohar3-1/+22
2023-10-31integrity: fix indentation of config attributesPrasad Pandit1-22/+22
2023-10-31ima: annotate iint mutex to avoid lockdep false positive warningsAmir Goldstein1-11/+37
2023-10-30Merge tag 'lsm-pr-20231030' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds5-16/+16
2023-10-30Merge tag 'selinux-pr-20231030' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds7-30/+33
2023-10-30Merge tag 'tpmdd-v6.7' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkk...Linus Torvalds4-63/+30
2023-10-30Merge tag 'hardening-v6.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-3/+3
2023-10-30Merge tag 'vfs-6.7.ctime' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs...Linus Torvalds4-7/+8
2023-10-26landlock: Support network rules with TCP bind and connectKonstantin Meskhidze9-24/+414
2023-10-26landlock: Refactor landlock_add_rule() syscallKonstantin Meskhidze1-44/+45
2023-10-26landlock: Refactor layer helpersKonstantin Meskhidze3-42/+66
2023-10-26landlock: Move and rename layer helpersKonstantin Meskhidze3-115/+129
2023-10-26landlock: Refactor merge/inherit_ruleset helpersKonstantin Meskhidze1-42/+74
2023-10-26landlock: Refactor landlock_find_rule/insert_rule helpersKonstantin Meskhidze3-54/+165
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-27 10:49:35 +0000