aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2023-10-26landlock: Allow FS topology changes for domains without such rule typeMickaël Salaün3-40/+60
2023-10-26landlock: Make ruleset's access masks more genericKonstantin Meskhidze5-20/+50
2023-10-24keys: Remove unused extern declarationsYueHaibing1-7/+0
2023-10-24integrity: powerpc: Do not select CA_MACHINE_KEYRINGMichal Suchanek1-2/+0
2023-10-24KEYS: trusted: tee: Refactor register SHM usageSumit Garg1-44/+20
2023-10-24KEYS: trusted: Rollback init_trusted() consistentlyJarkko Sakkinen1-10/+10
2023-10-23apparmor: Fix some kernel-doc commentsYang Li1-2/+2
2023-10-23apparmor: Fix one kernel-doc commentYang Li1-1/+1
2023-10-23apparmor: Fix some kernel-doc commentsYang Li1-2/+2
2023-10-22apparmor: mark new functions staticArnd Bergmann1-2/+2
2023-10-20ima: Add __counted_by for struct modsig and use struct_size()Gustavo A. R. Silva1-3/+3
2023-10-18apparmor: Fix regression in mount mediationJohn Johansen3-22/+51
2023-10-18apparmor: cache buffers on percpu list if there is lock contentionJohn Johansen1-5/+62
2023-10-18apparmor: add io_uring mediationGeorgia Garcia6-2/+131
2023-10-18apparmor: add user namespace creation mediationJohn Johansen7-2/+75
2023-10-18apparmor: allow restricting unprivileged change_profileJohn Johansen5-0/+39
2023-10-18apparmor: advertise disconnected.path is availableJohn Johansen1-0/+1
2023-10-18apparmor: refcount the pdbJohn Johansen15-210/+260
2023-10-18apparmor: provide separate audit messages for file and policy checksJohn Johansen1-5/+11
2023-10-18apparmor: pass cred through to audit info.John Johansen20-211/+388
2023-10-18apparmor: rename audit_data->label to audit_data->subj_labelJohn Johansen10-18/+17
2023-10-18apparmor: combine common_audit_data and apparmor_audit_dataJohn Johansen15-245/+257
2023-10-18apparmor: rename SK_CTX() to aa_sock and make it an inline fnJohn Johansen2-11/+16
2023-10-18treewide: mark stuff as __ro_after_initAlexey Dobriyan1-1/+1
2023-10-18security: convert to new timestamp accessorsJeff Layton1-1/+1
2023-10-18selinux: convert to new timestamp accessorsJeff Layton1-1/+1
2023-10-18apparmor: convert to new timestamp accessorsJeff Layton2-5/+6
2023-10-15apparmor: Optimize retrieving current task secidVinicius Costa Gomes1-2/+2
2023-10-15apparmor: remove unused functions in policy_ns.c/.hXiu Jianfeng2-51/+0
2023-10-15apparmor: remove unneeded #ifdef in decompress_zstd()Xiu Jianfeng1-2/+0
2023-10-11security/keys: export key_lookup()Hannes Reinecke1-0/+1
2023-10-10KEYS: trusted: Remove redundant static calls usageSumit Garg1-8/+5
2023-10-04lsm: fix a spelling mistakePaul Moore1-1/+1
2023-10-03selinux: simplify avtab_insert_node() prototypeJacob Satterfield1-13/+7
2023-09-27ima: rework CONFIG_IMA dependency blockArnd Bergmann1-12/+6
2023-09-26ima: Finish deprecation of IMA_TRUSTED_KEYRING KconfigOleksandr Tymoshenko1-2/+2
2023-09-15KEYS: encrypted: Do not include crypto/algapi.hHerbert Xu1-1/+1
2023-09-15evm: Do not include crypto/algapi.hHerbert Xu1-2/+1
2023-09-14lsm: constify 'sb' parameter in security_sb_kern_mount()Khadija Kamran2-2/+2
2023-09-14lsm: constify 'bprm' parameter in security_bprm_committed_creds()Khadija Kamran4-4/+4
2023-09-13lsm: constify 'bprm' parameter in security_bprm_committing_creds()Khadija Kamran3-3/+3
2023-09-13lsm: constify 'file' parameter in security_bprm_creds_from_file()Khadija Kamran2-3/+3
2023-09-13lsm: constify 'sb' parameter in security_quotactl()Khadija Kamran2-3/+3
2023-09-13selinux: hweight optimization in avtab_read_itemJacob Satterfield1-5/+2
2023-09-13selinux: improve role transition hashingChristian Göttsche1-1/+1
2023-09-13selinux: simplify avtab slot calculationChristian Göttsche1-7/+1
2023-09-13selinux: improve debug configurationChristian Göttsche2-0/+12
2023-09-13selinux: print sum of chain lengths^2 for hash tablesChristian Göttsche4-3/+9
2023-09-12selinux: fix handling of empty opts in selinux_fs_context_submount()Ondrej Mosnacek1-2/+8
2023-09-12selinux: Annotate struct sidtab_str_cache with __counted_byKees Cook1-1/+1
2023-09-08Merge tag 'landlock-6.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-1/+1
2023-09-04Merge tag 'tomoyo-pr-20230903' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds3-7/+5
2023-08-30Merge tag 'Smack-for-6.6' of https://github.com/cschaufler/smack-nextLinus Torvalds1-2/+2
2023-08-30Merge tag 'integrity-v6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds5-30/+16
2023-08-30Merge tag 'lsm-pr-20230829' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds9-83/+162
2023-08-30Merge tag 'selinux-pr-20230829' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds34-286/+276
2023-08-29Merge tag 'mm-stable-2023-08-28-18-26' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds1-5/+2
2023-08-29Merge tag 'net-next-6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds2-3/+3
2023-08-29Merge tag 'tpmdd-v6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkk...Linus Torvalds10-14/+94
2023-08-28Merge tag 's390-6.6-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/...Linus Torvalds1-2/+2
2023-08-28Merge tag 'hardening-v6.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds3-4/+26
2023-08-28Merge tag 'v6.6-vfs.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vf...Linus Torvalds3-0/+87
2023-08-28Merge tag 'v6.6-vfs.ctime' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds4-10/+16
2023-08-25LoadPin: Annotate struct dm_verity_loadpin_trusted_root_digest with __counted_byKees Cook1-2/+1
2023-08-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-1/+1
2023-08-22apparmor: fix invalid reference on profile->disconnectedGeorgia Garcia2-2/+4
2023-08-22Merge tag 'selinux-pr-20230821' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2023-08-21selinux: use vma_is_initial_stack() and vma_is_initial_heap()Kefeng Wang1-5/+2
2023-08-18selinux: set next pointer before attaching to listChristian Göttsche1-1/+1
2023-08-18integrity: Annotate struct ima_rule_opt_list with __counted_byKees Cook1-2/+2
2023-08-18s390/ipl: fix virtual vs physical address confusionAlexander Gordeev1-2/+2
2023-08-18landlock: Annotate struct landlock_rule with __counted_byKees Cook1-1/+1
2023-08-17KEYS: Replace all non-returning strlcpy with strscpyAzeem Shaikh1-1/+1
2023-08-17integrity: PowerVM support for loading third party code signing keysNayna Jain3-0/+30
2023-08-17integrity: PowerVM machine keyring enablementNayna Jain1-1/+3
2023-08-17integrity: check whether imputed trust is enabledNayna Jain4-6/+22
2023-08-17integrity: remove global variable from machine_keyring.cNayna Jain1-2/+2
2023-08-17integrity: ignore keys failing CA restrictions on non-UEFI platformNayna Jain1-1/+1
2023-08-17integrity: PowerVM support for loading CA keys on machine keyringNayna Jain3-0/+30
2023-08-17integrity: Enforce digitalSignature usage in the ima and evm keyringsEric Snowberg3-4/+6
2023-08-15selinux: prevent KMSAN warning in selinux_inet_conn_request()Andrew Kanner1-0/+1
2023-08-15hardening: Move BUG_ON_DATA_CORRUPTION to hardening optionsMarco Elver1-0/+10
2023-08-15list: Introduce CONFIG_LIST_HARDENEDMarco Elver1-0/+13
2023-08-15lsm: constify the 'file' parameter in security_binder_transfer_file()Khadija Kamran2-5/+5
2023-08-15vfs, security: Fix automount superblock LSM init problem, preventing NFS sb s...David Howells3-0/+87
2023-08-13tomoyo: remove unused function declarationGONG, Ruiqi1-2/+0
2023-08-10Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-1/+1
2023-08-09selinux: use unsigned iterator in nlmsgtab codeChristian Göttsche1-1/+2
2023-08-09selinux: avoid implicit conversions in policydb codeChristian Göttsche1-32/+37
2023-08-09selinux: avoid implicit conversions in selinuxfs codeChristian Göttsche1-7/+7
2023-08-09selinux: make left shifts well definedChristian Göttsche1-6/+6
2023-08-09selinux: update type for number of class permissions in services codeChristian Göttsche2-2/+2
2023-08-09selinux: avoid implicit conversions in avtab codeChristian Göttsche1-12/+12
2023-08-09selinux: revert SECINITSID_INIT supportPaul Moore6-64/+1
2023-08-08lsm: constify the 'target' parameter in security_capget()Khadija Kamran4-4/+4
2023-08-08apparmor: remove unused PROF_* macrosGONG, Ruiqi1-3/+0
2023-08-08apparmor: cleanup unused functions in file.hXiu Jianfeng1-37/+0
2023-08-08apparmor: cleanup unused declarations in policy.hXiu Jianfeng1-6/+0
2023-08-08apparmor: fixup return comments for kernel doc cleanups by Gaosheng CuiJohn Johansen2-4/+4
2023-08-08selinux: use GFP_KERNEL while reading binary policyChristian Göttsche1-5/+5
2023-08-08selinux: update comment on selinux_hooks[]Xiu Jianfeng1-4/+0
2023-08-07smackfs: Prevent underflow in smk_set_cipso()Dan Carpenter1-1/+1
2023-08-07security: smack: smackfs: fix typo (lables->labels)Tóth János1-1/+1
2023-08-07sysctl: set variable key_sysctls storage-class-specifier to staticTom Rix1-1/+1
2023-08-07kexec_lock: Replace kexec_mutex() by kexec_lock() in two commentsWenyu Liu1-1/+1
2023-08-05tomoyo: refactor deprecated strncpyJustin Stitt1-3/+2
2023-08-03selinux: avoid implicit conversions in services codeChristian Göttsche3-16/+18
2023-08-03selinux: avoid implicit conversions in mls codeChristian Göttsche1-4/+6
2023-08-03selinux: use identical iterator type in hashtab_duplicate()Christian Göttsche1-1/+2
2023-08-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-3/+8
2023-08-01ima: require signed IMA policy when UEFI secure boot is enabledCoiby Xu1-0/+3
2023-08-01integrity: Always reference the blacklist keyring with appraisalEric Snowberg2-17/+12
2023-08-01ima: Remove deprecated IMA_TRUSTED_KEYRING KconfigNayna Jain1-12/+0
2023-07-31lsm: add comment block for security_sk_classify_flow LSM hookKhadija Kamran1-0/+7
2023-07-28selinux: move debug functions into debug configurationChristian Göttsche5-3/+20
2023-07-28security: keys: perform capable check only on privileged operationsChristian Göttsche1-3/+8
2023-07-28selinux: log about VM being executable by defaultChristian Göttsche1-0/+2
2023-07-26security: Fix ret values doc for security_inode_init_security()Roberto Sassu1-2/+2
2023-07-24selinux: convert to ctime accessor functionsJeff Layton1-1/+1
2023-07-24security: convert to ctime accessor functionsJeff Layton1-1/+1
2023-07-24apparmor: convert to ctime accessor functionsJeff Layton2-5/+5
2023-07-23tomoyo: add format attributes to functionsChristian Göttsche2-2/+3
2023-07-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski2-12/+25
2023-07-20selinux: fix a 0/NULL mistmatch in ad_net_init_from_iif()Paul Moore1-1/+1
2023-07-20selinux: introduce SECURITY_SELINUX_DEBUG configurationChristian Göttsche2-4/+13
2023-07-19selinux: introduce and use lsm_ad_net_init*() helpersPaolo Abeni1-41/+43
2023-07-19selinux: update my email addressStephen Smalley25-25/+25
2023-07-19selinux: add missing newlines in pr_err() statementsChristian Göttsche2-4/+4
2023-07-19selinux: drop avtab_search()Christian Göttsche4-42/+8
2023-07-18selinux: de-brand SELinuxStephen Smalley4-11/+11
2023-07-18selinux: avoid implicit conversions regarding enforcing statusChristian Göttsche3-6/+7
2023-07-18selinux: fix implicit conversions in the symtabChristian Göttsche2-2/+2
2023-07-18selinux: use consistent type for AV rule specifierChristian Göttsche3-3/+3
2023-07-18selinux: avoid implicit conversions in the LSM hooksChristian Göttsche1-16/+10
2023-07-18selinux: avoid implicit conversions in the AVC codeChristian Göttsche1-7/+8
2023-07-18selinux: avoid implicit conversions in the netif codeChristian Göttsche1-2/+2
2023-07-18selinux: consistently use u32 as sequence number type in the status codeChristian Göttsche2-2/+2
2023-07-18selinux: avoid avtab overflowsChristian Göttsche1-2/+2
2023-07-18selinux: check for multiplication overflow in put_entry()Christian Göttsche1-2/+5
2023-07-17security: keys: Modify mismatched function nameJiapeng Chong1-1/+1
2023-07-17keys: Fix linking a duplicate key to a keyring's assoc_arrayPetr Pavlu1-11/+24
2023-07-14security: Constify sk in the sk_getsecid hook.Guillaume Nault2-3/+3
2023-07-10selinux: introduce an initial SID for early boot processesOndrej Mosnacek6-2/+65
2023-07-10selinux: cleanup the policycap accessor functionsPaul Moore1-24/+11
2023-07-10evm: Support multiple LSMs providing an xattrRoberto Sassu3-7/+37
2023-07-10evm: Align evm_inode_init_security() definition with LSM infrastructureRoberto Sassu2-8/+12
2023-07-10smack: Set the SMACK64TRANSMUTE xattr in smack_inode_init_security()Roberto Sassu2-18/+29
2023-07-10security: Allow all LSMs to provide xattrs for inode_init_security hookRoberto Sassu3-44/+71
2023-07-10lsm: fix typo in security_file_lock() comment headerPairman Guo1-1/+1
2023-07-10apparmor: Fix kernel-doc warnings in apparmor/policy.cGaosheng Cui1-7/+10
2023-07-10apparmor: Fix kernel-doc warnings in apparmor/policy_compat.cGaosheng Cui1-0/+1
2023-07-10apparmor: Fix kernel-doc warnings in apparmor/policy_unpack.cGaosheng Cui1-1/+1
2023-07-10apparmor: Fix kernel-doc warnings in apparmor/resource.cGaosheng Cui1-4/+4
2023-07-10apparmor: Fix kernel-doc warnings in apparmor/match.cGaosheng Cui1-2/+2
2023-07-10apparmor: Fix kernel-doc warnings in apparmor/lib.cGaosheng Cui1-2/+2
2023-07-10apparmor: Fix kernel-doc warnings in apparmor/label.cGaosheng Cui1-9/+11
2023-07-10apparmor: Fix kernel-doc warnings in apparmor/file.cGaosheng Cui1-3/+3
2023-07-10apparmor: Fix kernel-doc warnings in apparmor/domain.cGaosheng Cui1-4/+6
2023-07-10apparmor: Fix kernel-doc warnings in apparmor/capability.cGaosheng Cui1-2/+2
2023-07-10apparmor: Fix kernel-doc warnings in apparmor/audit.cGaosheng Cui1-0/+1
2023-07-10apparmor: update ctime whenever the mtime changes on an inodeJeff Layton2-6/+12
2023-07-09apparmor: use passed in gfp flags in aa_alloc_null()Dan Carpenter1-2/+2
2023-07-09apparmor: advertise availability of exended permsJohn Johansen1-0/+3
2023-07-09apparmor: remove unused macroGONG, Ruiqi1-1/+0
2023-07-09apparmor: make aa_set_current_onexec return voidQuanfa Fu3-6/+3
2023-07-07Merge tag 'apparmor-pr-2023-07-06' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds8-68/+110
2023-07-06apparmor: Fix kernel-doc header for verify_dfa_accept_indexJohn Johansen1-1/+1
2023-07-06apparmor: fix: kzalloc perms tables for shared dfasJohn Johansen2-4/+35
2023-07-06apparmor: fix profile verification and enable itJohn Johansen2-25/+27
2023-07-06apparmor: fix policy_compat permission remap with extended permissionsJohn Johansen1-12/+19
2023-07-06apparmor: aa_buffer: Convert 1-element array to flexible arrayKees Cook1-4/+4
2023-07-06apparmor: add missing failure check in compute_xmatch_permsJohn Johansen1-0/+2
2023-07-06apparmor: fix missing error check for rhashtable_insert_fastDanila Chernetsov1-2/+7
2023-07-06apparmor: Return directly after a failed kzalloc() in two functionsMarkus Elfring1-5/+5
2023-07-06AppArmor: Fix some kernel-doc commentsYang Li1-1/+1
2023-07-06apparmor: fix use of strcpy in policy_unpack_testRae Moar1-7/+6
2023-07-04Merge tag 'core_guards_for_6.5_rc1' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds1-3/+3
2023-06-30Merge tag 'powerpc-6.5-1' of git://git.kernel.org/pub/scm/linux/kernel/git/po...Linus Torvalds1-14/+26
2023-06-29Merge tag 'slab-for-6.5' of git://git.kernel.org/pub/scm/linux/kernel/git/vba...Linus Torvalds1-8/+0
2023-06-28Merge tag 'v6.5-rc1-sysctl-next' of git://git.kernel.org/pub/scm/linux/kernel...Linus Torvalds1-0/+7
2023-06-28Merge tag 'mm-stable-2023-06-24-19-15' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds1-1/+1
2023-06-27Merge tag 'Smack-for-6.5' of https://github.com/cschaufler/smack-nextLinus Torvalds2-16/+48
2023-06-27Merge tag 'integrity-v6.5' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds7-16/+32
2023-06-27Merge tag 'lsm-pr-20230626' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds5-16/+15
2023-06-27Merge tag 'selinux-pr-20230626' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds21-92/+144
2023-06-27Merge tag 'landlock-6.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-1/+1
2023-06-26Merge tag 'fsverity-for-linus' of git://git.kernel.org/pub/scm/fs/fsverity/linuxLinus Torvalds1-19/+12
2023-06-26apparmor: Free up __cleanup() namePeter Zijlstra1-3/+3
2023-06-21device_cgroup: Fix kernel-doc warnings in device_cgroupGaosheng Cui1-1/+0
2023-06-21security/integrity: fix pointer to ESL data and its size on pseriesNayna Jain1-14/+26
2023-06-20SafeSetID: fix UID printed instead of GIDAlexander Mikhalitsyn1-1/+1
2023-06-14fsverity: rework fsverity_get_digest() againEric Biggers1-19/+12
2023-06-12hostfs: Fix ephemeral inodesMickaël Salaün1-1/+1
2023-06-09mm/gup: remove vmas parameter from get_user_pages_remote()Lorenzo Stoakes1-1/+1
2023-06-08sysctl: move security keys sysctl registration to its own fileLuis Chamberlain1-0/+7
2023-06-06ima: Fix build warningsRoberto Sassu2-1/+5
2023-06-06evm: Fix build warningsRoberto Sassu2-2/+2
2023-06-05selinux: avoid bool as identifier nameChristian Göttsche2-5/+5
2023-06-05evm: Complete description of evm_inode_setattr()Roberto Sassu1-0/+2
2023-06-02selinux: fix Makefile for versions of make < v4.3Paul Moore1-3/+14
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-09 09:22:25 +0000