aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2022-06-04Merge tag 'pull-18-rc1-work.mount' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-0/+1
2022-05-25Merge tag 'linux-kselftest-kunit-5.19-rc1' of git://git.kernel.org/pub/scm/li...Linus Torvalds1-3/+3
2022-05-24Merge tag 'integrity-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds16-52/+395
2022-05-24Merge tag 'tpmdd-next-v5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel...Linus Torvalds6-43/+174
2022-05-24Merge tag 'Smack-for-5.19' of https://github.com/cschaufler/smack-nextLinus Torvalds1-1/+0
2022-05-24Merge tag 'landlock-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds14-286/+848
2022-05-24Merge tag 'selinux-pr-20220523' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds21-81/+93
2022-05-24Merge tag 'kernel-hardening-v5.19-rc1' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds5-58/+115
2022-05-24lockdown: also lock down previous kgdb useDaniel Thompson1-0/+2
2022-05-23smack: Remove redundant assignmentsMichal Orzel1-1/+0
2022-05-23KEYS: trusted: Introduce support for NXP CAAM-based trusted keysAhmad Fatoum4-2/+97
2022-05-23KEYS: trusted: allow use of kernel RNG for key materialAhmad Fatoum1-1/+34
2022-05-23KEYS: trusted: allow use of TEE as backend without TCG_TPM supportAhmad Fatoum4-17/+42
2022-05-23certs: Factor out the blacklist hash creationMickaël Salaün1-24/+2
2022-05-23landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFERMickaël Salaün3-76/+528
2022-05-23LSM: Remove double path_rename hook calls for RENAME_EXCHANGEMickaël Salaün4-15/+46
2022-05-23landlock: Move filesystem helpers and add a new oneMickaël Salaün1-41/+46
2022-05-23landlock: Fix same-layer rule unionsMickaël Salaün2-26/+54
2022-05-23landlock: Create find_rule() from unmask_layers()Mickaël Salaün1-13/+28
2022-05-23landlock: Reduce the maximum number of layers to 16Mickaël Salaün3-11/+12
2022-05-23landlock: Define access_mask_t to enforce a consistent access mask sizeMickaël Salaün5-15/+30
2022-05-23landlock: Change landlock_restrict_self(2) check orderingMickaël Salaün1-4/+4
2022-05-23landlock: Change landlock_add_rule(2) argument check orderingMickaël Salaün1-9/+13
2022-05-23landlock: Fix landlock_add_rule(2) documentationMickaël Salaün1-4/+3
2022-05-19move mount-related externs from fs.h to mount.hAl Viro1-0/+1
2022-05-17selinux: fix bad cleanup on error in hashtab_duplicate()Ondrej Mosnacek1-1/+2
2022-05-16loadpin: stop using bdevnameChristoph Hellwig1-4/+1
2022-05-16big_keys: Use struct for internal payloadKees Cook1-37/+36
2022-05-16integrity: Fix sparse warnings in keyring_handlerStefan Berger1-3/+3
2022-05-16evm: Clean up some variablesStefan Berger2-4/+1
2022-05-16evm: Return INTEGRITY_PASS for enum integrity_status value '0'Stefan Berger1-1/+1
2022-05-15efi: Do not import certificates from UEFI Secure Boot for T2 MacsAditya Garg2-0/+41
2022-05-13security: declare member holding string literal constChristian Göttsche1-1/+1
2022-05-09landlock: Format with clang-formatMickaël Salaün10-136/+142
2022-05-09landlock: Add clang-format exceptionsMickaël Salaün2-0/+6
2022-05-08randstruct: Enable Clang supportKees Cook1-2/+12
2022-05-08randstruct: Move seed generation into scripts/basic/Kees Cook1-4/+5
2022-05-08randstruct: Reorganize Kconfigs and attribute macrosKees Cook1-0/+62
2022-05-05ima: support fs-verity file digest based version 3 signaturesMimi Zohar5-16/+177
2022-05-05ima: permit fsverity's file digests in the IMA measurement listMimi Zohar5-8/+90
2022-05-05ima: define a new template field named 'd-ngv2' and templatesMimi Zohar3-11/+73
2022-05-03selinux: log anon inode class nameChristian Göttsche2-2/+5
2022-05-03selinux: declare data arrays constChristian Göttsche9-26/+24
2022-05-03selinux: fix indentation level of mls_ops blockChristian Göttsche1-21/+21
2022-05-03selinux: include necessary headers in headersChristian Göttsche6-1/+12
2022-05-03selinux: avoid extra semicolonChristian Göttsche1-9/+9
2022-05-03selinux: update parameter documentationChristian Göttsche2-1/+2
2022-05-03selinux: resolve checkpatch errorsChristian Göttsche3-18/+9
2022-05-01ima: use IMA default hash algorithm for integrity violationsMimi Zohar1-1/+1
2022-05-01ima: fix 'd-ng' comments and documentationMimi Zohar1-3/+5
2022-04-14selinux: don't sleep when CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE is truePaul Moore2-3/+3
2022-04-13security: don't treat structure as an array of struct hlist_headBill Wendling1-5/+4
2022-04-13usercopy: Remove HARDENED_USERCOPY_PAGESPANMatthew Wilcox (Oracle)1-12/+1
2022-04-07ima: remove the IMA_TEMPLATE Kconfig optionGUO Zihua1-8/+6
2022-04-04apparmor: test: Use NULL macrosRicardo Ribalda1-3/+3
2022-04-04ima: remove redundant initialization of pointer 'file'.Colin Ian King1-1/+1
2022-04-04selinux: checkreqprot is deprecated, add some ssleep() discomfortPaul Moore3-3/+11
2022-04-04selinux: runtime disable is deprecated, add some ssleep() discomfortPaul Moore1-0/+2
2022-04-04selinux: Remove redundant assignmentsMichal Orzel3-4/+2
2022-03-31Merge tag 'hardening-v5.18-rc1-fix1' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds1-1/+1
2022-03-28Merge tag 'ptrace-cleanups-for-v5.18' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds2-2/+0
2022-03-27Merge tag 'landlock-5.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-1/+1
2022-03-26Merge tag 'memcpy-v5.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-2/+3
2022-03-24Merge tag 'drm-next-2022-03-24' of git://anongit.freedesktop.org/drm/drmLinus Torvalds3-16/+6
2022-03-24usercopy: Disable CONFIG_HARDENED_USERCOPY_PAGESPANKees Cook1-1/+1
2022-03-24Merge tag 'net-next-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/ne...Linus Torvalds3-20/+45
2022-03-24Merge tag 'tomoyo-pr-20220322' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds1-2/+2
2022-03-23Merge tag 'arm-drivers-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-14/+9
2022-03-21Merge tag 'selinux-pr-20220321' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds19-214/+223
2022-03-21Merge tag 'integrity-v5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds10-58/+116
2022-03-21Merge tag 'Smack-for-5.18' of https://github.com/cschaufler/smack-nextLinus Torvalds1-1/+1
2022-03-21Merge tag 'hardening-v5.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-0/+10
2022-03-21Merge tag 'for-5.18/block-2022-03-18' of git://git.kernel.dk/linux-blockLinus Torvalds1-1/+0
2022-03-21Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-1/+1
2022-03-10ima: Always return a file measurement in ima_file_hash()Roberto Sassu1-13/+33
2022-03-10ima: Fix documentation-related warnings in ima_main.cRoberto Sassu1-5/+6
2022-03-10tracehook: Remove tracehook.hEric W. Biederman2-2/+0
2022-03-08integrity: Only use machine keyring when uefi_check_trust_mok_keys is trueEric Snowberg4-2/+23
2022-03-08integrity: Trust MOK keys if MokListTrustedRT foundEric Snowberg1-0/+19
2022-03-08KEYS: store reference to machine keyringEric Snowberg1-0/+2
2022-03-08integrity: add new keyring handler for mok keysEric Snowberg3-3/+23
2022-03-08integrity: Introduce a Linux keyring called machineEric Snowberg5-3/+78
2022-03-08integrity: Fix warning about missing prototypesEric Snowberg1-0/+1
2022-03-08KEYS: trusted: Avoid calling null function trusted_key_exitDave Kleikamp1-1/+1
2022-03-08KEYS: trusted: Fix trusted key backends when building as moduleAndreas Rammhold1-2/+2
2022-03-08KEYS: fix length validation in keyctl_pkey_params_get_2()Eric Biggers1-3/+11
2022-03-03net: rtnetlink: Add RTM_SETSTATSPetr Machata1-0/+1
2022-03-03crypto: dh - constify struct dh's pointer membersNicolai Stange1-1/+1
2022-03-02selinux: shorten the policy capability enum namesPaul Moore5-24/+24
2022-03-01rtnetlink: add new rtm tunnel api for tunnel id filteringRoopa Prabhu1-1/+4
2022-02-28Fix incorrect type in assignment of ipv6 port for auditCasey Schaufler1-1/+1
2022-02-28Backmerge tag 'v5.17-rc6' into drm-nextDave Airlie1-2/+2
2022-02-25selinux: allow FIOCLEX and FIONCLEX with policy capabilityRichard Haines4-1/+16
2022-02-25Merge tag 'tee-shm-for-v5.18' of git://git.linaro.org:/people/jens.wiklander/...Arnd Bergmann1-14/+9
2022-02-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-2/+2
2022-02-25Merge tag 'drm-misc-next-2022-02-23' of git://anongit.freedesktop.org/drm/drm...Dave Airlie3-16/+6
2022-02-23Merge tag 'selinux-pr-20220223' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-2/+2
2022-02-24TOMOYO: fix __setup handlers return valuesRandy Dunlap1-2/+2
2022-02-22EVM: fix the evm= __setup handler return valueRandy Dunlap1-1/+1
2022-02-22selinux: fix misuse of mutex_is_locked()Ondrej Mosnacek1-2/+2
2022-02-21KEYS: encrypted: Instantiate key with user-provided decrypted dataYael Tzur2-23/+67
2022-02-18selinux: use correct type for context lengthChristian Göttsche1-1/+1
2022-02-18selinux: drop return statement at end of void functionsChristian Göttsche5-8/+0
2022-02-16KEYS: trusted: tee: use tee_shm_register_kernel_buf()Jens Wiklander1-14/+9
2022-02-15security: implement sctp_assoc_established hook in selinuxOndrej Mosnacek1-24/+66
2022-02-15security: add sctp_assoc_established hookOndrej Mosnacek1-0/+7
2022-02-15ima: define ima_max_digest_data struct without a flexible array variableMimi Zohar5-18/+17
2022-02-15ima: rename IMA_ACTION_FLAGS to IMA_NONACTION_FLAGSMimi Zohar3-4/+4
2022-02-15ima: Return error code obtained from securityfs functionsStefan Berger1-8/+23
2022-02-15ima: Fix trivial typos in the commentsAustin Kim4-4/+4
2022-02-13fortify: Add Clang supportKees Cook1-2/+3
2022-02-10Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski5-10/+27
2022-02-07tomoyo: Use str_yes_no()Lucas De Marchi3-16/+6
2022-02-07Merge tag 'integrity-v5.17-fix' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-10/+27
2022-02-06gcc-plugins/stackleak: Provide verbose modeKees Cook1-0/+10
2022-02-04selinux: parse contexts for mount options earlyOndrej Mosnacek1-149/+53
2022-02-04landlock: Use square brackets around "landlock-ruleset"Christian Brauner1-1/+1
2022-02-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski2-3/+15
2022-02-03Merge tag 'selinux-pr-20220203' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+2
2022-02-02ima: Do not print policy rule with inactive LSM labelsStefan Berger1-0/+8
2022-02-02ima: Allow template selection with ima_template[_fmt]= after ima_hash=Roberto Sassu1-3/+7
2022-02-02ima: Remove ima_policy file before directoryStefan Berger1-1/+1
2022-02-02integrity: check the return value of audit_log_start()Xiaoke Wang1-0/+2
2022-02-02selinux: fix double free of cond_list on error pathsVratislav Bendel1-1/+2
2022-02-02block: remove genhd.hChristoph Hellwig1-1/+0
2022-02-01selinux: various sparse fixesPaul Moore4-7/+8
2022-02-01selinux: try to use preparsed sid before calling parse_sid()Scott Mayhew1-29/+59
2022-02-01selinux: Fix selinux_sb_mnt_opts_compat()Scott Mayhew1-34/+41
2022-01-29Merge tag 'fixes-v5.17-lsm-ceph-null' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds1-2/+13
2022-01-28security, lsm: dentry_init_security() Handle multi LSM registrationVivek Goyal1-2/+13
2022-01-27LSM: general protection fault in legacy_parse_paramCasey Schaufler2-5/+17
2022-01-27selinux: fix a type cast problem in cred_init_security()Paul Moore1-1/+1
2022-01-26selinux: drop unused macroChristian Göttsche1-2/+0
2022-01-26selinux: simplify cred_init_securityChristian Göttsche1-2/+1
2022-01-26selinux: do not discard const qualifier in castChristian Göttsche1-2/+2
2022-01-26selinux: drop unused parameter of avtab_insert_nodeChristian Göttsche1-3/+3
2022-01-26selinux: drop cast to same typeChristian Göttsche1-1/+1
2022-01-26selinux: enclose macro arguments in parenthesisChristian Göttsche3-7/+7
2022-01-26selinux: declare name parameter of hash_eval constChristian Göttsche1-1/+1
2022-01-25selinux: declare path parameters of _genfs_sid constChristian Göttsche2-5/+5
2022-01-25selinux: check return value of sel_make_avc_filesChristian Göttsche1-0/+2
2022-01-25selinux: access superblock_security_struct in LSM blob wayGONG, Ruiqi1-2/+2
2022-01-24Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextJakub Kicinski1-1/+1
2022-01-24ima: fix reference leak in asymmetric_verify()Eric Biggers1-6/+9
2022-01-19bpf: Make BPF_PROG_RUN_ARRAY return -err instead of allow booleanYiFei Zhu1-1/+1
2022-01-11Merge tag 'fs.idmapped.v5.17' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-6/+9
2022-01-11Merge tag 'integrity-v5.17' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2-3/+8
2022-01-11Merge tag 'selinux-pr-20220110' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds9-109/+49
2022-01-11Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds2-111/+21
2022-01-05ima: silence measurement list hexdump during kexecBruno Meneguele1-3/+3
2021-12-31Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextDavid S. Miller1-0/+1
2021-12-28Merge tag 'selinux-pr-20211228' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2021-12-27selinux: initialize proto variable in selinux_ip_postroute_compat()Tom Rix1-1/+1
2021-12-24integrity: Do not load MOK and MOKx when secure boot be disabledLee, Chun-Yi1-0/+5
2021-12-22Merge tag 'tomoyo-pr-20211222' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds1-17/+14
2021-12-21selinux: minor tweaks to selinux_add_opt()Paul Moore1-8/+10
2021-12-21selinux: fix potential memleak in selinux_add_opt()Bernard Zhao1-2/+10
2021-12-16add missing bpf-cgroup.h includesJakub Kicinski1-0/+1
2021-12-16selinux: fix sleeping function called from invalid contextScott Mayhew1-14/+19
2021-12-15tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()Tetsuo Handa1-10/+7
2021-12-15tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().Dmitry Vyukov1-7/+7
2021-12-06security,selinux: remove security_add_mnt_opt()Ondrej Mosnacek2-47/+0
2021-12-05selinux: Use struct_size() helper in kmalloc()Xiu Jianfeng2-3/+3
2021-12-05fs: support mapped mounts of mapped filesystemsChristian Brauner1-5/+4
2021-12-03fs: use low-level mapping helpersChristian Brauner1-5/+8
2021-12-03fs: move mapping helpersChristian Brauner1-0/+1
2021-11-26security: DH - use KDF implementation from crypto APIStephan Müller2-92/+19
2021-11-26security: DH - remove dead code for zero paddingStephan Müller1-21/+4
2021-11-22lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()Paul Moore7-51/+28
2021-11-19selinux: fix NULL-pointer dereference when hashtab allocation failsOndrej Mosnacek1-5/+12
2021-11-12net,lsm,selinux: revert the security_sctp_assoc_established() hookPaul Moore2-20/+1
2021-11-11Merge tag 'apparmor-pr-2021-11-10' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds11-66/+90
2021-11-11Merge tag 'net-5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds4-26/+45
2021-11-06Merge branch 'akpm' (patches from Andrew)Linus Torvalds1-14/+0
2021-11-06mm: remove HARDENED_USERCOPY_FALLBACKStephen Kitt1-14/+0
2021-11-03apparmor: remove duplicated 'Returns:' commentsAustin Kim1-2/+0
2021-11-03apparmor: remove unneeded one-line hook wrappersFlorian Westphal1-18/+2
2021-11-03apparmor: Use struct_size() helper in kzalloc()Gustavo A. R. Silva2-4/+2
2021-11-03security: implement sctp_assoc_established hook in selinuxXin Long1-1/+13
2021-11-03security: add sctp_assoc_established hookXin Long1-0/+7
2021-11-03security: pass asoc to sctp_assoc_request and sctp_sk_cloneXin Long4-26/+26
2021-11-03apparmor: fix zero-length compiler warning in AA_BUG()John Johansen1-1/+6
2021-11-03apparmor: use per file locks for transactional queriesHamza Mahfooz1-6/+5
2021-11-03apparmor: fix doc warningChenXiaoSong1-1/+1
2021-11-03apparmor: Remove the repeated declarationShaokun Zhang1-4/+0
2021-11-03apparmor: avoid -Wempty-body warningArnd Bergmann1-1/+1
2021-11-02Merge tag 'integrity-v5.16' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds3-45/+202
2021-11-01Merge tag 'audit-pr-20211101' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-1/+1
2021-11-01Merge tag 'selinux-pr-20211101' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds10-255/+272
2021-11-01Merge tag 'Smack-for-5.16' of https://github.com/cschaufler/smack-nextLinus Torvalds3-44/+34
2021-11-01Merge tag 'overflow-v5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-0/+3
2021-11-01Merge tag 'hardening-v5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-4/+10
2021-11-01apparmor: Fix internal policy capable check for policy managementJohn Johansen1-1/+1
2021-10-28evm: mark evm_fixmode as __ro_after_initAustin Kim1-1/+1
2021-10-22smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doiTetsuo Handa1-1/+1
2021-10-22smackfs: use __GFP_NOFAIL for smk_cipso_doi()Tetsuo Handa1-3/+1
2021-10-21Merge branch 'ucount-fixes-for-v5.15' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds1-0/+8
2021-10-21gcc-plugins: Explicitly document purpose and deprecation scheduleKees Cook1-3/+6
2021-10-20ucounts: Move get_ucounts from cred_alloc_blank to key_change_session_keyringEric W. Biederman1-0/+8
2021-10-20security: Return xattr name from security_dentry_init_security()Vivek Goyal2-4/+9
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-16 14:17:27 +0000