aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2022-12-23Merge tag 'hardening-v6.2-rc1-fixes' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2-12/+21
2022-12-21Merge tag 'fs.vfsuid.ima.v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-0/+24
2022-12-14security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6Nathan Chancellor1-0/+3
2022-12-14LoadPin: Ignore the "contents" argument of the LSM hooksKees Cook1-12/+18
2022-12-14Merge tag 'apparmor-pr-2022-12-14' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds35-914/+1632
2022-12-13Merge tag 'integrity-v6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds7-25/+57
2022-12-13Merge tag 'lsm-pr-20221212' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds14-80/+131
2022-12-13Merge tag 'selinux-pr-20221212' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-47/+52
2022-12-13Merge tag 'landlock-6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds8-57/+213
2022-12-13mnt_idmapping: move ima-only helpers to imaChristian Brauner1-0/+24
2022-12-12Merge tag 'fs.vfsuid.conversion.v6.2' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds5-54/+68
2022-12-12Merge tag 'fs.acl.rework.v6.2' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds5-65/+225
2022-12-12Merge tag 'pull-iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-2/+2
2022-12-12Merge tag 'linux-kselftest-kunit-next-6.2-rc1' of git://git.kernel.org/pub/sc...Linus Torvalds5-168/+196
2022-12-12apparmor: test: make static symbols visible during kunit testingRae Moar5-168/+196
2022-12-08KEYS: trusted: tee: Make registered shm dependency explicitSumit Garg1-1/+2
2022-11-28ima: Fix hash dependency to correct algorithmTianjia Zhang1-1/+1
2022-11-25use less confusing names for iov_iter direction initializersAl Viro1-2/+2
2022-11-18lsm,fs: fix vfs_getxattr_alloc() return type and caller error pathsPaul Moore8-31/+34
2022-11-16device_cgroup: Roll back to original exceptions after copy failureWang Weiyang1-4/+29
2022-11-16LSM: Better reporting of actual LSMs at bootKees Cook1-9/+36
2022-11-16ima: Fix misuse of dereference of pointer in template_desc_init_fields()Xiu Jianfeng1-2/+2
2022-11-16integrity: Fix memory leakage in keyring allocation error pathGUO Zihua1-1/+5
2022-11-09selinux: remove the sidtab context conversion indirect callsPaul Moore4-44/+45
2022-11-04lsm: make security_socket_getpeersec_stream() sockptr_t safePaul Moore4-35/+32
2022-11-03ima: Fix memory leak in __ima_inode_hash()Roberto Sassu1-1/+6
2022-11-02ima: Handle -ESTALE returned by ima_filter_rule_match()GUO Zihua1-9/+32
2022-11-02ima: Simplify ima_lsm_copy_ruleGUO Zihua1-7/+3
2022-11-02ima: Fix a potential NULL pointer access in ima_restore_measurement_listHuaxin Lu1-1/+4
2022-11-01apparmor: Fix uninitialized symbol 'array_size' in policy_unpack_test.cJohn Johansen1-2/+2
2022-11-01apparmor: Add __init annotation to aa_{setup/teardown}_dfa_engine()Xiu Jianfeng1-2/+2
2022-11-01efi: Add iMac Pro 2017 to uefi skip cert quirkAditya Garg1-0/+1
2022-11-01apparmor: Fix memleak in alloc_ns()Xiu Jianfeng1-1/+1
2022-10-31Merge tag 'lsm-pr-20221031' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-2/+4
2022-10-28evm: remove dead code in evm_inode_set_acl()Christian Brauner1-3/+2
2022-10-28capabilities: fix potential memleak on error path from vfs_getxattr_alloc()Gaosheng Cui1-2/+4
2022-10-28audit: Fix some kernel-doc warningsBo Liu1-0/+1
2022-10-26ima: use type safe idmapping helpersChristian Brauner1-16/+18
2022-10-26apparmor: use type safe idmapping helpersChristian Brauner3-13/+24
2022-10-26caps: use type safe idmapping helpersChristian Brauner1-25/+26
2022-10-25apparmor: Fix memleak issue in unpack_profile()Xiu Jianfeng1-3/+12
2022-10-25apparmor: fix a memleak in free_ruleset()Gaosheng Cui1-0/+1
2022-10-25apparmor: Fix spelling of function name in comment blockYang Li1-1/+1
2022-10-25apparmor: Use pointer to struct aa_label for lbs_credXiu Jianfeng1-2/+2
2022-10-25AppArmor: Fix kernel-docJiapeng Chong1-1/+1
2022-10-25LSM: Fix kernel-docJiapeng Chong1-1/+1
2022-10-25AppArmor: Fix kernel-docJiapeng Chong1-1/+1
2022-10-25apparmor: Fix loading of child before parentJohn Johansen1-9/+78
2022-10-24apparmor: refactor code that alloc null profilesJohn Johansen4-28/+43
2022-10-24apparmor: fix obsoleted comments for aa_getprocattr() and audit_resource()Gaosheng Cui2-6/+7
2022-10-24apparmor: remove useless static inline functionsGaosheng Cui2-19/+0
2022-10-20evm: remove evm_xattr_acl_change()Christian Brauner1-64/+0
2022-10-20integrity: implement get and set acl hookChristian Brauner3-3/+110
2022-10-20smack: implement get, set and remove acl hookChristian Brauner1-0/+71
2022-10-20selinux: implement get, set and remove acl hookChristian Brauner1-0/+22
2022-10-20security: add get, remove and set acl hookChristian Brauner1-0/+25
2022-10-19KEYS: encrypted: fix key instantiation with user-provided dataNikolaus Voss1-3/+3
2022-10-19selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()GONG, Ruiqi3-5/+6
2022-10-19landlock: Support file truncationGünther Noack6-12/+132
2022-10-19landlock: Document init_layer_masks() helperGünther Noack1-0/+13
2022-10-19landlock: Refactor check_access_path_dual() into is_access_to_paths_allowed()Günther Noack1-45/+44
2022-10-19security: Create file_truncate hook from path_truncate hookGünther Noack3-0/+24
2022-10-17selinux: increase the deprecation sleep for checkreqprot and runtime disablePaul Moore1-2/+2
2022-10-10Merge tag 'mm-stable-2022-10-08' of git://git.kernel.org/pub/scm/linux/kernel...Linus Torvalds1-0/+4
2022-10-10apparmor: Fix unpack_profile() warn: passing zero to 'ERR_PTR'John Johansen1-5/+16
2022-10-10Merge tag 'tpmdd-next-v6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2022-10-10apparmor: fix uninitialize table variable in error in unpack_trans_tableJohn Johansen1-1/+1
2022-10-09Merge tag 'powerpc-6.1-1' of git://git.kernel.org/pub/scm/linux/kernel/git/po...Linus Torvalds1-0/+2
2022-10-06Merge tag 'pull-path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds4-5/+5
2022-10-06Merge tag 'pull-tomoyo' of git://git.kernel.org/pub/scm/linux/kernel/git/viro...Linus Torvalds4-10/+5
2022-10-05security/keys: Remove inconsistent __user annotationVincenzo Frascino1-1/+1
2022-10-04Merge tag 'net-next-6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds1-2/+0
2022-10-04Merge tag 'landlock-6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds2-21/+21
2022-10-04apparmor: store return value of unpack_perms_table() to signed variableMuhammad Usama Anjum1-4/+8
2022-10-03Merge tag 'fs.acl.rework.prep.v6.1' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds1-3/+14
2022-10-03Merge tag 'lsm-pr-20221003' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds5-14/+18
2022-10-03Merge tag 'selinux-pr-20221003' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds6-53/+46
2022-10-03Merge tag 'integrity-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds2-5/+9
2022-10-03Merge tag 'Smack-for-6.1' of https://github.com/cschaufler/smack-nextLinus Torvalds2-12/+17
2022-10-03Merge tag 'hardening-v6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds3-6/+31
2022-10-03apparmor: Fix kunit test for out of bounds arrayJohn Johansen1-2/+1
2022-10-03apparmor: Fix decompression of rawdata for read back to userspaceJohn Johansen2-4/+5
2022-10-03apparmor: Fix undefined references to zstd_ symbolsJohn Johansen3-5/+15
2022-10-03apparmor: make sure the decompression ctx is promperly initializedJohn Johansen1-1/+5
2022-10-03apparmor: Remove unnecessary size check when unpacking trans_tableJohn Johansen1-3/+7
2022-10-03apparmor: Fix doc comment for compute_fpermsJohn Johansen1-2/+2
2022-10-03apparmor: make __aa_path_perm() staticXiu Jianfeng2-6/+4
2022-10-03apparmor: Simplify obtain the newest label on a credGaosheng Cui2-14/+1
2022-10-03apparmor: Fix regression in stacking due to label flagsJohn Johansen1-5/+7
2022-10-03apparmor: fix aa_class_names[] to match reserved classesJohn Johansen1-1/+16
2022-10-03apparmor: rework profile->rules to be a listJohn Johansen15-57/+142
2022-10-03apparmor: refactor profile rules and attachmentsJohn Johansen18-239/+308
2022-10-03apparmor: verify loaded permission bits masks don't overlapJohn Johansen1-4/+30
2022-10-03apparmor: cleanup: move perm accumulation into perms.hJohn Johansen2-52/+53
2022-10-03apparmor: make sure perm indexes are accumulatedJohn Johansen3-2/+25
2022-10-03apparmor: verify permission table indexesJohn Johansen1-1/+34
2022-10-03apparmor: add the ability for policy to specify a permission tableJohn Johansen2-11/+98
2022-10-03apparmor: make unpack_array return a trianary valueJohn Johansen2-22/+33
2022-10-03apparmor: group dfa policydb unpackingJohn Johansen1-38/+63
2022-10-03apparmor: make transition table unpack generic so it can be reusedJohn Johansen1-10/+12
2022-10-03apparmor: add user mode flagJohn Johansen5-5/+9
2022-10-03apparmor: add mediation class information to auditingJohn Johansen14-13/+48
2022-10-03apparmor: extend permissions to support a label and tag stringJohn Johansen7-27/+32
2022-10-03apparmor: isolate policy backwards compatibility to its own fileJohn Johansen5-287/+359
2022-10-03apparmor: extend xindex sizeJohn Johansen3-17/+16
2022-10-03apparmor: move dfa perm macros into policy_unpackJohn Johansen2-51/+49
2022-10-03apparmor: extend policydb permission set by making use of the xbitsJohn Johansen1-4/+27
2022-10-03apparmor: fix apparmor mediating locking non-fs unix socketsJohn Johansen1-4/+9
2022-10-03apparmor: Fix abi check to include v8 abiJohn Johansen1-1/+1
2022-10-03apparmor: preparse for state being more than just an integerJohn Johansen15-102/+101
2022-10-03apparmor: convert policy lookup to use accept as an indexJohn Johansen7-24/+33
2022-10-03apparmor: cleanup shared permission structJohn Johansen2-12/+9
2022-10-03apparmor: convert xmatch lookup to use accept as an indexJohn Johansen2-4/+7
2022-10-03apparmor: convert fperm lookup to use accept as an indexJohn Johansen2-19/+44
2022-10-03apparmor: convert xmatch to using the new shared policydb structJohn Johansen6-29/+28
2022-10-03apparmor: combine file_rules and aa_policydb into a single shared structJohn Johansen7-59/+40
2022-10-03apparmor: compute policydb permission on profile loadJohn Johansen9-86/+90
2022-10-03apparmor: convert xmatch to use aa_perms structureJohn Johansen3-7/+13
2022-10-03apparmor: rework and cleanup fperm computationJohn Johansen1-32/+38
2022-10-03apparmor: move fperm computation into policy_unpackJohn Johansen3-98/+98
2022-10-03apparmor: compute xmatch permissions on profile loadMike Salvatore4-3/+26
2022-10-03apparmor: compute file permissions on profile loadMike Salvatore5-48/+110
2022-10-03apparmor: expose compression level limits in sysfsJon Tourville1-0/+16
2022-10-03apparmor: use zstd compression for profile dataJon Tourville4-102/+81
2022-10-03apparmor: reserve mediation classesJohn Johansen1-1/+8
2022-10-03apparmor: fix lockdep warning when removing a namespaceJohn Johansen1-1/+1
2022-10-03apparmor: fix a memleak in multi_transaction_new()Gaosheng Cui1-1/+3
2022-10-03security: kmsan: fix interoperability with auto-initializationAlexander Potapenko1-0/+4
2022-10-03Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextJakub Kicinski1-2/+0
2022-09-30efi: Correct Macmini DMI match in uefi cert quirkOrlando Chamberlain1-1/+1
2022-09-29hardening: Remove Clang's enable flag for -ftrivial-auto-var-init=zeroKees Cook1-4/+10
2022-09-29landlock: Fix documentation styleMickaël Salaün1-20/+20
2022-09-29landlock: Slightly improve documentation and fix spellingMickaël Salaün1-1/+1
2022-09-28powerpc/rtas: block error injection when locked downNathan Lynch1-0/+1
2022-09-28powerpc/pseries: block untrusted device tree changes when locked downNathan Lynch1-0/+1
2022-09-27smack: cleanup obsolete mount option flagsXiu Jianfeng1-9/+0
2022-09-27smack: lsm: remove the unneeded result variableXu Panda1-3/+1
2022-09-27SMACK: Add sk_clone_security LSM hookLontke Michael1-0/+16
2022-09-21KEYS: Move KEY_LOOKUP_ to include/linux/key.h and define KEY_LOOKUP_ALLRoberto Sassu1-2/+0
2022-09-14selinux: remove the unneeded result variableXu Panda1-15/+9
2022-09-14lockdown: ratelimit denial messagesNathan Lynch1-1/+1
2022-09-07LoadPin: Require file with verity root digests to have a headerMatthias Kaehlcke2-2/+21
2022-09-07LoadPin: Fix Kconfig doc about format of file with verity digestsMatthias Kaehlcke1-1/+1
2022-09-02Merge tag 'landlock-6.0-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-23/+25
2022-09-02landlock: Fix file reparenting without explicit LANDLOCK_ACCESS_FS_REFERMickaël Salaün1-23/+25
2022-09-01->getprocattr(): attribute name is const char *, TYVM...Al Viro4-5/+5
2022-08-31Merge tag 'lsm-pr-20220829' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds4-1/+61
2022-08-31acl: move idmapping handling into posix_acl_xattr_set()Christian Brauner1-3/+14
2022-08-30selinux: declare read-only parameters constChristian Göttsche4-29/+31
2022-08-30selinux: use int arrays for boolean valuesChristian Göttsche1-5/+5
2022-08-30selinux: remove an unneeded variable in sel_make_class_dir_entries()ye xingchen1-4/+1
2022-08-26Smack: Provide read control for io_uring_cmdCasey Schaufler1-0/+32
2022-08-26selinux: implement the security_uring_cmd() LSM hookPaul Moore2-1/+25
2022-08-26lsm,io_uring: add LSM hooks for the new uring_cmd file opLuis Chamberlain1-0/+4
2022-08-23ima: fix blocking of security.ima xattrs of unsupported algorithmsMimi Zohar1-4/+8
2022-08-21tomoyo: struct path it might get from LSM callers won't have NULL dentry or mntAl Viro2-8/+3
2022-08-21tomoyo: use vsnprintf() properlyAl Viro2-2/+2
2022-08-19Merge tag 'hardening-v6.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-4/+2
2022-08-16selinux: Implement userns_create hookFrederick Lawler2-0/+11
2022-08-16security, lsm: Introduce security_create_user_ns()Frederick Lawler1-0/+5
2022-08-16LoadPin: Return EFAULT on copy_from_user() failuresKees Cook1-4/+2
2022-08-15lsm: clean up redundant NULL pointer checkXiu Jianfeng1-13/+1
2022-08-10Merge tag 'apparmor-pr-2022-08-08' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds29-338/+486
2022-08-02Merge tag 'linux-kselftest-kunit-5.20-rc1' of git://git.kernel.org/pub/scm/li...Linus Torvalds1-6/+6
2022-08-02Merge tag 'integrity-v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds1-29/+23
2022-08-02Merge tag 'safesetid-6.0' of https://github.com/micah-morton/linuxLinus Torvalds2-9/+35
2022-08-02Merge tag 'Smack-for-6.0' of https://github.com/cschaufler/smack-nextLinus Torvalds2-12/+2
2022-08-02Merge tag 'selinux-pr-20220801' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-13/+19
2022-08-02Merge tag 'hardening-v5.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2-1/+182
2022-08-01smack: Remove the redundant lsm_inode_allocXiu Jianfeng1-7/+0
2022-08-01smack: Replace kzalloc + strncpy with kstrndupGONG, Ruiqi1-5/+2
2022-08-01Merge tag 'x86_kdump_for_v6.0_rc1' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-1/+1
2022-08-01Merge tag 'fs.idmapped.vfsuid.v5.20' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2-7/+10
2022-07-20apparmor: correct config reference to intended oneLukas Bulwahn1-1/+1
2022-07-20lockdown: Fix kexec lockdown bypass with ima policyEric Snowberg1-0/+4
2022-07-19apparmor: move ptrace mediation to more logical task.{h,c}John Johansen5-128/+133
2022-07-19apparmor: extend policydb permission set by making use of the xbitsJohn Johansen4-5/+25
2022-07-19apparmor: allow label to carry debug flagsJohn Johansen6-8/+20
2022-07-19apparmor: fix overlapping attachment computationJohn Johansen2-2/+2
2022-07-19apparmor: fix setting unconfined mode on a loaded profileJohn Johansen1-5/+7
2022-07-19apparmor: Fix some kernel-doc commentsYang Li1-6/+6
2022-07-19apparmor: Mark alloc_unconfined() as staticSouptick Joarder (HPE)1-1/+1
2022-07-15LSM: SafeSetID: Add setgroups() security policy handlingMicah Morton1-9/+30
2022-07-15security: Add LSM hook to setgroups() syscallMicah Morton1-0/+5
2022-07-14Merge tag 'integrity-v5.19-fix' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-9/+10
2022-07-13apparmor: disable showing the mode as part of a secid to secctxJohn Johansen3-6/+20
2022-07-13apparmor: Convert secid mapping to XArrays instead of IDRMatthew Wilcox3-32/+13
2022-07-13apparmor: add a kernel label to use on kernel objectsJohn Johansen4-13/+37
2022-07-13evm: Use IS_ENABLED to initialize .enabledXiu Jianfeng1-29/+23
2022-07-13ima: Fix potential memory leak in ima_init_crypto()Jianglei Nie1-0/+1
2022-07-13ima: force signature verification when CONFIG_KEXEC_SIG is configuredCoiby Xu1-0/+2
2022-07-09apparmor: test: Remove some casts which are no-longer requiredDavid Gow1-6/+6
2022-07-09apparmor: Fix memleak in aa_simple_write_to_buffer()Xiu Jianfeng1-1/+1
2022-07-09apparmor: fix reference count leak in aa_pivotroot()Xin Xiong1-0/+1
2022-07-09apparmor: Fix some kernel-doc commentsYang Li1-2/+1
2022-07-09apparmor: Fix undefined reference to `zlib_deflate_workspacesize'John Johansen2-31/+40
2022-07-09apparmor: fix aa_label_asxprint return checkTom Rix1-3/+3
2022-07-09apparmor: Fix some kernel-doc commentsYang Li1-4/+4
2022-07-09apparmor: Fix some kernel-doc commentsYang Li1-2/+3
2022-07-09apparmor: Fix match_mnt_path_str() and match_mnt() kernel-doc commentYang Li1-2/+2
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-16 15:58:15 +0000