aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2016-09-23Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-4/+7
2016-09-22KEYS: Fix skcipher IV clobberingHerbert Xu1-4/+7
2016-09-07Merge tag 'usercopy-v4.8-rc6-part2' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds1-0/+11
2016-09-07usercopy: remove page-spanning test for nowKees Cook1-0/+11
2016-08-19Make the hardened user-copy code depend on having a hardened allocatorLinus Torvalds1-0/+1
2016-08-08Merge tag 'usercopy-v4.8' of git://git.kernel.org/pub/scm/linux/kernel/git/ke...Linus Torvalds1-0/+28
2016-08-06Merge branch 'work.const-qstr' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds2-2/+2
2016-07-29Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds36-195/+345
2016-07-29Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds5-8/+73
2016-07-28Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-9/+6
2016-07-28Merge branch 'salted-string-hash'Linus Torvalds3-4/+4
2016-07-27apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handlingArnd Bergmann3-3/+7
2016-07-26mm: Hardened usercopyKees Cook1-0/+28
2016-07-26Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-12/+18
2016-07-20qstr: constify dentry_init_securityAl Viro2-2/+2
2016-07-12apparmor: fix arg_size computation for when setprocattr is null terminatedJohn Johansen1-1/+1
2016-07-12apparmor: fix oops, validate buffer size in apparmor_setprocattr()Vegard Nossum1-17/+19
2016-07-12apparmor: do not expose kernel stackHeinrich Schuchardt1-1/+3
2016-07-12apparmor: fix module parameters can be changed after policy is lockedJohn Johansen3-13/+29
2016-07-12apparmor: fix oops in profile_unpack() when policy_db is not presentJohn Johansen1-0/+3
2016-07-12apparmor: don't check for vmalloc_addr if kvzalloc() failedJohn Johansen1-5/+5
2016-07-12apparmor: add missing id bounds check on dfa verificationJohn Johansen2-0/+3
2016-07-12apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another taskJeff Mahoney1-2/+4
2016-07-12apparmor: use list_next_entry instead of list_entry_nextGeliang Tang1-5/+3
2016-07-12apparmor: fix refcount race when finding a child profileJohn Johansen1-1/+3
2016-07-12apparmor: fix ref count leak when profile sha1 hash is readJohn Johansen1-0/+1
2016-07-12apparmor: check that xindex is in trans_table boundsJohn Johansen1-1/+1
2016-07-12apparmor: ensure the target profile name is always auditedJohn Johansen1-11/+9
2016-07-12apparmor: fix audit full profile hname on successful loadJohn Johansen1-1/+1
2016-07-12apparmor: fix log failures for all profiles in a setJohn Johansen1-10/+19
2016-07-12apparmor: fix put() parent ref after updating the active refJohn Johansen1-1/+1
2016-07-12apparmor: add parameter to control whether policy hashing is usedJohn Johansen4-6/+25
2016-07-12apparmor: internal paths should be treated as disconnectedJohn Johansen1-28/+36
2016-07-12apparmor: fix disconnected bind mnts reconnectionJohn Johansen1-1/+4
2016-07-12apparmor: fix update the mtime of the profile file on replacementJohn Johansen1-0/+2
2016-07-12apparmor: exec should not be returning ENOENT when it deniesJohn Johansen1-1/+1
2016-07-12apparmor: fix uninitialized lsm_audit memberJohn Johansen2-2/+4
2016-07-12apparmor: fix replacement bug that adds new child to old parentJohn Johansen1-1/+1
2016-07-12apparmor: fix refcount bug in profile replacementJohn Johansen1-2/+2
2016-07-09Merge tag 'keys-misc-20160708' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris2-2/+2
2016-07-08Merge branch 'smack-for-4.8' of https://github.com/cschaufler/smack-next into...James Morris1-0/+3
2016-07-08apparmor: fix oops, validate buffer size in apparmor_setprocattr()Vegard Nossum1-17/+19
2016-07-07Merge branch 'stable-4.8' of git://git.infradead.org/users/pcmoore/selinux in...James Morris7-64/+73
2016-07-05evm: Translate user/group ids relative to s_user_ns when computing HMACSeth Forshee1-2/+2
2016-06-30Merge branch 'd_real' of git://git.kernel.org/pub/scm/linux/kernel/git/mszere...Al Viro5-7/+14
2016-06-30ima: extend the measurement entry specific pcrEric Richter1-3/+3
2016-06-30ima: change integrity cache to store measured pcrEric Richter3-3/+11
2016-06-30ima: redefine duplicate template entriesEric Richter1-3/+4
2016-06-30ima: change ima_measurements_show() to display the entry specific pcrEric Richter1-5/+4
2016-06-30ima: include pcr for each measurement log entryEric Richter4-8/+13
2016-06-30ima: extend ima_get_action() to return the policy pcrEric Richter5-7/+14
2016-06-30ima: add policy support for extending different pcrsEric Richter1-1/+28
2016-06-30integrity: add measured_pcrs field to integrity cacheEric Richter2-0/+3
2016-06-27calipso: Add a label cache.Huw Davies1-3/+6
2016-06-27netlabel: Pass a family parameter to netlbl_skbuff_err().Huw Davies4-8/+10
2016-06-27calipso: Allow the lsm to label the skbuff directly.Huw Davies1-0/+15
2016-06-27calipso: Allow request sockets to be relabelled by the lsm.Huw Davies1-1/+1
2016-06-27netlabel: Prevent setsockopt() from changing the hop-by-hop option.Huw Davies1-1/+16
2016-06-27calipso: Set the calipso socket label to match the secattr.Huw Davies1-1/+1
2016-06-24selinux: Add support for unprivileged mounts from user namespacesSeth Forshee1-0/+23
2016-06-24Smack: Handle labels consistently in untrusted mountsSeth Forshee1-10/+19
2016-06-24Smack: Add support for unprivileged mounts from user namespacesSeth Forshee2-12/+37
2016-06-24fs: Treat foreign mounts as nosuidAndy Lutomirski2-2/+8
2016-06-24fs: Limit file caps to the user namespace of the super blockSeth Forshee1-0/+2
2016-06-24KEYS: Use skcipher for big keysHerbert Xu1-12/+18
2016-06-16KEYS: potential uninitialized variableDan Carpenter1-1/+1
2016-06-15selinux: fix type mismatchHeinrich Schuchardt1-1/+1
2016-06-14KEYS: Strip trailing spacesDavid Howells2-2/+2
2016-06-10vfs: make the string hashes salt the hashLinus Torvalds3-4/+4
2016-06-09selinux: import NetLabel category bitmaps correctlyPaul Moore1-1/+1
2016-06-08Smack: ignore null signal in smack_task_killRafal Krypa1-0/+3
2016-06-06security: tomoyo: simplify the gc kthread creationMike Danese1-7/+2
2016-06-06LSM: Fix for security_inode_getsecurity and -EOPNOTSUPPCasey Schaufler1-4/+25
2016-06-03KEYS: Add placeholder for KDF usage with DHStephan Mueller4-6/+13
2016-05-31selinux: Only apply bounds checking to source typesStephen Smalley1-48/+22
2016-05-29securityfs: ->d_parent is never NULL or negativeAl Viro1-5/+6
2016-05-29drbd: ->d_parent is never NULL or negativeAl Viro1-4/+0
2016-05-27Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-1/+1
2016-05-27switch ->setxattr() to passing dentry and inode separatelyAl Viro1-1/+1
2016-05-26Yama: fix double-spinlock and user access in atomic contextJann Horn1-6/+63
2016-05-20security/integrity/ima/ima_policy.c: use %pU to output UUID in printable formatAndy Shevchenko1-12/+2
2016-05-19Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds34-185/+909
2016-05-17Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-1/+3
2016-05-17Merge branch 'work.const-path' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds13-106/+83
2016-05-17Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds4-14/+15
2016-05-17Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2-2/+2
2016-05-17LSM: LoadPin: provide enablement CONFIGKees Cook2-6/+15
2016-05-17Merge branch 'ovl-fixes' into for-linusAl Viro1-2/+2
2016-05-09Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-2/+2
2016-05-06Merge branch 'stable-4.7' of git://git.infradead.org/users/pcmoore/selinux in...James Morris5-60/+127
2016-05-06Merge tag 'keys-next-20160505' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris19-112/+516
2016-05-04Yama: use atomic allocations when reportingSasha Levin1-2/+2
2016-05-04Merge branch 'keys-trust' into keys-nextDavid Howells10-62/+128
2016-05-04ima: fix the string representation of the LSM/IMA hook enumeration orderingMimi Zohar1-2/+2
2016-05-01ima: add support for creating files using the mknodat syscallMimi Zohar2-1/+29
2016-05-01ima: fix ima_inode_post_setattrMimi Zohar2-1/+2
2016-04-26selinux: apply execstack check on thread stacksStephen Smalley1-2/+3
2016-04-26selinux: distinguish non-init user namespace capability checksStephen Smalley2-17/+25
2016-04-22security: Introduce security_settime64()Baolin Wang2-2/+2
2016-04-21LSM: LoadPin for kernel file loading restrictionsKees Cook6-0/+205
2016-04-21Yama: consolidate error reportingKees Cook1-10/+21
2016-04-20rtnetlink: add new RTM_GETSTATS message to dump link statsRoopa Prabhu1-1/+3
2016-04-19selinux: check ss_initialized before revalidating an inode labelPaul Moore1-1/+1
2016-04-19selinux: delay inode label lookup as long as possiblePaul Moore1-8/+13
2016-04-19selinux: don't revalidate an inode's label when explicitly setting itPaul Moore1-2/+11
2016-04-14selinux: Change bool variable name to index.Prarit Bhargava2-4/+4
2016-04-12KEYS: Add KEYCTL_DH_COMPUTE commandMat Martineau6-0/+193
2016-04-12Security: Keys: Big keys stored encryptedKirill Marinushkin2-18/+184
2016-04-12KEYS: user_update should use copy of payload made during preparsingDavid Howells1-31/+11
2016-04-12security: integrity: Remove select to deleted option PUBLIC_KEY_ALGO_RSAAndreas Ziegler1-1/+0
2016-04-11IMA: Use the the system trusted keyrings instead of .ima_mokDavid Howells4-53/+32
2016-04-11KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTEDDavid Howells3-39/+4
2016-04-11KEYS: Move the point of trust determination to __key_link()David Howells2-4/+35
2016-04-11KEYS: Add a facility to restrict new links into a keyringDavid Howells8-33/+124
2016-04-11->getxattr(): pass dentry and inode as separate argumentsAl Viro4-10/+11
2016-04-11security: drop the unused hook skb_owned_byPaolo Abeni1-1/+0
2016-04-10don't bother with ->d_inode->i_sb - it's always equal to ->d_sbAl Viro3-4/+4
2016-04-05selinux: restrict kernel module loadingJeff Vander Stoep2-1/+48
2016-04-05selinux: consolidate the ptrace parent lookup codePaul Moore1-21/+17
2016-04-05selinux: simply inode label states to INVALID and INITIALIZEDPaul Moore2-4/+3
2016-04-05selinux: don't revalidate inodes in selinux_socket_getpeersec_dgram()Paul Moore1-3/+5
2016-03-28constify ima_d_path()Al Viro2-2/+2
2016-03-28constify security_sb_pivotroot()Al Viro2-2/+2
2016-03-28constify security_path_chroot()Al Viro2-2/+2
2016-03-28constify security_path_{link,rename}Al Viro3-9/+9
2016-03-28apparmor: remove useless checks for NULL ->mntAl Viro1-2/+2
2016-03-28constify security_path_{mkdir,mknod,symlink}Al Viro3-9/+9
2016-03-28constify security_path_{unlink,rmdir}Al Viro3-6/+6
2016-03-28apparmor: constify common_perm_...()Al Viro1-4/+4
2016-03-28apparmor: constify aa_path_link()Al Viro2-2/+2
2016-03-28apparmor: new helper - common_path_perm()Al Viro1-35/+12
2016-03-28constify chmod_common/security_path_chmodAl Viro3-3/+3
2016-03-28constify security_sb_mount()Al Viro3-3/+3
2016-03-28constify chown_common/security_path_chownAl Viro3-3/+3
2016-03-28tomoyo: constify assorted struct path *Al Viro3-13/+13
2016-03-28apparmor_path_truncate(): path->mnt is never NULLAl Viro1-1/+1
2016-03-28constify security_path_truncate()Al Viro3-3/+3
2016-03-27[apparmor] constify struct path * in a bunch of helpersAl Viro5-8/+8
2016-03-20Merge branch 'mm-pkeys-for-linus' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds1-1/+8
2016-03-17Merge tag 'tty-4.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/greg...Linus Torvalds1-2/+2
2016-03-17Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds20-227/+450
2016-03-17Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-32/+50
2016-03-04Merge tag 'keys-next-20160303' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris5-25/+12
2016-03-04Merge branch 'stable-4.6' of git://git.infradead.org/users/pcmoore/selinux in...James Morris1-1/+1
2016-03-03X.509: Make algo identifiers text instead of enumDavid Howells2-4/+5
2016-03-03akcipher: Move the RSA DER encoding check to the crypto layerDavid Howells1-0/+1
2016-02-26Merge branch 'stable-4.5' of git://git.infradead.org/users/pcmoore/selinux in...James Morris1-1/+1
2016-02-26Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris13-163/+418
2016-02-22Merge branch 'smack-for-4.6' of https://github.com/cschaufler/smack-next into...James Morris1-32/+14
2016-02-21ima: require signed IMA policyMimi Zohar1-0/+7
2016-02-21ima: measure and appraise the IMA policy itselfMimi Zohar4-3/+24
2016-02-21ima: load policy using pathDmitry Kasatkin1-2/+43
2016-02-21ima: support for kexec image and initramfsMimi Zohar3-7/+27
2016-02-21ima: remove firmware and module specific cached status infoMimi Zohar5-39/+28
2016-02-21module: replace copy_module_from_fd with kernel versionMimi Zohar2-34/+13
2016-02-21security: define kernel_read_file hookMimi Zohar2-0/+29
2016-02-21firmware: replace call to fw_read_file_contents() with kernel versionMimi Zohar2-24/+10
2016-02-20ima: define a new hook to measure and appraise a file already in memoryMimi Zohar7-15/+57
2016-02-19selinux: Don't sleep inside inode_getsecid hookAndreas Gruenbacher1-1/+1
2016-02-18ima: calculate the hash of a buffer using aynchronous hash(ahash)Mimi Zohar1-2/+73
2016-02-18ima: provide buffer hash calculation functionDmitry Kasatkin2-0/+49
2016-02-18vfs: define kernel_read_file_id enumerationMimi Zohar1-2/+3
2016-02-18vfs: define a generic function to read a file from the kernelMimi Zohar1-0/+8
2016-02-18ima: use "ima_hooks" enum as function argumentMimi Zohar5-27/+37
2016-02-18ima: refactor ima_policy_show() to display "ima_hooks" rulesMimi Zohar1-27/+36
2016-02-18ima: separate 'security.ima' reading functionality from collectDmitry Kasatkin8-40/+33
2016-02-18security/keys: make big_key.c explicitly non-modularPaul Gortmaker1-14/+1
2016-02-18integrity: convert digsig to akcipher apiTadeusz Struk2-7/+4
2016-02-16smack: fix cache of access labelsJosé Bollo1-2/+6
2016-02-16mm/gup: Introduce get_user_pages_remote()Dave Hansen1-1/+8
2016-02-14Merge 4.5-rc4 into tty-nextGreg Kroah-Hartman2-1/+3
2016-02-12EVM: Use crypto_memneq() for digest comparisonsRyan Ware1-1/+2
2016-02-11Smack: Remove pointless hooksCasey Schaufler1-30/+8
2016-02-10KEYS: CONFIG_KEYS_DEBUG_PROC_KEYS is no longer an optionDavid Howells1-1/+0
2016-02-10tpm: fix checks for policy digest existence in tpm2_seal_trusted()Jarkko Sakkinen1-6/+5
2016-02-09KEYS: Add an alloc flag to convey the builtinness of a keyDavid Howells1-0/+2
2016-02-09selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tablesLorenzo Colitti1-0/+1
2016-02-09crypto: keys - Revert "convert public key to akcipher api"Herbert Xu2-4/+7
2016-02-08IMA: fix non-ANSI declaration of ima_check_policy()Colin Ian King1-1/+1
2016-02-06integrity: convert digsig to akcipher apiTadeusz Struk2-7/+4
2016-02-01Merge 4.5-rc2 into tty-nextGreg Kroah-Hartman1-1/+2
2016-01-28selinux: use absolute path to include directoryAndy Shevchenko1-1/+1
2016-01-28KEYS: Only apply KEY_FLAG_KEEP to a key if a parent keyring has it setDavid Howells1-1/+2
2016-01-27tty: Make tty_files_lock per-ttyPeter Hurley1-2/+2
2016-01-27KEYS: Use skcipherHerbert Xu1-32/+50
2016-01-22wrappers for ->i_mutex accessAl Viro3-11/+11
2016-01-20ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn1-1/+6
2016-01-20security: let security modules use PTRACE_MODE_* with bitmasksJann Horn2-7/+5
2016-01-20KEYS: Fix keyring ref leak in join_session_keyring()Yevgeny Pats1-0/+1
2016-01-17Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds29-160/+967
2016-01-14Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...James Morris1-8/+2
2016-01-12Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds4-168/+82
2016-01-11Merge branch 'work.xattr' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-2/+0
2016-01-10Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris3-21/+17
2016-01-08Merge branch 'for-linus' into work.miscAl Viro1-9/+9
2016-01-08selinux: Inode label revalidation performance fixAndreas Gruenbacher1-8/+2
2016-01-07KEYS: refcount bug fixMimi Zohar2-12/+8
2016-01-04fix the leak in integrity_read_file()Al Viro1-5/+6
2016-01-04selinuxfs: switch to memdup_user_nul()Al Viro1-73/+41
2016-01-04convert a bunch of open-coded instances of memdup_user_nul()Al Viro2-90/+35
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 12:02:31 +0000