aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2022-01-11Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds2-111/+21
2021-12-31Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextDavid S. Miller1-0/+1
2021-12-28Merge tag 'selinux-pr-20211228' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2021-12-27selinux: initialize proto variable in selinux_ip_postroute_compat()Tom Rix1-1/+1
2021-12-22Merge tag 'tomoyo-pr-20211222' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds1-17/+14
2021-12-16add missing bpf-cgroup.h includesJakub Kicinski1-0/+1
2021-12-16selinux: fix sleeping function called from invalid contextScott Mayhew1-14/+19
2021-12-15tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()Tetsuo Handa1-10/+7
2021-12-15tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().Dmitry Vyukov1-7/+7
2021-11-26security: DH - use KDF implementation from crypto APIStephan Müller2-92/+19
2021-11-26security: DH - remove dead code for zero paddingStephan Müller1-21/+4
2021-11-19selinux: fix NULL-pointer dereference when hashtab allocation failsOndrej Mosnacek1-5/+12
2021-11-12net,lsm,selinux: revert the security_sctp_assoc_established() hookPaul Moore2-20/+1
2021-11-11Merge tag 'apparmor-pr-2021-11-10' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds11-66/+90
2021-11-11Merge tag 'net-5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds4-26/+45
2021-11-06Merge branch 'akpm' (patches from Andrew)Linus Torvalds1-14/+0
2021-11-06mm: remove HARDENED_USERCOPY_FALLBACKStephen Kitt1-14/+0
2021-11-03apparmor: remove duplicated 'Returns:' commentsAustin Kim1-2/+0
2021-11-03apparmor: remove unneeded one-line hook wrappersFlorian Westphal1-18/+2
2021-11-03apparmor: Use struct_size() helper in kzalloc()Gustavo A. R. Silva2-4/+2
2021-11-03security: implement sctp_assoc_established hook in selinuxXin Long1-1/+13
2021-11-03security: add sctp_assoc_established hookXin Long1-0/+7
2021-11-03security: pass asoc to sctp_assoc_request and sctp_sk_cloneXin Long4-26/+26
2021-11-03apparmor: fix zero-length compiler warning in AA_BUG()John Johansen1-1/+6
2021-11-03apparmor: use per file locks for transactional queriesHamza Mahfooz1-6/+5
2021-11-03apparmor: fix doc warningChenXiaoSong1-1/+1
2021-11-03apparmor: Remove the repeated declarationShaokun Zhang1-4/+0
2021-11-03apparmor: avoid -Wempty-body warningArnd Bergmann1-1/+1
2021-11-02Merge tag 'integrity-v5.16' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds3-45/+202
2021-11-01Merge tag 'audit-pr-20211101' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-1/+1
2021-11-01Merge tag 'selinux-pr-20211101' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds10-255/+272
2021-11-01Merge tag 'Smack-for-5.16' of https://github.com/cschaufler/smack-nextLinus Torvalds3-44/+34
2021-11-01Merge tag 'overflow-v5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds1-0/+3
2021-11-01Merge tag 'hardening-v5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-4/+10
2021-11-01apparmor: Fix internal policy capable check for policy managementJohn Johansen1-1/+1
2021-10-28evm: mark evm_fixmode as __ro_after_initAustin Kim1-1/+1
2021-10-22smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doiTetsuo Handa1-1/+1
2021-10-22smackfs: use __GFP_NOFAIL for smk_cipso_doi()Tetsuo Handa1-3/+1
2021-10-21Merge branch 'ucount-fixes-for-v5.15' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds1-0/+8
2021-10-21gcc-plugins: Explicitly document purpose and deprecation scheduleKees Cook1-3/+6
2021-10-20ucounts: Move get_ucounts from cred_alloc_blank to key_change_session_keyringEric W. Biederman1-0/+8
2021-10-20security: Return xattr name from security_dentry_init_security()Vivek Goyal2-4/+9
2021-10-19selinux: fix a sock regression in selinux_ip_postroute_compat()Paul Moore1-2/+2
2021-10-14binder: use cred instead of task for selinux checksTodd Kjos2-42/+20
2021-10-14LSM: Avoid warnings about potentially unused hook variablesKees Cook1-1/+1
2021-10-13Smack: fix W=1 build warningsCasey Schaufler1-12/+18
2021-10-13selinux: fix all of the W=1 build warningsPaul Moore6-8/+33
2021-10-13selinux: make better use of the nf_hook_state passed to the NF hooksPaul Moore1-27/+25
2021-10-12smack: remove duplicated hook functionFlorian Westphal1-23/+3
2021-10-11selinux: fix race condition when computing ocontext SIDsOndrej Mosnacek1-85/+77
2021-10-11selinux: remove unneeded ipv6 hook wrappersFlorian Westphal1-62/+18
2021-10-09ima: Use strscpy instead of strlcpyPetr Vorel2-2/+2
2021-10-09ima_policy: Remove duplicate 'the' in docs commentPetr Vorel1-2/+1
2021-10-09ima: add gid supportCurtis Veit1-27/+174
2021-10-09ima: fix uid code style problemsAlex Henrie1-4/+6
2021-10-09ima: fix deadlock when traversing "ima_default_rules".liqiong1-9/+18
2021-10-07Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/David S. Miller1-1/+3
2021-09-30selinux: remove the SELinux lockdown implementationPaul Moore2-32/+0
2021-09-28selinux: enable genfscon labeling for securityfsChristian Göttsche1-1/+2
2021-09-28Smack:- Use overlay inode label in smack_inode_copy_up()Vishal Goel1-1/+1
2021-09-25hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZEROKees Cook1-1/+4
2021-09-25fortify: Explicitly disable Clang supportKees Cook1-0/+3
2021-09-24smack: Guard smack_ipv6_lock definition within a SMACK_IPV6_PORT_LABELING blockSebastian Andrzej Siewior1-3/+6
2021-09-23selinux,smack: fix subjective/objective credential use mixupsPaul Moore2-4/+4
2021-09-19lsm_audit: avoid overloading the "key" audit fieldOndrej Mosnacek1-1/+1
2021-09-19Smack: Brutalist io_uring supportCasey Schaufler1-0/+46
2021-09-19selinux: add support for the io_uring access controlsPaul Moore2-0/+36
2021-09-19lsm,io_uring: add LSM hooks to io_uringPaul Moore1-0/+12
2021-09-15smackfs: Fix use-after-free in netlbl_catmap_walk()Pawan Gupta1-1/+4
2021-09-14include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakageEugene Syromiatnikov1-1/+3
2021-09-03Merge tag 'kbuild-v5.15' of git://git.kernel.org/pub/scm/linux/kernel/git/mas...Linus Torvalds1-11/+0
2021-09-03Merge branch 'akpm' (patches from Andrew)Linus Torvalds1-4/+9
2021-09-03mm/pagemap: add mmap_assert_locked() annotations to find_vma*()Luigi Rizzo1-4/+9
2021-09-03security: remove unneeded subdir-$(CONFIG_...)Masahiro Yamada1-11/+0
2021-09-02Merge tag 'integrity-v5.15' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds11-67/+320
2021-09-02Merge tag 'hardening-v5.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-20/+51
2021-08-31Merge tag 'net-next-5.15' of git://git.kernel.org/pub/scm/linux/kernel/git/ne...Linus Torvalds2-2/+6
2021-08-31Merge tag 'for-5.15/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-0/+1
2021-08-31Merge tag 'Smack-for-5.15' of git://github.com/cschaufler/smack-nextLinus Torvalds3-11/+10
2021-08-31Merge tag 'selinux-pr-20210830' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2-0/+6
2021-08-30Merge tag 'efi-core-2021-08-30' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2021-08-27efi: Don't use knowledge about efi_guid_t internalsAndy Shevchenko1-1/+1
2021-08-23IMA: reject unknown hash algorithms in ima_get_hash_algoTHOBY Simon1-1/+2
2021-08-16IMA: prevent SETXATTR_CHECK policy rules with unavailable algorithmsTHOBY Simon1-0/+6
2021-08-16IMA: introduce a new policy option func=SETXATTR_CHECKTHOBY Simon4-17/+96
2021-08-16IMA: add a policy option to restrict xattr hash algorithms on appraisalTHOBY Simon1-4/+70
2021-08-16IMA: add support to restrict the hash algorithms used for file appraisalTHOBY Simon5-12/+41
2021-08-16IMA: block writes of the security.ima xattr with unsupported algorithmsTHOBY Simon2-4/+47
2021-08-16IMA: remove the dependency on CRYPTO_MD5THOBY Simon1-1/+0
2021-08-13Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-1/+2
2021-08-10dm ima: measure data on table loadTushar Sugandhi1-0/+1
2021-08-10bpf: Add lockdown check for probe_write_user helperDaniel Borkmann1-0/+1
2021-08-09bpf: Add _kernel suffix to internal lockdown_bpf_readDaniel Borkmann1-1/+1
2021-08-05Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-6/+4
2021-08-05Merge tag 'selinux-pr-20210805' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-6/+4
2021-08-02selinux: correct the return value when loads initial sidsXiu Jianfeng1-6/+4
2021-07-29mctp: Add MCTP baseJeremy Kerr2-2/+6
2021-07-23ima: Add digest and digest_len params to the functions to measure a bufferRoberto Sassu7-17/+36
2021-07-23ima: Return int in the functions to measure a bufferRoberto Sassu2-22/+28
2021-07-23ima: Introduce ima_get_current_hash_algo()Roberto Sassu1-1/+6
2021-07-23IMA: remove -Wmissing-prototypes warningAustin Kim1-1/+1
2021-07-20hardening: Clarify Kconfig text for auto-var-initKees Cook1-20/+32
2021-07-20hardening: Introduce CONFIG_ZERO_CALL_USED_REGSKees Cook1-0/+19
2021-07-20smack: mark 'smack_enabled' global variable as __initdataAustin Kim2-2/+2
2021-07-20Smack: Fix wrong semantics in smk_access_entry()Tianjia Zhang1-9/+8
2021-07-14selinux: return early for possible NULL audit buffersAustin Kim2-0/+6
2021-07-02Merge tag 'asm-generic-unaligned-5.14' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds1-1/+1
2021-06-30Merge tag 'safesetid-5.14' of git://github.com/micah-morton/linuxLinus Torvalds2-2/+2
2021-06-30Merge tag 'Smack-for-5.14' of git://github.com/cschaufler/smack-nextLinus Torvalds2-5/+9
2021-06-30Merge tag 'audit-pr-20210629' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-1/+0
2021-06-30Merge tag 'selinux-pr-20210629' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds11-109/+81
2021-06-28Merge tag 'integrity-v5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds18-75/+730
2021-06-21evm: Check xattr size discrepancy between kernel and userRoberto Sassu1-1/+7
2021-06-20evm: output EVM digest calculation infoMimi Zohar2-0/+47
2021-06-16tomoyo: fix doc warningsChenXiaoSong4-9/+9
2021-06-11audit: remove unnecessary 'ret' initializationAustin Kim1-1/+0
2021-06-11selinux: kill 'flags' argument in avc_has_perm_flags() and avc_audit()Al Viro3-31/+5
2021-06-11selinux: slow_avc_audit has become non-blockingAl Viro3-35/+10
2021-06-11selinux: Fix kernel-docYang Li1-1/+22
2021-06-11IMA: support for duplicate measurement recordsTushar Sugandhi2-2/+10
2021-06-11ima: Fix warning: no previous prototype for function 'ima_add_kexec_buffer'Lakshmi Ramasubramanian1-0/+1
2021-06-10selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVCMinchan Kim1-6/+7
2021-06-10ima: differentiate between EVM failures in the audit logMimi Zohar1-1/+2
2021-06-10LSM: SafeSetID: Mark safesetid_initialized as __initdataAustin Kim2-2/+2
2021-06-08ima: Fix fall-through warning for ClangGustavo A. R. Silva1-0/+1
2021-06-08ima: Pass NULL instead of 0 to ima_get_action() in ima_file_mprotect()Roberto Sassu1-1/+1
2021-06-08ima: Include header defining ima_post_key_create_or_update()Roberto Sassu1-0/+1
2021-06-08ima/evm: Fix type mismatchRoberto Sassu4-11/+12
2021-06-08ima: Set correct casting typesRoberto Sassu2-9/+10
2021-06-08Smack: fix doc warningChenXiaoSong1-1/+4
2021-06-03evm: Don't return an error in evm_write_xattrs() if audit is not enabledRoberto Sassu1-1/+1
2021-06-03ima: Define new template evm-sigRoberto Sassu1-1/+4
2021-06-02ima: Define new template fields xattrnames, xattrlengths and xattrvaluesRoberto Sassu4-0/+148
2021-06-01evm: Verify portable signatures against all protected xattrsRoberto Sassu4-12/+68
2021-06-01ima: Define new template field imodeRoberto Sassu3-0/+26
2021-06-01ima: Define new template fields iuid and igidRoberto Sassu3-0/+53
2021-06-01ima: Add ima_show_template_uint() template library functionRoberto Sassu2-1/+39
2021-06-01ima: Don't remove security.ima if file must not be appraisedRoberto Sassu1-2/+0
2021-06-01ima: Introduce template field evmsig and write to field sig as fallbackRoberto Sassu3-1/+36
2021-06-01ima: Allow imasig requirement to be satisfied by EVM portable signaturesRoberto Sassu1-7/+17
2021-06-01evm: Allow setxattr() and setattr() for unmodified metadataRoberto Sassu1-1/+112
2021-05-21evm: Pass user namespace to set/remove xattr hooksRoberto Sassu2-8/+13
2021-05-21evm: Allow xattr/attr operations for portable signaturesRoberto Sassu2-6/+29
2021-05-21evm: Introduce evm_hmac_disabled() to safely ignore verification errorsRoberto Sassu1-1/+38
2021-05-21evm: Introduce evm_revalidate_status()Roberto Sassu2-9/+46
2021-05-21evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loadedRoberto Sassu1-4/+4
2021-05-21evm: Load EVM key in ima_load_x509() to avoid appraisalRoberto Sassu2-1/+7
2021-05-21evm: Execute evm_inode_init_security() only when an HMAC key is loadedRoberto Sassu1-2/+3
2021-05-20evm: fix writing <securityfs>/evm overflowMimi Zohar1-2/+3
2021-05-18Revert "Smack: Handle io_uring kernel thread privileges"Jens Axboe1-3/+2
2021-05-17apparmor: use get_unaligned() only for multi-byte wordsArnd Bergmann1-1/+1
2021-05-14lsm_audit,selinux: pass IB device name by referenceOndrej Mosnacek1-1/+1
2021-05-12trusted-keys: match tpm_get_ops on all return pathsBen Boeckel1-3/+3
2021-05-12KEYS: trusted: Fix memory leak on object tdColin Ian King1-3/+5
2021-05-10selinux: Remove redundant assignment to rcJiapeng Chong2-5/+0
2021-05-10selinux: Corrected comment to match kernel-doc commentSouptick Joarder1-1/+1
2021-05-10selinux: delete selinux_xfrm_policy_lookup() useless argumentZhongjun Tan3-4/+4
2021-05-10selinux: constify some avtab function argumentsOndrej Mosnacek3-21/+26
2021-05-10selinux: simplify duplicate_policydb_cond_list() by using kmemdup()Ondrej Mosnacek1-5/+6
2021-05-10smackfs: restrict bytes count in smk_set_cipso()Tetsuo Handa1-0/+2
2021-05-10security/smack/: fix misspellings using codespell toolXiong Zhenwu1-1/+1
2021-05-05Merge tag 'safesetid-5.13' of git://github.com/micah-morton/linuxLinus Torvalds1-3/+0
2021-05-02Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-2/+2
2021-05-01Merge tag 'landlock_v34' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds25-75/+2468
2021-05-01Merge tag 'integrity-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds5-4/+15
2021-04-29Merge tag 'net-next-5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/ne...Linus Torvalds1-1/+4
2021-04-28Merge tag 'devicetree-for-5.13' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2-10/+3
2021-04-27Merge tag 'fixes-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/jmor...Linus Torvalds1-18/+34
2021-04-27Merge tag 'selinux-pr-20210426' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds14-73/+303
2021-04-26LSM: SafeSetID: Fix code specification by scripts/checkpatch.plYanwei Gao1-3/+0
2021-04-26Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds1-16/+14
2021-04-26Merge tag 'keys-cve-2020-26541-v3' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds2-2/+29
2021-04-26Merge tag 'queue' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/tpmddLinus Torvalds2-13/+16
2021-04-26Merge tag 'tpmdd-next-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds7-327/+1038
2021-04-22landlock: Enable user space to infer supported featuresMickaël Salaün1-4/+13
2021-04-22landlock: Add syscall implementationsMickaël Salaün2-1/+443
2021-04-22fs,security: Add sb_delete hookMickaël Salaün1-0/+5
2021-04-22landlock: Support filesystem access-controlMickaël Salaün8-2/+781
2021-04-22LSM: Infrastructure management of the superblockCasey Schaufler6-70/+84
2021-04-22landlock: Add ptrace restrictionsMickaël Salaün4-1/+137
2021-04-22landlock: Set up the security framework and manage credentialsMickaël Salaün7-6/+178
2021-04-22landlock: Add ruleset and domain managementMickaël Salaün4-1/+652
2021-04-22landlock: Add object managementMickaël Salaün6-0/+185
2021-04-21selinux: add proper NULL termination to the secclass_map permissionsPaul Moore1-2/+3
2021-04-21KEYS: trusted: fix TPM trusted keys for generic frameworkJames Bottomley2-13/+16
2021-04-21KEYS: trusted: Fix TPM reservation for seal/unsealJames Bottomley1-1/+1
2021-04-20ima: Fix fall-through warnings for ClangGustavo A. R. Silva2-0/+3
2021-04-17Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-2/+2
2021-04-16kasan: remove redundant config optionWalter Wu1-2/+2
2021-04-15security: commoncap: clean up kernel-doc commentsRandy Dunlap1-17/+33
2021-04-14KEYS: trusted: Fix missing null return from kzalloc callColin Ian King1-2/+4
2021-04-14KEYS: trusted: Introduce TEE based Trusted KeysSumit Garg3-0/+324
2021-04-14KEYS: trusted: Add generic trusted keys frameworkSumit Garg3-297/+424
2021-04-14security: keys: trusted: Make sealed key properly interoperableJames Bottomley1-15/+38
2021-04-14security: keys: trusted: use ASN.1 TPM2 key format for the blobsJames Bottomley5-8/+221
2021-04-14security: keys: trusted: fix TPM2 authorizationsJames Bottomley2-10/+32
2021-04-09Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski8-113/+194
2021-04-09Merge tag 'selinux-pr-20210409' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds6-112/+185
2021-04-09integrity: Add declarations to init_once void arguments.Jiele Zhao1-1/+1
2021-04-09ima: Fix function name error in comment.Jiele Zhao1-1/+1
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 23:24:04 +0000