aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2019-07-19Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds4-28/+67
2019-07-18proc/sysctl: add shared variables for range checkMatteo Croce3-20/+15
2019-07-16Merge tag 'docs/v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mche...Linus Torvalds2-2/+2
2019-07-15LSM: SafeSetID: fix use of literal -1 in capable hookJann Horn1-1/+1
2019-07-15LSM: SafeSetID: verify transitive constrainednessJann Horn1-1/+37
2019-07-15LSM: SafeSetID: add read handlerJann Horn2-4/+32
2019-07-15LSM: SafeSetID: rewrite userspace API to atomic updatesJann Horn3-158/+144
2019-07-15LSM: SafeSetID: fix userns handling in securityfsJann Horn1-3/+3
2019-07-15LSM: SafeSetID: refactor policy parsingJann Horn1-51/+33
2019-07-15LSM: SafeSetID: refactor safesetid_security_capable()Jann Horn1-15/+26
2019-07-15LSM: SafeSetID: refactor policy hash tableJann Horn2-44/+37
2019-07-15LSM: SafeSetID: fix check for setresuid(new1, new2, new3)Jann Horn1-90/+35
2019-07-15LSM: SafeSetID: fix pr_warn() to include newlineJann Horn1-2/+2
2019-07-15docs: cgroup-v1: add it to the admin-guide bookMauro Carvalho Chehab1-1/+1
2019-07-15docs: x86: move two x86-specific files to x86 arch dirMauro Carvalho Chehab1-1/+1
2019-07-12Merge branch 'akpm' (patches from Andrew)Linus Torvalds1-0/+29
2019-07-12mm: security: introduce init_on_alloc=1 and init_on_free=1 boot optionsAlexander Potapenko1-0/+29
2019-07-11Merge tag 'loadpin-v5.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-0/+48
2019-07-11Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-1/+4
2019-07-10Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds22-629/+187
2019-07-09Merge tag 'docs-5.3' of git://git.lwn.net/linuxLinus Torvalds1-1/+1
2019-07-09Merge branch 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmor...Linus Torvalds1-3/+3
2019-07-08Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-2/+2
2019-07-08Merge branch 'for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cg...Linus Torvalds1-1/+1
2019-07-08Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds16-79/+378
2019-07-08Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds22-187/+629
2019-07-08Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds11-243/+389
2019-07-08Merge tag 'keys-request-20190626' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds8-106/+180
2019-07-08Merge tag 'keys-misc-20190619' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds8-78/+369
2019-07-08Merge tag 'selinux-pr-20190702' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds3-23/+31
2019-07-08Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds1-4/+4
2019-07-07security/commoncap: Use xattr security prefix lenCarmeli Tamir1-2/+2
2019-07-04vfs: Convert smackfs to use the new mount APIDavid Howells1-12/+22
2019-07-04vfs: Convert selinuxfs to use the new mount APIDavid Howells1-5/+15
2019-07-04vfs: Convert securityfs to use the new mount APIDavid Howells1-6/+15
2019-07-04vfs: Convert apparmorfs to use the new mount APIDavid Howells1-5/+15
2019-07-03keys: Provide KEYCTL_GRANT_PERMISSIONDavid Howells4-1/+133
2019-07-01selinux: format all invalid context as untrustedRichard Guy Briggs1-10/+19
2019-06-30integrity: Introduce struct evm_xattrThiago Jung Bauermann3-7/+14
2019-06-30ima: Update MAX_TEMPLATE_NAME_LEN to fit largest reasonable definitionThiago Jung Bauermann1-1/+7
2019-06-30IMA: Define a new template field bufPrakhar Srivastava5-1/+33
2019-06-27keys: Replace uid/gid/perm permissions checking with an ACLDavid Howells21-186/+496
2019-06-27keys: Pass the network namespace into request_key mechanismDavid Howells4-17/+36
2019-06-26keys: Network namespace domain tagDavid Howells1-1/+6
2019-06-26keys: Garbage collect keys for which the domain has been removedDavid Howells2-1/+17
2019-06-26keys: Include target namespace in match criteriaDavid Howells5-4/+39
2019-06-26keys: Move the user and user-session keyrings to the user_namespaceDavid Howells5-104/+187
2019-06-26keys: Namespace keyring namesDavid Howells2-57/+45
2019-06-26keys: Add a 'recurse' flag for keyring searchesDavid Howells8-9/+22
2019-06-26keys: Cache the hash value to avoid lots of recalculationDavid Howells3-16/+22
2019-06-26keys: Simplify key description managementDavid Howells4-49/+30
2019-06-26keys: Kill off request_key_async{,_with_auxdata}David Howells1-50/+0
2019-06-24IMA: Define a new hook to measure the kexec boot command line argumentsPrakhar Srivastava4-0/+81
2019-06-22Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller17-71/+65
2019-06-21Merge tag 'spdx-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gre...Linus Torvalds15-61/+15
2019-06-19IMA: support for per policy rule template formatsMatthew Garrett7-27/+76
2019-06-19keys: Cache result of request_key*() temporarily in task_structDavid Howells2-0/+55
2019-06-19keys: Provide request_key_rcu()David Howells1-0/+44
2019-06-19keys: Move the RCU locks outwards from the keyring search functionsDavid Howells6-60/+75
2019-06-19keys: Invalidate used request_key authentication keysDavid Howells2-3/+3
2019-06-19keys: Fix request_key() lack of Link perm check on found keyDavid Howells1-0/+10
2019-06-19treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500Thomas Gleixner15-61/+15
2019-06-19keys: Add capability-checking keyctl functionDavid Howells3-0/+40
2019-06-18apparmor: reset pos on failure to unpack for various functionsMike Salvatore1-8/+39
2019-06-18apparmor: enforce nullbyte at end of tag stringJann Horn1-1/+1
2019-06-18apparmor: fix PROFILE_MEDIATES for untrusted inputJohn Johansen1-1/+10
2019-06-17Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller93-484/+133
2019-06-17integrity: Fix __integrity_init_keyring() section mismatchGeert Uytterhoeven1-2/+3
2019-06-17locking/lockdep: Rename lockdep_assert_held_exclusive() -> lockdep_assert_hel...Nikolay Borisov1-4/+4
2019-06-14Smack: Restore the smackfsdef mount option and add missing prefixesCasey Schaufler1-5/+7
2019-06-14docs: cgroup-v1: convert docs to ReST and rename to *.rstMauro Carvalho Chehab1-1/+1
2019-06-14Merge tag 'v5.2-rc4' into mauroJonathan Corbet131-616/+157
2019-06-14ima: Use designated initializers for struct ima_event_dataThiago Jung Bauermann2-6/+11
2019-06-14ima: use the lsm policy update notifierJanne Karhunen3-20/+106
2019-06-14LSM: switch to blocking policy update notifiersJanne Karhunen3-12/+15
2019-06-14x86/ima: fix the Kconfig dependency for IMA_ARCH_POLICYNayna Jain1-1/+2
2019-06-14ima: Make arch_policy_entry staticYueHaibing1-1/+1
2019-06-12Merge tag 'selinux-pr-20190612' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2-13/+36
2019-06-12selinux: fix empty write to keycreate fileOndrej Mosnacek1-5/+6
2019-06-12selinux: fix a missing-check bug in selinux_sb_eat_lsm_opts()Gen Zhang1-6/+14
2019-06-12selinux: fix a missing-check bug in selinux_add_mnt_opt( )Gen Zhang1-5/+14
2019-06-11selinux: log raw contexts as untrusted stringsOndrej Mosnacek1-2/+8
2019-06-11security: Make capability_hooks staticYueHaibing1-1/+1
2019-06-08docs: fix broken documentation linksMauro Carvalho Chehab1-1/+1
2019-06-07Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller18-93/+35
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441Thomas Gleixner72-352/+72
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 372Thomas Gleixner11-39/+11
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295Thomas Gleixner6-66/+6
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282Thomas Gleixner1-9/+1
2019-06-04ima: prevent a file already mmap'ed write to be mmap'ed executeMimi Zohar1-2/+30
2019-05-31security/loadpin: Allow to exclude specific file typesKe Wu1-0/+48
2019-05-31Merge branch 'next-fixes-for-5.2-rc' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2-12/+19
2019-05-31Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller5-25/+5
2019-05-30keys: Reuse keyring_index_key::desc_len in lookup_user_key()Eric Biggers1-3/+1
2019-05-30keys: Grant Link permission to possessers of request_key auth keysDavid Howells1-1/+1
2019-05-30keys: Add a keyctl to move a key between keyringsDavid Howells4-0/+166
2019-05-30keys: Hoist locking out of __key_link_begin()David Howells4-38/+76
2019-05-30treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152Thomas Gleixner16-81/+16
2019-05-30keys: Break bits out of key_unlink()David Howells1-21/+67
2019-05-30keys: Change keyring_serialise_link_sem to a mutexDavid Howells1-6/+6
2019-05-29ima: show rules with IMA_INMASK correctlyRoberto Sassu1-9/+12
2019-05-29evm: check hash algorithm passed to init_desc()Roberto Sassu1-0/+3
2019-05-29keys: sparse: Fix kdoc mismatchesDavid Howells2-4/+8
2019-05-29keys: sparse: Fix incorrect RCU accessesDavid Howells2-2/+3
2019-05-28net: nexthop uapiDavid Ahern1-1/+4
2019-05-27signal: Remove task parameter from force_sigEric W. Biederman1-2/+2
2019-05-24Merge tag 'spdx-5.2-rc2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/g...Linus Torvalds5-25/+5
2019-05-24treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36Thomas Gleixner5-25/+5
2019-05-22keys: sparse: Fix key_fs[ug]id_changed()David Howells1-12/+10
2019-05-21selinux: remove some no-op BUG_ONsOndrej Mosnacek1-4/+0
2019-05-21Merge tag 'selinux-pr-20190521' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-2/+8
2019-05-21selinux: provide __le variables explicitlyNicholas Mc Guire1-4/+6
2019-05-21treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13Thomas Gleixner2-30/+2
2019-05-21treewide: Add SPDX license identifier - Makefile/KconfigThomas Gleixner17-0/+17
2019-05-20selinux: do not report error on connect(AF_UNSPEC)Paolo Abeni1-2/+8
2019-05-19ima: fix wrong signed policy requirement when not appraisingPetr Vorel1-3/+4
2019-05-13Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds1-4/+4
2019-05-10tomoyo: Don't emit WARNING: string while fuzzing testing.Tetsuo Handa1-0/+2
2019-05-10tomoyo: Change pathname calculation for read-only filesystems.Tetsuo Handa1-1/+2
2019-05-10tomoyo: Check address length before reading address familyTetsuo Handa1-0/+4
2019-05-10tomoyo: Add a kernel config option for fuzzing testing.Tetsuo Handa2-1/+22
2019-05-10Revert "selinux: do not report error on connect(AF_UNSPEC)"Paolo Abeni1-4/+4
2019-05-09Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds1-4/+4
2019-05-09Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jm...Linus Torvalds3-45/+45
2019-05-08selinux: do not report error on connect(AF_UNSPEC)Paolo Abeni1-4/+4
2019-05-07Merge branch 'work.mount-syscalls' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-0/+5
2019-05-07Merge tag 'audit-pr-20190507' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-5/+5
2019-05-07Merge tag 'selinux-pr-20190507' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-88/+169
2019-05-07Merge tag 'meminit-v5.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds2-0/+166
2019-05-07Merge branch 'work.icache' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds2-16/+4
2019-05-07Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2-30/+25
2019-05-06Merge branch 'smack-for-5.2-b' of https://github.com/cschaufler/next-smack in...James Morris1-0/+2
2019-05-06Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds7-12/+9
2019-05-06Merge tag 's390-5.2-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/...Linus Torvalds3-5/+50
2019-05-05Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds2-8/+18
2019-05-01securityfs: switch to ->free_inode()Al Viro1-8/+2
2019-05-01apparmor: switch to ->free_inode()Al Viro1-8/+2
2019-04-30Smack: Fix kbuild reported build errorCasey Schaufler1-0/+2
2019-04-30Merge branch 'smack-for-5.2-b' of https://github.com/cschaufler/next-smack in...James Morris1-4/+15
2019-04-30Merge tag 'selinux-pr-20190429' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-0/+1
2019-04-29smack: Check address length before reading address familyTetsuo Handa1-4/+15
2019-04-29selinux: use kernel linux/socket.h for genheaders and mdpPaulo Alcantara1-0/+1
2019-04-26s390/ipl: read IPL report at early bootMartin Schwidefsky3-5/+50
2019-04-25crypto: shash - remove shash_desc::flagsEric Biggers6-10/+0
2019-04-24security: Implement Clang's stack initializationKees Cook1-0/+14
2019-04-24security: Move stackleak config to Kconfig.hardeningKees Cook1-0/+57
2019-04-24security: Create "kernel hardening" config areaKees Cook2-0/+95
2019-04-19Merge branch 'for-5.1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds1-1/+1
2019-04-18integrity: support EC-RDSA signatures for asymmetric_verifyVitaly Chikunov1-2/+9
2019-04-15Merge branch 'smack-for-5.2' of https://github.com/cschaufler/next-smack into...James Morris3-41/+28
2019-04-15selinux: Check address length before reading address familyTetsuo Handa1-1/+6
2019-04-10Revert "security: inode: fix a missing check for securityfs_create_file"James Morris1-5/+0
2019-04-10apparmorfs: fix use-after-free on symlink traversalAl Viro1-4/+9
2019-04-10securityfs: fix use-after-free on symlink traversalAl Viro1-4/+9
2019-04-10Yama: mark function as staticMukesh Ojha1-1/+1
2019-04-10security: inode: fix a missing check for securityfs_create_fileKangjie Lu1-0/+5
2019-04-10keys: safe concurrent user->{session,uid}_keyring accessJann Horn2-16/+20
2019-04-10security: don't use RCU accessors for cred->session_keyringJann Horn2-15/+6
2019-04-10Yama: mark local symbols as staticJann Horn1-3/+3
2019-04-10apparmor: Restore Y/N in /sys for apparmor's "enabled"Kees Cook1-1/+48
2019-04-08KEYS: trusted: fix -Wvarags warningndesaulniers@google.com1-2/+2
2019-04-08KEYS: trusted: allow trusted.ko to initialize w/o a TPMJarkko Sakkinen1-5/+23
2019-04-04kernfs: fix xattr name handling in LSM helpersOndrej Mosnacek1-5/+4
2019-04-03Smack: Fix IPv6 handling of 0 secmarkCasey Schaufler1-0/+2
2019-04-02Smack: Create smack_rule cache to optimize memory usageCasey Schaufler3-3/+11
2019-04-02smack: removal of global rule listVishal Goel1-38/+15
2019-03-29LSM: Revive CONFIG_DEFAULT_SECURITY_* for "make oldconfig"Kees Cook1-0/+38
2019-03-28Yama: mark local symbols as staticJann Horn1-4/+4
2019-03-27audit: link integrity evm_write_xattrs record to syscall eventRichard Guy Briggs1-5/+5
2019-03-25selinux: avoid uninitialized variable warningArnd Bergmann1-9/+5
2019-03-25selinux: remove useless assignmentsOndrej Mosnacek1-5/+2
2019-03-22selinux: Make selinux_kernfs_init_security staticYueHaibing1-2/+2
2019-03-20selinux: implement the kernfs_init_security hookOndrej Mosnacek1-0/+66
2019-03-20LSM: add new hook for kernfs node initializationOndrej Mosnacek1-0/+6
2019-03-20selinux: try security xattr after genfs for kernfs filesystemsOndrej Mosnacek2-73/+85
2019-03-20vfs: syscall: Add move_mount(2) to move mounts aroundDavid Howells1-0/+5
2019-03-19device_cgroup: fix RCU imbalance in error caseJann Horn1-1/+1
2019-03-18selinux: use kernel linux/socket.h for genheaders and mdpPaulo Alcantara1-0/+1
2019-03-18selinux: fix NULL dereference in policydb_destroy()Ondrej Mosnacek1-4/+9
2019-03-13Merge tag 'selinux-pr-20190312' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+7
2019-03-13Merge tag 'apparmor-pr-2019-03-12' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds2-0/+2
2019-03-12Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds5-25/+194
2019-03-12selinux: convert to kvmallocKent Overstreet6-144/+62
2019-03-12apparmor: fix double free when unpack of secmark rules failsJohn Johansen1-0/+1
2019-03-12apparmor: delete the dentry in aafs_remove() to avoid a leakChris Coulson1-0/+1
2019-03-11security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblockJ. Bruce Fields1-1/+4
2019-03-11selinux: add the missing walk_size + len check in selinux_sctp_bind_connectXin Long1-0/+3
2019-03-10Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmor...Linus Torvalds5-25/+90
2019-03-10Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds5-11/+40
2019-03-09Merge tag 'docs-5.1' of git://git.lwn.net/linuxLinus Torvalds1-1/+1
2019-03-07Merge tag 'audit-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds9-22/+12
2019-03-07Merge tag 'selinux-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-127/+176
2019-03-07Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds58-965/+2018
2019-03-04keys: fix missing __user in KEYCTL_PKEY_QUERYBen Dooks1-1/+1
2019-03-04get rid of legacy 'get_ds()' functionLinus Torvalds1-1/+1
2019-03-01LSM: Update list of SECURITYFS users in KconfigPetr Vorel1-2/+1
2019-02-28introduce cloning of fs_contextAl Viro3-0/+93
2019-02-28smack: Implement filesystem context security hooksDavid Howells2-15/+47
2019-02-28selinux: Implement the new mount API LSM hooksDavid Howells2-10/+49
2019-02-28vfs: Add LSM hooks for the new mount APIDavid Howells1-0/+5
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 08:13:08 +0000