aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2019-03-18selinux: fix NULL dereference in policydb_destroy()Ondrej Mosnacek1-4/+9
2019-03-13Merge tag 'selinux-pr-20190312' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+7
2019-03-13Merge tag 'apparmor-pr-2019-03-12' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds2-0/+2
2019-03-12Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds5-25/+194
2019-03-12selinux: convert to kvmallocKent Overstreet6-144/+62
2019-03-12apparmor: fix double free when unpack of secmark rules failsJohn Johansen1-0/+1
2019-03-12apparmor: delete the dentry in aafs_remove() to avoid a leakChris Coulson1-0/+1
2019-03-11security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblockJ. Bruce Fields1-1/+4
2019-03-11selinux: add the missing walk_size + len check in selinux_sctp_bind_connectXin Long1-0/+3
2019-03-10Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmor...Linus Torvalds5-25/+90
2019-03-10Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds5-11/+40
2019-03-09Merge tag 'docs-5.1' of git://git.lwn.net/linuxLinus Torvalds1-1/+1
2019-03-07Merge tag 'audit-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds9-22/+12
2019-03-07Merge tag 'selinux-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-127/+176
2019-03-07Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds58-965/+2018
2019-03-04keys: fix missing __user in KEYCTL_PKEY_QUERYBen Dooks1-1/+1
2019-03-04get rid of legacy 'get_ds()' functionLinus Torvalds1-1/+1
2019-03-01LSM: Update list of SECURITYFS users in KconfigPetr Vorel1-2/+1
2019-02-28introduce cloning of fs_contextAl Viro3-0/+93
2019-02-28smack: Implement filesystem context security hooksDavid Howells2-15/+47
2019-02-28selinux: Implement the new mount API LSM hooksDavid Howells2-10/+49
2019-02-28vfs: Add LSM hooks for the new mount APIDavid Howells1-0/+5
2019-02-25LSM: Ignore "security=" when "lsm=" is specifiedKees Cook1-2/+6
2019-02-25LSM: Update function documentation for cap_capableMicah Morton1-1/+1
2019-02-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds1-4/+6
2019-02-22KEYS: always initialize keyring_index_key::desc_lenEric Biggers4-6/+4
2019-02-22security: mark expected switch fall-throughs and add a missing breakGustavo A. R. Silva5-3/+8
2019-02-22doc: sctp: Merge and clean up rst filesKees Cook1-1/+1
2019-02-20missing barriers in some of unix_sock ->addr and ->path accessesAl Viro1-4/+6
2019-02-19tomoyo: Bump version.Tetsuo Handa2-8/+13
2019-02-15keys: Timestamp new keysDavid Howells1-0/+1
2019-02-15keys: Fix dependency loop between construction record and auth keyDavid Howells5-62/+41
2019-02-15KEYS: allow reaching the keys quotas exactlyEric Biggers1-2/+2
2019-02-14Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...James Morris5-11/+40
2019-02-13Merge tag 'tpmdd-next-20190213' of git://git.infradead.org/users/jjs/linux-tp...James Morris5-25/+90
2019-02-13tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()Roberto Sassu4-9/+64
2019-02-13KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()Roberto Sassu1-14/+24
2019-02-13tpm: retrieve digest size of unknown algorithms with PCR readRoberto Sassu1-5/+5
2019-02-12LSM: fix return value check in safesetid_init_securityfs()Wei Yongjun1-1/+1
2019-02-05selinux: fix avc audit messagesStephen Smalley1-3/+3
2019-02-04evm: Use defined constant for UUID representationAndy Shevchenko1-2/+1
2019-02-04ima: define ima_post_create_tmpfile() hook and add missing callMimi Zohar1-2/+33
2019-02-04evm: remove set but not used variable 'xattr'YueHaibing1-5/+1
2019-02-04encrypted-keys: fix Opt_err/Opt_error = -1Mimi Zohar1-2/+2
2019-02-04integrity, KEYS: add a reference to platform keyringKairui Song1-0/+3
2019-02-01apparmor: Fix aa_label_build() error handling for failed mergesJohn Johansen1-1/+4
2019-02-01apparmor: Fix warning about unused function apparmor_ipv6_postroutePetr Vorel1-0/+2
2019-01-31audit: remove unused actx param from audit_rule_matchRichard Guy Briggs8-22/+10
2019-01-30LSM: SafeSetID: remove unused includeMicah Morton1-1/+0
2019-01-29LSM: SafeSetID: 'depend' on CONFIG_SECURITYMicah Morton1-0/+2
2019-01-28selinux: replace BUG_ONs with WARN_ONs in avc.cOndrej Mosnacek1-2/+4
2019-01-28LSM: Add 'name' field for SafeSetID in DEFINE_LSMMicah Morton1-0/+1
2019-01-25selinux: log invalid contexts in AVCsOndrej Mosnacek3-5/+50
2019-01-25selinux: replace some BUG_ON()s with a WARN_ON()Ondrej Mosnacek1-2/+3
2019-01-25selinux: inline some AVC functions used only onceOndrej Mosnacek1-82/+58
2019-01-25LSM: add SafeSetID module that gates setid callsMicah Morton7-1/+526
2019-01-25audit: add support for fcaps v3Richard Guy Briggs1-0/+2
2019-01-24tomoyo: Allow multiple use_group lines.Tetsuo Handa3-22/+42
2019-01-24tomoyo: Coding style fix.Tetsuo Handa15-105/+309
2019-01-23tomoyo: Swicth from cred->security to task_struct->security.Tetsuo Handa5-122/+108
2019-01-22security: keys: annotate implicit fall throughsMathieu Malaterre1-0/+4
2019-01-22security: keys: annotate implicit fall throughsMathieu Malaterre1-0/+3
2019-01-22security: keys: annotate implicit fall throughMathieu Malaterre1-0/+1
2019-01-22apparmor: Adjust offset when accessing task blob.Tetsuo Handa1-1/+1
2019-01-22Merge tag 'v5.0-rc3' into next-generalJames Morris3-2/+12
2019-01-18LSM: Make some functions staticWei Yongjun1-3/+3
2019-01-18LSM: Make lsm_early_cred() and lsm_early_task() local functions.Tetsuo Handa5-22/+11
2019-01-17Merge branch 'fixes-v5.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds2-1/+10
2019-01-16LSM: Check for NULL cred-security on freeJames Morris1-0/+7
2019-01-16Yama: Check for pid death before checking ancestryKees Cook1-1/+3
2019-01-16Merge tag 'selinux-pr-20190115' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+2
2019-01-10selinux: do not override context on context mountsOndrej Mosnacek1-1/+8
2019-01-10selinux: never allow relabeling on context mountsOndrej Mosnacek1-9/+31
2019-01-10selinux: stop passing MAY_NOT_BLOCK to the AVC upon follow_linkStephen Smalley3-30/+4
2019-01-10selinux: avoid silent denials in permissive mode under RCU walkStephen Smalley3-3/+25
2019-01-10selinux: fix GPF on invalid policyStephen Smalley1-1/+2
2019-01-10LSM: generalize flag passing to security_capableMicah Morton9-39/+37
2019-01-08TOMOYO: Update LSM flags to no longer be exclusiveKees Cook1-1/+1
2019-01-08LSM: Infrastructure management of the ipc security blobCasey Schaufler5-121/+108
2019-01-08Smack: Abstract use of ipc security blobsCasey Schaufler2-5/+20
2019-01-08SELinux: Abstract use of ipc security blobsCasey Schaufler2-9/+22
2019-01-08LSM: Infrastructure management of the task securityCasey Schaufler3-27/+60
2019-01-08LSM: Infrastructure management of the inode securityCasey Schaufler5-98/+90
2019-01-08Smack: Abstract use of inode security blobCasey Schaufler2-18/+23
2019-01-08SELinux: Abstract use of inode security blobCasey Schaufler3-15/+21
2019-01-08LSM: Infrastructure management of the file securityCasey Schaufler7-51/+71
2019-01-08Smack: Abstract use of file security blobCasey Schaufler2-4/+13
2019-01-08SELinux: Abstract use of file security blobCasey Schaufler2-9/+14
2019-01-08Infrastructure management of the cred security blobCasey Schaufler10-102/+150
2019-01-08TOMOYO: Abstract use of cred security blobCasey Schaufler4-16/+64
2019-01-08AppArmor: Abstract use of cred security blobCasey Schaufler4-10/+24
2019-01-08SELinux: Remove unused selinux_is_enabledCasey Schaufler5-29/+1
2019-01-08SELinux: Remove cred security blob poisoningCasey Schaufler1-6/+0
2019-01-08SELinux: Abstract use of cred security blobCasey Schaufler3-29/+34
2019-01-08Smack: Abstract use of cred security blobCasey Schaufler4-43/+53
2019-01-08procfs: add smack subdir to attrsCasey Schaufler1-4/+20
2019-01-08capability: Initialize as LSM_ORDER_FIRSTKees Cook2-6/+8
2019-01-08LSM: Introduce enum lsm_orderKees Cook1-1/+8
2019-01-08Yama: Initialize as ordered LSMKees Cook3-3/+8
2019-01-08LoadPin: Initialize as ordered LSMKees Cook3-40/+8
2019-01-08LSM: Split LSM preparation from initializationKees Cook1-6/+15
2019-01-08LSM: Add all exclusive LSMs to ordered initializationCasey Schaufler1-25/+20
2019-01-08selinux: Remove SECURITY_SELINUX_BOOTPARAM_VALUEKees Cook2-19/+1
2019-01-08apparmor: Remove SECURITY_APPARMOR_BOOTPARAM_VALUEKees Cook2-17/+1
2019-01-08LSM: Separate idea of "major" LSM from "exclusive" LSMKees Cook5-4/+16
2019-01-08LSM: Refactor "security=" in terms of enable/disableKees Cook1-8/+20
2019-01-08LSM: Prepare for reorganizing "security=" logicKees Cook1-9/+8
2019-01-08LSM: Tie enabling logic to presence in ordered listKees Cook1-3/+11
2019-01-08LSM: Introduce "lsm=" for boottime LSM selectionKees Cook2-2/+15
2019-01-08LSM: Introduce CONFIG_LSMKees Cook2-5/+31
2019-01-08LSM: Build ordered list of LSMs to initializeKees Cook1-5/+53
2019-01-08LSM: Lift LSM selection out of individual LSMsKees Cook5-52/+71
2019-01-08LSM: Plumb visibility into optional "enabled" stateKees Cook2-2/+4
2019-01-08LSM: Provide separate ordered initializationKees Cook1-0/+21
2019-01-08LSM: Introduce LSM_FLAG_LEGACY_MAJORKees Cook4-0/+4
2019-01-05Merge branch 'mount.part1' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds6-741/+459
2019-01-03Remove 'type' argument from access_ok() functionLinus Torvalds1-1/+1
2019-01-02Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmor...Linus Torvalds1-2/+3
2019-01-02Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jm...Linus Torvalds1-3/+9
2019-01-02Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds11-92/+633
2019-01-01KEYS: fix parsing invalid pkey info stringEric Biggers1-0/+2
2018-12-29Merge tag 'kconfig-v4.21' of git://git.kernel.org/pub/scm/linux/kernel/git/ma...Linus Torvalds2-10/+10
2018-12-28Merge branch 'akpm' (patches from Andrew)Linus Torvalds1-1/+1
2018-12-28Merge tag 'libnvdimm-for-4.21' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds3-11/+21
2018-12-28mm: convert totalram_pages and totalhigh_pages variables to atomicArun KS1-1/+1
2018-12-27Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...Linus Torvalds4-7/+6
2018-12-27Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-2/+2
2018-12-27Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds29-39/+22
2018-12-27Merge tag 'selinux-pr-20181224' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds9-396/+625
2018-12-27Merge tag 'audit-pr-20181224' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-1/+1
2018-12-21smack: rewrite smack_sb_eat_lsm_opts()Al Viro1-85/+23
2018-12-21smack: get rid of match_token()Al Viro1-18/+38
2018-12-21smack: take the guts of smack_parse_opts_str() into a new helperAl Viro1-57/+57
2018-12-21LSM: new method: ->sb_add_mnt_opt()Al Viro3-30/+24
2018-12-21selinux: rewrite selinux_sb_eat_lsm_opts()Al Viro1-92/+54
2018-12-21selinux: regularize Opt_... names a bitAl Viro1-8/+8
2018-12-21selinux: switch away from match_token()Al Viro1-27/+55
2018-12-21selinux: new helper - selinux_add_opt()Al Viro1-73/+53
2018-12-21smack: switch to private smack_mnt_optsAl Viro1-102/+55
2018-12-21selinux: switch to private struct selinux_mnt_optsAl Viro1-161/+101
2018-12-21LSM: hide struct security_mnt_opts from any generic codeAl Viro3-32/+85
2018-12-21selinux: kill selinux_sb_get_mnt_opts()Al Viro1-147/+51
2018-12-21LSM: turn sb_eat_lsm_opts() into a methodAl Viro3-12/+31
2018-12-21btrfs: sanitize security_mnt_opts useAl Viro1-0/+1
2018-12-21selinux; don't open-code a loop in sb_finish_set_opts()Al Viro1-4/+2
2018-12-21LSM: split ->sb_set_mnt_opts() out of ->sb_kern_mount()Al Viro3-27/+3
2018-12-21new helper: security_sb_eat_lsm_opts()Al Viro1-3/+12
2018-12-21LSM: lift extracting and parsing LSM options into the caller of ->sb_remount()Al Viro2-37/+15
2018-12-21LSM: lift parsing LSM options into the caller of ->sb_kern_mount()Al Viro3-43/+9
2018-12-21smack: make smack_parse_opts_str() clean up on failureAl Viro1-0/+1
2018-12-22treewide: surround Kconfig file paths with double quotesMasahiro Yamada2-10/+10
2018-12-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller3-7/+7
2018-12-20security: integrity: partial revert of make ima_main explicitly non-modularPaul Gortmaker1-1/+1
2018-12-20selinux: expand superblock_doinit() callsAl Viro1-30/+24
2018-12-20vfs: Suppress MS_* flag defs within the kernel unless explicitly enabledDavid Howells4-0/+4
2018-12-19net: use skb_sec_path helper in more placesFlorian Westphal1-2/+2
2018-12-17ima: cleanup the match_token policy codeMimi Zohar1-5/+5
2018-12-17security: don't use a negative Opt_err token indexLinus Torvalds2-2/+2
2018-12-17integrity: Remove references to module keyringThiago Jung Bauermann2-4/+2
2018-12-17Merge tag 'tpmdd-next-20181217' of git://git.infradead.org/users/jjs/linux-tp...James Morris1-2/+3
2018-12-17Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...James Morris11-91/+634
2018-12-17Merge tag 'v4.20-rc7' into next-generalJames Morris4-4/+23
2018-12-13Merge branch 'smack-for-4.21-a' of https://github.com/cschaufler/next-smack i...James Morris1-3/+9
2018-12-13keys-encrypted: add nvdimm key format type to encrypted keysDave Jiang1-9/+20
2018-12-13keys: Export lookup_user_key to external usersDave Jiang2-2/+1
2018-12-12ima: Use inode_is_open_for_writeNikolay Borisov1-1/+1
2018-12-12ima: Support platform keyring for kernel appraisalNayna Jain1-2/+12
2018-12-12efi: Allow the "db" UEFI variable to be suppressedJosh Boyer1-10/+35
2018-12-12efi: Import certificates from UEFI Secure BootJosh Boyer2-1/+173
2018-12-12efi: Add an EFI signature blob parserDave Howells2-1/+110
2018-12-12integrity: Load certs to the platform keyringNayna Jain3-24/+86
2018-12-12integrity: Define a trusted platform keyringNayna Jain5-16/+81
2018-12-12security: fs: make inode explicitly non-modularPaul Gortmaker1-4/+2
2018-12-12security: audit and remove any unnecessary uses of module.hPaul Gortmaker24-24/+14
2018-12-12security: integrity: make evm_main explicitly non-modularPaul Gortmaker1-4/+1
2018-12-12keys: remove needless modular infrastructure from ecryptfs_formatPaul Gortmaker1-3/+2
2018-12-12security: integrity: make ima_main explicitly non-modularPaul Gortmaker1-4/+3
2018-12-11ima: don't measure/appraise files on efivarfsMimi Zohar1-1/+3
2018-12-11x86/ima: define arch_get_ima_policy() for x86Eric Richter1-1/+9
2018-12-11ima: add support for arch specific policiesNayna Jain1-2/+70
2018-12-11ima: refactor ima_init_policy()Nayna Jain1-41/+56
2018-12-11ima: prevent kexec_load syscall based on runtime secureboot flagNayna Jain1-6/+13
2018-12-05selinux: overhaul sidtab to fix bug and improve performanceOndrej Mosnacek5-324/+468
2018-12-05selinux: use separate table for initial SID lookupOndrej Mosnacek5-110/+173
2018-12-03smack: fix access permissions for keyringZoran Markovic1-3/+9
2018-11-29Merge tag 'selinux-pr-20181129' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+12
2018-11-29selinux: add support for RTM_NEWCHAIN, RTM_DELCHAIN, and RTM_GETCHAINPaul Moore1-1/+12
2018-11-26audit: use current whenever possiblePaul Moore1-1/+1
2018-11-26selinux: make "selinux_policycap_names[]" const char *Alexey Dobriyan2-2/+2
2018-11-26selinux: always allow mounting submountsOndrej Mosnacek1-1/+1
2018-11-20selinux: refactor sidtab conversionOndrej Mosnacek3-41/+42
2018-11-20crypto: drop mask=CRYPTO_ALG_ASYNC from 'shash' tfm allocationsEric Biggers4-7/+6
2018-11-15Merge tag 'selinux-pr-20181115' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2-3/+10
2018-11-14apparmor: Fix warning about unused function apparmor_ipv6_postroutePetr Vorel1-0/+2
2018-11-13selinux: fix non-MLS handling in mls_context_to_sid()Paul Moore1-3/+7
2018-11-13integrity: support new struct public_key_signature encoding fieldMimi Zohar1-0/+1
2018-11-13selinux: check length properly in SCTP bind hookOndrej Mosnacek1-0/+3
2018-11-13integrity: support new struct public_key_signature encoding fieldMimi Zohar1-0/+1
2018-11-13tpm: use u32 instead of int for PCR indexTomas Winkler1-2/+3
2018-11-12Merge tag 'v4.20-rc2' into next-generalJames Morris39-326/+880
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 23:04:38 +0000