aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2014-10-29Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/zoh...James Morris3-3/+9
2014-10-28evm: check xattr value length and type in evm_inode_setxattr()Dmitry Kasatkin1-3/+6
2014-10-28ima: check xattr value length and type in the ima_inode_setxattr()Dmitry Kasatkin2-0/+3
2014-10-16Merge branch 'stable-3.18' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-1/+1
2014-10-15selinux: fix inode security list corruptionStephen Smalley1-1/+1
2014-10-14security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.cBehan Webster1-28/+19
2014-10-12Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds37-593/+912
2014-10-11Merge tag 'locks-v3.18-1' of git://git.samba.org/jlayton/linuxLinus Torvalds4-9/+6
2014-10-07Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jik...Linus Torvalds1-1/+1
2014-10-07Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-2/+2
2014-10-06integrity: do zero padding of the key idDmitry Kasatkin1-1/+1
2014-10-02Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris6-47/+94
2014-10-01Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris5-83/+115
2014-09-22selinux: normalize audit log formattingRichard Guy Briggs1-6/+8
2014-09-22selinux: cleanup error reporting in selinux_nlmsg_perm()Richard Guy Briggs1-4/+3
2014-09-22Merge tag 'keys-next-20140922' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris12-71/+82
2014-09-18ima: detect violations for mmaped filesRoberto Sassu2-9/+5
2014-09-18ima: fix race condition on ima_rdwr_violation_check and process_measurementRoberto Sassu1-21/+33
2014-09-18Merge branch 'smack-for-3.18' of git://git.gitorious.org/smack-next/kernel in...James Morris5-274/+520
2014-09-17ima: added ima_policy_flag variableRoberto Sassu4-5/+34
2014-09-17ima: return an error code from ima_add_boot_aggregate()Roberto Sassu1-6/+15
2014-09-17ima: provide 'ima_appraise=log' kernel optionDmitry Kasatkin2-2/+5
2014-09-17ima: move keyring initialization to ima_init()Dmitry Kasatkin2-8/+6
2014-09-16KEYS: Make the key matching functions return boolDavid Howells3-8/+8
2014-09-16KEYS: Remove key_type::match in favour of overriding default by match_preparseDavid Howells9-23/+15
2014-09-16KEYS: Remove key_type::def_lookup_typeDavid Howells3-9/+5
2014-09-16KEYS: Preparse match dataDavid Howells7-44/+65
2014-09-16Merge tag 'keys-next-fixes-20140916' into keys-nextDavid Howells1-2/+2
2014-09-16Merge tag 'keys-fixes-20140916' into keys-nextDavid Howells1-0/+2
2014-09-16KEYS: Reinstate EPERM for a key type name beginning with a '.'David Howells1-0/+2
2014-09-16KEYS: Fix missing staticsDavid Howells1-2/+2
2014-09-10selinux: make the netif cache namespace awarePaul Moore4-36/+46
2014-09-09security: make security_file_set_fowner, f_setown and __f_setown void returnJeff Layton4-9/+6
2014-09-09integrity: make integrity files as 'integrity' moduleDmitry Kasatkin1-3/+3
2014-09-09integrity: base integrity subsystem kconfig options on integrityDmitry Kasatkin3-14/+18
2014-09-09integrity: move asymmetric keys config optionDmitry Kasatkin1-12/+12
2014-09-09ima: initialize only required templateDmitry Kasatkin1-24/+4
2014-09-09ima: remove usage of filename parameterDmitry Kasatkin2-14/+10
2014-09-09ima: remove unnecessary appraisal testDmitry Kasatkin1-2/+0
2014-09-09ima: add missing '__init' keywordsDmitry Kasatkin3-5/+3
2014-09-09ima: remove unnecessary extra variableDmitry Kasatkin1-4/+5
2014-09-09ima: simplify conditional statement to improve performanceDmitry Kasatkin1-4/+2
2014-09-09integrity: remove declaration of non-existing functionsDmitry Kasatkin2-10/+0
2014-09-09integrity: prevent flooding with 'Request for unknown key'Dmitry Kasatkin1-2/+3
2014-09-09ima: pass 'opened' flag to identify newly created filesDmitry Kasatkin3-12/+12
2014-09-09evm: properly handle INTEGRITY_NOXATTRS EVM statusDmitry Kasatkin1-0/+7
2014-09-09Documentation: Docbook: Fix generated DocBook/kernel-api.xmlMasanari Iida1-1/+1
2014-09-08selinux: register nf hooks with single nf_register_hooks callJiri Pirko1-25/+10
2014-09-08ima: provide flag to identify new empty filesDmitry Kasatkin3-7/+13
2014-09-08evm: prevent passing integrity check if xattr read failsDmitry Kasatkin1-3/+4
2014-09-03selinux: fix a problem with IPv6 traffic denials in selinux_ip_postroute()Paul Moore1-0/+1
2014-09-03KEYS: Increase root_maxkeys and root_maxbytes sizesSteve Dickson1-2/+2
2014-09-02evm: fix checkpatch warningsDmitry Kasatkin1-3/+0
2014-09-02ima: fix fallback to use new_sync_read()Dmitry Kasatkin1-4/+4
2014-09-02ima: prevent buffer overflow in ima_alloc_tfm()Dmitry Kasatkin1-1/+4
2014-09-02ima: fix ima_alloc_atfm()Mimi Zohar1-1/+4
2014-08-29Make Smack operate on smack_known struct where it still used char*Lukasz Pawelczyk4-255/+233
2014-08-29Fix a bidirectional UDS connect check typoLukasz Pawelczyk1-2/+2
2014-08-29Small fixes in comments describing function parametersLukasz Pawelczyk1-9/+9
2014-08-28Smack: Bring-up access modeCasey Schaufler5-27/+294
2014-08-28selinux: Permit bounded transitions under NO_NEW_PRIVS or NOSUID.Stephen Smalley1-12/+47
2014-08-27module: rename KERNEL_PARAM_FL_NOARG to avoid confusionJani Nikula1-2/+2
2014-08-26tomoyo: Fix pathname calculation breakage.Tetsuo Handa1-2/+3
2014-08-25Smack: Fix setting label on successful file openMarcin Niesluchowski1-1/+3
2014-08-09Merge branch 'stable-3.17' of git://git.infradead.org/users/pcmoore/selinuxLinus Torvalds3-6/+4
2014-08-08Smack: remove unneeded NULL-termination from securtity labelKonstantin Khlebnikov1-3/+3
2014-08-08Smack: handle zero-length security labels without panicKonstantin Khlebnikov2-3/+3
2014-08-08Smack: fix behavior of smack_inode_listsecurityKonstantin Khlebnikov1-5/+4
2014-08-07selinux: remove unused variabled in the netport, netnode, and netif cachesPaul Moore3-6/+4
2014-08-06Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds34-377/+781
2014-08-05Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2-8/+4
2014-08-05Merge tag 'v3.16' into nextPaul Moore27-175/+490
2014-08-04Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds2-31/+3
2014-08-02Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris5-102/+70
2014-08-01netlabel: shorter names for the NetLabel catmap funcs/structsPaul Moore5-26/+26
2014-08-01netlabel: fix the horribly broken catmap functionsPaul Moore2-82/+50
2014-08-01netlabel: fix a problem when setting bits below the previously lowest bitPaul Moore1-1/+1
2014-07-30Merge branch 'stable-3.16' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-11/+2
2014-07-28Revert "selinux: fix the default socket labeling in sock_graft()"Paul Moore1-11/+2
2014-07-28KEYS: revert encrypted key changeMimi Zohar1-1/+1
2014-07-25ima: add support for measuring and appraising firmwareMimi Zohar6-4/+41
2014-07-25security: introduce kernel_fw_from_file hookKees Cook2-0/+12
2014-07-24CAPABILITIES: remove undefined caps from all processesEric Paris1-0/+3
2014-07-24Merge tag 'keys-next-20140722' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris12-57/+209
2014-07-24commoncap: don't alloc the credential unless needed in cap_task_prctlTetsuo Handa1-42/+30
2014-07-22Merge branch 'keys-fixes' into keys-nextDavid Howells1-1/+14
2014-07-22Merge remote-tracking branch 'integrity/next-with-keys' into keys-nextDavid Howells6-4/+67
2014-07-22KEYS: request_key_auth: Provide key preparsingDavid Howells1-0/+13
2014-07-22KEYS: keyring: Provide key preparsingDavid Howells1-11/+23
2014-07-22KEYS: big_key: Use key preparsingDavid Howells1-16/+25
2014-07-22KEYS: user: Use key preparsingDavid Howells1-19/+22
2014-07-22KEYS: Call ->free_preparse() even after ->preparse() returns an errorDavid Howells1-5/+4
2014-07-22KEYS: Allow expiry time to be set when preparsing a keyDavid Howells1-0/+8
2014-07-22KEYS: struct key_preparsed_payload should have two payload pointersDavid Howells2-3/+5
2014-07-19Merge tag 'seccomp-3.17' of git://git.kernel.org/pub/scm/linux/kernel/git/kee...James Morris1-2/+2
2014-07-19Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris11-160/+101
2014-07-18sched: move no_new_privs into new atomic flagsKees Cook1-2/+2
2014-07-18KEYS: Provide a generic instantiation functionDavid Howells1-0/+30
2014-07-17KEYS: Allow special keys (eg. DNS results) to be invalidated by CAP_SYS_ADMINDavid Howells1-1/+14
2014-07-17ima: define '.ima' as a builtin 'trusted' keyringMimi Zohar5-2/+63
2014-07-17KEYS: special dot prefixed keyring name bug fixMimi Zohar1-2/+4
2014-07-17ima: provide double buffering for hash calculationDmitry Kasatkin1-16/+49
2014-07-17ima: introduce multi-page collect buffersDmitry Kasatkin1-2/+96
2014-07-17ima: use ahash API for file hash calculationDmitry Kasatkin1-4/+183
2014-07-17audit: fix dangling keywords in integrity ima message outputRichard Guy Briggs2-4/+4
2014-07-17ima: delay template descriptor lookup until useDmitry Kasatkin1-1/+2
2014-07-17ima: remove unnecessary i_mutex locking from ima_rdwr_violation_check()Dmitry Kasatkin1-4/+0
2014-07-16Merge tag 'v3.16-rc5' into timers/coreThomas Gleixner31-182/+510
2014-07-17Merge branch 'stable-3.16' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-2/+11
2014-07-16sched: Remove proliferation of wait_on_bit() action functionsNeilBrown2-31/+3
2014-07-15cgroup: rename cgroup_subsys->base_cftypes to ->legacy_cftypesTejun Heo1-1/+1
2014-07-10selinux: fix the default socket labeling in sock_graft()Paul Moore1-2/+11
2014-06-26selinux: reduce the number of calls to synchronize_net() when flushing cachesPaul Moore7-42/+23
2014-06-23selinux: no recursive read_lock of policy_rwlock in security_genfs_sid()Waiman Long1-9/+32
2014-06-19selinux: fix a possible memory leak in cond_read_node()Namhyung Kim1-1/+1
2014-06-19selinux: simple cleanup for cond_read_node()Namhyung Kim1-7/+2
2014-06-18security: Used macros from compiler.h instead of __attribute__((...))Gideon Israel Dsouza1-1/+2
2014-06-18selinux: introduce str_read() helperNamhyung Kim1-96/+37
2014-06-17SELinux: use ARRAY_SIZEHimangi Saraogi1-4/+4
2014-06-17Merge tag 'v3.15' into nextPaul Moore34-235/+376
2014-06-13Merge branch 'serge-next-2' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds7-28/+114
2014-06-12ima: introduce ima_kernel_read()Dmitry Kasatkin1-1/+31
2014-06-12evm: prohibit userspace writing 'security.evm' HMAC valueMimi Zohar1-2/+10
2014-06-12ima: check inode integrity cache in violation checkDmitry Kasatkin1-2/+7
2014-06-12ima: prevent unnecessary policy checkingDmitry Kasatkin1-9/+4
2014-06-12evm: provide option to protect additional SMACK xattrsDmitry Kasatkin2-0/+22
2014-06-12evm: replace HMAC version with attribute maskDmitry Kasatkin4-11/+33
2014-06-12ima: prevent new digsig xattr from being replacedMimi Zohar1-3/+7
2014-06-12Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-1/+1
2014-06-12tomoyo: Use sensible time interfaceThomas Gleixner2-8/+4
2014-06-10Merge branch 'serge-next-1' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds23-133/+382
2014-06-09Merge branch 'for-3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c...Linus Torvalds1-20/+13
2014-06-03ima: audit log files opened with O_DIRECT flagMimi Zohar4-3/+19
2014-06-03selinux: conditionally reschedule in hashtab_insert while loading selinux policyDave Jones1-0/+3
2014-06-03selinux: conditionally reschedule in mls_convert_context while loading selinu...Dave Jones1-0/+2
2014-06-03selinux: reject setexeccon() on MNT_NOSUID applications with -EACCESPaul Moore1-2/+4
2014-06-03selinux: Report permissive mode in avc: denied messages.Stephen Smalley3-5/+11
2014-05-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller3-58/+159
2014-05-20Merge branch 'smack-for-3.16' of git://git.gitorious.org/smack-next/kernel in...James Morris4-73/+297
2014-05-16device_cgroup: use css_has_online_children() instead of has_children()Tejun Heo1-17/+2
2014-05-16device_cgroup: remove direct access to cgroup->childrenTejun Heo1-2/+10
2014-05-16cgroup: remove css_parent()Tejun Heo1-4/+4
2014-05-15selinux: conditionally reschedule in hashtab_insert while loading selinux policyDave Jones1-0/+3
2014-05-15selinux: conditionally reschedule in mls_convert_context while loading selinu...Dave Jones1-0/+2
2014-05-15selinux: reject setexeccon() on MNT_NOSUID applications with -EACCESPaul Moore1-2/+4
2014-05-13cgroup: replace cftype->write_string() with cftype->write()Tejun Heo1-7/+7
2014-05-13Merge branch 'for-3.15-fixes' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-43/+159
2014-05-12Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-3/+3
2014-05-06Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds2-15/+0
2014-05-06Warning in scanf string typingToralf Förster1-1/+1
2014-05-06nick kvfree() from apparmorAl Viro2-15/+0
2014-05-05device_cgroup: check if exception removal is allowedAristeu Rozanski1-3/+38
2014-05-04device_cgroup: fix the comment format for recently added functionsAristeu Rozanski1-17/+16
2014-05-01selinux: Report permissive mode in avc: denied messages.Stephen Smalley3-5/+11
2014-04-30Smack: Label cgroup files for systemdCasey Schaufler1-12/+18
2014-04-23Smack: Verify read access on file open - v3Casey Schaufler1-3/+16
2014-04-22audit: add netlink audit protocol bind to check capabilities on multicast joinRichard Guy Briggs1-1/+1
2014-04-22locks: rename file-private locks to "open file description locks"Jeff Layton1-3/+3
2014-04-21device_cgroup: rework device access check and exception checkingAristeu Rozanski1-40/+122
2014-04-15security: Convert use of typedef ctl_table to struct ctl_tableJoe Perches1-1/+1
2014-04-14Merge tag 'keys-20140314' of git://git.kernel.org/pub/scm/linux/kernel/git/dh...James Morris11-49/+45
2014-04-14Merge commit 'v3.14' into nextJames Morris15-53/+93
2014-04-12Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds3-4/+4
2014-04-12Merge git://git.infradead.org/users/eparis/auditLinus Torvalds2-5/+8
2014-04-11Smack: bidirectional UDS connect checkCasey Schaufler2-23/+27
2014-04-11Smack: Correctly remove SMACK64TRANSMUTE attributeCasey Schaufler1-6/+19
2014-04-11SMACK: Fix handling value==NULL in post setxattrJosé Bollo1-1/+3
2014-04-11bugfix patch for SMACKPankaj Kumar1-2/+2
2014-04-11Smack: adds smackfs/ptrace interfaceLukasz Pawelczyk4-2/+108
2014-04-11Smack: unify all ptrace accesses in the smackLukasz Pawelczyk1-13/+71
2014-04-11Smack: fix the subject/object order in smack_ptrace_traceme()Lukasz Pawelczyk3-9/+29
2014-04-11Minor improvement of 'smack_sb_kern_mount'José Bollo1-3/+5
2014-04-04Merge branch 'locks-3.15' of git://git.samba.org/jlayton/linuxLinus Torvalds1-0/+3
2014-04-04Merge branch 'cross-rename' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-2/+20
2014-04-03Merge branch 'for-3.15' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c...Linus Torvalds1-8/+4
2014-04-03Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds26-175/+208
2014-04-02Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-2/+3
2014-04-01get rid of pointless checks for NULL ->i_opAl Viro3-4/+4
2014-04-01vfs: add cross-renameMiklos Szeredi1-0/+16
2014-04-01security: add flags to rename hooksMiklos Szeredi1-2/+4
2014-03-31Merge branch 'compat' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/l...Linus Torvalds1-2/+2
2014-03-31Merge tag 'v3.14' into nextPaul Moore17-158/+260
2014-03-31locks: add new fcntl cmd values for handling file private locksJeff Layton1-0/+3
2014-03-25Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller8-29/+46
2014-03-20audit: anchor all pid references in the initial pid namespaceRichard Guy Briggs2-5/+8
2014-03-19selinux: correctly label /proc inodes in use before the policy is loadedPaul Moore1-9/+27
2014-03-19selinux: put the mmap() DAC controls before the MAC controlsPaul Moore1-12/+8
2014-03-19cgroup: drop const from @buffer of cftype->write_string()Tejun Heo1-2/+2
2014-03-18Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klasse...David S. Miller8-29/+46
2014-03-14Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-1/+5
2014-03-14smack: fix key permission verificationDmitry Kasatkin1-1/+6
2014-03-14KEYS: Move the flags representing required permission to linux/key.hDavid Howells11-48/+39
2014-03-12Merge branch 'next-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/zo...James Morris18-134/+153
2014-03-10selinux: add gfp argument to security_xfrm_policy_alloc and fix callersNikolay Aleksandrov8-29/+46
2014-03-09KEYS: Make the keyring cycle detector ignore other keyrings of the same nameDavid Howells1-1/+5
2014-03-07evm: enable key retention service automaticallyDmitry Kasatkin1-2/+3
2014-03-07ima: skip memory allocation for empty filesDmitry Kasatkin1-8/+12
2014-03-07evm: EVM does not use MD5Dmitry Kasatkin1-1/+0
2014-03-07ima: return d_name.name if d_path failsDmitry Kasatkin2-7/+2
2014-03-07integrity: fix checkpatch errorsDmitry Kasatkin11-70/+69
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-16 11:51:08 +0000