aboutsummaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2015-01-05KEYS: close race between key lookup and freeingSasha Levin1-2/+2
2014-12-16KEYS: remove a bogus NULL checkDan Carpenter1-6/+4
2014-12-16Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris2-2/+5
2014-12-14Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds15-133/+326
2014-12-10Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds6-13/+13
2014-12-08Merge branch 'iov_iter' into for-nextAl Viro4-6/+13
2014-12-06ima: Fix build failure on powerpc when TCG_IBMVTPM dependencies are not metMichael Ellerman1-1/+1
2014-12-06KEYS: Fix stale key registration at error pathTakashi Iwai1-1/+4
2014-12-05Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris1-6/+5
2014-12-01KEYS: request_key() should reget expired keys rather than give EKEYEXPIREDDavid Howells3-2/+5
2014-12-01KEYS: Simplify KEYRING_SEARCH_{NO,DO}_STATE_CHECK flagsDavid Howells3-3/+6
2014-12-01KEYS: Fix the size of the key description passed to/from userspaceDavid Howells1-30/+26
2014-12-01selinux: Remove security_ops externYao Dongdong1-2/+0
2014-11-27Merge branch 'smack-for-3.19' of git://git.gitorious.org/smack-next/kernel in...James Morris2-12/+18
2014-11-21security: smack: fix out-of-bounds access in smk_parse_smack()Andrey Ryabinin1-4/+3
2014-11-19kill f_dentry usesAl Viro4-6/+6
2014-11-19assorted conversions to %p[dD]Al Viro1-4/+4
2014-11-19Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris12-119/+308
2014-11-19Merge commit 'v3.17' into nextJames Morris10-50/+17
2014-11-17VFS: refactor vfs_read()Dmitry Kasatkin1-7/+3
2014-11-17ima: require signature based appraisalDmitry Kasatkin2-0/+13
2014-11-17integrity: provide a hook to load keys when rootfs is readyDmitry Kasatkin1-0/+11
2014-11-17ima: load x509 certificate from the kernelDmitry Kasatkin4-2/+44
2014-11-17integrity: provide a function to load x509 certificate from the kernelDmitry Kasatkin2-1/+37
2014-11-17integrity: define a new function integrity_read_file()Dmitry Kasatkin3-32/+85
2014-11-13Merge branch 'stable-3.18' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-3/+4
2014-11-12selinux: convert WARN_ONCE() to printk() in selinux_nlmsg_perm()Richard Guy Briggs1-3/+4
2014-11-03move d_rcu from overlapping d_child to overlapping d_aliasAl Viro1-3/+3
2014-10-31Security: smack: replace kzalloc with kmem_cache for inode_smackRohit1-3/+10
2014-10-29Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/zoh...James Morris3-3/+9
2014-10-28Smack: Lock mode for the floor and hat labelsCasey Schaufler1-5/+5
2014-10-28evm: check xattr value length and type in evm_inode_setxattr()Dmitry Kasatkin1-3/+6
2014-10-28ima: check xattr value length and type in the ima_inode_setxattr()Dmitry Kasatkin2-0/+3
2014-10-16Merge branch 'stable-3.18' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-1/+1
2014-10-15selinux: fix inode security list corruptionStephen Smalley1-1/+1
2014-10-14security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.cBehan Webster1-28/+19
2014-10-13ima: added support for new kernel cmdline parameter ima_template_fmtRoberto Sassu1-5/+34
2014-10-13ima: allocate field pointers array on demand in template_desc_init_fields()Roberto Sassu1-21/+13
2014-10-13ima: don't allocate a copy of template_fmt in template_desc_init_fields()Roberto Sassu1-13/+17
2014-10-13ima: display template format in meas. list if template name length is zeroRoberto Sassu2-5/+15
2014-10-13ima: added error messages to template-related functionsRoberto Sassu1-5/+17
2014-10-12Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds37-593/+912
2014-10-11ima: use atomic bit operations to protect policy update interfaceDmitry Kasatkin2-28/+18
2014-10-11ima: ignore empty and with whitespaces policy linesDmitry Kasatkin1-1/+2
2014-10-11ima: no need to allocate entry for commentDmitry Kasatkin1-8/+6
2014-10-11ima: report policy load statusDmitry Kasatkin1-0/+2
2014-10-11Merge tag 'locks-v3.18-1' of git://git.samba.org/jlayton/linuxLinus Torvalds4-9/+6
2014-10-07Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jik...Linus Torvalds1-1/+1
2014-10-07Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-2/+2
2014-10-07ima: use path names cacheDmitry Kasatkin2-3/+4
2014-10-07evm: skip replacing EVM signature with HMAC on read-only filesystemDmitry Kasatkin1-3/+8
2014-10-07integrity: add missing '__init' keyword for integrity_init_keyring()Dmitry Kasatkin2-2/+2
2014-10-07ima: check ima_policy_flag in the ima_file_free() hookDmitry Kasatkin3-7/+1
2014-10-06integrity: do zero padding of the key idDmitry Kasatkin1-1/+1
2014-10-02Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris6-47/+94
2014-10-01Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris5-83/+115
2014-09-22selinux: normalize audit log formattingRichard Guy Briggs1-6/+8
2014-09-22selinux: cleanup error reporting in selinux_nlmsg_perm()Richard Guy Briggs1-4/+3
2014-09-22Merge tag 'keys-next-20140922' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris12-71/+82
2014-09-18ima: detect violations for mmaped filesRoberto Sassu2-9/+5
2014-09-18ima: fix race condition on ima_rdwr_violation_check and process_measurementRoberto Sassu1-21/+33
2014-09-18Merge branch 'smack-for-3.18' of git://git.gitorious.org/smack-next/kernel in...James Morris5-274/+520
2014-09-17ima: added ima_policy_flag variableRoberto Sassu4-5/+34
2014-09-17ima: return an error code from ima_add_boot_aggregate()Roberto Sassu1-6/+15
2014-09-17ima: provide 'ima_appraise=log' kernel optionDmitry Kasatkin2-2/+5
2014-09-17ima: move keyring initialization to ima_init()Dmitry Kasatkin2-8/+6
2014-09-16KEYS: Make the key matching functions return boolDavid Howells3-8/+8
2014-09-16KEYS: Remove key_type::match in favour of overriding default by match_preparseDavid Howells9-23/+15
2014-09-16KEYS: Remove key_type::def_lookup_typeDavid Howells3-9/+5
2014-09-16KEYS: Preparse match dataDavid Howells7-44/+65
2014-09-16Merge tag 'keys-next-fixes-20140916' into keys-nextDavid Howells1-2/+2
2014-09-16Merge tag 'keys-fixes-20140916' into keys-nextDavid Howells1-0/+2
2014-09-16KEYS: Reinstate EPERM for a key type name beginning with a '.'David Howells1-0/+2
2014-09-16KEYS: Fix missing staticsDavid Howells1-2/+2
2014-09-10selinux: make the netif cache namespace awarePaul Moore4-36/+46
2014-09-09security: make security_file_set_fowner, f_setown and __f_setown void returnJeff Layton4-9/+6
2014-09-09integrity: make integrity files as 'integrity' moduleDmitry Kasatkin1-3/+3
2014-09-09integrity: base integrity subsystem kconfig options on integrityDmitry Kasatkin3-14/+18
2014-09-09integrity: move asymmetric keys config optionDmitry Kasatkin1-12/+12
2014-09-09ima: initialize only required templateDmitry Kasatkin1-24/+4
2014-09-09ima: remove usage of filename parameterDmitry Kasatkin2-14/+10
2014-09-09ima: remove unnecessary appraisal testDmitry Kasatkin1-2/+0
2014-09-09ima: add missing '__init' keywordsDmitry Kasatkin3-5/+3
2014-09-09ima: remove unnecessary extra variableDmitry Kasatkin1-4/+5
2014-09-09ima: simplify conditional statement to improve performanceDmitry Kasatkin1-4/+2
2014-09-09integrity: remove declaration of non-existing functionsDmitry Kasatkin2-10/+0
2014-09-09integrity: prevent flooding with 'Request for unknown key'Dmitry Kasatkin1-2/+3
2014-09-09ima: pass 'opened' flag to identify newly created filesDmitry Kasatkin3-12/+12
2014-09-09evm: properly handle INTEGRITY_NOXATTRS EVM statusDmitry Kasatkin1-0/+7
2014-09-09Documentation: Docbook: Fix generated DocBook/kernel-api.xmlMasanari Iida1-1/+1
2014-09-08selinux: register nf hooks with single nf_register_hooks callJiri Pirko1-25/+10
2014-09-08ima: provide flag to identify new empty filesDmitry Kasatkin3-7/+13
2014-09-08evm: prevent passing integrity check if xattr read failsDmitry Kasatkin1-3/+4
2014-09-03selinux: fix a problem with IPv6 traffic denials in selinux_ip_postroute()Paul Moore1-0/+1
2014-09-03KEYS: Increase root_maxkeys and root_maxbytes sizesSteve Dickson1-2/+2
2014-09-02evm: fix checkpatch warningsDmitry Kasatkin1-3/+0
2014-09-02ima: fix fallback to use new_sync_read()Dmitry Kasatkin1-4/+4
2014-09-02ima: prevent buffer overflow in ima_alloc_tfm()Dmitry Kasatkin1-1/+4
2014-09-02ima: fix ima_alloc_atfm()Mimi Zohar1-1/+4
2014-08-29Make Smack operate on smack_known struct where it still used char*Lukasz Pawelczyk4-255/+233
2014-08-29Fix a bidirectional UDS connect check typoLukasz Pawelczyk1-2/+2
2014-08-29Small fixes in comments describing function parametersLukasz Pawelczyk1-9/+9
2014-08-28Smack: Bring-up access modeCasey Schaufler5-27/+294
2014-08-28selinux: Permit bounded transitions under NO_NEW_PRIVS or NOSUID.Stephen Smalley1-12/+47
2014-08-27module: rename KERNEL_PARAM_FL_NOARG to avoid confusionJani Nikula1-2/+2
2014-08-26tomoyo: Fix pathname calculation breakage.Tetsuo Handa1-2/+3
2014-08-25Smack: Fix setting label on successful file openMarcin Niesluchowski1-1/+3
2014-08-09Merge branch 'stable-3.17' of git://git.infradead.org/users/pcmoore/selinuxLinus Torvalds3-6/+4
2014-08-08Smack: remove unneeded NULL-termination from securtity labelKonstantin Khlebnikov1-3/+3
2014-08-08Smack: handle zero-length security labels without panicKonstantin Khlebnikov2-3/+3
2014-08-08Smack: fix behavior of smack_inode_listsecurityKonstantin Khlebnikov1-5/+4
2014-08-07selinux: remove unused variabled in the netport, netnode, and netif cachesPaul Moore3-6/+4
2014-08-06Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds34-377/+781
2014-08-05Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2-8/+4
2014-08-05Merge tag 'v3.16' into nextPaul Moore27-175/+490
2014-08-04Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds2-31/+3
2014-08-02Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris5-102/+70
2014-08-01netlabel: shorter names for the NetLabel catmap funcs/structsPaul Moore5-26/+26
2014-08-01netlabel: fix the horribly broken catmap functionsPaul Moore2-82/+50
2014-08-01netlabel: fix a problem when setting bits below the previously lowest bitPaul Moore1-1/+1
2014-07-30Merge branch 'stable-3.16' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-11/+2
2014-07-28Revert "selinux: fix the default socket labeling in sock_graft()"Paul Moore1-11/+2
2014-07-28KEYS: revert encrypted key changeMimi Zohar1-1/+1
2014-07-25ima: add support for measuring and appraising firmwareMimi Zohar6-4/+41
2014-07-25security: introduce kernel_fw_from_file hookKees Cook2-0/+12
2014-07-24CAPABILITIES: remove undefined caps from all processesEric Paris1-0/+3
2014-07-24Merge tag 'keys-next-20140722' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris12-57/+209
2014-07-24commoncap: don't alloc the credential unless needed in cap_task_prctlTetsuo Handa1-42/+30
2014-07-22Merge branch 'keys-fixes' into keys-nextDavid Howells1-1/+14
2014-07-22Merge remote-tracking branch 'integrity/next-with-keys' into keys-nextDavid Howells6-4/+67
2014-07-22KEYS: request_key_auth: Provide key preparsingDavid Howells1-0/+13
2014-07-22KEYS: keyring: Provide key preparsingDavid Howells1-11/+23
2014-07-22KEYS: big_key: Use key preparsingDavid Howells1-16/+25
2014-07-22KEYS: user: Use key preparsingDavid Howells1-19/+22
2014-07-22KEYS: Call ->free_preparse() even after ->preparse() returns an errorDavid Howells1-5/+4
2014-07-22KEYS: Allow expiry time to be set when preparsing a keyDavid Howells1-0/+8
2014-07-22KEYS: struct key_preparsed_payload should have two payload pointersDavid Howells2-3/+5
2014-07-19Merge tag 'seccomp-3.17' of git://git.kernel.org/pub/scm/linux/kernel/git/kee...James Morris1-2/+2
2014-07-19Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into nextJames Morris11-160/+101
2014-07-18sched: move no_new_privs into new atomic flagsKees Cook1-2/+2
2014-07-18KEYS: Provide a generic instantiation functionDavid Howells1-0/+30
2014-07-17KEYS: Allow special keys (eg. DNS results) to be invalidated by CAP_SYS_ADMINDavid Howells1-1/+14
2014-07-17ima: define '.ima' as a builtin 'trusted' keyringMimi Zohar5-2/+63
2014-07-17KEYS: special dot prefixed keyring name bug fixMimi Zohar1-2/+4
2014-07-17ima: provide double buffering for hash calculationDmitry Kasatkin1-16/+49
2014-07-17ima: introduce multi-page collect buffersDmitry Kasatkin1-2/+96
2014-07-17ima: use ahash API for file hash calculationDmitry Kasatkin1-4/+183
2014-07-17audit: fix dangling keywords in integrity ima message outputRichard Guy Briggs2-4/+4
2014-07-17ima: delay template descriptor lookup until useDmitry Kasatkin1-1/+2
2014-07-17ima: remove unnecessary i_mutex locking from ima_rdwr_violation_check()Dmitry Kasatkin1-4/+0
2014-07-16Merge tag 'v3.16-rc5' into timers/coreThomas Gleixner31-182/+510
2014-07-17Merge branch 'stable-3.16' of git://git.infradead.org/users/pcmoore/selinux i...James Morris1-2/+11
2014-07-16sched: Remove proliferation of wait_on_bit() action functionsNeilBrown2-31/+3
2014-07-15cgroup: rename cgroup_subsys->base_cftypes to ->legacy_cftypesTejun Heo1-1/+1
2014-07-10selinux: fix the default socket labeling in sock_graft()Paul Moore1-2/+11
2014-06-26selinux: reduce the number of calls to synchronize_net() when flushing cachesPaul Moore7-42/+23
2014-06-23selinux: no recursive read_lock of policy_rwlock in security_genfs_sid()Waiman Long1-9/+32
2014-06-19selinux: fix a possible memory leak in cond_read_node()Namhyung Kim1-1/+1
2014-06-19selinux: simple cleanup for cond_read_node()Namhyung Kim1-7/+2
2014-06-18security: Used macros from compiler.h instead of __attribute__((...))Gideon Israel Dsouza1-1/+2
2014-06-18selinux: introduce str_read() helperNamhyung Kim1-96/+37
2014-06-17SELinux: use ARRAY_SIZEHimangi Saraogi1-4/+4
2014-06-17Merge tag 'v3.15' into nextPaul Moore34-235/+376
2014-06-13Merge branch 'serge-next-2' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds7-28/+114
2014-06-12ima: introduce ima_kernel_read()Dmitry Kasatkin1-1/+31
2014-06-12evm: prohibit userspace writing 'security.evm' HMAC valueMimi Zohar1-2/+10
2014-06-12ima: check inode integrity cache in violation checkDmitry Kasatkin1-2/+7
2014-06-12ima: prevent unnecessary policy checkingDmitry Kasatkin1-9/+4
2014-06-12evm: provide option to protect additional SMACK xattrsDmitry Kasatkin2-0/+22
2014-06-12evm: replace HMAC version with attribute maskDmitry Kasatkin4-11/+33
2014-06-12ima: prevent new digsig xattr from being replacedMimi Zohar1-3/+7
2014-06-12Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-1/+1
2014-06-12tomoyo: Use sensible time interfaceThomas Gleixner2-8/+4
2014-06-10Merge branch 'serge-next-1' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds23-133/+382
2014-06-09Merge branch 'for-3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c...Linus Torvalds1-20/+13
2014-06-03ima: audit log files opened with O_DIRECT flagMimi Zohar4-3/+19
2014-06-03selinux: conditionally reschedule in hashtab_insert while loading selinux policyDave Jones1-0/+3
2014-06-03selinux: conditionally reschedule in mls_convert_context while loading selinu...Dave Jones1-0/+2
2014-06-03selinux: reject setexeccon() on MNT_NOSUID applications with -EACCESPaul Moore1-2/+4
2014-06-03selinux: Report permissive mode in avc: denied messages.Stephen Smalley3-5/+11
2014-05-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller3-58/+159
2014-05-20Merge branch 'smack-for-3.16' of git://git.gitorious.org/smack-next/kernel in...James Morris4-73/+297
2014-05-16device_cgroup: use css_has_online_children() instead of has_children()Tejun Heo1-17/+2
2014-05-16device_cgroup: remove direct access to cgroup->childrenTejun Heo1-2/+10
2014-05-16cgroup: remove css_parent()Tejun Heo1-4/+4
2014-05-15selinux: conditionally reschedule in hashtab_insert while loading selinux policyDave Jones1-0/+3
2014-05-15selinux: conditionally reschedule in mls_convert_context while loading selinu...Dave Jones1-0/+2
2014-05-15selinux: reject setexeccon() on MNT_NOSUID applications with -EACCESPaul Moore1-2/+4
2014-05-13cgroup: replace cftype->write_string() with cftype->write()Tejun Heo1-7/+7
2014-05-13Merge branch 'for-3.15-fixes' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-43/+159
2014-05-12Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-3/+3
2014-05-06Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds2-15/+0
2014-05-06Warning in scanf string typingToralf Förster1-1/+1
2014-05-06nick kvfree() from apparmorAl Viro2-15/+0
2014-05-05device_cgroup: check if exception removal is allowedAristeu Rozanski1-3/+38
2014-05-04device_cgroup: fix the comment format for recently added functionsAristeu Rozanski1-17/+16
2014-05-01selinux: Report permissive mode in avc: denied messages.Stephen Smalley3-5/+11
2014-04-30Smack: Label cgroup files for systemdCasey Schaufler1-12/+18
2014-04-23Smack: Verify read access on file open - v3Casey Schaufler1-3/+16
2014-04-22audit: add netlink audit protocol bind to check capabilities on multicast joinRichard Guy Briggs1-1/+1
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 22:23:12 +0000