summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* apparmor: fix apparmorfs DAC access permissionsJohn Johansen2017-09-221-4/+4
* apparmor: fix build failure on sparc caused by undeclared signalsJohn Johansen2017-09-221-1/+4
* apparmor: fix incorrect type assignment when freeing proxiesJohn Johansen2017-09-221-1/+1
* apparmor: ensure unconfined profiles have dfas initializedJohn Johansen2017-09-221-0/+2
* apparmor: fix race condition in null profile creationJohn Johansen2017-09-221-3/+11
* apparmor: move new_null_profile to after profile lookup fns()John Johansen2017-09-221-79/+79
* apparmor: add base infastructure for socket mediationJohn Johansen2017-09-2212-16/+840
* apparmor: add more debug asserts to apparmorfsJohn Johansen2017-09-221-0/+17
* apparmor: make policy_unpack able to audit different info messagesJohn Johansen2017-09-222-16/+40
* apparmor: add support for absolute root view based labelsJohn Johansen2017-09-222-1/+10
* apparmor: cleanup conditional check for label in label_printJohn Johansen2017-09-221-14/+8
* apparmor: add mount mediationJohn Johansen2017-09-229-4/+841
* apparmor: add the ability to mediate signalsJohn Johansen2017-09-227-0/+231
* apparmor: Redundant condition: prev_ns. in [label.c:1498]John Johansen2017-09-221-1/+1
* apparmor: Fix an error code in aafs_create()Dan Carpenter2017-09-221-1/+3
* apparmor: Fix logical error in verify_header()Christos Gkekas2017-09-221-1/+1
* apparmor: Fix shadowed local variable in unpack_trans_table()Geert Uytterhoeven2017-09-221-2/+2
* Merge tag 'gcc-plugins-v4.13-rc2' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds2017-07-191-1/+1
|\
| * randstruct: Mark various structs for randomizationKees Cook2017-06-301-1/+1
* | KEYS: DH: validate __spare fieldEric Biggers2017-07-142-0/+7
* | include/linux/string.h: add the option of fortified string.h functionsDaniel Micay2017-07-121-0/+7
* | Merge branch 'work.memdup_user' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2017-07-051-7/+5
|\ \
| * | ima_write_policy(): don't open-code memdup_user_nul()Al Viro2017-06-301-9/+4
| * | sel_write_validatetrans(): don't open-code memdup_user_nul()Al Viro2017-05-251-7/+5
| |/
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds2017-07-051-1/+2
|\ \
| * \ Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller2017-06-211-3/+2
| |\ \
| * | | rtnetlink: add NEWCACHEREPORT message typeJulien Gomes2017-06-211-1/+2
* | | | Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds2017-07-0568-2111/+8342
|\ \ \ \
| * | | | apparmor: put back designators in struct initialisersStephen Rothwell2017-06-281-2/+2
| * | | | Merge branch 'stable-4.13' of git://git.infradead.org/users/pcmoore/selinux i...James Morris2017-06-2317-108/+821
| |\ \ \ \
| | * | | | selinux: enable genfscon labeling for tracefsJeff Vander Stoep2017-06-201-0/+1
| | * | | | security/selinux: allow security_sb_clone_mnt_opts to enable/disable native l...Scott Mayhew2017-06-092-4/+38
| | * | | | selinux: use kmem_cache for ebitmapJunil Lee2017-06-093-6/+27
| | * | | | selinux: use pernet operations for hook registrationFlorian Westphal2017-06-021-4/+20
| | * | | | selinux: Add a cache for quicker retreival of PKey SIDsDaniel Jurgens2017-05-235-3/+288
| | * | | | selinux: Add IB Port SMP access vectorDaniel Jurgens2017-05-235-0/+75
| | * | | | selinux: Implement Infiniband PKey "Access" access vectorDaniel Jurgens2017-05-235-0/+77
| | * | | | selinux: Allocate and free infiniband security hooksDaniel Jurgens2017-05-232-1/+29
| | * | | | selinux: Create policydb version for Infiniband supportDaniel Jurgens2017-05-233-24/+118
| | * | | | IB/core: Enforce security on management datagramsDaniel Jurgens2017-05-231-0/+6
| | * | | | selinux lsm IB/core: Implement LSM notification systemDaniel Jurgens2017-05-233-0/+33
| | * | | | IB/core: Enforce PKey security on QPsDaniel Jurgens2017-05-232-0/+31
| | * | | | selinux: Remove redundant check for unknown labeling behaviorMatthias Kaehlcke2017-05-231-16/+0
| | * | | | selinux: log policy capability state when a policy is loadedStephen Smalley2017-05-233-11/+27
| | * | | | selinux: do not check open permission on socketsStephen Smalley2017-05-231-3/+7
| | * | | | selinux: add a map permission check for mmapStephen Smalley2017-05-232-1/+13
| | * | | | selinux: only invoke capabilities and selinux for CAP_MAC_ADMIN checksStephen Smalley2017-05-231-8/+15
| | * | | | selinux: Return an error code only as a constant in sidtab_insert()Markus Elfring2017-05-231-17/+10
| | * | | | selinux: Return directly after a failed memory allocation in policydb_index()Markus Elfring2017-05-231-10/+5
| | * | | | selinux: Use task_alloc hook rather than task_create hookTetsuo Handa2017-05-231-2/+3
OpenPOWER on IntegriCloud