summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* ima: do not update security.ima if appraisal status is not INTEGRITY_PASSRoberto Sassu2017-11-241-0/+3
* KEYS: trusted: fix writing past end of buffer in trusted_read()Eric Biggers2017-11-081-11/+12
* KEYS: return full count in keyring_read() if buffer is too smallEric Biggers2017-11-081-20/+19
* KEYS: don't let add_key() update an uninstantiated keyDavid Howells2017-10-271-0/+10
* KEYS: Fix race between updating and finding a negative keyDavid Howells2017-10-2712-39/+49
* KEYS: encrypted: fix dereference of NULL user_key_payloadEric Biggers2017-10-271-0/+7
* lsm: fix smack_inode_removexattr and xattr_getsecurity memleakCasey Schaufler2017-10-121-30/+25
* KEYS: prevent KEYCTL_READ on negative keyEric Biggers2017-10-051-0/+5
* KEYS: prevent creating a different user's keyringsEric Biggers2017-10-054-12/+21
* KEYS: fix writing past end of user-supplied buffer in keyring_read()Eric Biggers2017-10-051-9/+5
* security/keys: rewrite all of big_key cryptoJason A. Donenfeld2017-10-052-70/+60
* security/keys: properly zero out sensitive key material in big_keyJason A. Donenfeld2017-10-051-6/+6
* Merge tag 'gcc-plugins-v4.13-rc2' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds2017-07-191-1/+1
|\
| * randstruct: Mark various structs for randomizationKees Cook2017-06-301-1/+1
* | KEYS: DH: validate __spare fieldEric Biggers2017-07-142-0/+7
* | include/linux/string.h: add the option of fortified string.h functionsDaniel Micay2017-07-121-0/+7
* | Merge branch 'work.memdup_user' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2017-07-051-7/+5
|\ \
| * | ima_write_policy(): don't open-code memdup_user_nul()Al Viro2017-06-301-9/+4
| * | sel_write_validatetrans(): don't open-code memdup_user_nul()Al Viro2017-05-251-7/+5
| |/
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds2017-07-051-1/+2
|\ \
| * \ Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller2017-06-211-3/+2
| |\ \
| * | | rtnetlink: add NEWCACHEREPORT message typeJulien Gomes2017-06-211-1/+2
* | | | Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds2017-07-0568-2111/+8342
|\ \ \ \
| * | | | apparmor: put back designators in struct initialisersStephen Rothwell2017-06-281-2/+2
| * | | | Merge branch 'stable-4.13' of git://git.infradead.org/users/pcmoore/selinux i...James Morris2017-06-2317-108/+821
| |\ \ \ \
| | * | | | selinux: enable genfscon labeling for tracefsJeff Vander Stoep2017-06-201-0/+1
| | * | | | security/selinux: allow security_sb_clone_mnt_opts to enable/disable native l...Scott Mayhew2017-06-092-4/+38
| | * | | | selinux: use kmem_cache for ebitmapJunil Lee2017-06-093-6/+27
| | * | | | selinux: use pernet operations for hook registrationFlorian Westphal2017-06-021-4/+20
| | * | | | selinux: Add a cache for quicker retreival of PKey SIDsDaniel Jurgens2017-05-235-3/+288
| | * | | | selinux: Add IB Port SMP access vectorDaniel Jurgens2017-05-235-0/+75
| | * | | | selinux: Implement Infiniband PKey "Access" access vectorDaniel Jurgens2017-05-235-0/+77
| | * | | | selinux: Allocate and free infiniband security hooksDaniel Jurgens2017-05-232-1/+29
| | * | | | selinux: Create policydb version for Infiniband supportDaniel Jurgens2017-05-233-24/+118
| | * | | | IB/core: Enforce security on management datagramsDaniel Jurgens2017-05-231-0/+6
| | * | | | selinux lsm IB/core: Implement LSM notification systemDaniel Jurgens2017-05-233-0/+33
| | * | | | IB/core: Enforce PKey security on QPsDaniel Jurgens2017-05-232-0/+31
| | * | | | selinux: Remove redundant check for unknown labeling behaviorMatthias Kaehlcke2017-05-231-16/+0
| | * | | | selinux: log policy capability state when a policy is loadedStephen Smalley2017-05-233-11/+27
| | * | | | selinux: do not check open permission on socketsStephen Smalley2017-05-231-3/+7
| | * | | | selinux: add a map permission check for mmapStephen Smalley2017-05-232-1/+13
| | * | | | selinux: only invoke capabilities and selinux for CAP_MAC_ADMIN checksStephen Smalley2017-05-231-8/+15
| | * | | | selinux: Return an error code only as a constant in sidtab_insert()Markus Elfring2017-05-231-17/+10
| | * | | | selinux: Return directly after a failed memory allocation in policydb_index()Markus Elfring2017-05-231-10/+5
| | * | | | selinux: Use task_alloc hook rather than task_create hookTetsuo Handa2017-05-231-2/+3
| * | | | | ima: Log the same audit cause whenever a file has no signatureThiago Jung Bauermann2017-06-211-1/+2
| * | | | | ima: Simplify policy_func_show.Thiago Jung Bauermann2017-06-212-62/+21
| * | | | | integrity: Small code improvementsThiago Jung Bauermann2017-06-216-9/+11
| * | | | | ima: fix get_binary_runtime_size()Roberto Sassu2017-06-211-1/+1
| * | | | | ima: use ima_parse_buf() to parse template dataRoberto Sassu2017-06-211-31/+13
OpenPOWER on IntegriCloud