summaryrefslogtreecommitdiffstats
Commit message (Expand)AuthorAgeFilesLines
* Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds2019-09-2858-76/+861
|\
| * kexec: Fix file verification on S390Matthew Garrett2019-09-101-1/+1
| * security: constify some arrays in lockdown LSMMatthew Garrett2019-09-101-2/+2
| * lockdown: Print current->comm in restriction messagesMatthew Garrett2019-08-192-4/+9
| * efi: Restrict efivar_ssdt_load when the kernel is locked downMatthew Garrett2019-08-191-0/+6
| * tracefs: Restrict tracefs when the kernel is locked downMatthew Garrett2019-08-193-1/+43
| * debugfs: Restrict debugfs when the kernel is locked downDavid Howells2019-08-194-2/+62
| * kexec: Allow kexec_file() with appropriate IMA policy when locked downMatthew Garrett2019-08-195-2/+71
| * lockdown: Lock down perf when in confidentiality modeDavid Howells2019-08-193-0/+9
| * bpf: Restrict bpf when kernel lockdown is in confidentiality modeDavid Howells2019-08-193-0/+12
| * lockdown: Lock down tracing and perf kprobes when in confidentiality modeDavid Howells2019-08-193-0/+7
| * lockdown: Lock down /proc/kcoreDavid Howells2019-08-193-0/+7
| * x86/mmiotrace: Lock down the testmmiotrace moduleDavid Howells2019-08-193-0/+7
| * lockdown: Lock down module params that specify hardware parameters (eg. ioport)David Howells2019-08-193-5/+18
| * lockdown: Lock down TIOCSSERIALDavid Howells2019-08-193-0/+7
| * lockdown: Prohibit PCMCIA CIS storage when the kernel is locked downDavid Howells2019-08-193-0/+7
| * acpi: Disable ACPI table override if the kernel is locked downLinn Crosetto2019-08-191-0/+6
| * acpi: Ignore acpi_rsdp kernel param when the kernel has been locked downJosh Boyer2019-08-197-7/+49
| * ACPI: Limit access to custom_method when the kernel is locked downMatthew Garrett2019-08-193-0/+8
| * x86/msr: Restrict MSR access when the kernel is locked downMatthew Garrett2019-08-193-0/+10
| * x86: Lock down IO port access when the kernel is locked downMatthew Garrett2019-08-193-2/+7
| * PCI: Lock down BAR access when the kernel is locked downMatthew Garrett2019-08-195-3/+33
| * hibernate: Disable when the kernel is locked downJosh Boyer2019-08-193-1/+4
| * kexec_file: Restrict at runtime if the kernel is locked downJiri Bohac2019-08-191-1/+1
| * kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCEJiri Bohac2019-08-1915-34/+88
| * lockdown: Copy secure_boot flag in boot params across kexec rebootDave Young2019-08-191-0/+1
| * kexec_load: Disable at runtime if the kernel is locked downMatthew Garrett2019-08-193-0/+10
| * lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked downMatthew Garrett2019-08-193-2/+7
| * lockdown: Enforce module signatures if the kernel is locked downDavid Howells2019-08-195-7/+38
| * security: Add a static lockdown policy LSMMatthew Garrett2019-08-197-5/+236
| * security: Add a "locked down" LSM hookMatthew Garrett2019-08-193-0/+45
| * security: Support early LSMsMatthew Garrett2019-08-195-9/+62
* | Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds2019-09-2732-203/+871
|\ \
| * | ima: ima_api: Use struct_size() in kzalloc()Gustavo A. R. Silva2019-08-291-2/+2
| * | ima: use struct_size() in kzalloc()Gustavo A. R. Silva2019-08-291-3/+2
| * | sefltest/ima: support appended signatures (modsig)Mimi Zohar2019-08-291-4/+34
| * | ima: Fix use after free in ima_read_modsig()Thiago Jung Bauermann2019-08-281-1/+2
| * | MODSIGN: make new include file self containedStephen Rothwell2019-08-061-0/+2
| * | ima: fix freeing ongoing ahash_requestSascha Hauer2019-08-051-0/+5
| * | ima: always return negative code for errorSascha Hauer2019-08-051-1/+4
| * | ima: Store the measurement again when appraising a modsigThiago Jung Bauermann2019-08-054-7/+47
| * | ima: Define ima-modsig templateThiago Jung Bauermann2019-08-059-6/+159
| * | ima: Collect modsigThiago Jung Bauermann2019-08-055-5/+60
| * | ima: Implement support for module-style appended signaturesThiago Jung Bauermann2019-08-058-23/+209
| * | ima: Factor xattr_verify() out of ima_appraise_measurement()Thiago Jung Bauermann2019-08-051-60/+81
| * | ima: Add modsig appraise_type option for module-style appended signaturesThiago Jung Bauermann2019-08-057-3/+67
| * | integrity: Select CONFIG_KEYS instead of depending on itThiago Jung Bauermann2019-08-051-1/+1
| * | PKCS#7: Introduce pkcs7_get_digest()Thiago Jung Bauermann2019-08-052-0/+37
| * | PKCS#7: Refactor verify_pkcs7_signature()Thiago Jung Bauermann2019-08-052-16/+55
| * | MODSIGN: Export module signature definitionsThiago Jung Bauermann2019-08-0510-77/+108
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-30 14:07:44 +0000