summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* ima: extend "mask" policy matching supportMimi Zohar2015-08-191-5/+15
* ima: add support for new "euid" policy conditionMimi Zohar2015-08-191-4/+23
* lsm: copy comm before calling audit_log to avoid race in string printingRichard Guy Briggs2015-06-101-6/+9
* nick kvfree() from apparmorAl Viro2015-04-272-15/+0
* selinux: fix sel_write_enforce broken return valueJoe Perches2015-04-221-1/+1
* Don't leak a key reference if request_key() tries to use a revoked keyringDavid Jeffery2015-04-091-0/+1
* SELinux: fix selinuxfs policy file on big endian systemsEric Paris2015-02-161-2/+1
* move d_rcu from overlapping d_child to overlapping d_aliasAl Viro2015-01-291-3/+3
* KEYS: close race between key lookup and freeingSasha Levin2015-01-291-2/+2
* KEYS: Fix stale key registration at error pathTakashi Iwai2015-01-071-1/+4
* selinux: fix inode security list corruptionStephen Smalley2014-11-131-1/+1
* evm: check xattr value length and type in evm_inode_setxattr()Dmitry Kasatkin2014-11-131-3/+6
* CAPABILITIES: remove undefined caps from all processesEric Paris2014-09-171-0/+3
* evm: prohibit userspace writing 'security.evm' HMAC valueMimi Zohar2014-06-231-2/+10
* ima: introduce ima_kernel_read()Dmitry Kasatkin2014-06-231-1/+31
* ima: audit log files opened with O_DIRECT flagMimi Zohar2014-06-204-3/+18
* device_cgroup: check if exception removal is allowedAristeu Rozanski2014-06-091-3/+38
* device_cgroup: rework device access check and exception checkingAristeu Rozanski2014-06-091-40/+122
* selinux: correctly label /proc inodes in use before the policy is loadedPaul Moore2014-04-131-9/+27
* SELinux: Increase ebitmap_node size for 64-bit configurationWaiman Long2014-03-121-1/+7
* SELinux: Reduce overhead of mls_level_isvalid() function callWaiman Long2014-03-124-19/+27
* SELinux: bigendian problems with filename trans rulesEric Paris2014-03-051-4/+4
* SELinux: Fix kernel BUG on empty security contexts.Stephen Smalley2014-02-201-0/+4
* SELinux: Fix memory leak upon loading policyTetsuo Handa2014-02-131-1/+13
* SELinux: Fix possible NULL pointer dereference in selinux_inode_permission()Steven Rostedt2014-01-252-3/+22
* selinux: process labeled IPsec TCP SYN-ACK packets properly in selinux_ip_pos...Paul Moore2014-01-091-7/+36
* selinux: look for IPsec labels on both inbound and outbound packetsPaul Moore2014-01-093-16/+48
* selinux: selinux_setprocattr()->ptrace_parent() needs rcu_read_lock()Oleg Nesterov2014-01-091-2/+2
* selinux: fix broken peer recv checkChad Hanson2014-01-091-1/+3
* selinux: handle TCP SYN-ACK packets correctly in selinux_ip_postroute()Paul Moore2013-12-201-15/+53
* selinux: handle TCP SYN-ACK packets correctly in selinux_ip_output()Paul Moore2013-12-201-2/+23
* selinux: correct locking in selinux_netlbl_socket_connect)Paul Moore2013-12-041-4/+2
* Revert "ima: policy for RAMFS"Mimi Zohar2013-11-291-1/+0
* apparmor: fix bad lock balance when introspecting policyJohn Johansen2013-10-161-3/+1
* apparmor: fix memleak of the profile hashJohn Johansen2013-10-161-0/+1
* selinux: remove 'flags' parameter from avc_audit()Linus Torvalds2013-10-043-4/+4
* selinux: avc_has_perm_flags has no more usersLinus Torvalds2013-10-042-17/+6
* selinux: remove 'flags' parameter from inode_has_permLinus Torvalds2013-10-041-7/+6
* apparmor: fix suspicious RCU usage warning in policy.c/policy.hJohn Johansen2013-09-302-2/+5
* apparmor: Use shash crypto API interface for profile hashesTyler Hicks2013-09-301-18/+16
* Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds2013-09-071-5/+5
|\
| * capabilities: allow nice if we are privilegedSerge Hallyn2013-08-301-4/+4
| * userns: Allow PR_CAPBSET_DROP in a user namespace.Eric W. Biederman2013-08-301-1/+1
* | Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds2013-09-0728-547/+1666
|\ \
| * \ Merge branch 'smack-for-3.12' of git://git.gitorious.org/smack-next/kernel in...James Morris2013-08-234-114/+150
| |\ \
| | * | Smack: parse multiple rules per write to load2, up to PAGE_SIZE-1 bytesRafal Krypa2013-08-121-85/+82
| | * | Smack: network label match fixCasey Schaufler2013-08-013-9/+31
| | * | security: smack: add a hash table to quicken smk_find_entry()Tomasz Stanislawski2013-08-013-9/+37
| | * | security: smack: fix memleak in smk_write_rules_list()Tomasz Stanislawski2013-08-011-22/+11
| | |/
| * | apparmor: add the ability to report a sha1 hash of loaded policyJohn Johansen2013-08-148-6/+199
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-28 21:00:42 +0000