summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* selinux: avoid silent denials in permissive mode under RCU walkStephen Smalley2019-07-093-5/+28
* security/selinux: pass 'flags' arg to avc_audit() and avc_has_perm_flags()NeilBrown2019-07-093-4/+25
* apparmor: provide userspace flag indicating binfmt_elf_mmap changeJohn Johansen2019-05-021-0/+1
* KEYS: always initialize keyring_index_key::desc_lenEric Biggers2019-05-024-6/+4
* KEYS: restrict /proc/keys by credentials at open timeEric Biggers2019-05-021-6/+2
* KEYS: allow reaching the keys quotas exactlyEric Biggers2019-05-021-2/+2
* Yama: Check for pid death before checking ancestryKees Cook2019-05-021-1/+3
* ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers2019-02-111-3/+3
* KEYS: encrypted: fix buffer overread in valid_master_desc()Eric Biggers2018-12-161-16/+15
* apparmor: remove no-op permission check in policy_unpackJohn Johansen2018-12-161-32/+0
* selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover2018-10-211-1/+1
* ima: relax requiring a file signature for new files with zero lengthMimi Zohar2018-06-161-1/+2
* apparmor: ensure that undecidable profile attachments failJohn Johansen2018-02-131-16/+37
* ima: fix hash algorithm initializationBoshi Wang2018-02-131-0/+4
* KPTI: Rename to PAGE_TABLE_ISOLATIONKees Cook2018-01-091-1/+1
* x86/kaiser: Reenable PARAVIRTBorislav Petkov2018-01-091-1/+1
* KAISER: Kernel Address IsolationRichard Fellner2018-01-091-0/+10
* KEYS: add missing permission check for request_key() destinationEric Biggers2018-01-011-9/+37
* security: let security modules use PTRACE_MODE_* with bitmasksJann Horn2018-01-012-7/+5
* KEYS: trusted: fix writing past end of buffer in trusted_read()Eric Biggers2018-01-011-11/+12
* KEYS: trusted: sanitize all key materialEric Biggers2018-01-011-27/+21
* KEYS: return full count in keyring_read() if buffer is too smallEric Biggers2018-01-011-20/+19
* KEYS: encrypted: fix dereference of NULL user_key_payloadEric Biggers2018-01-011-0/+7
* lsm: fix smack_inode_removexattr and xattr_getsecurity memleakCasey Schaufler2018-01-011-30/+25
* Smack: remove unneeded NULL-termination from securtity labelKonstantin Khlebnikov2018-01-011-3/+3
* security/keys: properly zero out sensitive key material in big_keyJason A. Donenfeld2018-01-011-1/+1
* KEYS: prevent creating a different user's keyringsEric Biggers2018-01-014-12/+23
* KEYS: fix writing past end of user-supplied buffer in keyring_read()Eric Biggers2018-01-011-9/+5
* KEYS: fix key refcount leak in keyctl_read_key()Eric Biggers2018-01-011-1/+1
* KEYS: fix key refcount leak in keyctl_assume_authority()Eric Biggers2018-01-011-4/+2
* KEYS: don't revoke uninstantiated key in request_key_auth_new()Eric Biggers2018-01-011-1/+0
* KEYS: fix cred refcount leak in request_key_auth_new()Eric Biggers2018-01-011-37/+31
* KEYS: don't let add_key() update an uninstantiated keyDavid Howells2017-11-111-0/+10
* KEYS: prevent KEYCTL_READ on negative keyEric Biggers2017-11-111-0/+5
* sched: move no_new_privs into new atomic flagsKees Cook2017-10-121-2/+2
* ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn2017-09-151-1/+6
* selinux: fix double free in selinux_parse_opts_str()Paul Moore2017-09-151-3/+2
* KEYS: fix dereferencing NULL payload with nonzero lengthEric Biggers2017-09-151-2/+2
* ima: accept previously set IMA_NEW_FILEDaniel Glöckner2017-08-261-2/+3
* ima: pass 'opened' flag to identify newly created filesDmitry Kasatkin2017-08-263-11/+11
* KEYS: Change the name of the dead type to ".dead" to prevent user accessDavid Howells2017-07-181-1/+1
* KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyringsEric Biggers2017-06-052-24/+31
* KEYS: Disallow keyrings beginning with '.' to be joined as session keyringsDavid Howells2017-06-051-2/+7
* KEYS: Reinstate EPERM for a key type name beginning with a '.'David Howells2017-06-051-0/+2
* KEYS: special dot prefixed keyring name bug fixMimi Zohar2017-06-051-2/+4
* KEYS: Fix an error code in request_master_key()Dan Carpenter2017-06-051-1/+1
* keys: Guard against null match function in keyring_search_aux()Ben Hutchings2017-04-041-3/+3
* vfs: Commit to never having exectuables on proc and sysfs.Eric W. Biederman2017-04-041-1/+1
* selinux: fix off-by-one in setprocattrStephen Smalley2017-02-261-1/+1
* apparmor: fix change_hat not finding hat after policy replacementJohn Johansen2017-02-231-2/+4
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-14 13:42:01 +0000