summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* Smack: Mark inode instant in smack_task_to_inodeCasey Schaufler2018-08-241-0/+1
* ima: based on policy verify firmware signatures (pre-allocated buffer)Mimi Zohar2018-08-031-0/+1
* selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover2018-06-051-1/+1
* ima: Fallback to the builtin hash algorithmPetr Vorel2018-05-302-0/+15
* ima: Fix Kconfig to select TPM 2.0 CRB interfaceJiandi An2018-05-301-0/+1
* integrity/security: fix digsig.c build error with header fileRandy Dunlap2018-05-301-0/+1
* commoncap: Handle memory allocation failure.Tetsuo Handa2018-04-291-0/+2
* apparmor: fix resource audit messages when auditing peerJohn Johansen2018-04-191-4/+4
* apparmor: fix display of .ns_name for containersJohn Johansen2018-04-191-3/+1
* apparmor: fix logging of the existence test for signalsJohn Johansen2018-04-192-2/+4
* /dev/mem: Add bounce buffer for copy-outKees Cook2018-03-241-0/+1
* ima: relax requiring a file signature for new files with zero lengthMimi Zohar2018-03-191-1/+2
* selinux: skip bounded transition processing if the policy isn't loadedPaul Moore2018-02-251-0/+3
* selinux: ensure the context is NUL terminated in security_context_to_sid_core()Paul Moore2018-02-251-10/+8
* ima/policy: fix parsing of fsuuidMike Rapoport2018-02-031-1/+1
* security/Kconfig: Correct the Documentation reference for PTIW. Trevor King2018-01-171-1/+1
* apparmor: fix ptrace label match when matching stacked labelsJohn Johansen2018-01-172-21/+35
* apparmor: fix regression in mount mediation when feature set is pinnedJohn Johansen2018-01-101-1/+11
* capabilities: fix buffer overread on very short xattrEric Biggers2018-01-051-12/+9
* x86/mm/pti: Add KconfigDave Hansen2018-01-021-0/+11
* apparmor: fix leak of null profile name if profile allocation failsJohn Johansen2017-12-141-1/+2
* KEYS: reject NULL restriction string when type is specifiedEric Biggers2017-12-141-14/+10
* KEYS: add missing permission check for request_key() destinationEric Biggers2017-12-141-9/+37
* ima: fix hash algorithm initializationBoshi Wang2017-12-101-0/+4
* apparmor: fix oops in audit_signal_cb hookJohn Johansen2017-12-051-5/+7
* ima: do not update security.ima if appraisal status is not INTEGRITY_PASSRoberto Sassu2017-11-241-0/+3
* apparmor: fix off-by-one comparison on MAXMAPPED_SIGJohn Johansen2017-11-081-2/+2
* Merge tag 'spdx_identifiers-4.14-rc8' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds2017-11-0249-0/+49
|\
| * License cleanup: add SPDX GPL-2.0 license identifier to files with no licenseGreg Kroah-Hartman2017-11-0249-0/+49
* | KEYS: trusted: fix writing past end of buffer in trusted_read()Eric Biggers2017-11-021-11/+12
* | KEYS: return full count in keyring_read() if buffer is too smallEric Biggers2017-11-021-20/+19
* | Revert "apparmor: add base infastructure for socket mediation"Linus Torvalds2017-10-2612-840/+16
|/
* commoncap: move assignment of fs_ns to avoid null pointer dereferenceColin Ian King2017-10-191-1/+2
* Merge commit 'tags/keys-fixes-20171018' into fixes-v4.14-rc5James Morris2017-10-1914-53/+88
|\
| * KEYS: load key flags and expiry time atomically in proc_keys_show()Eric Biggers2017-10-181-10/+14
| * KEYS: Load key expiry time atomically in keyring_search_iterator()Eric Biggers2017-10-181-1/+3
| * KEYS: load key flags and expiry time atomically in key_validate()Eric Biggers2017-10-181-3/+4
| * KEYS: don't let add_key() update an uninstantiated keyDavid Howells2017-10-181-0/+10
| * KEYS: Fix race between updating and finding a negative keyDavid Howells2017-10-1812-39/+49
| * security/keys: BIG_KEY requires CONFIG_CRYPTOArnd Bergmann2017-10-181-0/+1
| * KEYS: encrypted: fix dereference of NULL user_key_payloadEric Biggers2017-10-121-0/+7
* | lsm: fix smack_inode_removexattr and xattr_getsecurity memleakCasey Schaufler2017-10-041-30/+25
|/
* Merge commit 'keys-fixes-20170927' into fixes-v4.14-rc3James Morris2017-09-289-152/+137
|\
| * security/keys: rewrite all of big_key cryptoJason A. Donenfeld2017-09-252-71/+60
| * security/keys: properly zero out sensitive key material in big_keyJason A. Donenfeld2017-09-251-6/+6
| * KEYS: use kmemdup() in request_key_auth_new()Eric Biggers2017-09-251-3/+2
| * KEYS: restrict /proc/keys by credentials at open timeEric Biggers2017-09-251-6/+2
| * KEYS: reset parent each time before searching key_user_treeEric Biggers2017-09-251-2/+2
| * KEYS: prevent KEYCTL_READ on negative keyEric Biggers2017-09-251-0/+5
| * KEYS: prevent creating a different user's keyringsEric Biggers2017-09-254-12/+21