summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* ima: always return negative code for errorSascha Hauer2019-10-111-1/+4
* smack: use GFP_NOFS while holding inode_smack::smk_lockEric Biggers2019-10-072-4/+4
* Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is setJann Horn2019-10-071-1/+2
* security: smack: Fix possible null-pointer dereferences in smack_socket_sock_...Jia-Ju Bai2019-10-071-0/+2
* keys: Fix missing null pointer check in request_key_auth_describe()Hillf Danton2019-09-211-0/+6
* selinux: fix memory leak in policydb_init()Ondrej Mosnacek2019-08-061-1/+5
* apparmor: enforce nullbyte at end of tag stringJann Horn2019-06-251-1/+1
* ima: show rules with IMA_INMASK correctlyRoberto Sassu2019-06-091-9/+12
* apparmorfs: fix use-after-free on symlink traversalAl Viro2019-05-251-4/+9
* securityfs: fix use-after-free on symlink traversalAl Viro2019-05-251-4/+9
* ima: open a new file instance if no read permissionsGoldwyn Rodrigues2019-05-161-20/+34
* selinux: never allow relabeling on context mountsOndrej Mosnacek2019-05-081-9/+31
* selinux: use kernel linux/socket.h for genheaders and mdpPaulo Alcantara2019-05-041-0/+1
* device_cgroup: fix RCU imbalance in error caseJann Horn2019-04-271-1/+1
* selinux: do not override context on context mountsOndrej Mosnacek2019-04-051-1/+8
* security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblockJ. Bruce Fields2019-03-231-1/+4
* keys: Fix dependency loop between construction record and auth keyDavid Howells2019-03-235-62/+41
* missing barriers in some of unix_sock ->addr and ->path accessesAl Viro2019-03-191-4/+6
* apparmor: Fix aa_label_build() error handling for failed mergesJohn Johansen2019-03-131-1/+4
* KEYS: always initialize keyring_index_key::desc_lenEric Biggers2019-02-274-6/+4
* KEYS: allow reaching the keys quotas exactlyEric Biggers2019-02-271-2/+2
* smack: fix access permissions for keyringZoran Markovic2019-02-121-3/+9
* selinux: always allow mounting submountsOndrej Mosnacek2019-01-261-1/+1
* selinux: fix GPF on invalid policyStephen Smalley2019-01-231-1/+2
* LSM: Check for NULL cred-security on freeJames Morris2019-01-231-0/+7
* Yama: Check for pid death before checking ancestryKees Cook2019-01-231-1/+3
* selinux: policydb - fix byte order and alignment issuesOndrej Mosnacek2019-01-131-15/+36
* ima: re-initialize iint->atomic_flagsMimi Zohar2018-12-011-0/+1
* ima: re-introduce own integrity cache lockDmitry Kasatkin2018-12-014-40/+77
* EVM: Add support for portable signature formatMatthew Garrett2018-12-015-21/+91
* ima: always measure and audit files in policyMimi Zohar2018-12-013-30/+56
* selinux: Add __GFP_NOWARN to allocation at str_read()Tetsuo Handa2018-12-011-1/+1
* apparmor: Fix uninitialized value in aa_split_fqnameZubin Mithra2018-11-271-2/+4
* ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers2018-11-131-3/+3
* Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct membe...Lubomir Rintel2018-09-291-1/+1
* security: check for kstrdup() failure in lsm_append()Eric Biggers2018-09-261-0/+2
* evm: Don't deadlock if a crypto algorithm is unavailableMatthew Garrett2018-09-261-1/+2
* Smack: Fix handling of IPv4 traffic received by PF_INET6 socketsPiotr Sawicki2018-09-261-5/+9
* uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member nameRandy Dunlap2018-09-151-1/+1
* cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias()Eddie.Horng2018-09-091-1/+1
* Smack: Mark inode instant in smack_task_to_inodeCasey Schaufler2018-08-241-0/+1
* ima: based on policy verify firmware signatures (pre-allocated buffer)Mimi Zohar2018-08-031-0/+1
* selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover2018-06-051-1/+1
* ima: Fallback to the builtin hash algorithmPetr Vorel2018-05-302-0/+15
* ima: Fix Kconfig to select TPM 2.0 CRB interfaceJiandi An2018-05-301-0/+1
* integrity/security: fix digsig.c build error with header fileRandy Dunlap2018-05-301-0/+1
* commoncap: Handle memory allocation failure.Tetsuo Handa2018-04-291-0/+2
* apparmor: fix resource audit messages when auditing peerJohn Johansen2018-04-191-4/+4
* apparmor: fix display of .ns_name for containersJohn Johansen2018-04-191-3/+1
* apparmor: fix logging of the existence test for signalsJohn Johansen2018-04-192-2/+4
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 07:50:08 +0000