summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* apparmor: don't try to replace stale label in ptraceme checkJann Horn2020-06-301-2/+2
* selinux: fix double freeTom Rix2020-06-251-0/+4
* apparmor: fix introspection of of task mode for unconfined tasksJohn Johansen2020-06-251-2/+2
* evm: Fix possible memory leak in evm_calc_hmac_or_hash()Roberto Sassu2020-06-201-1/+1
* ima: Directly assign the ima_default_policy pointer to ima_rulesRoberto Sassu2020-06-201-2/+1
* ima: Fix ima digest hash table key calculationKrzysztof Struczynski2020-06-201-3/+4
* Smack: slab-out-of-bounds in vsscanfCasey Schaufler2020-06-201-0/+10
* mm: add kvfree_sensitive() for freeing sensitive data objectsWaiman Long2020-06-202-22/+5
* exec: Always set cap_ambient in cap_bprm_set_credsEric W. Biederman2020-06-031-0/+1
* apparmor: Fix aa_label refcnt leak in policy_updateXiyu Yang2020-05-271-1/+2
* ima: Fix return value of ima_write_policy()Roberto Sassu2020-05-271-2/+1
* evm: Check also if *tfm is an error pointer in init_desc()Roberto Sassu2020-05-271-1/+1
* ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash()Roberto Sassu2020-05-271-6/+6
* selinux: properly handle multiple messages in selinux_netlink_send()Paul Moore2020-05-051-24/+44
* KEYS: Avoid false positive ENOMEM error on key readWaiman Long2020-05-022-15/+55
* KEYS: Don't write out to userspace while holding key semaphoreWaiman Long2020-04-247-51/+72
* KEYS: Use individual pages in big_key for crypto buffersDavid Howells2020-04-241-23/+87
* KEYS: reaching the keys quotas correctlyYang Xu2020-04-242-3/+3
* selinux: ensure we cleanup the internal AVC counters on error in avc_update()Jaihind Yadav2020-02-281-1/+1
* keys: Timestamp new keysDavid Howells2020-01-271-0/+1
* apparmor: don't try to replace stale label in ptrace access checkJann Horn2020-01-272-2/+4
* apparmor: fix unsigned len comparison with less than zeroColin Ian King2020-01-041-5/+7
* apparmor: delete the dentry in aafs_remove() to avoid a leakChris Coulson2019-12-051-0/+1
* ima: always return negative code for errorSascha Hauer2019-10-111-1/+4
* smack: use GFP_NOFS while holding inode_smack::smk_lockEric Biggers2019-10-072-4/+4
* Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is setJann Horn2019-10-071-1/+2
* security: smack: Fix possible null-pointer dereferences in smack_socket_sock_...Jia-Ju Bai2019-10-071-0/+2
* keys: Fix missing null pointer check in request_key_auth_describe()Hillf Danton2019-09-211-0/+6
* selinux: fix memory leak in policydb_init()Ondrej Mosnacek2019-08-061-1/+5
* apparmor: enforce nullbyte at end of tag stringJann Horn2019-06-251-1/+1
* ima: show rules with IMA_INMASK correctlyRoberto Sassu2019-06-091-9/+12
* apparmorfs: fix use-after-free on symlink traversalAl Viro2019-05-251-4/+9
* securityfs: fix use-after-free on symlink traversalAl Viro2019-05-251-4/+9
* ima: open a new file instance if no read permissionsGoldwyn Rodrigues2019-05-161-20/+34
* selinux: never allow relabeling on context mountsOndrej Mosnacek2019-05-081-9/+31
* selinux: use kernel linux/socket.h for genheaders and mdpPaulo Alcantara2019-05-041-0/+1
* device_cgroup: fix RCU imbalance in error caseJann Horn2019-04-271-1/+1
* selinux: do not override context on context mountsOndrej Mosnacek2019-04-051-1/+8
* security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblockJ. Bruce Fields2019-03-231-1/+4
* keys: Fix dependency loop between construction record and auth keyDavid Howells2019-03-235-62/+41
* missing barriers in some of unix_sock ->addr and ->path accessesAl Viro2019-03-191-4/+6
* apparmor: Fix aa_label_build() error handling for failed mergesJohn Johansen2019-03-131-1/+4
* KEYS: always initialize keyring_index_key::desc_lenEric Biggers2019-02-274-6/+4
* KEYS: allow reaching the keys quotas exactlyEric Biggers2019-02-271-2/+2
* smack: fix access permissions for keyringZoran Markovic2019-02-121-3/+9
* selinux: always allow mounting submountsOndrej Mosnacek2019-01-261-1/+1
* selinux: fix GPF on invalid policyStephen Smalley2019-01-231-1/+2
* LSM: Check for NULL cred-security on freeJames Morris2019-01-231-0/+7
* Yama: Check for pid death before checking ancestryKees Cook2019-01-231-1/+3
* selinux: policydb - fix byte order and alignment issuesOndrej Mosnacek2019-01-131-15/+36