summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* ima: re-initialize iint->atomic_flagsMimi Zohar2018-12-011-0/+1
* ima: re-introduce own integrity cache lockDmitry Kasatkin2018-12-014-40/+77
* EVM: Add support for portable signature formatMatthew Garrett2018-12-015-21/+91
* ima: always measure and audit files in policyMimi Zohar2018-12-013-30/+56
* Revert "evm: Translate user/group ids relative to s_user_ns when computing HMAC"Eric W. Biederman2018-12-011-2/+10
* selinux: Add __GFP_NOWARN to allocation at str_read()Tetsuo Handa2018-12-011-1/+1
* ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers2018-11-131-3/+3
* evm: Don't deadlock if a crypto algorithm is unavailableMatthew Garrett2018-09-261-1/+2
* Smack: Fix handling of IPv4 traffic received by PF_INET6 socketsPiotr Sawicki2018-09-261-5/+9
* selinux: use GFP_NOWAIT in the AVC kmem_cachesMichal Hocko2018-09-191-8/+6
* Smack: Mark inode instant in smack_task_to_inodeCasey Schaufler2018-08-241-0/+1
* ima: based on policy verify firmware signatures (pre-allocated buffer)Mimi Zohar2018-08-031-0/+1
* selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover2018-06-061-1/+1
* Revert "ima: limit file hash setting by user to fix and log modes"Mimi Zohar2018-06-061-6/+2
* ima: Fallback to the builtin hash algorithmPetr Vorel2018-05-302-0/+15
* integrity/security: fix digsig.c build error with header fileRandy Dunlap2018-05-301-0/+1
* selinux: do not check open permission on socketsStephen Smalley2018-04-131-3/+7
* selinux: Remove redundant check for unknown labeling behaviorMatthias Kaehlcke2018-04-081-16/+0
* selinux: Remove unnecessary check of array base in selinux_set_mapping()Matthias Kaehlcke2018-04-081-1/+1
* ima: relax requiring a file signature for new files with zero lengthMimi Zohar2018-03-221-1/+2
* apparmor: Make path_max parameter readonlyJohn Johansen2018-03-221-1/+1
* selinux: check for address length in selinux_socket_bind()Alexander Potapenko2018-03-221-0/+8
* security/keys: BIG_KEY requires CONFIG_CRYPTOArnd Bergmann2018-02-251-0/+1
* selinux: skip bounded transition processing if the policy isn't loadedPaul Moore2018-02-251-0/+3
* selinux: ensure the context is NUL terminated in security_context_to_sid_core()Paul Moore2018-02-251-10/+8
* KEYS: encrypted: fix buffer overread in valid_master_desc()Eric Biggers2018-02-131-16/+15
* KPTI: Rename to PAGE_TABLE_ISOLATIONKees Cook2018-01-051-1/+1
* x86/kaiser: Reenable PARAVIRTBorislav Petkov2018-01-051-1/+1
* kaiser: delete KAISER_REAL_SWITCH optionHugh Dickins2018-01-051-4/+0
* kaiser: KAISER depends on SMPHugh Dickins2018-01-051-4/+6
* kaiser: merged updateDave Hansen2018-01-051-0/+5
* KAISER: Kernel Address IsolationRichard Fellner2018-01-051-0/+7
* KEYS: add missing permission check for request_key() destinationEric Biggers2017-12-141-9/+37
* ima: fix hash algorithm initializationBoshi Wang2017-12-091-0/+4
* ima: do not update security.ima if appraisal status is not INTEGRITY_PASSRoberto Sassu2017-11-241-0/+3
* security/keys: add CONFIG_KEYS_COMPAT to KconfigBilal Amarni2017-11-181-0/+4
* KEYS: trusted: fix writing past end of buffer in trusted_read()Eric Biggers2017-11-151-11/+12
* KEYS: trusted: sanitize all key materialEric Biggers2017-11-151-28/+22
* apparmor: fix undefined reference to `aa_g_hash_policy'John Johansen2017-11-151-1/+1
* KEYS: return full count in keyring_read() if buffer is too smallEric Biggers2017-11-081-20/+19
* KEYS: Fix race between updating and finding a negative keyDavid Howells2017-10-2712-39/+49
* KEYS: don't let add_key() update an uninstantiated keyDavid Howells2017-10-271-0/+10
* KEYS: encrypted: fix dereference of NULL user_key_payloadEric Biggers2017-10-271-0/+7
* lsm: fix smack_inode_removexattr and xattr_getsecurity memleakCasey Schaufler2017-10-121-30/+25
* KEYS: prevent KEYCTL_READ on negative keyEric Biggers2017-10-051-0/+5
* KEYS: prevent creating a different user's keyringsEric Biggers2017-10-054-12/+21
* KEYS: fix writing past end of user-supplied buffer in keyring_read()Eric Biggers2017-10-051-9/+5
* security/keys: rewrite all of big_key cryptoJason A. Donenfeld2017-10-052-71/+59
* security/keys: properly zero out sensitive key material in big_keyJason A. Donenfeld2017-10-051-6/+6
* KEYS: Fix an error code in request_master_key()Dan Carpenter2017-07-121-1/+1
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 20:40:54 +0000