summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* ima: Don't ignore errors from crypto_shash_update()Roberto Sassu2020-10-291-0/+2
* selinux: sel_avc_get_stat_idx should increase position indexVasily Averin2020-10-011-0/+1
* Smack: prevent underflow in smk_set_cipso()Dan Carpenter2020-08-211-1/+1
* Smack: fix another vsscanf out of boundsDan Carpenter2020-08-211-0/+4
* Smack: fix use-after-free in smk_write_relabel_self()Eric Biggers2020-08-211-2/+11
* selinux: fix double freeTom Rix2020-06-301-0/+4
* evm: Fix possible memory leak in evm_calc_hmac_or_hash()Roberto Sassu2020-06-201-1/+1
* ima: Directly assign the ima_default_policy pointer to ima_rulesRoberto Sassu2020-06-201-2/+1
* ima: Fix ima digest hash table key calculationKrzysztof Struczynski2020-06-201-3/+4
* Smack: slab-out-of-bounds in vsscanfCasey Schaufler2020-06-201-0/+10
* exec: Always set cap_ambient in cap_bprm_set_credsEric W. Biederman2020-06-031-0/+1
* ima: Fix return value of ima_write_policy()Roberto Sassu2020-05-271-2/+1
* evm: Check also if *tfm is an error pointer in init_desc()Roberto Sassu2020-05-271-1/+1
* selinux: properly handle multiple messages in selinux_netlink_send()Paul Moore2020-05-051-24/+44
* KEYS: reaching the keys quotas correctlyYang Xu2020-04-242-3/+3
* selinux: ensure we cleanup the internal AVC counters on error in avc_update()Jaihind Yadav2020-02-281-1/+1
* keys: Timestamp new keysDavid Howells2020-01-291-0/+1
* ima: always return negative code for errorSascha Hauer2019-10-171-1/+4
* smack: use GFP_NOFS while holding inode_smack::smk_lockEric Biggers2019-10-072-3/+3
* Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is setJann Horn2019-10-071-1/+2
* security: smack: Fix possible null-pointer dereferences in smack_socket_sock_...Jia-Ju Bai2019-10-071-0/+2
* keys: Fix missing null pointer check in request_key_auth_describe()Hillf Danton2019-09-211-0/+6
* selinux: fix memory leak in policydb_init()Ondrej Mosnacek2019-08-061-1/+5
* apparmor: enforce nullbyte at end of tag stringJann Horn2019-07-101-1/+1
* selinux: never allow relabeling on context mountsOndrej Mosnacek2019-05-081-9/+31
* device_cgroup: fix RCU imbalance in error caseJann Horn2019-04-271-1/+1
* selinux: do not override context on context mountsOndrej Mosnacek2019-04-051-1/+8
* missing barriers in some of unix_sock ->addr and ->path accessesAl Viro2019-03-191-4/+6
* KEYS: restrict /proc/keys by credentials at open timeEric Biggers2019-03-191-6/+2
* KEYS: always initialize keyring_index_key::desc_lenEric Biggers2019-02-274-6/+4
* KEYS: allow reaching the keys quotas exactlyEric Biggers2019-02-271-2/+2
* smack: fix access permissions for keyringZoran Markovic2019-02-121-3/+9
* selinux: always allow mounting submountsOndrej Mosnacek2019-01-261-1/+1
* selinux: fix GPF on invalid policyStephen Smalley2019-01-231-1/+2
* LSM: Check for NULL cred-security on freeJames Morris2019-01-231-0/+7
* Yama: Check for pid death before checking ancestryKees Cook2019-01-231-1/+3
* ima: re-initialize iint->atomic_flagsMimi Zohar2018-12-011-0/+1
* ima: re-introduce own integrity cache lockDmitry Kasatkin2018-12-014-40/+77
* EVM: Add support for portable signature formatMatthew Garrett2018-12-015-21/+91
* ima: always measure and audit files in policyMimi Zohar2018-12-013-30/+56
* Revert "evm: Translate user/group ids relative to s_user_ns when computing HMAC"Eric W. Biederman2018-12-011-2/+10
* selinux: Add __GFP_NOWARN to allocation at str_read()Tetsuo Handa2018-12-011-1/+1
* ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers2018-11-131-3/+3
* evm: Don't deadlock if a crypto algorithm is unavailableMatthew Garrett2018-09-261-1/+2
* Smack: Fix handling of IPv4 traffic received by PF_INET6 socketsPiotr Sawicki2018-09-261-5/+9
* selinux: use GFP_NOWAIT in the AVC kmem_cachesMichal Hocko2018-09-191-8/+6
* Smack: Mark inode instant in smack_task_to_inodeCasey Schaufler2018-08-241-0/+1
* ima: based on policy verify firmware signatures (pre-allocated buffer)Mimi Zohar2018-08-031-0/+1
* selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover2018-06-061-1/+1
* Revert "ima: limit file hash setting by user to fix and log modes"Mimi Zohar2018-06-061-6/+2