summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* lockdown: Fix kexec lockdown bypass with ima policyEric Snowberg2022-07-291-0/+4
* x86/retbleed: Add fine grained Kconfig knobsPeter Zijlstra2022-07-251-11/+0
* ima: Fix potential memory leak in ima_init_crypto()Jianglei Nie2022-07-211-0/+1
* ima: Fix a potential integer overflow in ima_appraise_measurementHuaxin Lu2022-07-211-1/+2
* Revert "evm: Fix memleak in init_desc"Xiu Jianfeng2022-07-211-5/+2
* ima: remove the IMA_TEMPLATE Kconfig optionGUO Zihua2022-06-091-8/+6
* efi: Do not import certificates from UEFI Secure Boot for T2 MacsAditya Garg2022-06-092-0/+41
* lsm,selinux: pass flowi_common instead of flowi to the LSM hooksPaul Moore2022-06-094-17/+19
* lockdown: also lock down previous kgdb useDaniel Thompson2022-05-301-0/+2
* include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakageEugene Syromiatnikov2022-05-251-1/+3
* selinux: fix bad cleanup on error in hashtab_duplicate()Ondrej Mosnacek2022-05-251-1/+2
* Fix incorrect type in assignment of ipv6 port for auditCasey Schaufler2022-04-081-1/+1
* selinux: allow FIOCLEX and FIONCLEX with policy capabilityRichard Haines2022-04-084-1/+16
* selinux: use correct type for context lengthChristian Göttsche2022-04-081-1/+1
* LSM: general protection fault in legacy_parse_paramCasey Schaufler2022-04-082-5/+17
* TOMOYO: fix __setup handlers return valuesRandy Dunlap2022-04-081-2/+2
* EVM: fix the evm= __setup handler return valueRandy Dunlap2022-04-081-1/+1
* selinux: check return value of sel_make_avc_filesChristian Göttsche2022-04-081-0/+2
* KEYS: fix length validation in keyctl_pkey_params_get_2()Eric Biggers2022-04-081-3/+11
* ima: Do not print policy rule with inactive LSM labelsStefan Berger2022-02-161-0/+8
* ima: Allow template selection with ima_template[_fmt]= after ima_hash=Roberto Sassu2022-02-161-3/+7
* ima: Remove ima_policy file before directoryStefan Berger2022-02-161-1/+1
* integrity: check the return value of audit_log_start()Xiaoke Wang2022-02-161-0/+2
* selinux: fix double free of cond_list on error pathsVratislav Bendel2022-02-081-1/+2
* selinux: fix potential memleak in selinux_add_opt()Bernard Zhao2022-01-271-2/+10
* selinux: initialize proto variable in selinux_ip_postroute_compat()Tom Rix2022-01-051-1/+1
* tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()Tetsuo Handa2022-01-051-10/+7
* tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().Dmitry Vyukov2022-01-051-7/+7
* selinux: fix NULL-pointer dereference when hashtab allocation failsOndrej Mosnacek2021-11-261-5/+12
* fortify: Explicitly disable Clang supportKees Cook2021-11-211-0/+3
* apparmor: fix error checkTom Rix2021-11-181-2/+2
* smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doiTetsuo Handa2021-11-181-1/+1
* smackfs: use __GFP_NOFAIL for smk_cipso_doi()Tetsuo Handa2021-11-181-3/+1
* smackfs: Fix use-after-free in netlbl_catmap_walk()Pawan Gupta2021-11-181-1/+4
* evm: mark evm_fixmode as __ro_after_initAustin Kim2021-11-181-1/+1
* selinux: fix race condition when computing ocontext SIDsOndrej Mosnacek2021-11-181-85/+77
* binder: use cred instead of task for selinux checksTodd Kjos2021-11-182-28/+22
* Smack: Fix wrong semantics in smk_access_entry()Tianjia Zhang2021-09-181-9/+8
* IMA: remove the dependency on CRYPTO_MD5THOBY Simon2021-09-151-1/+0
* IMA: remove -Wmissing-prototypes warningAustin Kim2021-09-151-1/+1
* bpf: Add lockdown check for probe_write_user helperDaniel Borkmann2021-08-151-0/+1
* selinux: correct the return value when loads initial sidsXiu Jianfeng2021-08-121-6/+4
* smackfs: restrict bytes count in smk_set_cipso()Tetsuo Handa2021-07-191-0/+2
* selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVCMinchan Kim2021-07-191-6/+7
* evm: fix writing <securityfs>/evm overflowMimi Zohar2021-07-141-2/+3
* evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loadedRoberto Sassu2021-07-141-4/+4
* evm: Execute evm_inode_init_security() only when an HMAC key is loadedRoberto Sassu2021-07-141-2/+3
* integrity: Load mokx variables into the blacklist keyringEric Snowberg2021-06-301-2/+18
* certs: Add EFI_CERT_X509_GUID support for dbx entriesEric Snowberg2021-06-301-0/+11
* KEYS: trusted: Fix memory leak on object tdColin Ian King2021-05-191-3/+5
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 05:12:28 +0000