summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* selinux: initialize proto variable in selinux_ip_postroute_compat()Tom Rix2022-01-051-1/+1
* tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()Tetsuo Handa2022-01-051-10/+7
* tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().Dmitry Vyukov2022-01-051-7/+7
* selinux: fix NULL-pointer dereference when hashtab allocation failsOndrej Mosnacek2021-11-261-5/+12
* fortify: Explicitly disable Clang supportKees Cook2021-11-211-0/+3
* apparmor: fix error checkTom Rix2021-11-181-2/+2
* smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doiTetsuo Handa2021-11-181-1/+1
* smackfs: use __GFP_NOFAIL for smk_cipso_doi()Tetsuo Handa2021-11-181-3/+1
* smackfs: Fix use-after-free in netlbl_catmap_walk()Pawan Gupta2021-11-181-1/+4
* evm: mark evm_fixmode as __ro_after_initAustin Kim2021-11-181-1/+1
* selinux: fix race condition when computing ocontext SIDsOndrej Mosnacek2021-11-181-85/+77
* binder: use cred instead of task for selinux checksTodd Kjos2021-11-182-28/+22
* Smack: Fix wrong semantics in smk_access_entry()Tianjia Zhang2021-09-181-9/+8
* IMA: remove the dependency on CRYPTO_MD5THOBY Simon2021-09-151-1/+0
* IMA: remove -Wmissing-prototypes warningAustin Kim2021-09-151-1/+1
* bpf: Add lockdown check for probe_write_user helperDaniel Borkmann2021-08-151-0/+1
* selinux: correct the return value when loads initial sidsXiu Jianfeng2021-08-121-6/+4
* smackfs: restrict bytes count in smk_set_cipso()Tetsuo Handa2021-07-191-0/+2
* selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVCMinchan Kim2021-07-191-6/+7
* evm: fix writing <securityfs>/evm overflowMimi Zohar2021-07-141-2/+3
* evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loadedRoberto Sassu2021-07-141-4/+4
* evm: Execute evm_inode_init_security() only when an HMAC key is loadedRoberto Sassu2021-07-141-2/+3
* integrity: Load mokx variables into the blacklist keyringEric Snowberg2021-06-301-2/+18
* certs: Add EFI_CERT_X509_GUID support for dbx entriesEric Snowberg2021-06-301-0/+11
* KEYS: trusted: Fix memory leak on object tdColin Ian King2021-05-191-3/+5
* ima: Fix the error code for restoring the PCR valueLi Huafei2021-05-141-2/+2
* security: keys: trusted: fix TPM2 authorizationsJames Bottomley2021-05-142-10/+32
* selinux: add proper NULL termination to the secclass_map permissionsPaul Moore2021-05-141-2/+3
* security: commoncap: fix -Wstringop-overread warningArnd Bergmann2021-05-111-1/+1
* KEYS: trusted: Fix TPM reservation for seal/unsealJames Bottomley2021-04-281-1/+1
* selinux: fix race between old and new sidtabOndrej Mosnacek2021-04-143-37/+145
* selinux: fix cond_list corruption when changing booleansOndrej Mosnacek2021-04-143-69/+33
* selinux: make nslot handling in avtab more robustOndrej Mosnacek2021-04-141-10/+11
* integrity: double check iint_cache was initializedMimi Zohar2021-03-301-0/+8
* selinux: fix variable scope issue in live sidtab conversionOndrej Mosnacek2021-03-303-33/+55
* selinux: don't log MAC_POLICY_LOAD record on failed policy loadOndrej Mosnacek2021-03-301-2/+1
* Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file cap...Eric W. Biederman2021-03-171-11/+1
* tomoyo: recognize kernel threads correctlyTetsuo Handa2021-03-091-1/+1
* tomoyo: ignore data race while checking quotaTetsuo Handa2021-03-073-24/+24
* smackfs: restrict bytes count in smackfs write functionsSabyrzhan Tasbolatov2021-03-071-2/+19
* KEYS: trusted: Reserve TPM for seal and unseal operationsJarkko Sakkinen2021-03-041-4/+18
* KEYS: trusted: Fix migratable=1 failingJarkko Sakkinen2021-03-041-1/+1
* KEYS: trusted: Fix incorrect handling of tpm_get_random()Jarkko Sakkinen2021-03-041-3/+17
* selinux: fix inconsistency between inode_getxattr and inode_listsecurityAmir Goldstein2021-03-041-0/+4
* certs: Fix blacklist flag type confusionDavid Howells2021-03-042-3/+4
* watch_queue: Drop references to /dev/watch_queueGabriel Krisman Bertazi2021-03-041-4/+4
* capabilities: Don't allow writing ambiguous v3 file capabilitiesEric W. Biederman2021-03-041-1/+11
* ima: Free IMA measurement buffer after kexec syscallLakshmi Ramasubramanian2021-03-041-0/+2
* ima: Free IMA measurement buffer on errorLakshmi Ramasubramanian2021-03-041-0/+1
* evm: Fix memleak in init_descDinghao Liu2021-03-041-2/+5
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-04 03:37:38 +0000