summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* lockdown: Fix kexec lockdown bypass with ima policyEric Snowberg2022-07-291-0/+4
* x86/retbleed: Add fine grained Kconfig knobsPeter Zijlstra2022-07-231-11/+0
* ima: Fix potential memory leak in ima_init_crypto()Jianglei Nie2022-07-211-0/+1
* ima: force signature verification when CONFIG_KEXEC_SIG is configuredCoiby Xu2022-07-211-0/+2
* ima: Fix a potential integer overflow in ima_appraise_measurementHuaxin Lu2022-07-211-1/+2
* Revert "evm: Fix memleak in init_desc"Xiu Jianfeng2022-07-211-5/+2
* fs: support mapped mounts of mapped filesystemsChristian Brauner2022-07-021-5/+4
* fs: use low-level mapping helpersChristian Brauner2022-07-021-5/+8
* fs: move mapping helpersChristian Brauner2022-07-021-0/+1
* KEYS: trusted: tpm2: Fix migratable logicDavid Safford2022-06-141-2/+2
* ima: remove the IMA_TEMPLATE Kconfig optionGUO Zihua2022-06-091-8/+6
* landlock: Fix same-layer rule unionsMickaël Salaün2022-06-092-26/+54
* landlock: Create find_rule() from unmask_layers()Mickaël Salaün2022-06-091-13/+28
* landlock: Reduce the maximum number of layers to 16Mickaël Salaün2022-06-093-11/+12
* landlock: Define access_mask_t to enforce a consistent access mask sizeMickaël Salaün2022-06-095-15/+30
* landlock: Change landlock_restrict_self(2) check orderingMickaël Salaün2022-06-091-4/+4
* landlock: Change landlock_add_rule(2) argument check orderingMickaël Salaün2022-06-091-9/+13
* landlock: Fix landlock_add_rule(2) documentationMickaël Salaün2022-06-091-4/+3
* landlock: Format with clang-formatMickaël Salaün2022-06-0910-136/+142
* landlock: Add clang-format exceptionsMickaël Salaün2022-06-092-0/+6
* efi: Do not import certificates from UEFI Secure Boot for T2 MacsAditya Garg2022-06-092-0/+41
* lockdown: also lock down previous kgdb useDaniel Thompson2022-05-251-0/+2
* selinux: fix bad cleanup on error in hashtab_duplicate()Ondrej Mosnacek2022-05-251-1/+2
* Fix incorrect type in assignment of ipv6 port for auditCasey Schaufler2022-04-081-1/+1
* selinux: allow FIOCLEX and FIONCLEX with policy capabilityRichard Haines2022-04-084-1/+16
* selinux: use correct type for context lengthChristian Göttsche2022-04-081-1/+1
* LSM: general protection fault in legacy_parse_paramCasey Schaufler2022-04-082-5/+17
* TOMOYO: fix __setup handlers return valuesRandy Dunlap2022-04-081-2/+2
* KEYS: trusted: Avoid calling null function trusted_key_exitDave Kleikamp2022-04-081-1/+1
* KEYS: trusted: Fix trusted key backends when building as moduleAndreas Rammhold2022-04-081-2/+2
* EVM: fix the evm= __setup handler return valueRandy Dunlap2022-04-081-1/+1
* selinux: Fix selinux_sb_mnt_opts_compat()Scott Mayhew2022-04-081-34/+41
* selinux: check return value of sel_make_avc_filesChristian Göttsche2022-04-081-0/+2
* selinux: access superblock_security_struct in LSM blob wayGONG, Ruiqi2022-04-081-2/+2
* landlock: Use square brackets around "landlock-ruleset"Christian Brauner2022-04-081-1/+1
* KEYS: fix length validation in keyctl_pkey_params_get_2()Eric Biggers2022-04-081-3/+11
* selinux: fix misuse of mutex_is_locked()Ondrej Mosnacek2022-03-021-2/+2
* ima: Do not print policy rule with inactive LSM labelsStefan Berger2022-02-161-0/+8
* ima: Allow template selection with ima_template[_fmt]= after ima_hash=Roberto Sassu2022-02-161-3/+7
* ima: Remove ima_policy file before directoryStefan Berger2022-02-161-1/+1
* ima: fix reference leak in asymmetric_verify()Eric Biggers2022-02-161-6/+9
* integrity: check the return value of audit_log_start()Xiaoke Wang2022-02-161-0/+2
* selinux: fix double free of cond_list on error pathsVratislav Bendel2022-02-081-1/+2
* selinux: fix potential memleak in selinux_add_opt()Bernard Zhao2022-01-271-2/+10
* selinux: initialize proto variable in selinux_ip_postroute_compat()Tom Rix2022-01-051-1/+1
* tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()Tetsuo Handa2022-01-051-10/+7
* tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().Dmitry Vyukov2022-01-051-7/+7
* selinux: fix sleeping function called from invalid contextScott Mayhew2021-12-221-14/+19
* selinux: fix NULL-pointer dereference when hashtab allocation failsOndrej Mosnacek2021-11-251-5/+12
* fortify: Explicitly disable Clang supportKees Cook2021-11-211-0/+3
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-18 02:00:03 +0000