summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* tomoyo: fallback to realpath if symlink's pathname does not existTetsuo Handa2024-10-101-3/+6
* proc: add config & param to block forcing mem writesAdrian Ratiu2024-10-101-0/+32
* bpf: lsm: Set bpf_lsm_blob_sizes.lbs_task to 0Song Liu2024-10-041-1/+0
* lsm: infrastructure management of the sock securityCasey Schaufler2024-10-0410-113/+132
* lsm: add the inode_free_security_rcu() LSM implementation hookPaul Moore2024-10-045-33/+32
* smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipsoJiawei Ye2024-10-041-1/+1
* smack: unix sockets: fix accept()ed socket labelKonstantin Andreev2024-09-121-3/+9
* smack: tcp: ipv4, fix incorrect labelingCasey Schaufler2024-09-081-1/+1
* apparmor: fix possible NULL pointer dereferenceLeesoo Ahn2024-09-081-0/+4
* apparmor: fix policy_unpack_test on big endian systemsGuenter Roeck2024-09-041-3/+3
* selinux,smack: don't bypass permissions check in inode_setsecctx hookScott Mayhew2024-09-042-4/+4
* selinux: add the processing of the failure of avc_add_xperms_decision()Zhen Lei2024-08-291-1/+5
* selinux: fix potential counting error in avc_add_xperms_decision()Zhen Lei2024-08-291-1/+1
* KEYS: trusted: dcp: fix leak of blob encryption keyDavid Gstir2024-08-291-12/+21
* KEYS: trusted: fix DCP blob payload length assignmentDavid Gstir2024-08-291-1/+1
* selinux: revert our use of vma_is_initial_heap()Paul Moore2024-08-291-1/+11
* selinux,smack: remove the capability checks in the removexattr hooksPaul Moore2024-08-032-10/+3
* apparmor: unpack transition table if dfa is not presentGeorgia Garcia2024-08-031-17/+25
* apparmor: Fix null pointer deref when receiving skb during sock creationXiao Liang2024-08-031-0/+7
* task_work: s/task_work_cancel()/task_work_cancel_func()/Frederic Weisbecker2024-08-031-1/+1
* apparmor: use kvfree_sensitive to free data->dataFedor Pchelkin2024-08-032-1/+2
* lsm: fixup the inode xattr capability handlingPaul Moore2024-08-033-32/+97
* landlock: Don't lose track of restrictions on cred_transferJann Horn2024-08-031-2/+9
* Merge tag 'integrity-v6.10-fix' of ssh://ra.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds2024-07-051-2/+1
|\
| * ima: fix wrong zero-assignment during securityfs dentry removeEnrico Bravi2024-06-031-2/+1
* | Merge tag 'lsm-pr-20240617' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2024-06-178-17/+27
|\ \
| * | ima: Avoid blocking in RCU read-side critical sectionGUO Zihua2024-06-138-17/+27
* | | Merge tag 'mm-hotfixes-stable-2024-06-17-11-43' of git://git.kernel.org/pub/s...Linus Torvalds2024-06-171-15/+0
|\ \ \
| * | | Revert "mm: init_mlocked_on_free_v3"David Hildenbrand2024-06-151-15/+0
| |/ /
* | | Merge tag 'hardening-v6.10-rc5' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2024-06-171-0/+1
|\ \ \ | |/ / |/| |
| * | yama: document function parameterChristian Göttsche2024-06-061-0/+1
| |/
* / tomoyo: update project linksTetsuo Handa2024-06-032-2/+2
|/
* landlock: Fix d_parent walkMickaël Salaün2024-05-311-2/+11
* Merge tag 'hardening-v6.10-rc1-fixes' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds2024-05-241-0/+3
|\
| * loadpin: Prevent SECURITY_LOADPIN_ENFORCE=y without module decompressionStephen Boyd2024-05-181-0/+3
* | KEYS: trusted: Do not use WARN when encode failsJarkko Sakkinen2024-05-211-1/+2
* | KEYS: trusted: Fix memory leak in tpm2_key_encode()Jarkko Sakkinen2024-05-211-6/+18
* | Merge tag 'mm-stable-2024-05-17-19-19' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds2024-05-191-0/+15
|\ \
| * | mm: init_mlocked_on_free_v3York Jasper Niebuhr2024-04-251-0/+15
* | | Merge tag 'kbuild-v6.10' of git://git.kernel.org/pub/scm/linux/kernel/git/mas...Linus Torvalds2024-05-181-1/+1
|\ \ \
| * | | kbuild: use $(src) instead of $(srctree)/$(src) for source directoryMasahiro Yamada2024-05-101-1/+1
| |/ /
* | | Merge tag 'landlock-6.10-rc1' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds2024-05-183-5/+224
|\ \ \
| * | | landlock: Add IOCTL access right for character and block devicesGünther Noack2024-05-133-5/+224
| |/ /
* | | Merge tag 'integrity-v6.10' of ssh://ra.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds2024-05-1517-90/+325
|\ \ \
| * | | ima: add crypto agility support for template-hash algorithmEnrico Bravi2024-04-124-18/+132
| * | | evm: Rename is_unsupported_fs to is_unsupported_hmac_fsStefan Berger2024-04-091-9/+10
| * | | fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTEDStefan Berger2024-04-091-1/+1
| * | | evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509Stefan Berger2024-04-091-5/+7
| * | | ima: re-evaluate file integrity on file metadata changeStefan Berger2024-04-091-1/+13
| * | | evm: Store and detect metadata inode attributes changesStefan Berger2024-04-093-10/+49
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-18 01:50:49 +0000