summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* x86/msr: Restrict MSR access when the kernel is locked downMatthew Garrett2019-08-191-0/+1
* x86: Lock down IO port access when the kernel is locked downMatthew Garrett2019-08-191-0/+1
* PCI: Lock down BAR access when the kernel is locked downMatthew Garrett2019-08-191-0/+1
* hibernate: Disable when the kernel is locked downJosh Boyer2019-08-191-0/+1
* kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCEJiri Bohac2019-08-192-2/+2
* kexec_load: Disable at runtime if the kernel is locked downMatthew Garrett2019-08-191-0/+1
* lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked downMatthew Garrett2019-08-191-0/+1
* lockdown: Enforce module signatures if the kernel is locked downDavid Howells2019-08-192-0/+2
* security: Add a static lockdown policy LSMMatthew Garrett2019-08-195-5/+224
* security: Add a "locked down" LSM hookMatthew Garrett2019-08-191-0/+6
* security: Support early LSMsMatthew Garrett2019-08-191-8/+42
* Merge tag 'spdx-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gre...Linus Torvalds2019-06-2115-61/+15
|\
| * treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500Thomas Gleixner2019-06-1915-61/+15
* | apparmor: reset pos on failure to unpack for various functionsMike Salvatore2019-06-181-8/+39
* | apparmor: enforce nullbyte at end of tag stringJann Horn2019-06-181-1/+1
* | apparmor: fix PROFILE_MEDIATES for untrusted inputJohn Johansen2019-06-181-1/+10
|/
* Smack: Restore the smackfsdef mount option and add missing prefixesCasey Schaufler2019-06-141-5/+7
* Merge tag 'selinux-pr-20190612' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2019-06-122-13/+36
|\
| * selinux: fix a missing-check bug in selinux_sb_eat_lsm_opts()Gen Zhang2019-06-121-6/+14
| * selinux: fix a missing-check bug in selinux_add_mnt_opt( )Gen Zhang2019-06-121-5/+14
| * selinux: log raw contexts as untrusted stringsOndrej Mosnacek2019-06-111-2/+8
* | treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441Thomas Gleixner2019-06-0572-352/+72
* | treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 372Thomas Gleixner2019-06-0511-39/+11
* | treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295Thomas Gleixner2019-06-056-66/+6
* | treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282Thomas Gleixner2019-06-051-9/+1
* | Merge branch 'next-fixes-for-5.2-rc' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2019-05-312-12/+19
|\ \
| * | ima: show rules with IMA_INMASK correctlyRoberto Sassu2019-05-291-9/+12
| * | evm: check hash algorithm passed to init_desc()Roberto Sassu2019-05-291-0/+3
| * | ima: fix wrong signed policy requirement when not appraisingPetr Vorel2019-05-191-3/+4
* | | treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152Thomas Gleixner2019-05-3016-81/+16
* | | Merge tag 'spdx-5.2-rc2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/g...Linus Torvalds2019-05-245-25/+5
|\ \ \
| * | | treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36Thomas Gleixner2019-05-245-25/+5
* | | | Merge tag 'selinux-pr-20190521' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2019-05-211-2/+8
|\ \ \ \ | |/ / / |/| | / | | |/ | |/|
| * | selinux: do not report error on connect(AF_UNSPEC)Paolo Abeni2019-05-201-2/+8
* | | treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13Thomas Gleixner2019-05-212-30/+2
* | | treewide: Add SPDX license identifier - Makefile/KconfigThomas Gleixner2019-05-2117-0/+17
| |/ |/|
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds2019-05-131-4/+4
|\ \
| * | Revert "selinux: do not report error on connect(AF_UNSPEC)"Paolo Abeni2019-05-101-4/+4
* | | tomoyo: Don't emit WARNING: string while fuzzing testing.Tetsuo Handa2019-05-101-0/+2
* | | tomoyo: Change pathname calculation for read-only filesystems.Tetsuo Handa2019-05-101-1/+2
* | | tomoyo: Check address length before reading address familyTetsuo Handa2019-05-101-0/+4
* | | tomoyo: Add a kernel config option for fuzzing testing.Tetsuo Handa2019-05-102-1/+22
|/ /
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds2019-05-091-4/+4
|\ \
| * | selinux: do not report error on connect(AF_UNSPEC)Paolo Abeni2019-05-081-4/+4
* | | Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jm...Linus Torvalds2019-05-093-45/+45
|\ \ \ | |/ / |/| |
| * | Merge branch 'smack-for-5.2-b' of https://github.com/cschaufler/next-smack in...James Morris2019-05-061-0/+2
| |\ \
| | * | Smack: Fix kbuild reported build errorCasey Schaufler2019-04-301-0/+2
| * | | Merge branch 'smack-for-5.2-b' of https://github.com/cschaufler/next-smack in...James Morris2019-04-301-4/+15
| |\| |
| | * | smack: Check address length before reading address familyTetsuo Handa2019-04-291-4/+15
| * | | Merge branch 'smack-for-5.2' of https://github.com/cschaufler/next-smack into...James Morris2019-04-153-41/+28
| |\| |