summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file cap...Eric W. Biederman2021-03-121-11/+1
* Merge tag 'keys-misc-20210126' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds2021-02-238-21/+18
|\
| * certs: Fix blacklist flag type confusionDavid Howells2021-01-212-3/+4
| * KEYS: remove redundant memsetTom Rix2021-01-211-2/+0
| * security: keys: delete repeated words in commentsRandy Dunlap2021-01-212-3/+3
| * security/keys: use kvfree_sensitive()Denis Efremov2021-01-211-6/+3
| * watch_queue: Drop references to /dev/watch_queueGabriel Krisman Bertazi2021-01-211-4/+4
| * keys: Remove outdated __user annotationsJann Horn2021-01-211-3/+3
| * security: keys: Fix fall-through warnings for ClangGustavo A. R. Silva2021-01-211-0/+1
* | Merge tag 'idmapped-mounts-v5.12' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds2021-02-2318-115/+240
|\ \
| * | ima: handle idmapped mountsChristian Brauner2021-01-247-40/+68
| * | apparmor: handle idmapped mountsChristian Brauner2021-01-243-10/+24
| * | fs: make helpers idmap mount awareChristian Brauner2021-01-242-2/+3
| * | commoncap: handle idmapped mountsChristian Brauner2021-01-244-37/+84
| * | xattr: handle idmapped mountsTycho Andersen2021-01-247-20/+24
| * | acl: handle idmapped mountsChristian Brauner2021-01-241-7/+38
| * | inode: make init and permission helpers idmapped mount awareChristian Brauner2021-01-241-2/+2
| * | capability: handle idmapped mountsChristian Brauner2021-01-241-2/+3
| |/
* | Merge branch 'userns-for-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2021-02-221-1/+11
|\ \
| * | capabilities: Don't allow writing ambiguous v3 file capabilitiesEric W. Biederman2020-12-291-1/+11
* | | Merge branch 'work.audit' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds2021-02-221-2/+3
|\ \ \
| * | | make dump_common_audit_data() safe to be called from RCU pathwalkAl Viro2021-01-161-2/+3
| | |/ | |/|
* | | Merge tag 'tpmdd-next-v5.12-rc1-v2' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds2021-02-212-8/+36
|\ \ \
| * | | KEYS: trusted: Reserve TPM for seal and unseal operationsJarkko Sakkinen2021-02-161-4/+18
| * | | KEYS: trusted: Fix migratable=1 failingJarkko Sakkinen2021-02-161-1/+1
| * | | KEYS: trusted: Fix incorrect handling of tpm_get_random()Jarkko Sakkinen2021-02-161-3/+17
* | | | Merge tag 'Smack-for-v5.12' of git://github.com/cschaufler/smack-nextLinus Torvalds2021-02-211-2/+19
|\ \ \ \
| * | | | smackfs: restrict bytes count in smackfs write functionsSabyrzhan Tasbolatov2021-02-021-2/+19
| | |/ / | |/| |
* | | | Merge tag 'integrity-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2021-02-2116-52/+301
|\ \ \ \
| * | | | integrity: Make function integrity_add_key() staticWei Yongjun2021-02-121-2/+2
| * | | | Merge branch 'ima-kexec-fixes' into next-integrityMimi Zohar2021-02-101-0/+3
| |\ \ \ \
| | * | | | ima: Free IMA measurement buffer after kexec syscallLakshmi Ramasubramanian2021-02-101-0/+2
| | * | | | ima: Free IMA measurement buffer on errorLakshmi Ramasubramanian2021-02-101-0/+1
| | | |_|/ | | |/| |
| * | | | IMA: Measure kernel version in early bootRaphael Gianotti2021-01-261-0/+5
| * | | | selinux: include a consumer of the new IMA critical data hookLakshmi Ramasubramanian2021-01-145-10/+127
| * | | | IMA: define a builtin critical data measurement policyLakshmi Ramasubramanian2021-01-141-0/+12
| * | | | IMA: extend critical data hook to limit the measurement based on a labelTushar Sugandhi2021-01-141-3/+5
| * | | | IMA: limit critical data measurement based on a labelTushar Sugandhi2021-01-141-3/+34
| * | | | IMA: add policy rule to measure critical dataTushar Sugandhi2021-01-141-4/+25
| * | | | IMA: define a hook to measure kernel integrity critical dataTushar Sugandhi2021-01-143-1/+26
| * | | | IMA: add support to measure buffer data hashTushar Sugandhi2021-01-145-9/+30
| * | | | IMA: generalize keyring specific measurement constructsTushar Sugandhi2021-01-144-26/+35
| * | | | evm: Fix memleak in init_descDinghao Liu2021-01-131-2/+5
| |/ / /
* | | | Merge tag 'selinux-pr-20210215' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2021-02-2116-51/+141
|\ \ \ \
| * | | | selinux: teach SELinux about anonymous inodesDaniel Colascione2021-01-142-0/+59
| * | | | security: add inode_init_security_anon() LSM hookLokesh Gidra2021-01-141-0/+8
| * | | | selinux: fall back to SECURITY_FS_USE_GENFS if no xattr supportOndrej Mosnacek2021-01-131-25/+52
| * | | | selinux: mark selinux_xfrm_refcount as __read_mostlyOndrej Mosnacek2021-01-121-1/+1
| * | | | selinux: mark some global variables __ro_after_initOndrej Mosnacek2021-01-126-12/+12
| * | | | selinux: make selinuxfs_mount staticOndrej Mosnacek2021-01-122-2/+1