summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)Author
2019-01-26selinux: always allow mounting submountsOndrej Mosnacek
2019-01-23selinux: fix GPF on invalid policyStephen Smalley
2019-01-23LSM: Check for NULL cred-security on freeJames Morris
2019-01-23Yama: Check for pid death before checking ancestryKees Cook
2019-01-13selinux: policydb - fix byte order and alignment issuesOndrej Mosnacek
2018-12-01ima: re-initialize iint->atomic_flagsMimi Zohar
2018-12-01ima: re-introduce own integrity cache lockDmitry Kasatkin
2018-12-01EVM: Add support for portable signature formatMatthew Garrett
2018-12-01ima: always measure and audit files in policyMimi Zohar
2018-12-01selinux: Add __GFP_NOWARN to allocation at str_read()Tetsuo Handa
2018-11-27apparmor: Fix uninitialized value in aa_split_fqnameZubin Mithra
2018-11-13ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers
2018-09-29Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct membe...Lubomir Rintel
2018-09-26security: check for kstrdup() failure in lsm_append()Eric Biggers
2018-09-26evm: Don't deadlock if a crypto algorithm is unavailableMatthew Garrett
2018-09-26Smack: Fix handling of IPv4 traffic received by PF_INET6 socketsPiotr Sawicki
2018-09-15uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member nameRandy Dunlap
2018-09-09cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias()Eddie.Horng
2018-08-24Smack: Mark inode instant in smack_task_to_inodeCasey Schaufler
2018-08-03ima: based on policy verify firmware signatures (pre-allocated buffer)Mimi Zohar
2018-06-05selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover
2018-05-30ima: Fallback to the builtin hash algorithmPetr Vorel
2018-05-30ima: Fix Kconfig to select TPM 2.0 CRB interfaceJiandi An
2018-05-30integrity/security: fix digsig.c build error with header fileRandy Dunlap
2018-04-29commoncap: Handle memory allocation failure.Tetsuo Handa
2018-04-19apparmor: fix resource audit messages when auditing peerJohn Johansen
2018-04-19apparmor: fix display of .ns_name for containersJohn Johansen
2018-04-19apparmor: fix logging of the existence test for signalsJohn Johansen
2018-03-24/dev/mem: Add bounce buffer for copy-outKees Cook
2018-03-19ima: relax requiring a file signature for new files with zero lengthMimi Zohar
2018-02-25selinux: skip bounded transition processing if the policy isn't loadedPaul Moore
2018-02-25selinux: ensure the context is NUL terminated in security_context_to_sid_core()Paul Moore
2018-02-03ima/policy: fix parsing of fsuuidMike Rapoport
2018-01-17security/Kconfig: Correct the Documentation reference for PTIW. Trevor King
2018-01-17apparmor: fix ptrace label match when matching stacked labelsJohn Johansen
2018-01-10apparmor: fix regression in mount mediation when feature set is pinnedJohn Johansen
2018-01-05capabilities: fix buffer overread on very short xattrEric Biggers
2018-01-02x86/mm/pti: Add KconfigDave Hansen
2017-12-14apparmor: fix leak of null profile name if profile allocation failsJohn Johansen
2017-12-14KEYS: reject NULL restriction string when type is specifiedEric Biggers
2017-12-14KEYS: add missing permission check for request_key() destinationEric Biggers
2017-12-10ima: fix hash algorithm initializationBoshi Wang
2017-12-05apparmor: fix oops in audit_signal_cb hookJohn Johansen
2017-11-24ima: do not update security.ima if appraisal status is not INTEGRITY_PASSRoberto Sassu
2017-11-08apparmor: fix off-by-one comparison on MAXMAPPED_SIGJohn Johansen
2017-11-02Merge tag 'spdx_identifiers-4.14-rc8' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds
2017-11-02License cleanup: add SPDX GPL-2.0 license identifier to files with no licenseGreg Kroah-Hartman
2017-11-02KEYS: trusted: fix writing past end of buffer in trusted_read()Eric Biggers
2017-11-02KEYS: return full count in keyring_read() if buffer is too smallEric Biggers
2017-10-26Revert "apparmor: add base infastructure for socket mediation"Linus Torvalds