summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2017-11-11KEYS: don't let add_key() update an uninstantiated keyDavid Howells1-0/+10
2017-11-11KEYS: prevent KEYCTL_READ on negative keyEric Biggers1-0/+5
2017-10-12sched: move no_new_privs into new atomic flagsKees Cook1-2/+2
2017-09-15ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn1-1/+6
2017-09-15selinux: fix double free in selinux_parse_opts_str()Paul Moore1-3/+2
2017-09-15KEYS: fix dereferencing NULL payload with nonzero lengthEric Biggers1-2/+2
2017-08-26ima: accept previously set IMA_NEW_FILEDaniel Glöckner1-2/+3
2017-08-26ima: pass 'opened' flag to identify newly created filesDmitry Kasatkin3-11/+11
2017-07-18KEYS: Change the name of the dead type to ".dead" to prevent user accessDavid Howells1-1/+1
2017-06-05KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyringsEric Biggers2-24/+31
2017-06-05KEYS: Disallow keyrings beginning with '.' to be joined as session keyringsDavid Howells1-2/+7
2017-06-05KEYS: Reinstate EPERM for a key type name beginning with a '.'David Howells1-0/+2
2017-06-05KEYS: special dot prefixed keyring name bug fixMimi Zohar1-2/+4
2017-06-05KEYS: Fix an error code in request_master_key()Dan Carpenter1-1/+1
2017-04-04keys: Guard against null match function in keyring_search_aux()Ben Hutchings1-3/+3
2017-04-04vfs: Commit to never having exectuables on proc and sysfs.Eric W. Biederman1-1/+1
2017-02-26selinux: fix off-by-one in setprocattrStephen Smalley1-1/+1
2017-02-23apparmor: fix change_hat not finding hat after policy replacementJohn Johansen1-2/+4
2016-11-20KEYS: Fix short sprintf buffer in /proc/keys show functionDavid Howells1-1/+1
2016-08-22KEYS: potential uninitialized variableDan Carpenter1-1/+1
2016-02-16EVM: Use crypto_memneq() for digest comparisonsRyan Ware1-1/+2
2016-01-25KEYS: Fix keyring ref leak in join_session_keyring()Yevgeny Pats1-0/+1
2016-01-05KEYS: Fix race between read and revokeDavid Howells1-9/+9
2015-10-28KEYS: Don't permit request_key() to construct a new keyringDavid Howells1-0/+3
2015-10-28KEYS: Fix crash when attempt to garbage collect an uninstantiated keyringDavid Howells1-2/+4
2015-10-28KEYS: Fix race between key destruction and finding a keyring by nameDavid Howells1-4/+4
2015-09-29fs: create and use seq_show_option for escapingKees Cook1-1/+1
2015-08-27ima: extend "mask" policy matching supportMimi Zohar1-5/+15
2015-08-27ima: add support for new "euid" policy conditionMimi Zohar1-4/+23
2015-08-20sysfs: Create mountpoints with sysfs_create_mount_pointEric W. Biederman3-16/+13
2015-08-11evm: labeling pseudo filesystems exceptionMimi Zohar1-0/+12
2015-08-11KEYS: ensure we free the assoc array edit if edit is validColin Ian King1-3/+5
2015-07-15ima: fix ima_show_template_data_ascii()Mimi Zohar3-4/+5
2015-07-15selinux: fix setting of security labels on NFSJ. Bruce Fields1-1/+2
2015-04-10selinux: fix sel_write_enforce broken return valueJoe Perches1-1/+1
2015-02-24smack: fix possible use after frees in task_security() callersAndrey Ryabinin2-9/+21
2015-01-15KEYS: close race between key lookup and freeingSasha Levin1-2/+2
2015-01-15move d_rcu from overlapping d_child to overlapping d_aliasAl Viro1-3/+3
2015-01-15KEYS: Fix stale key registration at error pathTakashi Iwai1-1/+4
2014-11-17selinux: fix inode security list corruptionStephen Smalley1-1/+1
2014-11-14evm: properly handle INTEGRITY_NOXATTRS EVM statusDmitry Kasatkin1-0/+7
2014-11-13evm: check xattr value length and type in evm_inode_setxattr()Dmitry Kasatkin1-3/+6
2014-11-13ima: check xattr value length and type in the ima_inode_setxattr()Dmitry Kasatkin2-0/+3
2014-10-30ima: provide flag to identify new empty filesDmitry Kasatkin3-7/+13
2014-10-30ima: fix fallback to use new_sync_read()Dmitry Kasatkin1-4/+4
2014-09-17CAPABILITIES: remove undefined caps from all processesEric Paris1-0/+3
2014-06-13Merge branch 'serge-next-2' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds7-28/+114
2014-06-12ima: introduce ima_kernel_read()Dmitry Kasatkin1-1/+31
2014-06-12evm: prohibit userspace writing 'security.evm' HMAC valueMimi Zohar1-2/+10
2014-06-12ima: check inode integrity cache in violation checkDmitry Kasatkin1-2/+7
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-02 17:10:19 +0000