summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2020-05-05selinux: properly handle multiple messages in selinux_netlink_send()Paul Moore1-24/+44
2020-05-02KEYS: Avoid false positive ENOMEM error on key readWaiman Long2-15/+55
2020-04-24KEYS: Don't write out to userspace while holding key semaphoreWaiman Long7-51/+72
2020-04-24KEYS: Use individual pages in big_key for crypto buffersDavid Howells1-23/+87
2020-04-24KEYS: reaching the keys quotas correctlyYang Xu2-3/+3
2020-02-28selinux: ensure we cleanup the internal AVC counters on error in avc_update()Jaihind Yadav1-1/+1
2020-01-27keys: Timestamp new keysDavid Howells1-0/+1
2020-01-27apparmor: don't try to replace stale label in ptrace access checkJann Horn2-2/+4
2020-01-04apparmor: fix unsigned len comparison with less than zeroColin Ian King1-5/+7
2019-12-05apparmor: delete the dentry in aafs_remove() to avoid a leakChris Coulson1-0/+1
2019-10-11ima: always return negative code for errorSascha Hauer1-1/+4
2019-10-07smack: use GFP_NOFS while holding inode_smack::smk_lockEric Biggers2-4/+4
2019-10-07Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is setJann Horn1-1/+2
2019-10-07security: smack: Fix possible null-pointer dereferences in smack_socket_sock_...Jia-Ju Bai1-0/+2
2019-09-21keys: Fix missing null pointer check in request_key_auth_describe()Hillf Danton1-0/+6
2019-08-06selinux: fix memory leak in policydb_init()Ondrej Mosnacek1-1/+5
2019-06-25apparmor: enforce nullbyte at end of tag stringJann Horn1-1/+1
2019-06-09ima: show rules with IMA_INMASK correctlyRoberto Sassu1-9/+12
2019-05-25apparmorfs: fix use-after-free on symlink traversalAl Viro1-4/+9
2019-05-25securityfs: fix use-after-free on symlink traversalAl Viro1-4/+9
2019-05-16ima: open a new file instance if no read permissionsGoldwyn Rodrigues1-20/+34
2019-05-08selinux: never allow relabeling on context mountsOndrej Mosnacek1-9/+31
2019-05-04selinux: use kernel linux/socket.h for genheaders and mdpPaulo Alcantara1-0/+1
2019-04-27device_cgroup: fix RCU imbalance in error caseJann Horn1-1/+1
2019-04-05selinux: do not override context on context mountsOndrej Mosnacek1-1/+8
2019-03-23security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblockJ. Bruce Fields1-1/+4
2019-03-23keys: Fix dependency loop between construction record and auth keyDavid Howells5-62/+41
2019-03-19missing barriers in some of unix_sock ->addr and ->path accessesAl Viro1-4/+6
2019-03-13apparmor: Fix aa_label_build() error handling for failed mergesJohn Johansen1-1/+4
2019-02-27KEYS: always initialize keyring_index_key::desc_lenEric Biggers4-6/+4
2019-02-27KEYS: allow reaching the keys quotas exactlyEric Biggers1-2/+2
2019-02-12smack: fix access permissions for keyringZoran Markovic1-3/+9
2019-01-26selinux: always allow mounting submountsOndrej Mosnacek1-1/+1
2019-01-23selinux: fix GPF on invalid policyStephen Smalley1-1/+2
2019-01-23LSM: Check for NULL cred-security on freeJames Morris1-0/+7
2019-01-23Yama: Check for pid death before checking ancestryKees Cook1-1/+3
2019-01-13selinux: policydb - fix byte order and alignment issuesOndrej Mosnacek1-15/+36
2018-12-01ima: re-initialize iint->atomic_flagsMimi Zohar1-0/+1
2018-12-01ima: re-introduce own integrity cache lockDmitry Kasatkin4-40/+77
2018-12-01EVM: Add support for portable signature formatMatthew Garrett5-21/+91
2018-12-01ima: always measure and audit files in policyMimi Zohar3-30/+56
2018-12-01selinux: Add __GFP_NOWARN to allocation at str_read()Tetsuo Handa1-1/+1
2018-11-27apparmor: Fix uninitialized value in aa_split_fqnameZubin Mithra1-2/+4
2018-11-13ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers1-3/+3
2018-09-29Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct membe...Lubomir Rintel1-1/+1
2018-09-26security: check for kstrdup() failure in lsm_append()Eric Biggers1-0/+2
2018-09-26evm: Don't deadlock if a crypto algorithm is unavailableMatthew Garrett1-1/+2
2018-09-26Smack: Fix handling of IPv4 traffic received by PF_INET6 socketsPiotr Sawicki1-5/+9
2018-09-15uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member nameRandy Dunlap1-1/+1
2018-09-09cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias()Eddie.Horng1-1/+1
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-02 17:26:45 +0000