summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2019-10-07smack: use GFP_NOFS while holding inode_smack::smk_lockEric Biggers2-3/+3
2019-10-07Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is setJann Horn1-1/+2
2019-10-07security: smack: Fix possible null-pointer dereferences in smack_socket_sock_...Jia-Ju Bai1-0/+2
2019-09-21keys: Fix missing null pointer check in request_key_auth_describe()Hillf Danton1-0/+6
2019-08-06selinux: fix memory leak in policydb_init()Ondrej Mosnacek1-1/+5
2019-07-10apparmor: enforce nullbyte at end of tag stringJann Horn1-1/+1
2019-05-16selinux: never allow relabeling on context mountsOndrej Mosnacek1-9/+31
2019-04-27device_cgroup: fix RCU imbalance in error caseJann Horn1-1/+1
2019-03-23missing barriers in some of unix_sock ->addr and ->path accessesAl Viro1-4/+6
2019-03-23KEYS: restrict /proc/keys by credentials at open timeEric Biggers1-6/+2
2019-03-23KEYS: always initialize keyring_index_key::desc_lenEric Biggers4-6/+4
2019-03-23KEYS: allow reaching the keys quotas exactlyEric Biggers1-2/+2
2019-02-20smack: fix access permissions for keyringZoran Markovic1-3/+9
2019-01-26selinux: fix GPF on invalid policyStephen Smalley1-1/+2
2019-01-26LSM: Check for NULL cred-security on freeJames Morris1-0/+7
2019-01-26Yama: Check for pid death before checking ancestryKees Cook1-1/+3
2018-12-17mm: replace get_user_pages() write/force parameters with gup_flagsLorenzo Stoakes1-1/+2
2018-11-21ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers1-3/+3
2018-11-10KEYS: put keyring if install_session_keyring_to_cred() failsEric Biggers1-3/+4
2018-09-19selinux: use GFP_NOWAIT in the AVC kmem_cachesMichal Hocko1-8/+6
2018-08-24Smack: Mark inode instant in smack_task_to_inodeCasey Schaufler1-0/+1
2018-06-06selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover1-1/+1
2018-06-06Revert "ima: limit file hash setting by user to fix and log modes"Mimi Zohar1-6/+2
2018-05-30ima: Fallback to the builtin hash algorithmPetr Vorel2-0/+15
2018-05-30ima: Fix Kconfig to select TPM 2.0 CRB interfaceJiandi An1-0/+1
2018-04-13selinux: do not check open permission on socketsStephen Smalley1-3/+7
2018-04-08selinux: Remove redundant check for unknown labeling behaviorMatthias Kaehlcke1-16/+0
2018-04-08selinux: Remove unnecessary check of array base in selinux_set_mapping()Matthias Kaehlcke1-1/+1
2018-03-22ima: relax requiring a file signature for new files with zero lengthMimi Zohar1-1/+2
2018-03-22apparmor: Make path_max parameter readonlyJohn Johansen1-1/+1
2018-03-22selinux: check for address length in selinux_socket_bind()Alexander Potapenko1-0/+8
2018-02-25selinux: skip bounded transition processing if the policy isn't loadedPaul Moore1-0/+3
2018-02-25selinux: ensure the context is NUL terminated in security_context_to_sid_core()Paul Moore1-10/+8
2018-02-16KEYS: encrypted: fix buffer overread in valid_master_desc()Eric Biggers1-16/+15
2018-02-03selinux: general protection fault in sock_has_permMark Salyzyn1-0/+2
2018-01-05KPTI: Rename to PAGE_TABLE_ISOLATIONKees Cook1-1/+1
2018-01-05x86/kaiser: Reenable PARAVIRTBorislav Petkov1-1/+1
2018-01-05kaiser: delete KAISER_REAL_SWITCH optionHugh Dickins1-4/+0
2018-01-05kaiser: KAISER depends on SMPHugh Dickins1-4/+6
2018-01-05kaiser: merged updateDave Hansen1-0/+5
2018-01-05KAISER: Kernel Address IsolationRichard Fellner1-0/+7
2017-12-20KEYS: add missing permission check for request_key() destinationEric Biggers1-10/+38
2017-12-09ima: fix hash algorithm initializationBoshi Wang1-0/+4
2017-11-24ima: do not update security.ima if appraisal status is not INTEGRITY_PASSRoberto Sassu1-0/+3
2017-11-18security/keys: add CONFIG_KEYS_COMPAT to KconfigBilal Amarni1-0/+4
2017-11-15KEYS: trusted: fix writing past end of buffer in trusted_read()Eric Biggers1-11/+12
2017-11-15KEYS: trusted: sanitize all key materialEric Biggers1-28/+22
2017-11-08KEYS: return full count in keyring_read() if buffer is too smallEric Biggers1-20/+19
2017-10-27KEYS: Fix race between updating and finding a negative keyDavid Howells12-39/+49
2017-10-27KEYS: don't let add_key() update an uninstantiated keyDavid Howells1-0/+10
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-02 16:50:06 +0000