summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
35 hoursapparmor: fix race between freeing data and fs accessing itJohn Johansen7-101/+153
35 hoursapparmor: fix race on rawdata dereferenceJohn Johansen4-57/+93
35 hoursapparmor: fix differential encoding verificationJohn Johansen2-4/+20
35 hoursapparmor: fix unprivileged local user can do privileged policy managementJohn Johansen3-9/+43
35 hoursapparmor: Fix double free of ns_name in aa_replace_profiles()John Johansen1-0/+1
35 hoursapparmor: fix missing bounds check on DEFAULT table in verify_dfa()Massimiliano Pellizzer1-2/+3
35 hoursapparmor: fix side-effect bug in match_char() macro usageMassimiliano Pellizzer1-10/+20
35 hoursapparmor: fix: limit the number of levels of policy namespacesJohn Johansen2-0/+4
35 hoursapparmor: replace recursive profile removal with iterative approachMassimiliano Pellizzer1-3/+27
35 hoursapparmor: fix memory leak in verify_headerMassimiliano Pellizzer1-1/+0
35 hoursapparmor: validate DFA start states are in bounds in unpack_pdbMassimiliano Pellizzer1-1/+11
35 hoursima: verify the previous kernel's IMA buffer lies in addressable RAMHarshit Mogalapalli1-0/+35
35 hoursima: kexec: define functions to copy IMA log at soft bootSteven Chen1-0/+47
35 hoursima: define and call ima_alloc_kexec_file_buf()Steven Chen1-11/+35
35 hoursima: rename variable the seq_file "file" to "ima_kexec_file"Steven Chen1-15/+16
35 hoursima: kexec: silence RCU list traversal warningBreno Leitao1-1/+2
11 daysapparmor: fix aa_label to return state from compount and component matchJohn Johansen1-6/+6
11 daysapparmor: fix invalid deref of rawdata when export_binary is unsetGeorgia Garcia1-0/+9
11 daysapparmor: avoid per-cpu hold underflow in aa_get_bufferZhengmian Hu1-1/+2
11 daysapparmor: make label_match return a consistent valueJohn Johansen1-11/+9
11 daysapparmor: remove apply_modes_to_perms from label_matchJohn Johansen1-3/+0
11 daysapparmor: fix rlimit for posix cpu timersJohn Johansen1-0/+5
11 daysapparmor: return -ENOMEM in unpack_perms_table upon alloc failureRyan Lee1-2/+4
11 daysapparmor: Fix & Optimize table creation from possibly unaligned memoryHelge Deller2-9/+10
11 daysAppArmor: Allow apparmor to handle unaligned dfa tablesHelge Deller1-7/+8
11 daysapparmor: fix NULL sock in aa_sock_file_permJohn Johansen1-2/+4
11 daysevm: Use ordered xattrs list to calculate HMAC in evm_init_hmac()Roberto Sassu1-4/+10
11 dayssmack: /smack/doi: accept previously used valuesKonstantin Andreev1-26/+45
11 dayssmack: /smack/doi must be > 0Konstantin Andreev1-5/+7
2026-01-30keys/trusted_keys: fix handle passed to tpm_buf_append_name during unsealSrish Srinivasan1-2/+2
2026-01-17tpm2-sessions: Fix out of range indexing in name_sizeJarkko Sakkinen1-6/+23
2026-01-08KEYS: trusted: Fix a memory leak in tpm2_load_cmdJarkko Sakkinen1-2/+4
2025-12-18ima: Handle error code returned by ima_filter_rule_match()Zhao Yipeng1-1/+1
2025-12-18smack: fix bug: setting task label silently ignores input garbageKonstantin Andreev3-63/+148
2025-12-18smack: fix bug: unprivileged task can create labelsKonstantin Andreev1-14/+27
2025-12-18smack: fix bug: invalid label of unix socket fileKonstantin Andreev1-14/+44
2025-12-18smack: always "instantiate" inode in smack_inode_init_security()Konstantin Andreev1-3/+7
2025-12-18smack: deduplicate xattr setting in smack_inode_init_security()Konstantin Andreev1-27/+29
2025-12-18smack: fix bug: SMACK64TRANSMUTE set on non-directoryKonstantin Andreev1-12/+14
2025-12-18smack: deduplicate "does access rule request transmutation"Konstantin Andreev1-25/+32
2025-11-13ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattrCoiby Xu1-5/+18
2025-10-19KEYS: trusted_tpm1: Compare HMAC values in constant timeEric Biggers1-3/+4
2025-10-15lsm: CONFIG_LSM can depend on CONFIG_SECURITYRandy Dunlap1-0/+1
2025-08-28apparmor: Fix 8-byte alignment for initial dfa blob streamsHelge Deller1-2/+2
2025-08-20apparmor: fix x_table_lookup when stacking is not the first entryJohn Johansen1-23/+29
2025-08-20apparmor: use the condition in AA_BUG_FMT even with debug disabledMateusz Guzik1-1/+5
2025-08-20apparmor: shift ouid when mediating hard links in usernsGabriel Totev1-2/+4
2025-08-20securityfs: don't pin dentries twice, once is enough...Al Viro1-2/+0
2025-08-15apparmor: Fix unaligned memory accesses in KUnit testHelge Deller1-2/+4
2025-08-15apparmor: fix loop detection used in conflicting attachment resolutionRyan Lee2-15/+12
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-15 03:49:07 +0000