summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2025-01-17landlock: Align partial refer access checks with final onesMickaël Salaün1-1/+13
2025-01-17landlock: Simplify initially denied access rightsMickaël Salaün3-11/+19
2025-01-17landlock: Move access typesMickaël Salaün5-46/+68
2025-01-17landlock: Factor out check_access_path()Mickaël Salaün1-21/+11
2025-01-14landlock: Use scoped guards for ruleset in landlock_add_rule()Mickaël Salaün1-10/+4
2025-01-14landlock: Use scoped guards for rulesetMickaël Salaün3-29/+23
2025-01-14landlock: Constify get_mode_access()Mickaël Salaün1-1/+1
2025-01-14landlock: Handle weird filesMickaël Salaün1-6/+5
2025-01-12security: remove get_task_comm() and print task comm directlyYafang Shao1-3/+1
2025-01-08hardening: Document INIT_STACK_ALL_PATTERN behavior with GCCGeert Uytterhoeven1-0/+1
2025-01-07selinux: make more use of str_read() when loading the policyChristian Göttsche3-22/+12
2025-01-07selinux: avoid unnecessary indirection in struct level_datumChristian Göttsche3-17/+10
2025-01-07selinux: use known type instead of void pointerChristian Göttsche8-74/+77
2025-01-07selinux: rename comparison functions for clarityChristian Göttsche7-16/+16
2025-01-07selinux: rework match_ipv6_addrmask()Christian Göttsche1-7/+5
2025-01-07selinux: constify and reconcile function parameter namesChristian Göttsche4-6/+6
2025-01-07selinux: avoid using types indicating user space interactionChristian Göttsche2-2/+2
2025-01-07selinux: supply missing field initializersChristian Göttsche2-2/+2
2025-01-07Merge tag 'selinux-pr-20250107' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-38/+65
2025-01-06tomoyo: automatically use patterns for several situations in learning modeTetsuo Handa1-0/+30
2025-01-05lockdown: initialize local array before use to quiet static analysisTanya Agarwal1-1/+1
2025-01-04safesetid: check size of policy writesLeo Stone1-0/+3
2025-01-04lsm: rename variable to avoid shadowingChristian Göttsche1-2/+2
2025-01-04lsm: constify function parametersChristian Göttsche1-2/+2
2025-01-04security: remove redundant assignment to return variableColin Ian King1-3/+1
2025-01-04selinux: match extended permissions to their base permissionsThiébaud Weksteen5-38/+65
2025-01-04lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are setMickaël Salaün2-1/+6
2025-01-03ima: ignore suffixed policy rule commentsMimi Zohar1-1/+1
2025-01-03ima: limit the builtin 'tcb' dont_measure tmpfs policy ruleMimi Zohar1-1/+2
2024-12-24ima: kexec: silence RCU list traversal warningBreno Leitao1-1/+2
2024-12-22vfs: support caching symlink lengths in inodesMateusz Guzik1-1/+1
2024-12-18ima: instantiate the bprm_creds_for_exec() hookMimi Zohar2-2/+54
2024-12-18security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebitsMickaël Salaün1-6/+23
2024-12-18exec: Add a new AT_EXECVE_CHECK flag to execveat(2)Mickaël Salaün1-0/+10
2024-12-18Merge tag 'selinux-pr-20241217' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-2/+6
2024-12-17tomoyo: use realpath if symlink's pathname refers to procfsTetsuo Handa1-2/+9
2024-12-16bpf: lsm: Remove hook to bpf_task_storage_freeSong Liu1-1/+0
2024-12-16tomoyo: don't emit warning in tomoyo_write_control()Tetsuo Handa1-1/+1
2024-12-15selinux: ignore unknown extended permissionsThiébaud Weksteen1-2/+6
2024-12-15selinux: add netlink nlmsg_type audit messageThiébaud Weksteen2-2/+5
2024-12-13selinux: add support for xperms in conditional policiesChristian Göttsche6-9/+26
2024-12-11selinux: Fix SCTP error inconsistency in selinux_socket_bind()Mikhail Ivanov1-1/+1
2024-12-11selinux: use native iterator typesChristian Göttsche3-4/+4
2024-12-11selinux: add generated av_permissions.h to targetsThomas Weißschuh1-4/+3
2024-12-11ima: Suspend PCR extends and log appends when rebootingStefan Berger3-0/+47
2024-12-10fsnotify: introduce pre-content permission eventsAmir Goldstein1-1/+2
2024-12-06smack: deduplicate access to string conversionKonstantin Andreev4-40/+15
2024-12-05Merge tag 'net-6.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/net...Linus Torvalds1-1/+1
2024-12-04security: add trace event for cap_capableJordan Rome1-13/+41
2024-12-04capabilities: remove cap_mmap_file()Paul Moore1-7/+0
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-30 21:43:40 +0000