summaryrefslogtreecommitdiff
AgeCommit message (Expand)AuthorFilesLines
2016-06-27calipso: Set the calipso socket label to match the secattr.Huw Davies10-10/+728
2016-06-27netlabel: Move bitmap manipulation functions to the NetLabel core.Huw Davies3-79/+85
2016-06-27ipv6: Add ipv6_renew_options_kern() that accepts a kernel mem pointer.Huw Davies2-0/+55
2016-06-27netlabel: Add support for removing a CALIPSO DOI.Huw Davies4-0/+150
2016-06-27netlabel: Add support for creating a CALIPSO protocol domain mapping.Huw Davies4-5/+89
2016-06-27netlabel: Add support for enumerating the CALIPSO DOI list.Huw Davies4-0/+165
2016-06-27netlabel: Add support for querying a CALIPSO DOI.Huw Davies4-0/+193
2016-06-27netlabel: Initial support for the CALIPSO netlink protocol.Huw Davies12-2/+604
2016-06-27netlabel: Add an address family to domain hash entries.Huw Davies6-58/+192
2016-06-27netlabel: Mark rcu pointers with __rcu.Huw Davies2-4/+4
2016-06-15selinux: fix type mismatchHeinrich Schuchardt1-1/+1
2016-06-09netlabel: handle sparse category maps in netlbl_catmap_getlong()Paul Moore1-5/+4
2016-06-09selinux: import NetLabel category bitmaps correctlyPaul Moore1-1/+1
2016-06-07iucv: properly clone LSM attributes to newly created child socketsPaul Moore1-1/+4
2016-06-06netlabel: add address family checks to netlbl_{sock,req}_delattr()Paul Moore1-2/+10
2016-05-31selinux: Only apply bounds checking to source typesStephen Smalley1-48/+22
2016-05-17LSM: LoadPin: provide enablement CONFIGKees Cook2-6/+15
2016-05-06Merge branch 'stable-4.7' of git://git.infradead.org/users/pcmoore/selinux in...James Morris6-61/+128
2016-05-06Merge tag 'keys-next-20160505' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris56-717/+1341
2016-05-04Yama: use atomic allocations when reportingSasha Levin1-2/+2
2016-05-04seccomp: Fix comment typoMickaël Salaün1-1/+1
2016-05-04Merge branch 'keys-trust' into keys-nextDavid Howells41-517/+673
2016-05-01ima: add support for creating files using the mknodat syscallMimi Zohar4-1/+37
2016-05-01ima: fix ima_inode_post_setattrMimi Zohar2-1/+2
2016-05-01vfs: forbid write access when reading a file into memoryDmitry Kasatkin1-8/+21
2016-04-27fs: fix over-zealous use of "const"Kees Cook1-1/+1
2016-04-26selinux: apply execstack check on thread stacksStephen Smalley1-2/+3
2016-04-26selinux: distinguish non-init user namespace capability checksStephen Smalley2-17/+25
2016-04-21LSM: LoadPin for kernel file loading restrictionsKees Cook9-0/+233
2016-04-21fs: define a string representation of the kernel_read_file_id enumerationMimi Zohar1-6/+25
2016-04-21Yama: consolidate error reportingKees Cook1-10/+21
2016-04-21string_helpers: add kstrdup_quotable_fileKees Cook2-0/+33
2016-04-21string_helpers: add kstrdup_quotable_cmdlineKees Cook2-0/+35
2016-04-21string_helpers: add kstrdup_quotableKees Cook2-0/+30
2016-04-19selinux: check ss_initialized before revalidating an inode labelPaul Moore1-1/+1
2016-04-19selinux: delay inode label lookup as long as possiblePaul Moore1-8/+13
2016-04-19selinux: don't revalidate an inode's label when explicitly setting itPaul Moore1-2/+11
2016-04-14selinux: Change bool variable name to index.Prarit Bhargava2-4/+4
2016-04-12Merge branch 'keys-sig' into keys-nextDavid Howells13-191/+281
2016-04-12Merge branch 'keys-misc' into keys-nextDavid Howells11-50/+428
2016-04-12KEYS: Add KEYCTL_DH_COMPUTE commandMat Martineau8-0/+233
2016-04-12Security: Keys: Big keys stored encryptedKirill Marinushkin2-18/+184
2016-04-12KEYS: user_update should use copy of payload made during preparsingDavid Howells1-31/+11
2016-04-12security: integrity: Remove select to deleted option PUBLIC_KEY_ALGO_RSAAndreas Ziegler1-1/+0
2016-04-12IMA: Use the the system trusted keyrings instead of .ima_mokDavid Howells5-64/+34
2016-04-12certs: Add a secondary system keyring that can be added to dynamicallyDavid Howells3-16/+88
2016-04-12KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTEDDavid Howells7-59/+9
2016-04-12KEYS: Move the point of trust determination to __key_link()David Howells9-76/+100
2016-04-12KEYS: Make the system trusted keyring depend on the asymmetric key typeDavid Howells2-1/+2
2016-04-12X.509: Move the trust validation code out to its own fileDavid Howells4-80/+116