summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2025-01-20Merge tag 'vfs-6.14-rc1.misc' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-1/+1
2025-01-18apparmor: fix dbus permission queries to v9 ABIJohn Johansen1-0/+8
2025-01-18apparmor: gate make fine grained unix mediation behind v9 abiJohn Johansen4-10/+26
2025-01-18apparmor: add fine grained af_unix mediationJohn Johansen12-58/+1063
2025-01-18apparmor: in preparation for finer networking rules rework match_protJohn Johansen2-14/+75
2025-01-18apparmor: lift kernel socket check out of critical sectionJohn Johansen1-1/+5
2025-01-18apparmor: remove af_select macroJohn Johansen2-36/+9
2025-01-18apparmor: add ability to mediate caps with policy state machineJohn Johansen3-6/+62
2025-01-18apparmor: fix x_table_lookup when stacking is not the first entryJohn Johansen1-23/+29
2025-01-18apparmor: add support for profiles to define the kill signalJohn Johansen8-6/+34
2025-01-18apparmor: add additional flags to extended permission.John Johansen7-21/+54
2025-01-18apparmor: carry mediation check on labelJohn Johansen6-24/+68
2025-01-18apparmor: cleanup: refactor file_perm() to doc semantics of some checksJohn Johansen1-2/+15
2025-01-18apparmor: remove explicit restriction that unconfined cannot use change_hatJohn Johansen2-3/+18
2025-01-18apparmor: ensure labels with more than one entry have correct flagsJohn Johansen1-1/+2
2025-01-18apparmor: switch signal mediation to use RULE_MEDIATESJohn Johansen1-5/+5
2025-01-18apparmor: remove redundant unconfined check.John Johansen1-2/+1
2025-01-18apparmor: cleanup: attachment perm lookup to use lookup_perms()John Johansen1-8/+6
2025-01-18apparmor: Improve debug print infrastructureJohn Johansen9-34/+177
2025-01-18apparmor: Use str_yes_no() helper functionThorsten Blum1-4/+4
2025-01-17landlock: Optimize file path walks and prepare for audit supportMickaël Salaün1-17/+27
2025-01-17landlock: Align partial refer access checks with final onesMickaël Salaün1-1/+13
2025-01-17landlock: Simplify initially denied access rightsMickaël Salaün3-11/+19
2025-01-17landlock: Move access typesMickaël Salaün5-46/+68
2025-01-17landlock: Factor out check_access_path()Mickaël Salaün1-21/+11
2025-01-14landlock: Use scoped guards for ruleset in landlock_add_rule()Mickaël Salaün1-10/+4
2025-01-14landlock: Use scoped guards for rulesetMickaël Salaün3-29/+23
2025-01-14landlock: Constify get_mode_access()Mickaël Salaün1-1/+1
2025-01-14landlock: Handle weird filesMickaël Salaün1-6/+5
2025-01-13security: remove get_task_comm() and print task comm directlyYafang Shao1-3/+1
2025-01-09hardening: Document INIT_STACK_ALL_PATTERN behavior with GCCGeert Uytterhoeven1-0/+1
2025-01-08selinux: make more use of str_read() when loading the policyChristian Göttsche3-22/+12
2025-01-08selinux: avoid unnecessary indirection in struct level_datumChristian Göttsche3-17/+10
2025-01-08selinux: use known type instead of void pointerChristian Göttsche8-74/+77
2025-01-08selinux: rename comparison functions for clarityChristian Göttsche7-16/+16
2025-01-08selinux: rework match_ipv6_addrmask()Christian Göttsche1-7/+5
2025-01-08selinux: constify and reconcile function parameter namesChristian Göttsche4-6/+6
2025-01-08selinux: avoid using types indicating user space interactionChristian Göttsche2-2/+2
2025-01-08selinux: supply missing field initializersChristian Göttsche2-2/+2
2025-01-08Merge tag 'selinux-pr-20250107' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-38/+65
2025-01-06tomoyo: automatically use patterns for several situations in learning modeTetsuo Handa1-0/+30
2025-01-05lockdown: initialize local array before use to quiet static analysisTanya Agarwal1-1/+1
2025-01-05safesetid: check size of policy writesLeo Stone1-0/+3
2025-01-05lsm: rename variable to avoid shadowingChristian Göttsche1-2/+2
2025-01-05lsm: constify function parametersChristian Göttsche1-2/+2
2025-01-05security: remove redundant assignment to return variableColin Ian King1-3/+1
2025-01-05selinux: match extended permissions to their base permissionsThiébaud Weksteen5-38/+65
2025-01-04lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are setMickaël Salaün2-1/+6
2025-01-03ima: ignore suffixed policy rule commentsMimi Zohar1-1/+1
2025-01-03ima: limit the builtin 'tcb' dont_measure tmpfs policy ruleMimi Zohar1-1/+2
generated by cgit v1.2.3 (git 2.39.0) at 2026-06-18 00:38:46 +0300