summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2019-07-10selinux: avoid silent denials in permissive mode under RCU walkStephen Smalley3-5/+28
2019-07-10security/selinux: pass 'flags' arg to avc_audit() and avc_has_perm_flags()NeilBrown3-4/+25
2019-05-02apparmor: provide userspace flag indicating binfmt_elf_mmap changeJohn Johansen1-0/+1
2019-05-02KEYS: always initialize keyring_index_key::desc_lenEric Biggers4-6/+4
2019-05-02KEYS: restrict /proc/keys by credentials at open timeEric Biggers1-6/+2
2019-05-02KEYS: allow reaching the keys quotas exactlyEric Biggers1-2/+2
2019-05-02Yama: Check for pid death before checking ancestryKees Cook1-1/+3
2019-02-11ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers1-3/+3
2018-12-17KEYS: encrypted: fix buffer overread in valid_master_desc()Eric Biggers1-16/+15
2018-12-17apparmor: remove no-op permission check in policy_unpackJohn Johansen1-32/+0
2018-10-21selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover1-1/+1
2018-06-17ima: relax requiring a file signature for new files with zero lengthMimi Zohar1-1/+2
2018-02-13apparmor: ensure that undecidable profile attachments failJohn Johansen1-16/+37
2018-02-13ima: fix hash algorithm initializationBoshi Wang1-0/+4
2018-01-09KPTI: Rename to PAGE_TABLE_ISOLATIONKees Cook1-1/+1
2018-01-09x86/kaiser: Reenable PARAVIRTBorislav Petkov1-1/+1
2018-01-09KAISER: Kernel Address IsolationRichard Fellner1-0/+10
2018-01-01KEYS: add missing permission check for request_key() destinationEric Biggers1-9/+37
2018-01-01security: let security modules use PTRACE_MODE_* with bitmasksJann Horn2-7/+5
2018-01-01KEYS: trusted: fix writing past end of buffer in trusted_read()Eric Biggers1-11/+12
2018-01-01KEYS: trusted: sanitize all key materialEric Biggers1-27/+21
2018-01-01KEYS: return full count in keyring_read() if buffer is too smallEric Biggers1-20/+19
2018-01-01KEYS: encrypted: fix dereference of NULL user_key_payloadEric Biggers1-0/+7
2018-01-01lsm: fix smack_inode_removexattr and xattr_getsecurity memleakCasey Schaufler1-30/+25
2018-01-01Smack: remove unneeded NULL-termination from securtity labelKonstantin Khlebnikov1-3/+3
2018-01-01security/keys: properly zero out sensitive key material in big_keyJason A. Donenfeld1-1/+1
2018-01-01KEYS: prevent creating a different user's keyringsEric Biggers4-12/+23
2018-01-01KEYS: fix writing past end of user-supplied buffer in keyring_read()Eric Biggers1-9/+5
2018-01-01KEYS: fix key refcount leak in keyctl_read_key()Eric Biggers1-1/+1
2018-01-01KEYS: fix key refcount leak in keyctl_assume_authority()Eric Biggers1-4/+2
2018-01-01KEYS: don't revoke uninstantiated key in request_key_auth_new()Eric Biggers1-1/+0
2018-01-01KEYS: fix cred refcount leak in request_key_auth_new()Eric Biggers1-37/+31
2017-11-11KEYS: don't let add_key() update an uninstantiated keyDavid Howells1-0/+10
2017-11-11KEYS: prevent KEYCTL_READ on negative keyEric Biggers1-0/+5
2017-10-12sched: move no_new_privs into new atomic flagsKees Cook1-2/+2
2017-09-15ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn1-1/+6
2017-09-15selinux: fix double free in selinux_parse_opts_str()Paul Moore1-3/+2
2017-09-15KEYS: fix dereferencing NULL payload with nonzero lengthEric Biggers1-2/+2
2017-08-26ima: accept previously set IMA_NEW_FILEDaniel Glöckner1-2/+3
2017-08-26ima: pass 'opened' flag to identify newly created filesDmitry Kasatkin3-11/+11
2017-07-18KEYS: Change the name of the dead type to ".dead" to prevent user accessDavid Howells1-1/+1
2017-06-05KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyringsEric Biggers2-24/+31
2017-06-05KEYS: Disallow keyrings beginning with '.' to be joined as session keyringsDavid Howells1-2/+7
2017-06-05KEYS: Reinstate EPERM for a key type name beginning with a '.'David Howells1-0/+2
2017-06-05KEYS: special dot prefixed keyring name bug fixMimi Zohar1-2/+4
2017-06-05KEYS: Fix an error code in request_master_key()Dan Carpenter1-1/+1
2017-04-05keys: Guard against null match function in keyring_search_aux()Ben Hutchings1-3/+3
2017-04-05vfs: Commit to never having exectuables on proc and sysfs.Eric W. Biederman1-1/+1
2017-02-26selinux: fix off-by-one in setprocattrStephen Smalley1-1/+1
2017-02-23apparmor: fix change_hat not finding hat after policy replacementJohn Johansen1-2/+4
generated by cgit v1.2.3 (git 2.39.0) at 2025-02-27 02:48:26 +0300