Age | Commit message (Expand) | Author | Files | Lines |
2019-10-07 | security: smack: Fix possible null-pointer dereferences in smack_socket_sock_... | Jia-Ju Bai | 1 | -0/+2 |
2019-09-21 | keys: Fix missing null pointer check in request_key_auth_describe() | Hillf Danton | 1 | -0/+6 |
2019-08-06 | selinux: fix memory leak in policydb_init() | Ondrej Mosnacek | 1 | -1/+5 |
2019-06-25 | apparmor: enforce nullbyte at end of tag string | Jann Horn | 1 | -1/+1 |
2019-06-09 | ima: show rules with IMA_INMASK correctly | Roberto Sassu | 1 | -9/+12 |
2019-05-25 | apparmorfs: fix use-after-free on symlink traversal | Al Viro | 1 | -4/+9 |
2019-05-25 | securityfs: fix use-after-free on symlink traversal | Al Viro | 1 | -4/+9 |
2019-05-16 | ima: open a new file instance if no read permissions | Goldwyn Rodrigues | 1 | -20/+34 |
2019-05-08 | selinux: never allow relabeling on context mounts | Ondrej Mosnacek | 1 | -9/+31 |
2019-05-04 | selinux: use kernel linux/socket.h for genheaders and mdp | Paulo Alcantara | 1 | -0/+1 |
2019-04-27 | device_cgroup: fix RCU imbalance in error case | Jann Horn | 1 | -1/+1 |
2019-04-05 | selinux: do not override context on context mounts | Ondrej Mosnacek | 1 | -1/+8 |
2019-03-23 | security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblock | J. Bruce Fields | 1 | -1/+4 |
2019-03-23 | keys: Fix dependency loop between construction record and auth key | David Howells | 5 | -62/+41 |
2019-03-19 | missing barriers in some of unix_sock ->addr and ->path accesses | Al Viro | 1 | -4/+6 |
2019-03-14 | apparmor: Fix aa_label_build() error handling for failed merges | John Johansen | 1 | -1/+4 |
2019-02-27 | KEYS: always initialize keyring_index_key::desc_len | Eric Biggers | 4 | -6/+4 |
2019-02-27 | KEYS: allow reaching the keys quotas exactly | Eric Biggers | 1 | -2/+2 |
2019-02-12 | smack: fix access permissions for keyring | Zoran Markovic | 1 | -3/+9 |
2019-01-26 | selinux: always allow mounting submounts | Ondrej Mosnacek | 1 | -1/+1 |
2019-01-23 | selinux: fix GPF on invalid policy | Stephen Smalley | 1 | -1/+2 |
2019-01-23 | LSM: Check for NULL cred-security on free | James Morris | 1 | -0/+7 |
2019-01-23 | Yama: Check for pid death before checking ancestry | Kees Cook | 1 | -1/+3 |
2019-01-13 | selinux: policydb - fix byte order and alignment issues | Ondrej Mosnacek | 1 | -15/+36 |
2018-12-01 | ima: re-initialize iint->atomic_flags | Mimi Zohar | 1 | -0/+1 |
2018-12-01 | ima: re-introduce own integrity cache lock | Dmitry Kasatkin | 4 | -40/+77 |
2018-12-01 | EVM: Add support for portable signature format | Matthew Garrett | 5 | -21/+91 |
2018-12-01 | ima: always measure and audit files in policy | Mimi Zohar | 3 | -30/+56 |
2018-12-01 | selinux: Add __GFP_NOWARN to allocation at str_read() | Tetsuo Handa | 1 | -1/+1 |
2018-11-27 | apparmor: Fix uninitialized value in aa_split_fqname | Zubin Mithra | 1 | -2/+4 |
2018-11-13 | ima: fix showing large 'violations' or 'runtime_measurements_count' | Eric Biggers | 1 | -3/+3 |
2018-09-29 | Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct membe... | Lubomir Rintel | 1 | -1/+1 |
2018-09-26 | security: check for kstrdup() failure in lsm_append() | Eric Biggers | 1 | -0/+2 |
2018-09-26 | evm: Don't deadlock if a crypto algorithm is unavailable | Matthew Garrett | 1 | -1/+2 |
2018-09-26 | Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets | Piotr Sawicki | 1 | -5/+9 |
2018-09-15 | uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name | Randy Dunlap | 1 | -1/+1 |
2018-09-09 | cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() | Eddie.Horng | 1 | -1/+1 |
2018-08-24 | Smack: Mark inode instant in smack_task_to_inode | Casey Schaufler | 1 | -0/+1 |
2018-08-03 | ima: based on policy verify firmware signatures (pre-allocated buffer) | Mimi Zohar | 1 | -0/+1 |
2018-06-05 | selinux: KASAN: slab-out-of-bounds in xattr_getsecurity | Sachin Grover | 1 | -1/+1 |
2018-05-30 | ima: Fallback to the builtin hash algorithm | Petr Vorel | 2 | -0/+15 |
2018-05-30 | ima: Fix Kconfig to select TPM 2.0 CRB interface | Jiandi An | 1 | -0/+1 |
2018-05-30 | integrity/security: fix digsig.c build error with header file | Randy Dunlap | 1 | -0/+1 |
2018-04-29 | commoncap: Handle memory allocation failure. | Tetsuo Handa | 1 | -0/+2 |
2018-04-19 | apparmor: fix resource audit messages when auditing peer | John Johansen | 1 | -4/+4 |
2018-04-19 | apparmor: fix display of .ns_name for containers | John Johansen | 1 | -3/+1 |
2018-04-19 | apparmor: fix logging of the existence test for signals | John Johansen | 2 | -2/+4 |
2018-03-24 | /dev/mem: Add bounce buffer for copy-out | Kees Cook | 1 | -0/+1 |
2018-03-19 | ima: relax requiring a file signature for new files with zero length | Mimi Zohar | 1 | -1/+2 |
2018-02-25 | selinux: skip bounded transition processing if the policy isn't loaded | Paul Moore | 1 | -0/+3 |