summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2016-01-21ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn1-1/+6
2016-01-21security: let security modules use PTRACE_MODE_* with bitmasksJann Horn2-7/+5
2016-01-20KEYS: Fix keyring ref leak in join_session_keyring()Yevgeny Pats1-0/+1
2016-01-18Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds29-160/+967
2016-01-14Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...James Morris1-8/+2
2016-01-13Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds4-168/+82
2016-01-12Merge branch 'work.xattr' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-2/+0
2016-01-10Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris3-21/+17
2016-01-09Merge branch 'for-linus' into work.miscAl Viro1-9/+9
2016-01-09selinux: Inode label revalidation performance fixAndreas Gruenbacher1-8/+2
2016-01-07KEYS: refcount bug fixMimi Zohar2-12/+8
2016-01-04fix the leak in integrity_read_file()Al Viro1-5/+6
2016-01-04selinuxfs: switch to memdup_user_nul()Al Viro1-73/+41
2016-01-04convert a bunch of open-coded instances of memdup_user_nul()Al Viro2-90/+35
2016-01-03ima: ima_write_policy() limit lockingPetko Manolov1-9/+9
2015-12-26Merge branch 'smack-for-4.5' of https://github.com/cschaufler/smack-next into...James Morris1-1/+23
2015-12-26Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...James Morris8-73/+274
2015-12-26Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...James Morris19-84/+623
2015-12-25IMA: policy can be updated zero timesSasha Levin3-0/+14
2015-12-24selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()Vladis Dronov1-4/+5
2015-12-24selinux: export validatetrans decisionsAndrew Perepechko4-8/+111
2015-12-24selinux: Revalidate invalid inode security labelsAndreas Gruenbacher1-8/+68
2015-12-24security: Add hook to invalidate inode security labelsAndreas Gruenbacher3-10/+34
2015-12-24selinux: Add accessor functions for inode->i_securityAndreas Gruenbacher1-41/+56
2015-12-24security: Make inode argument of inode_getsecid non-constAndreas Gruenbacher3-3/+3
2015-12-24security: Make inode argument of inode_getsecurity non-constAndreas Gruenbacher3-3/+3
2015-12-24selinux: Remove unused variable in selinux_inode_init_securityAndreas Gruenbacher1-2/+0
2015-12-20keys, trusted: seal with a TPM2 authorization policyJarkko Sakkinen1-0/+26
2015-12-20keys, trusted: select hash algorithm for TPM2 chipsJarkko Sakkinen2-1/+27
2015-12-20keys, trusted: fix: *do not* allow duplicate key optionsJarkko Sakkinen1-0/+3
2015-12-19KEYS: Fix race between read and revokeDavid Howells1-9/+9
2015-12-17Smack: type confusion in smak sendmsg() handlerRoman Kubiak1-1/+1
2015-12-15security/integrity: make ima/ima_mok.c explicitly non-modularPaul Gortmaker1-3/+2
2015-12-15ima: update appraise flags after policy update completesMimi Zohar1-2/+5
2015-12-15IMA: prevent keys on the .ima_blacklist from being removedMimi Zohar1-0/+2
2015-12-15KEYS: prevent keys from being removed from specified keyringsMimi Zohar2-11/+51
2015-12-15IMA: allow reading back the current IMA policyPetko Manolov4-8/+253
2015-12-15IMA: create machine owner and blacklist keyringsPetko Manolov4-0/+87
2015-12-15IMA: policy can now be updated multiple timesPetko Manolov3-28/+75
2015-12-15evm: EVM_LOAD_X509 depends on EVMArnd Bergmann1-1/+1
2015-12-15evm: reset EVM status when file attributes changeDmitry Kasatkin1-0/+13
2015-12-15evm: provide a function to set the EVM key from the kernelDmitry Kasatkin2-14/+46
2015-12-15evm: enable EVM when X509 certificate is loadedDmitry Kasatkin4-3/+14
2015-12-15evm: load an x509 certificate from the kernelDmitry Kasatkin4-0/+33
2015-12-14nfs: Move call to security_inode_listsecurity into nfs_listxattrAndreas Gruenbacher1-2/+0
2015-12-10Smack: File receive for socketsCasey Schaufler1-0/+22
2015-11-26Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...James Morris1-2/+2
2015-11-25KEYS: Fix handling of stored error in a negatively instantiated user keyDavid Howells3-2/+10
2015-11-24selinux: fix bug in conditional rules handlingStephen Smalley1-2/+2
2015-11-23integrity: define '.evm' as a builtin 'trusted' keyringDmitry Kasatkin7-22/+35