summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
7 daysima: Handle error code returned by ima_filter_rule_match()Zhao Yipeng1-1/+1
7 dayssmack: fix bug: setting task label silently ignores input garbageKonstantin Andreev3-63/+148
7 dayssmack: fix bug: unprivileged task can create labelsKonstantin Andreev1-14/+27
7 dayssmack: fix bug: invalid label of unix socket fileKonstantin Andreev1-14/+44
7 dayssmack: always "instantiate" inode in smack_inode_init_security()Konstantin Andreev1-3/+7
7 dayssmack: deduplicate xattr setting in smack_inode_init_security()Konstantin Andreev1-27/+29
7 dayssmack: fix bug: SMACK64TRANSMUTE set on non-directoryKonstantin Andreev1-12/+14
7 dayssmack: deduplicate "does access rule request transmutation"Konstantin Andreev1-25/+32
2025-11-13ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattrCoiby Xu1-5/+18
2025-10-19KEYS: trusted_tpm1: Compare HMAC values in constant timeEric Biggers1-3/+4
2025-10-15lsm: CONFIG_LSM can depend on CONFIG_SECURITYRandy Dunlap1-0/+1
2025-08-28apparmor: Fix 8-byte alignment for initial dfa blob streamsHelge Deller1-2/+2
2025-08-20apparmor: fix x_table_lookup when stacking is not the first entryJohn Johansen1-23/+29
2025-08-20apparmor: use the condition in AA_BUG_FMT even with debug disabledMateusz Guzik1-1/+5
2025-08-20apparmor: shift ouid when mediating hard links in usernsGabriel Totev1-2/+4
2025-08-20securityfs: don't pin dentries twice, once is enough...Al Viro1-2/+0
2025-08-15apparmor: Fix unaligned memory accesses in KUnit testHelge Deller1-2/+4
2025-08-15apparmor: fix loop detection used in conflicting attachment resolutionRyan Lee2-15/+12
2025-08-15apparmor: ensure WB_HISTORY_SIZE value is a power of 2Ryan Lee2-1/+3
2025-07-10selinux: change security_compute_sid to return the ssid or tsid on matchStephen Smalley1-5/+11
2025-06-27selinux: fix selinux_xfrm_alloc_user() to set correct ctx_lenStephen Smalley1-1/+1
2025-05-29smack: Revert "smackfs: Added check catlen"Konstantin Andreev1-14/+3
2025-05-29smack: recognize ipv4 CIPSO w/o categoriesKonstantin Andreev1-0/+4
2025-05-29ima: process_measurement() needlessly takes inode_lock() on MAY_READFrederick Lawler1-1/+3
2025-04-20landlock: Prepare to add second errataMickaël Salaün1-0/+12
2025-04-20landlock: Always allow signals between threads of the same processMickaël Salaün3-6/+64
2025-04-20landlock: Add erratum for TCP fixMickaël Salaün1-0/+15
2025-04-20landlock: Add the errata interfaceMickaël Salaün4-4/+138
2025-04-20landlock: Move code to ease future backportsMickaël Salaün1-5/+5
2025-04-20ima: limit the number of ToMToU integrity violationsMimi Zohar2-4/+5
2025-04-20ima: limit the number of open-writers integrity violationsMimi Zohar2-2/+10
2025-04-10smack: ipv4/ipv6: tcp/dccp/sctp: fix incorrect child socket labelKonstantin Andreev1-24/+0
2025-04-10smack: dont compile ipv6 code unless ipv6 is configuredKonstantin Andreev2-1/+15
2025-03-29keys: Fix UAF in key_put()David Howells2-1/+5
2025-03-07ima: Reset IMA_NONACTION_RULE_FLAGS after post_setattrRoberto Sassu2-2/+8
2025-03-07landlock: Fix non-TCP sockets restrictionMikhail Ivanov1-2/+1
2025-02-17KEYS: trusted: dcp: fix improper sg use with CONFIG_VMAP_STACK=yDavid Gstir1-4/+18
2025-02-17tomoyo: don't emit warning in tomoyo_write_control()Tetsuo Handa1-1/+1
2025-02-17safesetid: check size of policy writesLeo Stone1-0/+3
2025-02-08landlock: Handle weird filesMickaël Salaün1-6/+5
2025-01-23apparmor: allocate xmatch for nullpdb inside aa_alloc_nullRyan Lee1-0/+1
2025-01-09selinux: ignore unknown extended permissionsThiébaud Weksteen1-2/+6
2024-12-05apparmor: test: Fix memory leak for aa_unpack_strdup()Jinjie Ruan1-0/+6
2024-12-05apparmor: fix 'Do simple duplicate message elimination'chao liu1-0/+2
2024-11-13Merge tag 'integrity-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds3-5/+16
2024-11-13Merge tag 'landlock-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds5-57/+96
2024-11-09landlock: Optimize scope enforcementMickaël Salaün1-3/+15
2024-11-09landlock: Refactor network access mask managementMickaël Salaün1-22/+6
2024-11-09landlock: Refactor filesystem access mask managementMickaël Salaün3-32/+75
2024-11-04KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operationDavid Gstir1-4/+5
generated by cgit v1.2.3 (git 2.39.0) at 2025-12-25 09:59:14 +0300