Age | Commit message (Expand) | Author | Files | Lines |
2019-09-28 | Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git... | Linus Torvalds | 10 | -16/+350 |
2019-09-28 | Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi... | Linus Torvalds | 15 | -105/+627 |
2019-09-25 | KEYS: trusted: correctly initialize digests and fix locking issue | Roberto Sassu | 1 | -0/+5 |
2019-09-24 | Merge tag 'smack-for-5.4-rc1' of git://github.com/cschaufler/smack-next | Linus Torvalds | 2 | -23/+23 |
2019-09-23 | Merge tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux | Linus Torvalds | 1 | -1/+2 |
2019-09-23 | Merge tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/... | Linus Torvalds | 12 | -296/+346 |
2019-09-17 | LSM: SafeSetID: Stop releasing uninitialized ruleset | Micah Morton | 1 | -1/+2 |
2019-09-10 | security: constify some arrays in lockdown LSM | Matthew Garrett | 1 | -2/+2 |
2019-09-06 | keys: Fix missing null pointer check in request_key_auth_describe() | Hillf Danton | 1 | -0/+6 |
2019-09-05 | selinux: fix residual uses of current_security() for the SELinux blob | Stephen Smalley | 2 | -11/+11 |
2019-09-04 | smack: use GFP_NOFS while holding inode_smack::smk_lock | Eric Biggers | 2 | -4/+4 |
2019-09-04 | security: smack: Fix possible null-pointer dereferences in smack_socket_sock_... | Jia-Ju Bai | 1 | -0/+2 |
2019-09-04 | smack: fix some kernel-doc notations | luanshi | 1 | -18/+15 |
2019-09-04 | Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set | Jann Horn | 1 | -1/+2 |
2019-08-30 | keys: ensure that ->match_free() is called in request_key_and_link() | Eric Biggers | 1 | -1/+1 |
2019-08-29 | ima: ima_api: Use struct_size() in kzalloc() | Gustavo A. R. Silva | 1 | -2/+2 |
2019-08-29 | ima: use struct_size() in kzalloc() | Gustavo A. R. Silva | 1 | -3/+2 |
2019-08-28 | ima: Fix use after free in ima_read_modsig() | Thiago Jung Bauermann | 1 | -1/+2 |
2019-08-27 | selinux: avoid atomic_t usage in sidtab | Ondrej Mosnacek | 2 | -32/+35 |
2019-08-20 | lockdown: Print current->comm in restriction messages | Matthew Garrett | 1 | -2/+6 |
2019-08-20 | tracefs: Restrict tracefs when the kernel is locked down | Matthew Garrett | 1 | -0/+1 |
2019-08-20 | debugfs: Restrict debugfs when the kernel is locked down | David Howells | 1 | -0/+1 |
2019-08-20 | kexec: Allow kexec_file() with appropriate IMA policy when locked down | Matthew Garrett | 3 | -1/+53 |
2019-08-20 | lockdown: Lock down perf when in confidentiality mode | David Howells | 1 | -0/+1 |
2019-08-20 | bpf: Restrict bpf when kernel lockdown is in confidentiality mode | David Howells | 1 | -0/+1 |
2019-08-20 | lockdown: Lock down tracing and perf kprobes when in confidentiality mode | David Howells | 1 | -0/+1 |
2019-08-20 | lockdown: Lock down /proc/kcore | David Howells | 1 | -0/+1 |
2019-08-20 | x86/mmiotrace: Lock down the testmmiotrace module | David Howells | 1 | -0/+1 |
2019-08-20 | lockdown: Lock down module params that specify hardware parameters (eg. ioport) | David Howells | 1 | -0/+1 |
2019-08-20 | lockdown: Lock down TIOCSSERIAL | David Howells | 1 | -0/+1 |
2019-08-20 | lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down | David Howells | 1 | -0/+1 |
2019-08-20 | ACPI: Limit access to custom_method when the kernel is locked down | Matthew Garrett | 1 | -0/+1 |
2019-08-20 | x86/msr: Restrict MSR access when the kernel is locked down | Matthew Garrett | 1 | -0/+1 |
2019-08-20 | x86: Lock down IO port access when the kernel is locked down | Matthew Garrett | 1 | -0/+1 |
2019-08-20 | PCI: Lock down BAR access when the kernel is locked down | Matthew Garrett | 1 | -0/+1 |
2019-08-20 | hibernate: Disable when the kernel is locked down | Josh Boyer | 1 | -0/+1 |
2019-08-20 | kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE | Jiri Bohac | 2 | -2/+2 |
2019-08-20 | kexec_load: Disable at runtime if the kernel is locked down | Matthew Garrett | 1 | -0/+1 |
2019-08-20 | lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked down | Matthew Garrett | 1 | -0/+1 |
2019-08-20 | lockdown: Enforce module signatures if the kernel is locked down | David Howells | 2 | -0/+2 |
2019-08-20 | security: Add a static lockdown policy LSM | Matthew Garrett | 5 | -5/+224 |
2019-08-20 | security: Add a "locked down" LSM hook | Matthew Garrett | 1 | -0/+6 |
2019-08-20 | security: Support early LSMs | Matthew Garrett | 1 | -8/+42 |
2019-08-13 | KEYS: trusted: allow module init if TPM is inactive or deactivated | Roberto Sassu | 1 | -13/+0 |
2019-08-13 | fanotify, inotify, dnotify, security: add security hook for fs notifications | Aaron Goidel | 3 | -2/+56 |
2019-08-06 | ima: fix freeing ongoing ahash_request | Sascha Hauer | 1 | -0/+5 |
2019-08-06 | ima: always return negative code for error | Sascha Hauer | 1 | -1/+4 |
2019-08-06 | ima: Store the measurement again when appraising a modsig | Thiago Jung Bauermann | 4 | -7/+47 |
2019-08-06 | ima: Define ima-modsig template | Thiago Jung Bauermann | 8 | -6/+156 |
2019-08-06 | ima: Collect modsig | Thiago Jung Bauermann | 5 | -5/+60 |