summaryrefslogtreecommitdiffstats
path: root/security/integrity
AgeCommit message (Expand)AuthorFilesLines
2018-12-11ima: don't measure/appraise files on efivarfsMimi Zohar1-1/+3
2018-12-11x86/ima: define arch_get_ima_policy() for x86Eric Richter1-1/+9
2018-12-11ima: add support for arch specific policiesNayna Jain1-2/+70
2018-12-11ima: refactor ima_init_policy()Nayna Jain1-41/+56
2018-12-11ima: prevent kexec_load syscall based on runtime secureboot flagNayna Jain1-6/+13
2018-11-26audit: use current whenever possiblePaul Moore1-1/+1
2018-11-20crypto: drop mask=CRYPTO_ALG_ASYNC from 'shash' tfm allocationsEric Biggers1-2/+1
2018-11-13integrity: support new struct public_key_signature encoding fieldMimi Zohar1-0/+1
2018-11-13integrity: support new struct public_key_signature encoding fieldMimi Zohar1-0/+1
2018-11-13tpm: use u32 instead of int for PCR indexTomas Winkler1-2/+3
2018-10-25Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds9-43/+54
2018-10-10LSM: Record LSM name in struct lsm_infoKees Cook1-0/+1
2018-10-10LSM: Convert security_initcall() into DEFINE_LSM()Kees Cook1-1/+3
2018-10-10LSM: Convert from initcall to struct lsm_infoKees Cook1-0/+1
2018-10-10ima: open a new file instance if no read permissionsGoldwyn Rodrigues1-20/+34
2018-10-10ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers1-3/+3
2018-10-10security/integrity: remove unnecessary 'init_keyring' variableEric Biggers1-7/+1
2018-10-10security/integrity: constify some read-only dataEric Biggers8-13/+16
2018-08-15Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds11-45/+102
2018-08-15Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmor...Linus Torvalds4-16/+10
2018-08-15Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds4-17/+158
2018-07-28ima: Get rid of ima_used_chip and use ima_tpm_chip != NULL insteadStefan Berger4-8/+4
2018-07-28ima: Use tpm_default_chip() and call TPM functions with a tpm_chipStefan Berger4-9/+7
2018-07-22EVM: fix return value check in evm_write_xattrs()Wei Yongjun1-2/+2
2018-07-18integrity: prevent deadlock during digsig verification.Mikhail Kurinnoi1-0/+23
2018-07-18evm: Allow non-SHA1 digital signaturesMatthew Garrett4-31/+46
2018-07-18evm: Don't deadlock if a crypto algorithm is unavailableMatthew Garrett1-1/+2
2018-07-18integrity: silence warning when CONFIG_SECURITYFS is not enabledSudeep Holla1-3/+6
2018-07-18ima: Differentiate auditing policy rules from "audit" actionsStefan Berger1-2/+2
2018-07-18ima: Do not audit if CONFIG_INTEGRITY_AUDIT is not setStefan Berger3-1/+21
2018-07-18ima: Use audit_log_format() rather than audit_log_string()Stefan Berger2-7/+2
2018-07-18ima: Call audit_log_string() rather than logging it untrustedStefan Berger1-1/+1
2018-07-16ima: based on policy warn about loading firmware (pre-allocated buffer)Mimi Zohar1-0/+8
2018-07-16module: replace the existing LSM hook in init_moduleMimi Zohar1-13/+10
2018-07-16ima: add build time policyMimi Zohar2-3/+101
2018-07-16ima: based on policy require signed firmware (sysfs fallback)Mimi Zohar1-1/+9
2018-07-16ima: based on policy require signed kexec kernel imagesMimi Zohar3-0/+30
2018-07-12IMA: don't propagate opened through the entire thingAl Viro3-12/+12
2018-06-07Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds13-83/+362
2018-06-06Merge tag 'audit-pr-20180605' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds2-2/+2
2018-06-01EVM: unlock on error path in evm_read_xattrs()Dan Carpenter1-1/+3
2018-05-31EVM: prevent array underflow in evm_write_xattrs()Dan Carpenter1-1/+1
2018-05-31EVM: Fix null dereference on xattr when xattr fails to allocateColin Ian King1-2/+4
2018-05-31EVM: fix memory leak of temporary buffer 'temp'Colin Ian King1-0/+2
2018-05-31IMA: use list_splice_tail_init_rcu() instead of its open coded variantPetko Manolov1-15/+2
2018-05-31ima: use match_string() helperYisheng Xie1-7/+4
2018-05-22ima: fix updating the ima_appraise flagMimi Zohar1-9/+19
2018-05-22ima: based on policy verify firmware signatures (pre-allocated buffer)Mimi Zohar1-0/+1
2018-05-22ima: define a new policy condition based on the filesystem nameMimi Zohar1-1/+24
2018-05-18EVM: Allow runtime modification of the set of verified xattrsMatthew Garrett4-4/+188