summaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2013-10-26ima: provide hash algo info in the xattrDmitry Kasatkin2-15/+59
2013-10-26ima: enable support for larger default filedata hash algorithmsMimi Zohar2-2/+59
2013-10-26ima: define kernel parameter 'ima_template=' to change configured defaultRoberto Sassu1-0/+31
2013-10-26ima: add Kconfig default measurement list templateMimi Zohar2-2/+27
2013-10-26ima: defer determining the appraisal hash algorithm for 'ima' templateRoberto Sassu1-1/+5
2013-10-26ima: add audit log support for larger hashesMimi Zohar1-1/+4
2013-10-25ima: switch to new template management mechanismRoberto Sassu5-97/+107
2013-10-25ima: define new template ima-ng and template fields d-ng and n-ngRoberto Sassu3-17/+150
2013-10-25ima: define template fields library and new helpersRoberto Sassu6-8/+242
2013-10-25ima: new templates management mechanismRoberto Sassu4-1/+146
2013-10-25ima: define new function ima_alloc_init_template() to APIRoberto Sassu3-39/+76
2013-10-25ima: pass the filename argument up to ima_add_template_entry()Roberto Sassu4-10/+13
2013-10-25ima: pass the file descriptor to ima_add_violation()Roberto Sassu3-5/+5
2013-10-25ima: ima_calc_boot_agregate must use SHA1Dmitry Kasatkin3-5/+31
2013-10-25ima: support arbitrary hash algorithms in ima_calc_buffer_hashDmitry Kasatkin2-6/+25
2013-10-25ima: provide dedicated hash algo allocation functionDmitry Kasatkin1-14/+29
2013-10-25ima: differentiate between template hash and file data hash sizesMimi Zohar6-12/+12
2013-10-25ima: use dynamically allocated hash storageDmitry Kasatkin4-30/+49
2013-10-25ima: pass full xattr with the signatureDmitry Kasatkin4-5/+7
2013-10-25ima: read and use signature hash algorithmDmitry Kasatkin6-25/+94
2013-10-25ima: provide support for arbitrary hash algorithmsDmitry Kasatkin7-32/+98
2013-10-25Revert "ima: policy for RAMFS"Mimi Zohar1-1/+0
2013-10-25ima: fix script messagesDmitry Kasatkin6-13/+13
2013-10-22Merge branch 'master' of git://git.infradead.org/users/pcmoore/selinux into r...James Morris16-392/+432
2013-09-26selinux: correct locking in selinux_netlbl_socket_connect)Paul Moore1-4/+2
2013-09-26selinux: Use kmemdup instead of kmalloc + memcpyDuan Jiong1-2/+2
2013-09-25KEYS: initialize root uid and session keyrings earlyMimi Zohar1-0/+10
2013-09-25KEYS: Add a 'trusted' flag and a 'trusted only' flagDavid Howells2-0/+12
2013-09-24KEYS: Add per-user_namespace registers for persistent per-UID kerberos cachesDavid Howells7-0/+213
2013-09-24KEYS: Implement a big key type that can save to tmpfsDavid Howells3-0/+216
2013-09-24KEYS: Expand the capacity of a keyringDavid Howells6-742/+792
2013-09-24KEYS: Drop the permissions argument from __keyring_search_one()David Howells3-9/+5
2013-09-24KEYS: Define a __key_get() wrapper to use rather than atomic_inc()David Howells3-12/+12
2013-09-24KEYS: Search for auth-key by name rather than target key IDDavid Howells1-14/+7
2013-09-24KEYS: Introduce a search context structureDavid Howells7-158/+174
2013-09-24KEYS: Consolidate the concept of an 'index key' for key accessDavid Howells4-62/+67
2013-09-24KEYS: key_is_dead() should take a const key pointer argumentDavid Howells1-1/+1
2013-09-24KEYS: Use bool in make_key_ref() and is_key_possessed()David Howells1-2/+3
2013-09-24KEYS: Skip key state checks when checking for possessionDavid Howells4-6/+11
2013-09-24security: remove erroneous comment about capabilities.o link orderingEric Paris1-1/+0
2013-09-18Merge git://git.infradead.org/users/eparis/selinuxPaul Moore15-388/+430
2013-09-07Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds1-5/+5
2013-09-07Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds28-547/+1666
2013-09-05Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-1/+6
2013-09-04Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-0/+2
2013-09-03Merge branch 'for-3.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c...Linus Torvalds1-39/+26
2013-08-30capabilities: allow nice if we are privilegedSerge Hallyn1-4/+4
2013-08-30userns: Allow PR_CAPBSET_DROP in a user namespace.Eric W. Biederman1-1/+1
2013-08-28Revert "SELinux: do not handle seclabel as a special flag"Eric Paris2-1/+4
2013-08-28selinux: consider filesystem subtype in policiesAnand Avati2-22/+60