summaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2017-11-13Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds13-110/+108
2017-11-13Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds6-99/+220
2017-11-08ima: Remove redundant conditional operatorThiago Jung Bauermann1-2/+2
2017-11-08ima: Fix bool initialization/comparisonThomas Meyer2-4/+4
2017-11-08ima: check signature enforcement against cmdline param instead of CONFIGBruno E. O. Meneguele1-3/+3
2017-11-08ima: fix hash algorithm initializationBoshi Wang1-0/+4
2017-11-08EVM: Only complain about a missing HMAC key onceMatthew Garrett1-1/+1
2017-11-08EVM: Allow userspace to signal an RSA key has been loadedMatthew Garrett2-12/+20
2017-11-08EVM: Include security.apparmor in EVM measurementsMatthew Garrett1-0/+3
2017-11-08integrity: use kernel_read_file_from_path() to read x509 certsChristoph Hellwig4-56/+13
2017-11-08ima: always measure and audit files in policyMimi Zohar3-30/+56
2017-11-08ima: don't remove the securityfs policy fileMimi Zohar1-2/+2
2017-11-08apparmor: fix off-by-one comparison on MAXMAPPED_SIGJohn Johansen1-2/+2
2017-11-02Merge tag 'spdx_identifiers-4.14-rc8' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds49-0/+49
2017-11-02License cleanup: add SPDX GPL-2.0 license identifier to files with no licenseGreg Kroah-Hartman49-0/+49
2017-11-02KEYS: trusted: fix writing past end of buffer in trusted_read()Eric Biggers1-11/+12
2017-11-02KEYS: return full count in keyring_read() if buffer is too smallEric Biggers1-20/+19
2017-11-02Smack: Base support for overlayfsCasey Schaufler1-0/+79
2017-10-26Revert "apparmor: add base infastructure for socket mediation"Linus Torvalds12-840/+16
2017-10-21tomoyo: fix timestamping for y2038Arnd Bergmann4-34/+13
2017-10-20capabilities: audit log other surprising conditionsRichard Guy Briggs1-7/+22
2017-10-20capabilities: fix logic for effective root or real rootRichard Guy Briggs1-3/+2
2017-10-20capabilities: invert logic for clarityRichard Guy Briggs1-4/+4
2017-10-20capabilities: remove a layer of conditional logicRichard Guy Briggs1-13/+10
2017-10-20capabilities: move audit log decision to functionRichard Guy Briggs1-20/+30
2017-10-20capabilities: use intuitive names for id changesRichard Guy Briggs1-6/+22
2017-10-20capabilities: use root_priveleged inline to clarify logicRichard Guy Briggs1-2/+4
2017-10-20capabilities: rename has_cap to has_fcapRichard Guy Briggs1-10/+10
2017-10-20capabilities: intuitive names for cap gain statusRichard Guy Briggs1-7/+11
2017-10-20capabilities: factor out cap_bprm_set_creds privileged rootRichard Guy Briggs1-28/+48
2017-10-19commoncap: move assignment of fs_ns to avoid null pointer dereferenceColin Ian King1-1/+2
2017-10-19Merge commit 'tags/keys-fixes-20171018' into fixes-v4.14-rc5James Morris14-53/+88
2017-10-18KEYS: load key flags and expiry time atomically in proc_keys_show()Eric Biggers1-10/+14
2017-10-18KEYS: Load key expiry time atomically in keyring_search_iterator()Eric Biggers1-1/+3
2017-10-18KEYS: load key flags and expiry time atomically in key_validate()Eric Biggers1-3/+4
2017-10-18KEYS: don't let add_key() update an uninstantiated keyDavid Howells1-0/+10
2017-10-18KEYS: Fix race between updating and finding a negative keyDavid Howells12-39/+49
2017-10-18security/keys: BIG_KEY requires CONFIG_CRYPTOArnd Bergmann1-0/+1
2017-10-12KEYS: encrypted: fix dereference of NULL user_key_payloadEric Biggers1-0/+7
2017-10-04lsm: fix smack_inode_removexattr and xattr_getsecurity memleakCasey Schaufler1-30/+25
2017-09-28Merge commit 'keys-fixes-20170927' into fixes-v4.14-rc3James Morris9-152/+137
2017-09-25security/keys: rewrite all of big_key cryptoJason A. Donenfeld2-71/+60
2017-09-25security/keys: properly zero out sensitive key material in big_keyJason A. Donenfeld1-6/+6
2017-09-25KEYS: use kmemdup() in request_key_auth_new()Eric Biggers1-3/+2
2017-09-25KEYS: restrict /proc/keys by credentials at open timeEric Biggers1-6/+2
2017-09-25KEYS: reset parent each time before searching key_user_treeEric Biggers1-2/+2
2017-09-25KEYS: prevent KEYCTL_READ on negative keyEric Biggers1-0/+5
2017-09-25KEYS: prevent creating a different user's keyringsEric Biggers4-12/+21
2017-09-25KEYS: fix writing past end of user-supplied buffer in keyring_read()Eric Biggers1-9/+5
2017-09-25KEYS: fix key refcount leak in keyctl_read_key()Eric Biggers1-1/+1