summaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2017-11-08ima: Fix bool initialization/comparisonThomas Meyer2-4/+4
2017-11-08ima: check signature enforcement against cmdline param instead of CONFIGBruno E. O. Meneguele1-3/+3
2017-11-08ima: fix hash algorithm initializationBoshi Wang1-0/+4
2017-11-08EVM: Only complain about a missing HMAC key onceMatthew Garrett1-1/+1
2017-11-08EVM: Allow userspace to signal an RSA key has been loadedMatthew Garrett2-12/+20
2017-11-08EVM: Include security.apparmor in EVM measurementsMatthew Garrett1-0/+3
2017-11-08integrity: use kernel_read_file_from_path() to read x509 certsChristoph Hellwig4-56/+13
2017-11-08ima: always measure and audit files in policyMimi Zohar3-30/+56
2017-11-08ima: don't remove the securityfs policy fileMimi Zohar1-2/+2
2017-11-08apparmor: fix off-by-one comparison on MAXMAPPED_SIGJohn Johansen1-2/+2
2017-11-07Merge branch 'linus' into locking/core, to resolve conflictsIngo Molnar62-871/+96
2017-11-05device_cgroup: prepare code for bpf-based device controllerRoman Gushchin1-45/+2
2017-11-05device_cgroup: add DEVCG_ prefix to ACC_* and DEV_* constantsRoman Gushchin1-36/+36
2017-11-04Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller51-31/+80
2017-11-03ima: move to generic async completionGilad Ben-Yossef1-39/+17
2017-11-02Merge tag 'spdx_identifiers-4.14-rc8' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds49-0/+49
2017-11-02License cleanup: add SPDX GPL-2.0 license identifier to files with no licenseGreg Kroah-Hartman49-0/+49
2017-11-02KEYS: trusted: fix writing past end of buffer in trusted_read()Eric Biggers1-11/+12
2017-11-02KEYS: return full count in keyring_read() if buffer is too smallEric Biggers1-20/+19
2017-11-02Smack: Base support for overlayfsCasey Schaufler1-0/+79
2017-10-31treewide: Fix function prototypes for module_param_call()Kees Cook1-8/+8
2017-10-30Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller12-840/+16
2017-10-26Revert "apparmor: add base infastructure for socket mediation"Linus Torvalds12-840/+16
2017-10-24Merge tag 'v4.14-rc6' into locking/core, to pick up fixesIngo Molnar15-54/+90
2017-10-22Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller15-54/+90
2017-10-21tomoyo: fix timestamping for y2038Arnd Bergmann4-34/+13
2017-10-20selinux: bpf: Add addtional check for bpf object file receiveChenbo Feng1-0/+49
2017-10-20selinux: bpf: Add selinux check for eBPF syscall operationsChenbo Feng3-0/+117
2017-10-20security: bpf: Add LSM hooks for bpf object related syscallChenbo Feng1-0/+32
2017-10-20capabilities: audit log other surprising conditionsRichard Guy Briggs1-7/+22
2017-10-20capabilities: fix logic for effective root or real rootRichard Guy Briggs1-3/+2
2017-10-20capabilities: invert logic for clarityRichard Guy Briggs1-4/+4
2017-10-20capabilities: remove a layer of conditional logicRichard Guy Briggs1-13/+10
2017-10-20capabilities: move audit log decision to functionRichard Guy Briggs1-20/+30
2017-10-20capabilities: use intuitive names for id changesRichard Guy Briggs1-6/+22
2017-10-20capabilities: use root_priveleged inline to clarify logicRichard Guy Briggs1-2/+4
2017-10-20capabilities: rename has_cap to has_fcapRichard Guy Briggs1-10/+10
2017-10-20capabilities: intuitive names for cap gain statusRichard Guy Briggs1-7/+11
2017-10-20capabilities: factor out cap_bprm_set_creds privileged rootRichard Guy Briggs1-28/+48
2017-10-19commoncap: move assignment of fs_ns to avoid null pointer dereferenceColin Ian King1-1/+2
2017-10-19Merge commit 'tags/keys-fixes-20171018' into fixes-v4.14-rc5James Morris14-53/+88
2017-10-18KEYS: load key flags and expiry time atomically in proc_keys_show()Eric Biggers1-10/+14
2017-10-18KEYS: Load key expiry time atomically in keyring_search_iterator()Eric Biggers1-1/+3
2017-10-18KEYS: load key flags and expiry time atomically in key_validate()Eric Biggers1-3/+4
2017-10-18KEYS: don't let add_key() update an uninstantiated keyDavid Howells1-0/+10
2017-10-18KEYS: Fix race between updating and finding a negative keyDavid Howells12-39/+49
2017-10-18security/keys: BIG_KEY requires CONFIG_CRYPTOArnd Bergmann1-0/+1
2017-10-16selinux: remove extraneous initialization of slots_used and max_chain_lenColin Ian King1-1/+1
2017-10-16selinux: remove redundant assignment to lenColin Ian King1-1/+0
2017-10-16selinux: remove redundant assignment to strColin Ian King1-3/+2