aboutsummaryrefslogtreecommitdiffstats
path: root/security (unfollow)
AgeCommit message (Expand)AuthorFilesLines
9 daysselinux: free contexts previously transferred in selinux_add_opt()Christian Göttsche1-7/+4
2022-06-08KEYS: trusted: tpm2: Fix migratable logicDavid Safford1-2/+2
2022-05-24lockdown: also lock down previous kgdb useDaniel Thompson1-0/+2
2022-05-23smack: Remove redundant assignmentsMichal Orzel1-1/+0
2022-05-23KEYS: trusted: Introduce support for NXP CAAM-based trusted keysAhmad Fatoum4-2/+97
2022-05-23KEYS: trusted: allow use of kernel RNG for key materialAhmad Fatoum1-1/+34
2022-05-23KEYS: trusted: allow use of TEE as backend without TCG_TPM supportAhmad Fatoum4-17/+42
2022-05-23certs: Factor out the blacklist hash creationMickaël Salaün1-24/+2
2022-05-23landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFERMickaël Salaün3-76/+528
2022-05-23LSM: Remove double path_rename hook calls for RENAME_EXCHANGEMickaël Salaün4-15/+46
2022-05-23landlock: Move filesystem helpers and add a new oneMickaël Salaün1-41/+46
2022-05-23landlock: Fix same-layer rule unionsMickaël Salaün2-26/+54
2022-05-23landlock: Create find_rule() from unmask_layers()Mickaël Salaün1-13/+28
2022-05-23landlock: Reduce the maximum number of layers to 16Mickaël Salaün3-11/+12
2022-05-23landlock: Define access_mask_t to enforce a consistent access mask sizeMickaël Salaün5-15/+30
2022-05-23landlock: Change landlock_restrict_self(2) check orderingMickaël Salaün1-4/+4
2022-05-23landlock: Change landlock_add_rule(2) argument check orderingMickaël Salaün1-9/+13
2022-05-23landlock: Fix landlock_add_rule(2) documentationMickaël Salaün1-4/+3
2022-05-19move mount-related externs from fs.h to mount.hAl Viro1-0/+1
2022-05-17selinux: fix bad cleanup on error in hashtab_duplicate()Ondrej Mosnacek1-1/+2
2022-05-16loadpin: stop using bdevnameChristoph Hellwig1-4/+1
2022-05-16big_keys: Use struct for internal payloadKees Cook1-37/+36
2022-05-16integrity: Fix sparse warnings in keyring_handlerStefan Berger1-3/+3
2022-05-16evm: Clean up some variablesStefan Berger2-4/+1
2022-05-16evm: Return INTEGRITY_PASS for enum integrity_status value '0'Stefan Berger1-1/+1
2022-05-15efi: Do not import certificates from UEFI Secure Boot for T2 MacsAditya Garg2-0/+41
2022-05-13security: declare member holding string literal constChristian Göttsche1-1/+1
2022-05-09landlock: Format with clang-formatMickaël Salaün10-136/+142
2022-05-09landlock: Add clang-format exceptionsMickaël Salaün2-0/+6
2022-05-08randstruct: Enable Clang supportKees Cook1-2/+12
2022-05-08randstruct: Move seed generation into scripts/basic/Kees Cook1-4/+5
2022-05-08randstruct: Reorganize Kconfigs and attribute macrosKees Cook1-0/+62
2022-05-05ima: support fs-verity file digest based version 3 signaturesMimi Zohar5-16/+177
2022-05-05ima: permit fsverity's file digests in the IMA measurement listMimi Zohar5-8/+90
2022-05-05ima: define a new template field named 'd-ngv2' and templatesMimi Zohar3-11/+73
2022-05-03selinux: log anon inode class nameChristian Göttsche2-2/+5
2022-05-03selinux: declare data arrays constChristian Göttsche9-26/+24
2022-05-03selinux: fix indentation level of mls_ops blockChristian Göttsche1-21/+21
2022-05-03selinux: include necessary headers in headersChristian Göttsche6-1/+12
2022-05-03selinux: avoid extra semicolonChristian Göttsche1-9/+9
2022-05-03selinux: update parameter documentationChristian Göttsche2-1/+2
2022-05-03selinux: resolve checkpatch errorsChristian Göttsche3-18/+9
2022-05-01ima: use IMA default hash algorithm for integrity violationsMimi Zohar1-1/+1
2022-05-01ima: fix 'd-ng' comments and documentationMimi Zohar1-3/+5
2022-04-14selinux: don't sleep when CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE is truePaul Moore2-3/+3
2022-04-13security: don't treat structure as an array of struct hlist_headBill Wendling1-5/+4
2022-04-13usercopy: Remove HARDENED_USERCOPY_PAGESPANMatthew Wilcox (Oracle)1-12/+1
2022-04-07ima: remove the IMA_TEMPLATE Kconfig optionGUO Zihua1-8/+6
2022-04-04apparmor: test: Use NULL macrosRicardo Ribalda1-3/+3
2022-04-04ima: remove redundant initialization of pointer 'file'.Colin Ian King1-1/+1