aboutsummaryrefslogtreecommitdiffstats
path: root/security (follow)
AgeCommit message (Expand)AuthorFilesLines
2019-08-19lockdown: Lock down perf when in confidentiality modeDavid Howells1-0/+1
2019-08-19bpf: Restrict bpf when kernel lockdown is in confidentiality modeDavid Howells1-0/+1
2019-08-19lockdown: Lock down tracing and perf kprobes when in confidentiality modeDavid Howells1-0/+1
2019-08-19lockdown: Lock down /proc/kcoreDavid Howells1-0/+1
2019-08-19x86/mmiotrace: Lock down the testmmiotrace moduleDavid Howells1-0/+1
2019-08-19lockdown: Lock down module params that specify hardware parameters (eg. ioport)David Howells1-0/+1
2019-08-19lockdown: Lock down TIOCSSERIALDavid Howells1-0/+1
2019-08-19lockdown: Prohibit PCMCIA CIS storage when the kernel is locked downDavid Howells1-0/+1
2019-08-19ACPI: Limit access to custom_method when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19x86/msr: Restrict MSR access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19x86: Lock down IO port access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19PCI: Lock down BAR access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19hibernate: Disable when the kernel is locked downJosh Boyer1-0/+1
2019-08-19kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCEJiri Bohac2-2/+2
2019-08-19kexec_load: Disable at runtime if the kernel is locked downMatthew Garrett1-0/+1
2019-08-19lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19lockdown: Enforce module signatures if the kernel is locked downDavid Howells2-0/+2
2019-08-19security: Add a static lockdown policy LSMMatthew Garrett5-5/+224
2019-08-19security: Add a "locked down" LSM hookMatthew Garrett1-0/+6
2019-08-19security: Support early LSMsMatthew Garrett1-8/+42
2019-08-13KEYS: trusted: allow module init if TPM is inactive or deactivatedRoberto Sassu1-13/+0
2019-08-12fanotify, inotify, dnotify, security: add security hook for fs notificationsAaron Goidel3-2/+56
2019-08-05ima: fix freeing ongoing ahash_requestSascha Hauer1-0/+5
2019-08-05ima: always return negative code for errorSascha Hauer1-1/+4
2019-08-05ima: Store the measurement again when appraising a modsigThiago Jung Bauermann4-7/+47
2019-08-05ima: Define ima-modsig templateThiago Jung Bauermann8-6/+156
2019-08-05ima: Collect modsigThiago Jung Bauermann5-5/+60
2019-08-05ima: Implement support for module-style appended signaturesThiago Jung Bauermann8-23/+209
2019-08-05ima: Factor xattr_verify() out of ima_appraise_measurement()Thiago Jung Bauermann1-60/+81
2019-08-05ima: Add modsig appraise_type option for module-style appended signaturesThiago Jung Bauermann6-2/+62
2019-08-05integrity: Select CONFIG_KEYS instead of depending on itThiago Jung Bauermann1-1/+1
2019-08-05selinux: always return a secid from the network caches if we find onePaul Moore3-47/+38
2019-08-05selinux: policydb - rename type_val_to_struct_arrayOndrej Mosnacek3-11/+11
2019-08-05selinux: policydb - fix some checkpatch.pl warningsOndrej Mosnacek1-4/+8
2019-08-05selinux: shuffle around policydb.c to get rid of forward declarationsPaul Moore1-189/+187
2019-08-02Merge tag 'selinux-pr-20190801' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinuxLinus Torvalds1-1/+5
2019-08-01ima: initialize the "template" field with the default templateMimi Zohar1-2/+4
2019-07-31selinux: fix memory leak in policydb_init()Ondrej Mosnacek1-1/+5
2019-07-28Merge tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linuxLinus Torvalds1-0/+7
2019-07-26Merge tag 'selinux-pr-20190726' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinuxLinus Torvalds1-0/+5
2019-07-25structleak: disable STRUCTLEAK_BYREF in combination with KASAN_STACKArnd Bergmann1-0/+7
2019-07-24selinux: check sidtab limit before adding a new entryOndrej Mosnacek1-0/+5
2019-07-19Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds4-28/+67
2019-07-18proc/sysctl: add shared variables for range checkMatteo Croce3-20/+15
2019-07-16Merge tag 'docs/v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-mediaLinus Torvalds2-2/+2
2019-07-15LSM: SafeSetID: fix use of literal -1 in capable hookJann Horn1-1/+1
2019-07-15LSM: SafeSetID: verify transitive constrainednessJann Horn1-1/+37
2019-07-15LSM: SafeSetID: add read handlerJann Horn2-4/+32
2019-07-15LSM: SafeSetID: rewrite userspace API to atomic updatesJann Horn3-158/+144
2019-07-15LSM: SafeSetID: fix userns handling in securityfsJann Horn1-3/+3
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.