aboutsummaryrefslogtreecommitdiffstats
path: root/security (follow)
AgeCommit message (Expand)AuthorFilesLines
2019-08-19tracefs: Restrict tracefs when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19debugfs: Restrict debugfs when the kernel is locked downDavid Howells1-0/+1
2019-08-19kexec: Allow kexec_file() with appropriate IMA policy when locked downMatthew Garrett3-1/+53
2019-08-19lockdown: Lock down perf when in confidentiality modeDavid Howells1-0/+1
2019-08-19bpf: Restrict bpf when kernel lockdown is in confidentiality modeDavid Howells1-0/+1
2019-08-19lockdown: Lock down tracing and perf kprobes when in confidentiality modeDavid Howells1-0/+1
2019-08-19lockdown: Lock down /proc/kcoreDavid Howells1-0/+1
2019-08-19x86/mmiotrace: Lock down the testmmiotrace moduleDavid Howells1-0/+1
2019-08-19lockdown: Lock down module params that specify hardware parameters (eg. ioport)David Howells1-0/+1
2019-08-19lockdown: Lock down TIOCSSERIALDavid Howells1-0/+1
2019-08-19lockdown: Prohibit PCMCIA CIS storage when the kernel is locked downDavid Howells1-0/+1
2019-08-19ACPI: Limit access to custom_method when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19x86/msr: Restrict MSR access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19x86: Lock down IO port access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19PCI: Lock down BAR access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19hibernate: Disable when the kernel is locked downJosh Boyer1-0/+1
2019-08-19kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCEJiri Bohac2-2/+2
2019-08-19kexec_load: Disable at runtime if the kernel is locked downMatthew Garrett1-0/+1
2019-08-19lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked downMatthew Garrett1-0/+1
2019-08-19lockdown: Enforce module signatures if the kernel is locked downDavid Howells2-0/+2
2019-08-19security: Add a static lockdown policy LSMMatthew Garrett5-5/+224
2019-08-19security: Add a "locked down" LSM hookMatthew Garrett1-0/+6
2019-08-19security: Support early LSMsMatthew Garrett1-8/+42
2019-06-21Merge tag 'spdx-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdxLinus Torvalds15-61/+15
2019-06-19treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500Thomas Gleixner15-61/+15
2019-06-18apparmor: reset pos on failure to unpack for various functionsMike Salvatore1-8/+39
2019-06-18apparmor: enforce nullbyte at end of tag stringJann Horn1-1/+1
2019-06-18apparmor: fix PROFILE_MEDIATES for untrusted inputJohn Johansen1-1/+10
2019-06-14Smack: Restore the smackfsdef mount option and add missing prefixesCasey Schaufler1-5/+7
2019-06-12Merge tag 'selinux-pr-20190612' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinuxLinus Torvalds2-13/+36
2019-06-12selinux: fix a missing-check bug in selinux_sb_eat_lsm_opts()Gen Zhang1-6/+14
2019-06-12selinux: fix a missing-check bug in selinux_add_mnt_opt( )Gen Zhang1-5/+14
2019-06-11selinux: log raw contexts as untrusted stringsOndrej Mosnacek1-2/+8
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441Thomas Gleixner72-352/+72
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 372Thomas Gleixner11-39/+11
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295Thomas Gleixner6-66/+6
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282Thomas Gleixner1-9/+1
2019-05-31Merge branch 'next-fixes-for-5.2-rc' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrityLinus Torvalds2-12/+19
2019-05-30treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152Thomas Gleixner16-81/+16
2019-05-29ima: show rules with IMA_INMASK correctlyRoberto Sassu1-9/+12
2019-05-29evm: check hash algorithm passed to init_desc()Roberto Sassu1-0/+3
2019-05-24Merge tag 'spdx-5.2-rc2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-coreLinus Torvalds5-25/+5
2019-05-24treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36Thomas Gleixner5-25/+5
2019-05-21Merge tag 'selinux-pr-20190521' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinuxLinus Torvalds1-2/+8
2019-05-21treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13Thomas Gleixner2-30/+2
2019-05-21treewide: Add SPDX license identifier - Makefile/KconfigThomas Gleixner17-0/+17
2019-05-20selinux: do not report error on connect(AF_UNSPEC)Paolo Abeni1-2/+8
2019-05-19ima: fix wrong signed policy requirement when not appraisingPetr Vorel1-3/+4
2019-05-13Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds1-4/+4
2019-05-10tomoyo: Don't emit WARNING: string while fuzzing testing.Tetsuo Handa1-0/+2
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.