aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/security (follow)
AgeCommit message (Expand)AuthorFilesLines
2022-06-14efi: Do not import certificates from UEFI Secure Boot for T2 MacsAditya Garg2-0/+41
2022-06-06lockdown: also lock down previous kgdb useDaniel Thompson1-0/+2
2022-04-15Fix incorrect type in assignment of ipv6 port for auditCasey Schaufler1-1/+1
2022-04-15selinux: use correct type for context lengthChristian Göttsche1-1/+1
2022-04-15LSM: general protection fault in legacy_parse_paramCasey Schaufler2-5/+17
2022-04-15TOMOYO: fix __setup handlers return valuesRandy Dunlap1-2/+2
2022-04-15KEYS: fix length validation in keyctl_pkey_params_get_2()Eric Biggers1-3/+11
2022-02-16ima: Do not print policy rule with inactive LSM labelsStefan Berger1-0/+8
2022-02-16ima: Allow template selection with ima_template[_fmt]= after ima_hash=Roberto Sassu1-3/+7
2022-02-16ima: Remove ima_policy file before directoryStefan Berger1-1/+1
2022-02-16integrity: check the return value of audit_log_start()Xiaoke Wang1-0/+2
2022-01-27selinux: fix potential memleak in selinux_add_opt()Bernard Zhao1-2/+10
2022-01-05selinux: initialize proto variable in selinux_ip_postroute_compat()Tom Rix1-1/+1
2022-01-05tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().Dmitry Vyukov1-7/+7
2021-12-17selinux: fix race condition when computing ocontext SIDsOndrej Mosnacek1-72/+87
2021-11-21fortify: Explicitly disable Clang supportKees Cook1-0/+3
2021-11-17apparmor: fix error checkTom Rix1-2/+2
2021-11-17smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doiTetsuo Handa1-1/+1
2021-11-17smackfs: use __GFP_NOFAIL for smk_cipso_doi()Tetsuo Handa1-3/+1
2021-11-17smackfs: Fix use-after-free in netlbl_catmap_walk()Pawan Gupta1-1/+4
2021-11-17evm: mark evm_fixmode as __ro_after_initAustin Kim1-1/+1
2021-11-17binder: use cred instead of task for selinux checksTodd Kjos2-28/+22
2021-09-26apparmor: remove duplicate macro list_entry_is_head()Andy Shevchenko1-3/+0
2021-09-22Smack: Fix wrong semantics in smk_access_entry()Tianjia Zhang1-9/+8
2021-09-15IMA: remove the dependency on CRYPTO_MD5THOBY Simon1-1/+0
2021-09-15IMA: remove -Wmissing-prototypes warningAustin Kim1-1/+1
2021-07-19smackfs: restrict bytes count in smk_set_cipso()Tetsuo Handa1-0/+2
2021-07-19selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVCMinchan Kim1-6/+7
2021-07-14evm: fix writing <securityfs>/evm overflowMimi Zohar1-2/+3
2021-07-14evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loadedRoberto Sassu1-4/+4
2021-07-14evm: Execute evm_inode_init_security() only when an HMAC key is loadedRoberto Sassu1-2/+3
2021-07-07x86/efi: remove unused variablesYueHaibing1-5/+0
2021-06-30certs: Add EFI_CERT_X509_GUID support for dbx entriesEric Snowberg1-0/+11
2021-06-30x86/efi: move common keyring handler functions to new fileNayna Jain4-67/+115
2021-05-11security: commoncap: fix -Wstringop-overread warningArnd Bergmann1-1/+1
2021-03-30integrity: double check iint_cache was initializedMimi Zohar1-0/+8
2021-03-17Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities")Eric W. Biederman1-11/+1
2021-03-07smackfs: restrict bytes count in smackfs write functionsSabyrzhan Tasbolatov1-2/+19
2021-03-04KEYS: trusted: Fix migratable=1 failingJarkko Sakkinen1-1/+1
2021-03-04certs: Fix blacklist flag type confusionDavid Howells2-3/+4
2021-03-04capabilities: Don't allow writing ambiguous v3 file capabilitiesEric W. Biederman1-1/+11
2021-03-04ima: Free IMA measurement buffer after kexec syscallLakshmi Ramasubramanian1-0/+2
2021-03-04ima: Free IMA measurement buffer on errorLakshmi Ramasubramanian1-0/+1
2021-03-04evm: Fix memleak in init_descDinghao Liu1-2/+5
2021-02-17cap: fix conversions on getxattrMiklos Szeredi1-24/+43
2021-01-19dump_common_audit_data(): fix racy accesses to ->d_nameAl Viro1-2/+5
2020-12-30ima: Don't modify file descriptor mode on the flyRoberto Sassu1-15/+5
2020-12-30selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handlingPaul Moore1-18/+13
2020-12-30selinux: fix error initialization in inode_doinit_with_dentry()Tianyue Ren1-3/+16
2020-12-08ima: extend boot_aggregate with kernel measurementsMaurizio Drocco2-2/+15
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.