index
:
wireguard-linux
backport-5.4.y
davem/net
davem/net-next
devel
gregkh/stable-5.4.y
jd/bump-compilers
jd/deferred-aip-removal
jd/new-archs
jd/orphan-parallel
jd/rcu-barrier
jd/shorter-socket-lock
jd/unified-crypt-queue
jd/xdp-l3
stable
update-toolchain
WireGuard for the Linux kernel
Jason A. Donenfeld
about
summary
refs
log
tree
commit
diff
stats
homepage
log msg
author
committer
range
path:
root
/
security
Age
Commit message (
Expand
)
Author
Files
Lines
2025-01-20
Merge tag 'vfs-6.14-rc1.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
Linus Torvalds
1
-1
/
+1
2025-01-18
apparmor: fix dbus permission queries to v9 ABI
John Johansen
1
-0
/
+8
2025-01-18
apparmor: gate make fine grained unix mediation behind v9 abi
John Johansen
4
-10
/
+26
2025-01-18
apparmor: add fine grained af_unix mediation
John Johansen
12
-58
/
+1063
2025-01-18
apparmor: in preparation for finer networking rules rework match_prot
John Johansen
2
-14
/
+75
2025-01-18
apparmor: lift kernel socket check out of critical section
John Johansen
1
-1
/
+5
2025-01-18
apparmor: remove af_select macro
John Johansen
2
-36
/
+9
2025-01-18
apparmor: add ability to mediate caps with policy state machine
John Johansen
3
-6
/
+62
2025-01-18
apparmor: fix x_table_lookup when stacking is not the first entry
John Johansen
1
-23
/
+29
2025-01-18
apparmor: add support for profiles to define the kill signal
John Johansen
8
-6
/
+34
2025-01-18
apparmor: add additional flags to extended permission.
John Johansen
7
-21
/
+54
2025-01-18
apparmor: carry mediation check on label
John Johansen
6
-24
/
+68
2025-01-18
apparmor: cleanup: refactor file_perm() to doc semantics of some checks
John Johansen
1
-2
/
+15
2025-01-18
apparmor: remove explicit restriction that unconfined cannot use change_hat
John Johansen
2
-3
/
+18
2025-01-18
apparmor: ensure labels with more than one entry have correct flags
John Johansen
1
-1
/
+2
2025-01-18
apparmor: switch signal mediation to use RULE_MEDIATES
John Johansen
1
-5
/
+5
2025-01-18
apparmor: remove redundant unconfined check.
John Johansen
1
-2
/
+1
2025-01-18
apparmor: cleanup: attachment perm lookup to use lookup_perms()
John Johansen
1
-8
/
+6
2025-01-18
apparmor: Improve debug print infrastructure
John Johansen
9
-34
/
+177
2025-01-18
apparmor: Use str_yes_no() helper function
Thorsten Blum
1
-4
/
+4
2025-01-17
landlock: Optimize file path walks and prepare for audit support
Mickaël Salaün
1
-17
/
+27
2025-01-17
landlock: Align partial refer access checks with final ones
Mickaël Salaün
1
-1
/
+13
2025-01-17
landlock: Simplify initially denied access rights
Mickaël Salaün
3
-11
/
+19
2025-01-17
landlock: Move access types
Mickaël Salaün
5
-46
/
+68
2025-01-17
landlock: Factor out check_access_path()
Mickaël Salaün
1
-21
/
+11
2025-01-14
landlock: Use scoped guards for ruleset in landlock_add_rule()
Mickaël Salaün
1
-10
/
+4
2025-01-14
landlock: Use scoped guards for ruleset
Mickaël Salaün
3
-29
/
+23
2025-01-14
landlock: Constify get_mode_access()
Mickaël Salaün
1
-1
/
+1
2025-01-14
landlock: Handle weird files
Mickaël Salaün
1
-6
/
+5
2025-01-12
security: remove get_task_comm() and print task comm directly
Yafang Shao
1
-3
/
+1
2025-01-08
hardening: Document INIT_STACK_ALL_PATTERN behavior with GCC
Geert Uytterhoeven
1
-0
/
+1
2025-01-07
selinux: make more use of str_read() when loading the policy
Christian Göttsche
3
-22
/
+12
2025-01-07
selinux: avoid unnecessary indirection in struct level_datum
Christian Göttsche
3
-17
/
+10
2025-01-07
selinux: use known type instead of void pointer
Christian Göttsche
8
-74
/
+77
2025-01-07
selinux: rename comparison functions for clarity
Christian Göttsche
7
-16
/
+16
2025-01-07
selinux: rework match_ipv6_addrmask()
Christian Göttsche
1
-7
/
+5
2025-01-07
selinux: constify and reconcile function parameter names
Christian Göttsche
4
-6
/
+6
2025-01-07
selinux: avoid using types indicating user space interaction
Christian Göttsche
2
-2
/
+2
2025-01-07
selinux: supply missing field initializers
Christian Göttsche
2
-2
/
+2
2025-01-07
Merge tag 'selinux-pr-20250107' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Linus Torvalds
5
-38
/
+65
2025-01-06
tomoyo: automatically use patterns for several situations in learning mode
Tetsuo Handa
1
-0
/
+30
2025-01-05
lockdown: initialize local array before use to quiet static analysis
Tanya Agarwal
1
-1
/
+1
2025-01-04
safesetid: check size of policy writes
Leo Stone
1
-0
/
+3
2025-01-04
lsm: rename variable to avoid shadowing
Christian Göttsche
1
-2
/
+2
2025-01-04
lsm: constify function parameters
Christian Göttsche
1
-2
/
+2
2025-01-04
security: remove redundant assignment to return variable
Colin Ian King
1
-3
/
+1
2025-01-04
selinux: match extended permissions to their base permissions
Thiébaud Weksteen
5
-38
/
+65
2025-01-04
lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set
Mickaël Salaün
2
-1
/
+6
2025-01-03
ima: ignore suffixed policy rule comments
Mimi Zohar
1
-1
/
+1
2025-01-03
ima: limit the builtin 'tcb' dont_measure tmpfs policy rule
Mimi Zohar
1
-1
/
+2
[prev]
[next]