summaryrefslogtreecommitdiff
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* selinux: bpf: Add selinux check for eBPF syscall operationsChenbo Feng2017-10-203-0/+117
* security: bpf: Add LSM hooks for bpf object related syscallChenbo Feng2017-10-201-0/+32
* lsm: fix smack_inode_removexattr and xattr_getsecurity memleakCasey Schaufler2017-10-041-30/+25
* Merge commit 'keys-fixes-20170927' into fixes-v4.14-rc3James Morris2017-09-289-152/+137
|\
| * security/keys: rewrite all of big_key cryptoJason A. Donenfeld2017-09-252-71/+60
| * security/keys: properly zero out sensitive key material in big_keyJason A. Donenfeld2017-09-251-6/+6
| * KEYS: use kmemdup() in request_key_auth_new()Eric Biggers2017-09-251-3/+2
| * KEYS: restrict /proc/keys by credentials at open timeEric Biggers2017-09-251-6/+2
| * KEYS: reset parent each time before searching key_user_treeEric Biggers2017-09-251-2/+2
| * KEYS: prevent KEYCTL_READ on negative keyEric Biggers2017-09-251-0/+5
| * KEYS: prevent creating a different user's keyringsEric Biggers2017-09-254-12/+21
| * KEYS: fix writing past end of user-supplied buffer in keyring_read()Eric Biggers2017-09-251-9/+5
| * KEYS: fix key refcount leak in keyctl_read_key()Eric Biggers2017-09-251-1/+1
| * KEYS: fix key refcount leak in keyctl_assume_authority()Eric Biggers2017-09-251-4/+2
| * KEYS: don't revoke uninstantiated key in request_key_auth_new()Eric Biggers2017-09-251-1/+0
| * KEYS: fix cred refcount leak in request_key_auth_new()Eric Biggers2017-09-251-37/+31
* | Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2017-09-241-3/+3
|\ \
| * | security: fix description of values returned by cap_inode_need_killprivStefan Berger2017-09-231-3/+3
* | | Merge tag 'apparmor-pr-2017-09-22' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds2017-09-2324-137/+2088
|\ \ \ | |_|/ |/| |
| * | apparmor: fix apparmorfs DAC access permissionsJohn Johansen2017-09-221-4/+4
| * | apparmor: fix build failure on sparc caused by undeclared signalsJohn Johansen2017-09-221-1/+4
| * | apparmor: fix incorrect type assignment when freeing proxiesJohn Johansen2017-09-221-1/+1
| * | apparmor: ensure unconfined profiles have dfas initializedJohn Johansen2017-09-221-0/+2
| * | apparmor: fix race condition in null profile creationJohn Johansen2017-09-221-3/+11
| * | apparmor: move new_null_profile to after profile lookup fns()John Johansen2017-09-221-79/+79
| * | apparmor: add base infastructure for socket mediationJohn Johansen2017-09-2212-16/+840
| * | apparmor: add more debug asserts to apparmorfsJohn Johansen2017-09-221-0/+17
| * | apparmor: make policy_unpack able to audit different info messagesJohn Johansen2017-09-222-16/+40
| * | apparmor: add support for absolute root view based labelsJohn Johansen2017-09-222-1/+10
| * | apparmor: cleanup conditional check for label in label_printJohn Johansen2017-09-221-14/+8
| * | apparmor: add mount mediationJohn Johansen2017-09-229-4/+841
| * | apparmor: add the ability to mediate signalsJohn Johansen2017-09-227-0/+231
| * | apparmor: Redundant condition: prev_ns. in [label.c:1498]John Johansen2017-09-221-1/+1
| * | apparmor: Fix an error code in aafs_create()Dan Carpenter2017-09-221-1/+3
| * | apparmor: Fix logical error in verify_header()Christos Gkekas2017-09-221-1/+1
| * | apparmor: Fix shadowed local variable in unpack_trans_table()Geert Uytterhoeven2017-09-221-2/+2
* | | Merge branch 'work.set_fs' of git://git.kernel.org/pub/scm/linux/kernel/git/v...Linus Torvalds2017-09-141-2/+4
|\ \ \
| * | | fs: fix kernel_write prototypeChristoph Hellwig2017-09-041-1/+2
| * | | fs: fix kernel_read prototypeChristoph Hellwig2017-09-041-1/+2
| |/ /
* | | Merge tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2017-09-1228-56/+78
|\ \ \
| * | | selinux: constify nf_hook_opsArvind Yadav2017-08-281-1/+1
| * | | selinux: allow per-file labeling for cgroupfsAntonio Murdaca2017-08-221-1/+3
| * | | lsm_audit: update my email addressStephen Smalley2017-08-171-1/+1
| * | | selinux: update my email addressStephen Smalley2017-08-1725-25/+25
| * | | selinux: use GFP_NOWAIT in the AVC kmem_cachesMichal Hocko2017-08-081-8/+6
| * | | selinux: Generalize support for NNP/nosuid SELinux domain transitionsStephen Smalley2017-08-024-16/+42
| * | | selinux: Assign proper class to PF_UNIX/SOCK_RAW socketsLuis Ressel2017-07-251-0/+1
| | |/ | |/|
| * | sync to Linus v4.13-rc2 for subsystem developers to work againstJames Morris2017-07-2524-334/+365
| |\ \ | | |/
| * | LSM: Remove security_task_create() hook.Tetsuo Handa2017-07-181-5/+0
* | | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds2017-09-111-21/+256
|\ \ \