summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)Author
2019-09-10security: constify some arrays in lockdown LSMMatthew Garrett
2019-09-05keys: Fix missing null pointer check in request_key_auth_describe()Hillf Danton
2019-09-04selinux: fix residual uses of current_security() for the SELinux blobStephen Smalley
2019-09-04smack: use GFP_NOFS while holding inode_smack::smk_lockEric Biggers
2019-09-04security: smack: Fix possible null-pointer dereferences in smack_socket_sock_...Jia-Ju Bai
2019-09-04smack: fix some kernel-doc notationsluanshi
2019-09-04Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is setJann Horn
2019-08-30keys: ensure that ->match_free() is called in request_key_and_link()Eric Biggers
2019-08-29ima: ima_api: Use struct_size() in kzalloc()Gustavo A. R. Silva
2019-08-29ima: use struct_size() in kzalloc()Gustavo A. R. Silva
2019-08-28ima: Fix use after free in ima_read_modsig()Thiago Jung Bauermann
2019-08-27selinux: avoid atomic_t usage in sidtabOndrej Mosnacek
2019-08-19lockdown: Print current->comm in restriction messagesMatthew Garrett
2019-08-19tracefs: Restrict tracefs when the kernel is locked downMatthew Garrett
2019-08-19debugfs: Restrict debugfs when the kernel is locked downDavid Howells
2019-08-19kexec: Allow kexec_file() with appropriate IMA policy when locked downMatthew Garrett
2019-08-19lockdown: Lock down perf when in confidentiality modeDavid Howells
2019-08-19bpf: Restrict bpf when kernel lockdown is in confidentiality modeDavid Howells
2019-08-19lockdown: Lock down tracing and perf kprobes when in confidentiality modeDavid Howells
2019-08-19lockdown: Lock down /proc/kcoreDavid Howells
2019-08-19x86/mmiotrace: Lock down the testmmiotrace moduleDavid Howells
2019-08-19lockdown: Lock down module params that specify hardware parameters (eg. ioport)David Howells
2019-08-19lockdown: Lock down TIOCSSERIALDavid Howells
2019-08-19lockdown: Prohibit PCMCIA CIS storage when the kernel is locked downDavid Howells
2019-08-19ACPI: Limit access to custom_method when the kernel is locked downMatthew Garrett
2019-08-19x86/msr: Restrict MSR access when the kernel is locked downMatthew Garrett
2019-08-19x86: Lock down IO port access when the kernel is locked downMatthew Garrett
2019-08-19PCI: Lock down BAR access when the kernel is locked downMatthew Garrett
2019-08-19hibernate: Disable when the kernel is locked downJosh Boyer
2019-08-19kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCEJiri Bohac
2019-08-19kexec_load: Disable at runtime if the kernel is locked downMatthew Garrett
2019-08-19lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked downMatthew Garrett
2019-08-19lockdown: Enforce module signatures if the kernel is locked downDavid Howells
2019-08-19security: Add a static lockdown policy LSMMatthew Garrett
2019-08-19security: Add a "locked down" LSM hookMatthew Garrett
2019-08-19security: Support early LSMsMatthew Garrett
2019-08-13KEYS: trusted: allow module init if TPM is inactive or deactivatedRoberto Sassu
2019-08-12fanotify, inotify, dnotify, security: add security hook for fs notificationsAaron Goidel
2019-08-05ima: fix freeing ongoing ahash_requestSascha Hauer
2019-08-05ima: always return negative code for errorSascha Hauer
2019-08-05ima: Store the measurement again when appraising a modsigThiago Jung Bauermann
2019-08-05ima: Define ima-modsig templateThiago Jung Bauermann
2019-08-05ima: Collect modsigThiago Jung Bauermann
2019-08-05ima: Implement support for module-style appended signaturesThiago Jung Bauermann
2019-08-05ima: Factor xattr_verify() out of ima_appraise_measurement()Thiago Jung Bauermann
2019-08-05ima: Add modsig appraise_type option for module-style appended signaturesThiago Jung Bauermann
2019-08-05integrity: Select CONFIG_KEYS instead of depending on itThiago Jung Bauermann
2019-08-05selinux: always return a secid from the network caches if we find onePaul Moore
2019-08-05selinux: policydb - rename type_val_to_struct_arrayOndrej Mosnacek
2019-08-05selinux: policydb - fix some checkpatch.pl warningsOndrej Mosnacek