summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)Author
2017-06-10apparmor: allow ptrace checks to be finer grained than just capabilityJohn Johansen
2017-06-10apparmor: move ptrace checks to using labelsJohn Johansen
2017-06-10apparmor: add cross check permission helper macrosJohn Johansen
2017-06-10apparmor: move resource checks to using labelsJohn Johansen
2017-06-10apparmor: move capability checks to using labelsJohn Johansen
2017-06-10apparmor: update query interface to support label queriesJohn Johansen
2017-06-10apparmor: switch getprocattr to using label_print fns()John Johansen
2017-06-10apparmor: switch from profiles to using labels on contextsJohn Johansen
2017-06-10apparmor: add the base fns() for domain labelsJohn Johansen
2017-06-10apparmor: revalidate files during execJohn Johansen
2017-06-10apparmor: cleanup rename XXX_file_context() to XXX_file_ctx()John Johansen
2017-06-10apparmor: convert aa_change_XXX bool parameters to flagsJohn Johansen
2017-06-10apparmor: cleanup remove unused and not fully implemented profile renameJohn Johansen
2017-06-10apparmor: refactor updating profiles to the newest parentJohn Johansen
2017-06-10apparmor: share profile name on replacementJohn Johansen
2017-06-10apparmor: convert to profile block critical sectionsJohn Johansen
2017-06-10apparmor: move bprm_committing_creds/committed_creds to lsm.cJohn Johansen
2017-06-10apparmor: fix display of ns nameJohn Johansen
2017-06-10apparmor: fix apparmor_query dataJohn Johansen
2017-06-10apparmor: fix policy load/remove semanticsJohn Johansen
2017-06-10apparmor: add namespace lookup fns()John Johansen
2017-06-10apparmor: cleanup __find_child()John Johansen
2017-06-10apparmor: provide information about path buffer size at bootJohn Johansen
2017-06-10apparmor: add profile permission query abilityJohn Johansen
2017-06-10apparmor: switch from file_perms to aa_permsJohn Johansen
2017-06-10apparmor: add gerneric permissions struct and support fnsJohn Johansen
2017-06-10apparmor: add fn to test if profile supports a given mediation classJohn Johansen
2017-06-10apparmor: speed up transactional queriesJohn Johansen
2017-06-10apparmor: add label data availability to the feature setJohn Johansen
2017-06-10apparmor: add mkdir/rmdir interface to manage policy namespacesJohn Johansen
2017-06-10apparmor: add policy revision file interfaceJohn Johansen
2017-06-10apparmor: provide finer control over policy managementJohn Johansen
2017-06-09security/selinux: allow security_sb_clone_mnt_opts to enable/disable native l...Scott Mayhew
2017-06-09selinux: use kmem_cache for ebitmapJunil Lee
2017-06-09apparmor: rework perm mapping to a slightly broader setJohn Johansen
2017-06-09KEYS: fix refcount_inc() on zeroMark Rutland
2017-06-09KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP APIMat Martineau
2017-06-09KEYS: DH: ensure the KDF counter is properly alignedEric Biggers
2017-06-09KEYS: DH: don't feed uninitialized "otherinfo" into KDFEric Biggers
2017-06-09KEYS: DH: forbid using digest_null as the KDF hashEric Biggers
2017-06-09KEYS: sanitize key structs before freeingEric Biggers
2017-06-09KEYS: trusted: sanitize all key materialEric Biggers
2017-06-09KEYS: encrypted: sanitize all key materialEric Biggers
2017-06-09KEYS: user_defined: sanitize key payloadsEric Biggers
2017-06-09KEYS: sanitize add_key() and keyctl() key payloadsEric Biggers
2017-06-09KEYS: fix freeing uninitialized memory in key_update()Eric Biggers
2017-06-09KEYS: fix dereferencing NULL payload with nonzero lengthEric Biggers
2017-06-09KEYS: encrypted: use constant-time HMAC comparisonEric Biggers
2017-06-09KEYS: encrypted: fix race causing incorrect HMAC calculationsEric Biggers
2017-06-09KEYS: encrypted: fix buffer overread in valid_master_desc()Eric Biggers