aboutsummaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)Author
2019-10-31efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMINJavier Martinez Canillas
2019-10-08Merge tag 'selinux-pr-20191007' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds
2019-10-05integrity: remove pointless subdir-$(CONFIG_...)Masahiro Yamada
2019-10-05integrity: remove unneeded, broken attempt to add -fshort-wcharMasahiro Yamada
2019-10-03selinux: fix context string corruption in convert_context()Ondrej Mosnacek
2019-09-28Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds
2019-09-27Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds
2019-09-25KEYS: trusted: correctly initialize digests and fix locking issueRoberto Sassu
2019-09-23Merge tag 'smack-for-5.4-rc1' of git://github.com/cschaufler/smack-nextLinus Torvalds
2019-09-23Merge tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linuxLinus Torvalds
2019-09-23Merge tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds
2019-09-17LSM: SafeSetID: Stop releasing uninitialized rulesetMicah Morton
2019-09-10security: constify some arrays in lockdown LSMMatthew Garrett
2019-09-05keys: Fix missing null pointer check in request_key_auth_describe()Hillf Danton
2019-09-04selinux: fix residual uses of current_security() for the SELinux blobStephen Smalley
2019-09-04smack: use GFP_NOFS while holding inode_smack::smk_lockEric Biggers
2019-09-04security: smack: Fix possible null-pointer dereferences in smack_socket_sock_...Jia-Ju Bai
2019-09-04smack: fix some kernel-doc notationsluanshi
2019-09-04Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is setJann Horn
2019-08-30keys: ensure that ->match_free() is called in request_key_and_link()Eric Biggers
2019-08-29ima: ima_api: Use struct_size() in kzalloc()Gustavo A. R. Silva
2019-08-29ima: use struct_size() in kzalloc()Gustavo A. R. Silva
2019-08-28ima: Fix use after free in ima_read_modsig()Thiago Jung Bauermann
2019-08-27selinux: avoid atomic_t usage in sidtabOndrej Mosnacek
2019-08-19lockdown: Print current->comm in restriction messagesMatthew Garrett
2019-08-19tracefs: Restrict tracefs when the kernel is locked downMatthew Garrett
2019-08-19debugfs: Restrict debugfs when the kernel is locked downDavid Howells
2019-08-19kexec: Allow kexec_file() with appropriate IMA policy when locked downMatthew Garrett
2019-08-19lockdown: Lock down perf when in confidentiality modeDavid Howells
2019-08-19bpf: Restrict bpf when kernel lockdown is in confidentiality modeDavid Howells
2019-08-19lockdown: Lock down tracing and perf kprobes when in confidentiality modeDavid Howells
2019-08-19lockdown: Lock down /proc/kcoreDavid Howells
2019-08-19x86/mmiotrace: Lock down the testmmiotrace moduleDavid Howells
2019-08-19lockdown: Lock down module params that specify hardware parameters (eg. ioport)David Howells
2019-08-19lockdown: Lock down TIOCSSERIALDavid Howells
2019-08-19lockdown: Prohibit PCMCIA CIS storage when the kernel is locked downDavid Howells
2019-08-19ACPI: Limit access to custom_method when the kernel is locked downMatthew Garrett
2019-08-19x86/msr: Restrict MSR access when the kernel is locked downMatthew Garrett
2019-08-19x86: Lock down IO port access when the kernel is locked downMatthew Garrett
2019-08-19PCI: Lock down BAR access when the kernel is locked downMatthew Garrett
2019-08-19hibernate: Disable when the kernel is locked downJosh Boyer
2019-08-19kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCEJiri Bohac
2019-08-19kexec_load: Disable at runtime if the kernel is locked downMatthew Garrett
2019-08-19lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked downMatthew Garrett
2019-08-19lockdown: Enforce module signatures if the kernel is locked downDavid Howells
2019-08-19security: Add a static lockdown policy LSMMatthew Garrett
2019-08-19security: Add a "locked down" LSM hookMatthew Garrett
2019-08-19security: Support early LSMsMatthew Garrett
2019-08-13KEYS: trusted: allow module init if TPM is inactive or deactivatedRoberto Sassu
2019-08-12fanotify, inotify, dnotify, security: add security hook for fs notificationsAaron Goidel