summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2021-03-22smack: differentiate between subjective and objective task credentialsPaul Moore2-14/+44
2021-03-22selinux: clarify task subjective and objective credentialsPaul Moore1-39/+73
2021-03-22lsm: separate security_task_getsecid() into subjective and objective variantsPaul Moore6-14/+24
2021-03-22ima: without an IMA policy loaded, return quicklyMimi Zohar1-0/+6
2021-03-22integrity: double check iint_cache was initializedMimi Zohar1-0/+8
2021-03-22lsm,selinux: add new hook to compare new mount to an existing mountOlga Kornievskaia2-0/+63
2021-03-22Merge tag 'selinux-pr-20210322' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds3-41/+59
2021-03-18selinuxfs: unify policy load error reportingOndrej Mosnacek1-6/+3
2021-03-18selinux: fix variable scope issue in live sidtab conversionOndrej Mosnacek3-33/+55
2021-03-18selinux: don't log MAC_POLICY_LOAD record on failed policy loadOndrej Mosnacek1-2/+1
2021-03-12Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file cap...Eric W. Biederman1-11/+1
2021-03-11nexthop: Add netlink defines and enumerators for resilient NH groupsIdo Schimmel1-1/+4
2021-03-11integrity: Load mokx variables into the blacklist keyringEric Snowberg1-2/+18
2021-03-11certs: Add EFI_CERT_X509_GUID support for dbx entriesEric Snowberg1-0/+11
2021-03-08selinux: fix misspellings using codespell toolXiong Zhenwu1-1/+1
2021-03-08selinux: fix misspellings using codespell toolXiong Zhenwu1-1/+1
2021-03-08selinux: measure state and policy capabilitiesLakshmi Ramasubramanian4-5/+96
2021-03-08selinux: Allow context mounts for unpriviliged overlayfsVivek Goyal1-1/+2
2021-03-08powerpc: Move arch independent ima kexec functions to drivers/of/kexec.cLakshmi Ramasubramanian2-4/+1
2021-03-08powerpc: Move ima buffer fields to struct kimageLakshmi Ramasubramanian1-6/+2
2021-02-23Merge tag 'keys-misc-20210126' of git://git.kernel.org/pub/scm/linux/kernel/g...Linus Torvalds8-21/+18
2021-02-23Merge tag 'idmapped-mounts-v5.12' of git://git.kernel.org/pub/scm/linux/kerne...Linus Torvalds18-115/+240
2021-02-22Merge branch 'userns-for-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+11
2021-02-22Merge branch 'work.audit' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-2/+3
2021-02-21Merge tag 'tpmdd-next-v5.12-rc1-v2' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds2-8/+36
2021-02-21Merge tag 'Smack-for-v5.12' of git://github.com/cschaufler/smack-nextLinus Torvalds1-2/+19
2021-02-21Merge tag 'integrity-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds16-52/+301
2021-02-21Merge tag 'selinux-pr-20210215' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds16-51/+141
2021-02-21Merge tag 'tomoyo-pr-20210215' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1Linus Torvalds3-25/+25
2021-02-16KEYS: trusted: Reserve TPM for seal and unseal operationsJarkko Sakkinen1-4/+18
2021-02-16KEYS: trusted: Fix migratable=1 failingJarkko Sakkinen1-1/+1
2021-02-16KEYS: trusted: Fix incorrect handling of tpm_get_random()Jarkko Sakkinen1-3/+17
2021-02-12integrity: Make function integrity_add_key() staticWei Yongjun1-2/+2
2021-02-10Merge branch 'ima-kexec-fixes' into next-integrityMimi Zohar1-0/+3
2021-02-10ima: Free IMA measurement buffer after kexec syscallLakshmi Ramasubramanian1-0/+2
2021-02-10ima: Free IMA measurement buffer on errorLakshmi Ramasubramanian1-0/+1
2021-02-02smackfs: restrict bytes count in smackfs write functionsSabyrzhan Tasbolatov1-2/+19
2021-02-01tomoyo: recognize kernel threads correctlyTetsuo Handa1-1/+1
2021-02-01tomoyo: ignore data race while checking quotaTetsuo Handa3-24/+24
2021-01-28cap: fix conversions on getxattrMiklos Szeredi1-24/+43
2021-01-26IMA: Measure kernel version in early bootRaphael Gianotti1-0/+5
2021-01-24ima: handle idmapped mountsChristian Brauner7-40/+68
2021-01-24apparmor: handle idmapped mountsChristian Brauner3-10/+24
2021-01-24fs: make helpers idmap mount awareChristian Brauner2-2/+3
2021-01-24commoncap: handle idmapped mountsChristian Brauner4-37/+84
2021-01-24xattr: handle idmapped mountsTycho Andersen7-20/+24
2021-01-24acl: handle idmapped mountsChristian Brauner1-7/+38
2021-01-24inode: make init and permission helpers idmapped mount awareChristian Brauner1-2/+2
2021-01-24capability: handle idmapped mountsChristian Brauner1-2/+3
2021-01-21certs: Fix blacklist flag type confusionDavid Howells2-3/+4