summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2024-10-10tomoyo: fallback to realpath if symlink's pathname does not existTetsuo Handa1-3/+6
2024-10-10proc: add config & param to block forcing mem writesAdrian Ratiu1-0/+32
2024-10-04bpf: lsm: Set bpf_lsm_blob_sizes.lbs_task to 0Song Liu1-1/+0
2024-10-04smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipsoJiawei Ye1-1/+1
2024-09-12smack: unix sockets: fix accept()ed socket labelKonstantin Andreev1-3/+9
2024-09-08smack: tcp: ipv4, fix incorrect labelingCasey Schaufler1-1/+1
2024-09-08apparmor: fix possible NULL pointer dereferenceLeesoo Ahn1-0/+4
2024-09-04apparmor: fix policy_unpack_test on big endian systemsGuenter Roeck1-3/+3
2024-09-04selinux,smack: don't bypass permissions check in inode_setsecctx hookScott Mayhew2-4/+4
2024-08-29evm: don't copy up 'security.evm' xattrMimi Zohar2-1/+8
2024-08-29selinux: add the processing of the failure of avc_add_xperms_decision()Zhen Lei1-1/+5
2024-08-29selinux: fix potential counting error in avc_add_xperms_decision()Zhen Lei1-1/+1
2024-08-29selinux: revert our use of vma_is_initial_heap()Paul Moore1-1/+11
2024-08-03apparmor: Fix null pointer deref when receiving skb during sock creationXiao Liang1-0/+7
2024-08-03task_work: s/task_work_cancel()/task_work_cancel_func()/Frederic Weisbecker1-1/+1
2024-08-03apparmor: use kvfree_sensitive to free data->dataFedor Pchelkin2-1/+2
2024-08-03landlock: Don't lose track of restrictions on cred_transferJann Horn1-2/+9
2024-07-11ima: Avoid blocking in RCU read-side critical sectionGUO Zihua8-17/+27
2024-06-21ima: Fix use-after-free on a dentry's dname.nameStefan Berger2-7/+26
2024-06-21landlock: Fix d_parent walkMickaël Salaün1-2/+11
2024-05-25KEYS: trusted: Do not use WARN when encode failsJarkko Sakkinen1-1/+2
2024-05-25KEYS: trusted: Fix memory leak in tpm2_key_encode()Jarkko Sakkinen1-6/+18
2024-05-17keys: Fix overwrite of key expiration on instantiationSilvio Gissi1-1/+2
2024-04-10selinux: avoid dereference of garbage after mount failureChristian Göttsche1-5/+7
2024-04-03landlock: Warn once if a Landlock action is requested while disabledMickaël Salaün1-3/+15
2024-04-03smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()Roberto Sassu1-0/+9
2024-04-03smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()Roberto Sassu1-1/+2
2024-03-06landlock: Fix asymmetric private inodes referringMickaël Salaün1-2/+2
2024-03-06tomoyo: fix UAF write bug in tomoyo_write_control()Tetsuo Handa1-1/+2
2024-02-23lsm: fix the logic in security_inode_getsecctx()Ondrej Mosnacek1-1/+13
2024-02-23lsm: fix default return value of the socket_getpeersec_*() hooksOndrej Mosnacek1-4/+27
2024-01-31lsm: new security_file_ioctl_compat() hookAlfred Piccioni4-0/+48
2024-01-25Revert "KEYS: encrypted: Add check for strsep"Mimi Zohar1-4/+0
2024-01-25apparmor: avoid crash when parsed profile name is emptyFedor Pchelkin1-0/+4
2024-01-25apparmor: fix possible memory leak in unpack_trans_tableFedor Pchelkin2-4/+4
2024-01-25apparmor: Fix ref count leak in task_killJohn Johansen1-1/+0
2024-01-25selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socketMickaël Salaün1-0/+7
2024-01-25KEYS: encrypted: Add check for strsepChen Ni1-0/+4
2024-01-10apparmor: Fix move_mount mediation by detecting if source is detachedJohn Johansen2-0/+5
2024-01-01keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiryDavid Howells4-22/+37
2023-12-20cred: get rid of CONFIG_DEBUG_CREDENTIALSJens Axboe1-6/+0
2023-11-28apparmor: Fix regression in mount mediationJohn Johansen3-22/+51
2023-11-28apparmor: pass cred through to audit info.John Johansen20-211/+388
2023-11-28apparmor: rename audit_data->label to audit_data->subj_labelJohn Johansen10-18/+17
2023-11-28apparmor: combine common_audit_data and apparmor_audit_dataJohn Johansen15-245/+257
2023-11-28apparmor: Fix kernel-doc warnings in apparmor/policy.cGaosheng Cui1-7/+10
2023-11-28apparmor: Fix kernel-doc warnings in apparmor/resource.cGaosheng Cui1-4/+4
2023-11-28apparmor: Fix kernel-doc warnings in apparmor/lib.cGaosheng Cui1-2/+2
2023-11-28apparmor: Fix kernel-doc warnings in apparmor/audit.cGaosheng Cui1-0/+1
2023-11-28ima: detect changes to the backing overlay fileMimi Zohar3-1/+22