| Commit message (Expand) | Author | Age | Files | Lines |
* | Merge tag 'hardening-v6.10-rc1-fixes' of git://git.kernel.org/pub/scm/linux/k... | Linus Torvalds | 2024-05-24 | 1 | -0/+3 |
|\ |
|
| * | loadpin: Prevent SECURITY_LOADPIN_ENFORCE=y without module decompression | Stephen Boyd | 2024-05-18 | 1 | -0/+3 |
* | | lsm: remove the now superfluous sentinel element from ctl_table array | Joel Granados | 2024-04-15 | 1 | -1/+0 |
|/ |
|
* | lsm: mark the lsm_id variables are marked as static | Paul Moore | 2023-11-13 | 1 | -1/+1 |
* | LSM: Identify modules by more than name | Casey Schaufler | 2023-11-13 | 1 | -1/+8 |
* | LoadPin: Annotate struct dm_verity_loadpin_trusted_root_digest with __counted_by | Kees Cook | 2023-08-26 | 1 | -2/+1 |
* | Merge tag 'sysctl-6.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/m... | Linus Torvalds | 2023-04-28 | 1 | -7/+1 |
|\ |
|
| * | loadpin: simplify sysctls use with register_sysctl() | Luis Chamberlain | 2023-04-13 | 1 | -7/+1 |
* | | selinux: remove the runtime disable functionality | Paul Moore | 2023-03-20 | 1 | -1/+1 |
|/ |
|
* | LoadPin: Allow filesystem switch when not enforcing | Kees Cook | 2023-01-20 | 1 | -5/+11 |
* | LoadPin: Move pin reporting cleanly out of locking | Kees Cook | 2023-01-20 | 1 | -9/+6 |
* | LoadPin: Refactor sysctl initialization | Kees Cook | 2023-01-20 | 1 | -16/+19 |
* | LoadPin: Refactor read-only check into a helper | Kees Cook | 2023-01-20 | 1 | -12/+21 |
* | LoadPin: Ignore the "contents" argument of the LSM hooks | Kees Cook | 2022-12-14 | 1 | -12/+18 |
* | LoadPin: Require file with verity root digests to have a header | Matthias Kaehlcke | 2022-09-08 | 2 | -2/+21 |
* | LoadPin: Fix Kconfig doc about format of file with verity digests | Matthias Kaehlcke | 2022-09-08 | 1 | -1/+1 |
* | LoadPin: Return EFAULT on copy_from_user() failures | Kees Cook | 2022-08-16 | 1 | -4/+2 |
* | LoadPin: Enable loading from trusted dm-verity devices | Matthias Kaehlcke | 2022-07-08 | 2 | -1/+182 |
* | loadpin: stop using bdevname | Christoph Hellwig | 2022-05-17 | 1 | -4/+1 |
* | LSM: Add "contents" flag to kernel_read_file hook | Kees Cook | 2020-10-05 | 1 | -2/+12 |
* | LSM: Introduce kernel_post_load_data() hook | Kees Cook | 2020-10-05 | 1 | -1/+1 |
* | fs/kernel_read_file: Split into separate include file | Scott Branden | 2020-10-05 | 1 | -0/+1 |
* | block: move block-related definitions out of fs.h | Christoph Hellwig | 2020-06-24 | 1 | -0/+1 |
* | proc/sysctl: add shared variables for range check | Matteo Croce | 2019-07-19 | 1 | -4/+2 |
* | Merge tag 'loadpin-v5.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git... | Linus Torvalds | 2019-07-11 | 1 | -0/+48 |
|\ |
|
| * | security/loadpin: Allow to exclude specific file types | Ke Wu | 2019-05-31 | 1 | -0/+48 |
* | | treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282 | Thomas Gleixner | 2019-06-05 | 1 | -9/+1 |
|/ |
|
* | treewide: Add SPDX license identifier - Makefile/Kconfig | Thomas Gleixner | 2019-05-21 | 2 | -0/+2 |
* | LoadPin: Initialize as ordered LSM | Kees Cook | 2019-01-08 | 1 | -1/+7 |
* | LoadPin: Rename boot param "enabled" to "enforce" | Kees Cook | 2018-10-19 | 2 | -12/+13 |
* | LoadPin: Report friendly block device name | Kees Cook | 2018-10-19 | 1 | -1/+4 |
* | module: replace the existing LSM hook in init_module | Mimi Zohar | 2018-07-16 | 1 | -0/+6 |
* | get rid of pointless includes of fs_struct.h | Al Viro | 2018-02-22 | 1 | -1/+0 |
* | security: mark LSM hooks as __ro_after_init | James Morris | 2017-03-06 | 1 | -1/+1 |
* | LSM: Add /sys/kernel/security/lsm | Casey Schaufler | 2017-01-19 | 1 | -1/+1 |
* | LSM: LoadPin: provide enablement CONFIG | Kees Cook | 2016-05-17 | 2 | -6/+15 |
* | LSM: LoadPin for kernel file loading restrictions | Kees Cook | 2016-04-21 | 3 | -0/+201 |