summaryrefslogtreecommitdiffstats
path: root/security (follow)
Commit message (Expand)AuthorAgeFilesLines
* Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds2017-11-1313-110/+108
|\
| * ima: Remove redundant conditional operatorThiago Jung Bauermann2017-11-081-2/+2
| * ima: Fix bool initialization/comparisonThomas Meyer2017-11-082-4/+4
| * ima: check signature enforcement against cmdline param instead of CONFIGBruno E. O. Meneguele2017-11-081-3/+3
| * ima: fix hash algorithm initializationBoshi Wang2017-11-081-0/+4
| * EVM: Only complain about a missing HMAC key onceMatthew Garrett2017-11-081-1/+1
| * EVM: Allow userspace to signal an RSA key has been loadedMatthew Garrett2017-11-082-12/+20
| * EVM: Include security.apparmor in EVM measurementsMatthew Garrett2017-11-081-0/+3
| * integrity: use kernel_read_file_from_path() to read x509 certsChristoph Hellwig2017-11-084-56/+13
| * ima: always measure and audit files in policyMimi Zohar2017-11-083-30/+56
| * ima: don't remove the securityfs policy fileMimi Zohar2017-11-081-2/+2
* | Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2017-11-136-99/+220
|\|
| * Smack: Base support for overlayfsCasey Schaufler2017-11-021-0/+79
| * tomoyo: fix timestamping for y2038Arnd Bergmann2017-10-214-34/+13
| * capabilities: audit log other surprising conditionsRichard Guy Briggs2017-10-201-7/+22
| * capabilities: fix logic for effective root or real rootRichard Guy Briggs2017-10-201-3/+2
| * capabilities: invert logic for clarityRichard Guy Briggs2017-10-201-4/+4
| * capabilities: remove a layer of conditional logicRichard Guy Briggs2017-10-201-13/+10
| * capabilities: move audit log decision to functionRichard Guy Briggs2017-10-201-20/+30
| * capabilities: use intuitive names for id changesRichard Guy Briggs2017-10-201-6/+22
| * capabilities: use root_priveleged inline to clarify logicRichard Guy Briggs2017-10-201-2/+4
| * capabilities: rename has_cap to has_fcapRichard Guy Briggs2017-10-201-10/+10
| * capabilities: intuitive names for cap gain statusRichard Guy Briggs2017-10-201-7/+11
| * capabilities: factor out cap_bprm_set_creds privileged rootRichard Guy Briggs2017-10-201-28/+48
* | apparmor: fix off-by-one comparison on MAXMAPPED_SIGJohn Johansen2017-11-081-2/+2
* | Merge tag 'spdx_identifiers-4.14-rc8' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds2017-11-0249-0/+49
|\ \
| * | License cleanup: add SPDX GPL-2.0 license identifier to files with no licenseGreg Kroah-Hartman2017-11-0249-0/+49
* | | KEYS: trusted: fix writing past end of buffer in trusted_read()Eric Biggers2017-11-021-11/+12
* | | KEYS: return full count in keyring_read() if buffer is too smallEric Biggers2017-11-021-20/+19
* | | Revert "apparmor: add base infastructure for socket mediation"Linus Torvalds2017-10-2612-840/+16
|/ /
* | commoncap: move assignment of fs_ns to avoid null pointer dereferenceColin Ian King2017-10-191-1/+2
* | Merge commit 'tags/keys-fixes-20171018' into fixes-v4.14-rc5James Morris2017-10-1914-53/+88
|\ \
| * | KEYS: load key flags and expiry time atomically in proc_keys_show()Eric Biggers2017-10-181-10/+14
| * | KEYS: Load key expiry time atomically in keyring_search_iterator()Eric Biggers2017-10-181-1/+3
| * | KEYS: load key flags and expiry time atomically in key_validate()Eric Biggers2017-10-181-3/+4
| * | KEYS: don't let add_key() update an uninstantiated keyDavid Howells2017-10-181-0/+10
| * | KEYS: Fix race between updating and finding a negative keyDavid Howells2017-10-1812-39/+49
| * | security/keys: BIG_KEY requires CONFIG_CRYPTOArnd Bergmann2017-10-181-0/+1
| * | KEYS: encrypted: fix dereference of NULL user_key_payloadEric Biggers2017-10-121-0/+7
* | | lsm: fix smack_inode_removexattr and xattr_getsecurity memleakCasey Schaufler2017-10-041-30/+25
|/ /
* | Merge commit 'keys-fixes-20170927' into fixes-v4.14-rc3James Morris2017-09-289-152/+137
|\ \ | |/ |/|
| * security/keys: rewrite all of big_key cryptoJason A. Donenfeld2017-09-262-71/+60
| * security/keys: properly zero out sensitive key material in big_keyJason A. Donenfeld2017-09-261-6/+6
| * KEYS: use kmemdup() in request_key_auth_new()Eric Biggers2017-09-251-3/+2
| * KEYS: restrict /proc/keys by credentials at open timeEric Biggers2017-09-251-6/+2
| * KEYS: reset parent each time before searching key_user_treeEric Biggers2017-09-251-2/+2
| * KEYS: prevent KEYCTL_READ on negative keyEric Biggers2017-09-251-0/+5
| * KEYS: prevent creating a different user's keyringsEric Biggers2017-09-254-12/+21
| * KEYS: fix writing past end of user-supplied buffer in keyring_read()Eric Biggers2017-09-251-9/+5
| * KEYS: fix key refcount leak in keyctl_read_key()Eric Biggers2017-09-251-1/+1