summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)Author
2015-08-19ima: extend "mask" policy matching supportMimi Zohar
2015-08-19ima: add support for new "euid" policy conditionMimi Zohar
2015-06-10lsm: copy comm before calling audit_log to avoid race in string printingRichard Guy Briggs
2015-04-27nick kvfree() from apparmorAl Viro
2015-04-22selinux: fix sel_write_enforce broken return valueJoe Perches
2015-04-09Don't leak a key reference if request_key() tries to use a revoked keyringDavid Jeffery
2015-02-16SELinux: fix selinuxfs policy file on big endian systemsEric Paris
2015-01-29move d_rcu from overlapping d_child to overlapping d_aliasAl Viro
2015-01-29KEYS: close race between key lookup and freeingSasha Levin
2015-01-07KEYS: Fix stale key registration at error pathTakashi Iwai
2014-11-13selinux: fix inode security list corruptionStephen Smalley
2014-11-13evm: check xattr value length and type in evm_inode_setxattr()Dmitry Kasatkin
2014-09-17CAPABILITIES: remove undefined caps from all processesEric Paris
2014-06-23evm: prohibit userspace writing 'security.evm' HMAC valueMimi Zohar
2014-06-23ima: introduce ima_kernel_read()Dmitry Kasatkin
2014-06-20ima: audit log files opened with O_DIRECT flagMimi Zohar
2014-06-09device_cgroup: check if exception removal is allowedAristeu Rozanski
2014-06-09device_cgroup: rework device access check and exception checkingAristeu Rozanski
2014-04-13selinux: correctly label /proc inodes in use before the policy is loadedPaul Moore
2014-03-12SELinux: Increase ebitmap_node size for 64-bit configurationWaiman Long
2014-03-12SELinux: Reduce overhead of mls_level_isvalid() function callWaiman Long
2014-03-05SELinux: bigendian problems with filename trans rulesEric Paris
2014-02-20SELinux: Fix kernel BUG on empty security contexts.Stephen Smalley
2014-02-13SELinux: Fix memory leak upon loading policyTetsuo Handa
2014-01-25SELinux: Fix possible NULL pointer dereference in selinux_inode_permission()Steven Rostedt
2014-01-09selinux: process labeled IPsec TCP SYN-ACK packets properly in selinux_ip_pos...Paul Moore
2014-01-09selinux: look for IPsec labels on both inbound and outbound packetsPaul Moore
2014-01-09selinux: selinux_setprocattr()->ptrace_parent() needs rcu_read_lock()Oleg Nesterov
2014-01-09selinux: fix broken peer recv checkChad Hanson
2013-12-20selinux: handle TCP SYN-ACK packets correctly in selinux_ip_postroute()Paul Moore
2013-12-20selinux: handle TCP SYN-ACK packets correctly in selinux_ip_output()Paul Moore
2013-12-04selinux: correct locking in selinux_netlbl_socket_connect)Paul Moore
2013-11-29Revert "ima: policy for RAMFS"Mimi Zohar
2013-10-16apparmor: fix bad lock balance when introspecting policyJohn Johansen
2013-10-16apparmor: fix memleak of the profile hashJohn Johansen
2013-10-04selinux: remove 'flags' parameter from avc_audit()Linus Torvalds
2013-10-04selinux: avc_has_perm_flags has no more usersLinus Torvalds
2013-10-04selinux: remove 'flags' parameter from inode_has_permLinus Torvalds
2013-09-30apparmor: fix suspicious RCU usage warning in policy.c/policy.hJohn Johansen
2013-09-30apparmor: Use shash crypto API interface for profile hashesTyler Hicks
2013-09-07Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds
2013-09-07Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds
2013-09-05Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds
2013-09-04Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds
2013-09-03Merge branch 'for-3.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c...Linus Torvalds
2013-08-30capabilities: allow nice if we are privilegedSerge Hallyn
2013-08-30userns: Allow PR_CAPBSET_DROP in a user namespace.Eric W. Biederman
2013-08-23Merge branch 'smack-for-3.12' of git://git.gitorious.org/smack-next/kernel in...James Morris
2013-08-20module/lsm: Have apparmor module parameters work with no argsSteven Rostedt
2013-08-16Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller