summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2019-09-10security: constify some arrays in lockdown LSMMatthew Garrett1-2/+2
2019-08-20lockdown: Print current->comm in restriction messagesMatthew Garrett1-2/+6
2019-08-20tracefs: Restrict tracefs when the kernel is locked downMatthew Garrett1-0/+1
2019-08-20debugfs: Restrict debugfs when the kernel is locked downDavid Howells1-0/+1
2019-08-20kexec: Allow kexec_file() with appropriate IMA policy when locked downMatthew Garrett3-1/+53
2019-08-20lockdown: Lock down perf when in confidentiality modeDavid Howells1-0/+1
2019-08-20bpf: Restrict bpf when kernel lockdown is in confidentiality modeDavid Howells1-0/+1
2019-08-20lockdown: Lock down tracing and perf kprobes when in confidentiality modeDavid Howells1-0/+1
2019-08-20lockdown: Lock down /proc/kcoreDavid Howells1-0/+1
2019-08-20x86/mmiotrace: Lock down the testmmiotrace moduleDavid Howells1-0/+1
2019-08-20lockdown: Lock down module params that specify hardware parameters (eg. ioport)David Howells1-0/+1
2019-08-20lockdown: Lock down TIOCSSERIALDavid Howells1-0/+1
2019-08-20lockdown: Prohibit PCMCIA CIS storage when the kernel is locked downDavid Howells1-0/+1
2019-08-20ACPI: Limit access to custom_method when the kernel is locked downMatthew Garrett1-0/+1
2019-08-20x86/msr: Restrict MSR access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-20x86: Lock down IO port access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-20PCI: Lock down BAR access when the kernel is locked downMatthew Garrett1-0/+1
2019-08-20hibernate: Disable when the kernel is locked downJosh Boyer1-0/+1
2019-08-20kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCEJiri Bohac2-2/+2
2019-08-20kexec_load: Disable at runtime if the kernel is locked downMatthew Garrett1-0/+1
2019-08-20lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked downMatthew Garrett1-0/+1
2019-08-20lockdown: Enforce module signatures if the kernel is locked downDavid Howells2-0/+2
2019-08-20security: Add a static lockdown policy LSMMatthew Garrett5-5/+224
2019-08-20security: Add a "locked down" LSM hookMatthew Garrett1-0/+6
2019-08-20security: Support early LSMsMatthew Garrett1-8/+42
2019-06-21Merge tag 'spdx-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gre...Linus Torvalds15-61/+15
2019-06-19treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500Thomas Gleixner15-61/+15
2019-06-19apparmor: reset pos on failure to unpack for various functionsMike Salvatore1-8/+39
2019-06-19apparmor: enforce nullbyte at end of tag stringJann Horn1-1/+1
2019-06-19apparmor: fix PROFILE_MEDIATES for untrusted inputJohn Johansen1-1/+10
2019-06-15Smack: Restore the smackfsdef mount option and add missing prefixesCasey Schaufler1-5/+7
2019-06-13Merge tag 'selinux-pr-20190612' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2-13/+36
2019-06-12selinux: fix a missing-check bug in selinux_sb_eat_lsm_opts()Gen Zhang1-6/+14
2019-06-12selinux: fix a missing-check bug in selinux_add_mnt_opt( )Gen Zhang1-5/+14
2019-06-12selinux: log raw contexts as untrusted stringsOndrej Mosnacek1-2/+8
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441Thomas Gleixner72-352/+72
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 372Thomas Gleixner11-39/+11
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295Thomas Gleixner6-66/+6
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282Thomas Gleixner1-9/+1
2019-05-31Merge branch 'next-fixes-for-5.2-rc' of git://git.kernel.org/pub/scm/linux/ke...Linus Torvalds2-12/+19
2019-05-30treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152Thomas Gleixner16-81/+16
2019-05-30ima: show rules with IMA_INMASK correctlyRoberto Sassu1-9/+12
2019-05-30evm: check hash algorithm passed to init_desc()Roberto Sassu1-0/+3
2019-05-25Merge tag 'spdx-5.2-rc2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/g...Linus Torvalds5-25/+5
2019-05-24treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36Thomas Gleixner5-25/+5
2019-05-21Merge tag 'selinux-pr-20190521' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-2/+8
2019-05-21treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13Thomas Gleixner2-30/+2
2019-05-21treewide: Add SPDX license identifier - Makefile/KconfigThomas Gleixner17-0/+17
2019-05-21selinux: do not report error on connect(AF_UNSPEC)Paolo Abeni1-2/+8
2019-05-20ima: fix wrong signed policy requirement when not appraisingPetr Vorel1-3/+4
generated by cgit v1.2.3 (git 2.39.0) at 2024-09-04 03:44:18 +0300