summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2019-03-23missing barriers in some of unix_sock ->addr and ->path accessesAl Viro1-4/+6
2019-03-23KEYS: always initialize keyring_index_key::desc_lenEric Biggers4-6/+4
2019-03-23KEYS: allow reaching the keys quotas exactlyEric Biggers1-2/+2
2019-02-20smack: fix access permissions for keyringZoran Markovic1-3/+9
2019-01-26selinux: fix GPF on invalid policyStephen Smalley1-1/+2
2019-01-26Yama: Check for pid death before checking ancestryKees Cook1-1/+3
2018-11-22ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers1-3/+3
2018-11-10KEYS: put keyring if install_session_keyring_to_cred() failsEric Biggers1-3/+4
2018-08-28Smack: Mark inode instant in smack_task_to_inodeCasey Schaufler1-0/+1
2018-06-13selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover1-1/+1
2018-05-30ima: Fallback to the builtin hash algorithmPetr Vorel2-0/+15
2018-03-22ima: relax requiring a file signature for new files with zero lengthMimi Zohar1-1/+2
2018-03-22apparmor: Make path_max parameter readonlyJohn Johansen1-1/+1
2018-03-22selinux: check for address length in selinux_socket_bind()Alexander Potapenko1-0/+8
2018-02-25selinux: ensure the context is NUL terminated in security_context_to_sid_core()Paul Moore1-10/+8
2018-02-25selinux: skip bounded transition processing if the policy isn't loadedPaul Moore1-0/+3
2018-02-16KEYS: encrypted: fix buffer overread in valid_master_desc()Eric Biggers1-16/+15
2018-02-07selinux: general protection fault in sock_has_permMark Salyzyn1-0/+2
2017-12-20KEYS: Don't permit request_key() to construct a new keyringDavid Howells1-0/+3
2017-12-20Don't leak a key reference if request_key() tries to use a revoked keyringDavid Jeffery1-0/+1
2017-12-16KEYS: add missing permission check for request_key() destinationEric Biggers1-9/+37
2017-12-09ima: fix hash algorithm initializationBoshi Wang1-0/+4
2017-11-24ima: do not update security.ima if appraisal status is not INTEGRITY_PASSRoberto Sassu1-0/+3
2017-11-18security/keys: add CONFIG_KEYS_COMPAT to KconfigBilal Amarni1-0/+4
2017-11-15KEYS: trusted: fix writing past end of buffer in trusted_read()Eric Biggers1-11/+12
2017-11-15KEYS: trusted: sanitize all key materialEric Biggers1-27/+22
2017-11-08KEYS: return full count in keyring_read() if buffer is too smallEric Biggers1-20/+19
2017-10-27KEYS: don't let add_key() update an uninstantiated keyDavid Howells1-0/+10
2017-10-27KEYS: encrypted: fix dereference of NULL user_key_payloadEric Biggers1-0/+7
2017-10-12lsm: fix smack_inode_removexattr and xattr_getsecurity memleakCasey Schaufler1-30/+25
2017-10-05KEYS: prevent KEYCTL_READ on negative keyEric Biggers1-0/+5
2017-10-05KEYS: prevent creating a different user's keyringsEric Biggers4-12/+23
2017-10-05KEYS: fix writing past end of user-supplied buffer in keyring_read()Eric Biggers1-9/+5
2017-07-15KEYS: Fix an error code in request_master_key()Dan Carpenter1-1/+1
2017-06-14KEYS: fix freeing uninitialized memory in key_update()Eric Biggers1-3/+2
2017-06-14KEYS: fix dereferencing NULL payload with nonzero lengthEric Biggers1-2/+2
2017-05-25ima: accept previously set IMA_NEW_FILEDaniel Glöckner1-2/+3
2017-04-30KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyringsEric Biggers2-24/+31
2017-04-30KEYS: Change the name of the dead type to ".dead" to prevent user accessDavid Howells1-1/+1
2017-04-30KEYS: Disallow keyrings beginning with '.' to be joined as session keyringsDavid Howells1-2/+7
2017-04-18selinux: fix off-by-one in setprocattrStephen Smalley1-1/+1
2016-11-24KEYS: Fix short sprintf buffer in /proc/keys show functionDavid Howells1-1/+1
2016-07-12KEYS: potential uninitialized variableDan Carpenter1-1/+1
2016-04-14KEYS: Fix handling of stored error in a negatively instantiated user keyDavid Howells3-2/+10
2016-04-14security: let security modules use PTRACE_MODE_* with bitmasksJann Horn2-7/+5
2016-04-13ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn1-1/+6
2016-03-04EVM: Use crypto_memneq() for digest comparisonsRyan Ware1-1/+2
2016-01-25KEYS: Fix keyring ref leak in join_session_keyring()Yevgeny Pats1-0/+1
2016-01-22KEYS: Fix race between read and revokeDavid Howells1-9/+9
2015-11-19KEYS: Fix crash when attempt to garbage collect an uninstantiated keyringDavid Howells1-2/+4
generated by cgit v1.2.3 (git 2.39.0) at 2024-07-03 20:11:51 +0300