summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)AuthorFilesLines
2022-07-20lockdown: Fix kexec lockdown bypass with ima policyEric Snowberg1-0/+4
2022-07-14Merge tag 'integrity-v5.19-fix' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-9/+10
2022-07-13ima: Fix potential memory leak in ima_init_crypto()Jianglei Nie1-0/+1
2022-07-13ima: force signature verification when CONFIG_KEXEC_SIG is configuredCoiby Xu1-0/+2
2022-07-07ima: Fix a potential integer overflow in ima_appraise_measurementHuaxin Lu1-1/+2
2022-07-07ima: fix violation measurement list recordMimi Zohar1-3/+3
2022-06-29x86/retbleed: Add fine grained Kconfig knobsPeter Zijlstra1-11/+0
2022-06-16selinux: free contexts previously transferred in selinux_add_opt()Christian Göttsche1-7/+4
2022-06-15Revert "evm: Fix memleak in init_desc"Xiu Jianfeng1-5/+2
2022-06-08KEYS: trusted: tpm2: Fix migratable logicDavid Safford1-2/+2
2022-06-05Merge tag 'pull-18-rc1-work.mount' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-0/+1
2022-05-25Merge tag 'linux-kselftest-kunit-5.19-rc1' of git://git.kernel.org/pub/scm/li...Linus Torvalds1-3/+3
2022-05-24Merge tag 'integrity-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds16-52/+395
2022-05-24Merge tag 'tpmdd-next-v5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel...Linus Torvalds6-43/+174
2022-05-24Merge tag 'Smack-for-5.19' of https://github.com/cschaufler/smack-nextLinus Torvalds1-1/+0
2022-05-24Merge tag 'landlock-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds14-286/+848
2022-05-24Merge tag 'selinux-pr-20220523' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds21-81/+93
2022-05-24Merge tag 'kernel-hardening-v5.19-rc1' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds5-58/+115
2022-05-24lockdown: also lock down previous kgdb useDaniel Thompson1-0/+2
2022-05-23smack: Remove redundant assignmentsMichal Orzel1-1/+0
2022-05-23KEYS: trusted: Introduce support for NXP CAAM-based trusted keysAhmad Fatoum4-2/+97
2022-05-23KEYS: trusted: allow use of kernel RNG for key materialAhmad Fatoum1-1/+34
2022-05-23KEYS: trusted: allow use of TEE as backend without TCG_TPM supportAhmad Fatoum4-17/+42
2022-05-23certs: Factor out the blacklist hash creationMickaël Salaün1-24/+2
2022-05-23landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFERMickaël Salaün3-76/+528
2022-05-23LSM: Remove double path_rename hook calls for RENAME_EXCHANGEMickaël Salaün4-15/+46
2022-05-23landlock: Move filesystem helpers and add a new oneMickaël Salaün1-41/+46
2022-05-23landlock: Fix same-layer rule unionsMickaël Salaün2-26/+54
2022-05-23landlock: Create find_rule() from unmask_layers()Mickaël Salaün1-13/+28
2022-05-23landlock: Reduce the maximum number of layers to 16Mickaël Salaün3-11/+12
2022-05-23landlock: Define access_mask_t to enforce a consistent access mask sizeMickaël Salaün5-15/+30
2022-05-23landlock: Change landlock_restrict_self(2) check orderingMickaël Salaün1-4/+4
2022-05-23landlock: Change landlock_add_rule(2) argument check orderingMickaël Salaün1-9/+13
2022-05-23landlock: Fix landlock_add_rule(2) documentationMickaël Salaün1-4/+3
2022-05-20move mount-related externs from fs.h to mount.hAl Viro1-0/+1
2022-05-18selinux: fix bad cleanup on error in hashtab_duplicate()Ondrej Mosnacek1-1/+2
2022-05-17loadpin: stop using bdevnameChristoph Hellwig1-4/+1
2022-05-17big_keys: Use struct for internal payloadKees Cook1-37/+36
2022-05-17integrity: Fix sparse warnings in keyring_handlerStefan Berger1-3/+3
2022-05-16evm: Clean up some variablesStefan Berger2-4/+1
2022-05-16evm: Return INTEGRITY_PASS for enum integrity_status value '0'Stefan Berger1-1/+1
2022-05-15efi: Do not import certificates from UEFI Secure Boot for T2 MacsAditya Garg2-0/+41
2022-05-13security: declare member holding string literal constChristian Göttsche1-1/+1
2022-05-09landlock: Format with clang-formatMickaël Salaün10-136/+142
2022-05-09landlock: Add clang-format exceptionsMickaël Salaün2-0/+6
2022-05-08randstruct: Enable Clang supportKees Cook1-2/+12
2022-05-08randstruct: Move seed generation into scripts/basic/Kees Cook1-4/+5
2022-05-08randstruct: Reorganize Kconfigs and attribute macrosKees Cook1-0/+62
2022-05-06ima: support fs-verity file digest based version 3 signaturesMimi Zohar5-16/+177
2022-05-05ima: permit fsverity's file digests in the IMA measurement listMimi Zohar5-8/+90