summaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorLines
2025-07-21stackleak: Rename STACKLEAK to KSTACK_ERASEKees Cook-16/+20
2025-07-20apparmor: fix: accept2 being specifie even when permission table is presntJohn Johansen-1/+2
2025-07-20apparmor: transition from a list of rules to a vector of rulesJohn Johansen-113/+85
2025-07-20apparmor: fix documentation mismatches in val_mask_to_str and socket functionsPeng Jiang-3/+23
2025-07-20apparmor: remove redundant perms.allow MAY_EXEC bitflag setRyan Lee-3/+1
2025-07-20apparmor: fix kernel doc warnings for kernel test robotJohn Johansen-4/+10
2025-07-20apparmor: Fix unaligned memory accesses in KUnit testHelge Deller-2/+4
2025-07-20apparmor: Fix 8-byte alignment for initial dfa blob streamsHelge Deller-2/+2
2025-07-20apparmor: shift uid when mediating af_unix in usernsGabriel Totev-2/+6
2025-07-20apparmor: shift ouid when mediating hard links in usernsGabriel Totev-2/+4
2025-07-20apparmor: make sure unix socket labeling is correctly updated.John Johansen-62/+231
2025-07-19landlock: Fix cosmetic changeMickaël Salaün-0/+1
2025-07-15apparmor: fix regression in fs based unix sockets when using old abiJohn Johansen-51/+71
2025-07-15apparmor: fix AA_DEBUG_LABEL()John Johansen-1/+1
2025-07-15apparmor: fix af_unix auditing to include all address informationJohn Johansen-10/+18
2025-07-15apparmor: Remove use of the double lockJohn Johansen-102/+104
2025-07-15apparmor: update kernel doc comments for xxx_label_crit_sectionJohn Johansen-0/+8
2025-07-15apparmor: make __begin_current_label_crit_section() indicate whether put is n...Mateusz Guzik-41/+67
2025-07-15Revert "apparmor: use SHA-256 library API instead of crypto_shash API"John Johansen-13/+75
2025-07-15apparmor: mitigate parser generating large xtablesJohn Johansen-6/+45
2025-07-14apparmor: use SHA-256 library API instead of crypto_shash APIEric Biggers-75/+13
2025-07-09integrity/platform_certs: Allow loading of keys in the static key management ...Srish Srinivasan-2/+3
2025-07-04tree-wide: s/struct fileattr/struct file_kattr/gChristian Brauner-4/+4
2025-07-01selinux: implement inode_file_[g|s]etattr hooksAndrey Albershteyn-0/+14
2025-07-01lsm: introduce new hooks for setting/getting inode fsxattrAndrey Albershteyn-0/+30
2025-06-30smack: fix kernel-doc warnings for smk_import_valid_label()Konstantin Andreev-2/+4
2025-06-27landlock: Fix warning from KUnit testsTingmao Wang-27/+42
2025-06-24selinux: don't bother with selinuxfs_info_free() on failuresAl Viro-2/+0
2025-06-24smack: fix bug: setting task label silently ignores input garbageKonstantin Andreev-63/+148
2025-06-24smack: fix bug: unprivileged task can create labelsKonstantin Andreev-14/+27
2025-06-23exec: Correct the permission check for unsafe execEric W. Biederman-12/+8
2025-06-22smack: fix bug: invalid label of unix socket fileKonstantin Andreev-14/+44
2025-06-22smack: always "instantiate" inode in smack_inode_init_security()Konstantin Andreev-3/+7
2025-06-22smack: deduplicate xattr setting in smack_inode_init_security()Konstantin Andreev-27/+29
2025-06-22smack: fix bug: SMACK64TRANSMUTE set on non-directoryKonstantin Andreev-12/+14
2025-06-22smack: deduplicate "does access rule request transmutation"Konstantin Andreev-25/+32
2025-06-19selinux: add __GFP_NOWARN to hashtab_init() allocationsPaul Moore-1/+2
2025-06-19selinux: optimize selinux_inode_getattr/permission() based on neveraudit|perm...Stephen Smalley-1/+21
2025-06-19selinux: introduce neveraudit typesStephen Smalley-1/+48
2025-06-19selinux: change security_compute_sid to return the ssid or tsid on matchStephen Smalley-5/+11
2025-06-17ipe: don't bother with removal of files in directory we'll be removingAl Viro-22/+14
2025-06-17evm_secfs: clear securityfs interactionsAl Viro-8/+7
2025-06-17ima_fs: get rid of lookup-by-dentry stuffAl Viro-66/+16
2025-06-17ima_fs: don't bother with removal of files in directory we'll be removingAl Viro-39/+18
2025-06-17apparmor: file never has NULL f_path.mntAl Viro-1/+1
2025-06-17landlock: opened file never has a negative dentryAl Viro-1/+0
2025-06-16selinux: fix selinux_xfrm_alloc_user() to set correct ctx_lenStephen Smalley-1/+1
2025-06-16selinux: add a 5 second sleep to /sys/fs/selinux/userPaul Moore-0/+1
2025-06-16lsm: trivial comment fixKalevi Kolttonen-1/+1
2025-06-16ima: add a knob ima= to allow disabling IMA in kdump kernelBaoquan He-0/+26
generated by cgit v1.2.3 (git 2.46.0) at 2026-03-17 12:58:32 +0000