summaryrefslogtreecommitdiffstats
path: root/security
AgeCommit message (Expand)AuthorLines
2017-06-09KEYS: DH: ensure the KDF counter is properly alignedEric Biggers-13/+3
2017-06-09KEYS: DH: don't feed uninitialized "otherinfo" into KDFEric Biggers-1/+1
2017-06-09KEYS: DH: forbid using digest_null as the KDF hashEric Biggers-1/+11
2017-06-09KEYS: sanitize key structs before freeingEric Biggers-3/+1
2017-06-09KEYS: trusted: sanitize all key materialEric Biggers-28/+22
2017-06-09KEYS: encrypted: sanitize all key materialEric Biggers-18/+13
2017-06-09KEYS: user_defined: sanitize key payloadsEric Biggers-4/+12
2017-06-09KEYS: sanitize add_key() and keyctl() key payloadsEric Biggers-3/+9
2017-06-09KEYS: fix freeing uninitialized memory in key_update()Eric Biggers-3/+2
2017-06-09KEYS: fix dereferencing NULL payload with nonzero lengthEric Biggers-2/+2
2017-06-09KEYS: encrypted: use constant-time HMAC comparisonEric Biggers-2/+3
2017-06-09KEYS: encrypted: fix race causing incorrect HMAC calculationsEric Biggers-83/+32
2017-06-09KEYS: encrypted: fix buffer overread in valid_master_desc()Eric Biggers-16/+15
2017-06-09KEYS: encrypted: avoid encrypting/decrypting stack buffersEric Biggers-8/+9
2017-06-09KEYS: put keyring if install_session_keyring_to_cred() failsEric Biggers-3/+4
2017-06-09KEYS: Delete an error message for a failed memory allocation in get_derived_k...Markus Elfring-3/+2
2017-06-09security: use READ_ONCE instead of deprecated ACCESS_ONCEDavidlohr Bueso-6/+6
2017-06-09security/keys: add CONFIG_KEYS_COMPAT to KconfigBilal Amarni-0/+4
2017-06-08apparmor: move permissions into their own file to be more easily sharedJohn Johansen-19/+43
2017-06-08apparmor: convert from securityfs to apparmorfs for policy ns filesJohn Johansen-26/+37
2017-06-08apparmor: allow specifying an already created dir to create ns entries inJohn Johansen-7/+8
2017-06-08apparmor: rename apparmor file fns and data to indicate useJohn Johansen-127/+172
2017-06-08apparmor: add custom apparmorfs that will be used by policy namespace filesJohn Johansen-17/+336
2017-06-08apparmor: use macro template to simplify namespace seq_filesJohn Johansen-29/+24
2017-06-08apparmor: use macro template to simplify profile seq_filesJohn Johansen-61/+36
2017-06-08apparmor: move to per loaddata files, instead of replicating in profilesJohn Johansen-69/+409
2017-06-08securityfs: add the ability to support symlinksJohn Johansen-21/+123
2017-06-08apparmor: Move path lookup to using preallocated buffersJohn Johansen-86/+53
2017-06-08apparmor: allow profiles to provide info to disconnected pathsJohn Johansen-17/+34
2017-06-08apparmor: make internal lib fn skipn_spaces available to the rest of apparmorJohn Johansen-1/+2
2017-06-08apparmor: move file context into file.hJohn Johansen-32/+32
2017-06-08security/apparmor: Use POSIX-compatible "printf '%s'"Thomas Schneider-2/+2
2017-06-08apparmor: Fix error cod in __aa_fs_profile_mkdir()Dan Carpenter-2/+4
2017-06-08apparmorfs: Use seq_putc() in two functionsMarkus Elfring-2/+2
2017-06-08apparmorfs: Combine two function calls into one in aa_fs_seq_raw_abi_show()Markus Elfring-4/+3
2017-06-05fs: switch ->s_uuid to uuid_tChristoph Hellwig-2/+2
2017-06-05ima/policy: switch to use uuid_tChristoph Hellwig-6/+5
2017-06-05block: remove blk_part_pack_uuidChristoph Hellwig-2/+1
2017-06-02selinux: use pernet operations for hook registrationFlorian Westphal-4/+20
2017-06-01Smack: Use cap_capable in privilege checkCasey Schaufler-9/+12
2017-06-01Smack: Safer check for a socket in file_receiveCasey Schaufler-1/+1
2017-06-01smack: use pernet operations for hook registrationFlorian Westphal-8/+18
2017-05-25sel_write_validatetrans(): don't open-code memdup_user_nul()Al Viro-7/+5
2017-05-23selinux: Add a cache for quicker retreival of PKey SIDsDaniel Jurgens-3/+288
2017-05-23selinux: Add IB Port SMP access vectorDaniel Jurgens-0/+75
2017-05-23selinux: Implement Infiniband PKey "Access" access vectorDaniel Jurgens-0/+77
2017-05-23selinux: Allocate and free infiniband security hooksDaniel Jurgens-1/+29
2017-05-23selinux: Create policydb version for Infiniband supportDaniel Jurgens-24/+118
2017-05-23IB/core: Enforce security on management datagramsDaniel Jurgens-0/+6
2017-05-23selinux lsm IB/core: Implement LSM notification systemDaniel Jurgens-0/+33
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-10 02:06:26 +0000