summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)Author
2025-10-19KEYS: trusted_tpm1: Compare HMAC values in constant timeEric Biggers
2025-10-15lsm: CONFIG_LSM can depend on CONFIG_SECURITYRandy Dunlap
2025-08-28apparmor: Fix 8-byte alignment for initial dfa blob streamsHelge Deller
2025-08-20apparmor: fix x_table_lookup when stacking is not the first entryJohn Johansen
2025-08-20apparmor: use the condition in AA_BUG_FMT even with debug disabledMateusz Guzik
2025-08-20apparmor: shift ouid when mediating hard links in usernsGabriel Totev
2025-08-20securityfs: don't pin dentries twice, once is enough...Al Viro
2025-08-15apparmor: Fix unaligned memory accesses in KUnit testHelge Deller
2025-08-15apparmor: fix loop detection used in conflicting attachment resolutionRyan Lee
2025-08-15apparmor: ensure WB_HISTORY_SIZE value is a power of 2Ryan Lee
2025-07-10selinux: change security_compute_sid to return the ssid or tsid on matchStephen Smalley
2025-06-27selinux: fix selinux_xfrm_alloc_user() to set correct ctx_lenStephen Smalley
2025-05-29smack: Revert "smackfs: Added check catlen"Konstantin Andreev
2025-05-29smack: recognize ipv4 CIPSO w/o categoriesKonstantin Andreev
2025-05-29ima: process_measurement() needlessly takes inode_lock() on MAY_READFrederick Lawler
2025-04-20landlock: Prepare to add second errataMickaël Salaün
2025-04-20landlock: Always allow signals between threads of the same processMickaël Salaün
2025-04-20landlock: Add erratum for TCP fixMickaël Salaün
2025-04-20landlock: Add the errata interfaceMickaël Salaün
2025-04-20landlock: Move code to ease future backportsMickaël Salaün
2025-04-20ima: limit the number of ToMToU integrity violationsMimi Zohar
2025-04-20ima: limit the number of open-writers integrity violationsMimi Zohar
2025-04-10smack: ipv4/ipv6: tcp/dccp/sctp: fix incorrect child socket labelKonstantin Andreev
2025-04-10smack: dont compile ipv6 code unless ipv6 is configuredKonstantin Andreev
2025-03-28keys: Fix UAF in key_put()David Howells
2025-03-07ima: Reset IMA_NONACTION_RULE_FLAGS after post_setattrRoberto Sassu
2025-03-07landlock: Fix non-TCP sockets restrictionMikhail Ivanov
2025-02-17KEYS: trusted: dcp: fix improper sg use with CONFIG_VMAP_STACK=yDavid Gstir
2025-02-17tomoyo: don't emit warning in tomoyo_write_control()Tetsuo Handa
2025-02-17safesetid: check size of policy writesLeo Stone
2025-02-08landlock: Handle weird filesMickaël Salaün
2025-01-23apparmor: allocate xmatch for nullpdb inside aa_alloc_nullRyan Lee
2025-01-09selinux: ignore unknown extended permissionsThiébaud Weksteen
2024-12-05apparmor: test: Fix memory leak for aa_unpack_strdup()Jinjie Ruan
2024-12-05apparmor: fix 'Do simple duplicate message elimination'chao liu
2024-11-12Merge tag 'integrity-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds
2024-11-12Merge tag 'landlock-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds
2024-11-09landlock: Optimize scope enforcementMickaël Salaün
2024-11-09landlock: Refactor network access mask managementMickaël Salaün
2024-11-09landlock: Refactor filesystem access mask managementMickaël Salaün
2024-11-04KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operationDavid Gstir
2024-11-04security/keys: fix slab-out-of-bounds in key_task_permissionChen Ridong
2024-10-18ipe: fallback to platform keyring also if key in trusted keyring is rejectedLuca Boccassi
2024-10-17ipe: allow secondary and platform keyrings to install/update policiesLuca Boccassi
2024-10-17ipe: also reject policy updates with the same versionLuca Boccassi
2024-10-17ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower ...Luca Boccassi
2024-10-09integrity: Use static_assert() to check struct sizesGustavo A. R. Silva
2024-10-09evm: stop avoidably reading i_writecount in evm_file_releaseMateusz Guzik
2024-10-09ima: fix buffer overrun in ima_eventdigest_init_commonSamasth Norway Ananda
2024-10-09bcachefs: do not use PF_MEMALLOC_NORECLAIMMichal Hocko
generated by cgit v1.2.3 (git 2.46.0) at 2026-01-02 17:46:43 +0000