summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)Author
2025-10-29KEYS: trusted_tpm1: Compare HMAC values in constant timeEric Biggers
2025-08-28securityfs: don't pin dentries twice, once is enough...Al Viro
2025-08-28apparmor: ensure WB_HISTORY_SIZE value is a power of 2Ryan Lee
2025-06-27selinux: fix selinux_xfrm_alloc_user() to set correct ctx_lenStephen Smalley
2025-06-04smack: recognize ipv4 CIPSO w/o categoriesKonstantin Andreev
2025-03-13ima: Fix use-after-free on a dentry's dname.nameStefan Berger
2025-03-13tomoyo: don't emit warning in tomoyo_write_control()Tetsuo Handa
2025-03-13safesetid: check size of policy writesLeo Stone
2025-01-09selinux: ignore unknown extended permissionsThiébaud Weksteen
2024-12-14apparmor: test: Fix memory leak for aa_unpack_strdup()Jinjie Ruan
2024-12-14apparmor: fix 'Do simple duplicate message elimination'chao liu
2024-11-17security/keys: fix slab-out-of-bounds in key_task_permissionChen Ridong
2024-11-08selinux: improve error checking in sel_write_load()Paul Moore
2024-10-17tomoyo: fallback to realpath if symlink's pathname does not existTetsuo Handa
2024-10-17proc: add config & param to block forcing mem writesAdrian Ratiu
2024-10-17selinux,smack: don't bypass permissions check in inode_setsecctx hookScott Mayhew
2024-10-17smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipsoJiawei Ye
2024-09-12smack: unix sockets: fix accept()ed socket labelKonstantin Andreev
2024-09-12smack: tcp: ipv4, fix incorrect labelingCasey Schaufler
2024-09-12apparmor: fix possible NULL pointer dereferenceLeesoo Ahn
2024-09-04apparmor: fix policy_unpack_test on big endian systemsGuenter Roeck
2024-09-04selinux: fix potential counting error in avc_add_xperms_decision()Zhen Lei
2024-08-19apparmor: Fix null pointer deref when receiving skb during sock creationXiao Liang
2024-08-19task_work: s/task_work_cancel()/task_work_cancel_func()/Frederic Weisbecker
2024-08-19apparmor: use kvfree_sensitive to free data->dataFedor Pchelkin
2024-07-18ima: Avoid blocking in RCU read-side critical sectionGUO Zihua
2024-05-25ima: fix deadlock when traversing "ima_default_rules".liqiong
2024-05-17keys: Fix overwrite of key expiration on instantiationSilvio Gissi
2024-04-13smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()Roberto Sassu
2024-04-13smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()Roberto Sassu
2024-03-15lsm: fix default return value of the socket_getpeersec_*() hooksOndrej Mosnacek
2024-03-15lsm: make security_socket_getpeersec_stream() sockptr_t safePaul Moore
2024-03-06tomoyo: fix UAF write bug in tomoyo_write_control()Tetsuo Handa
2024-02-23lsm: fix the logic in security_inode_getsecctx()Ondrej Mosnacek
2024-02-23lsm: new security_file_ioctl_compat() hookAlfred Piccioni
2024-01-25apparmor: avoid crash when parsed profile name is emptyFedor Pchelkin
2024-01-25selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socketMickaël Salaün
2024-01-05keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiryDavid Howells
2023-12-08ima: annotate iint mutex to avoid lockdep false positive warningsAmir Goldstein
2023-11-28ima: detect changes to the backing overlay fileMimi Zohar
2023-10-10ima: rework CONFIG_IMA dependency blockArnd Bergmann
2023-10-10ima: Finish deprecation of IMA_TRUSTED_KEYRING KconfigOleksandr Tymoshenko
2023-10-10Smack:- Use overlay inode label in smack_inode_copy_up()Vishal Goel
2023-10-10smack: Retrieve transmuting information in smack_inode_getsecurity()Roberto Sassu
2023-10-10smack: Record transmuting in smk_transmutedRoberto Sassu
2023-09-19smackfs: Prevent underflow in smk_set_cipso()Dan Carpenter
2023-09-19ima: Remove deprecated IMA_TRUSTED_KEYRING KconfigNayna Jain
2023-09-19security: keys: perform capable check only on privileged operationsChristian Göttsche
2023-08-30selinux: set next pointer before attaching to listChristian Göttsche
2023-08-26IMA: allow/fix UML buildsRandy Dunlap
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-19 13:52:21 +0000