summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)Author
2017-02-16selinux: fix off-by-one in setprocattrStephen Smalley
2017-01-27apparmor: do not expose kernel stackHeinrich Schuchardt
2017-01-27apparmor: fix module parameters can be changed after policy is lockedJohn Johansen
2017-01-27apparmor: fix oops in profile_unpack() when policy_db is not presentJohn Johansen
2017-01-27apparmor: don't check for vmalloc_addr if kvzalloc() failedJohn Johansen
2017-01-27apparmor: add missing id bounds check on dfa verificationJohn Johansen
2017-01-27apparmor: fix refcount race when finding a child profileJohn Johansen
2017-01-27apparmor: check that xindex is in trans_table boundsJohn Johansen
2017-01-27apparmor: ensure the target profile name is always auditedJohn Johansen
2017-01-27apparmor: fix audit full profile hname on successful loadJohn Johansen
2017-01-27apparmor: fix log failures for all profiles in a setJohn Johansen
2017-01-27apparmor: fix put() parent ref after updating the active refJohn Johansen
2017-01-27apparmor: internal paths should be treated as disconnectedJohn Johansen
2017-01-27apparmor: fix disconnected bind mnts reconnectionJohn Johansen
2017-01-27apparmor: fix update the mtime of the profile file on replacementJohn Johansen
2017-01-27apparmor: exec should not be returning ENOENT when it deniesJohn Johansen
2017-01-27apparmor: fix uninitialized lsm_audit memberJohn Johansen
2017-01-27apparmor: fix replacement bug that adds new child to old parentJohn Johansen
2017-01-27apparmor: fix refcount bug in profile replacementJohn Johansen
2016-12-12apparmor: fix change_hat not finding hat after policy replacementJohn Johansen
2016-11-22KEYS: Fix short sprintf buffer in /proc/keys show functionDavid Howells
2016-10-07security: let security modules use PTRACE_MODE_* with bitmasksJann Horn
2016-08-19apparmor: fix ref count leak when profile sha1 hash is readJohn Johansen
2016-07-21KEYS: potential uninitialized variableDan Carpenter
2016-04-23EVM: Use crypto_memneq() for digest comparisonsRyan Ware
2016-04-23KEYS: Fix handling of stored error in a negatively instantiated user keyDavid Howells
2016-02-24ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn
2016-01-25KEYS: Fix keyring ref leak in join_session_keyring()Yevgeny Pats
2016-01-25KEYS: Fix race between read and revokeDavid Howells
2015-11-18KEYS: Fix crash when attempt to garbage collect an uninstantiated keyringDavid Howells
2015-11-18KEYS: Fix race between key destruction and finding a keyring by nameDavid Howells
2015-08-19ima: extend "mask" policy matching supportMimi Zohar
2015-08-19ima: add support for new "euid" policy conditionMimi Zohar
2015-06-10lsm: copy comm before calling audit_log to avoid race in string printingRichard Guy Briggs
2015-04-27nick kvfree() from apparmorAl Viro
2015-04-22selinux: fix sel_write_enforce broken return valueJoe Perches
2015-04-09Don't leak a key reference if request_key() tries to use a revoked keyringDavid Jeffery
2015-02-16SELinux: fix selinuxfs policy file on big endian systemsEric Paris
2015-01-29move d_rcu from overlapping d_child to overlapping d_aliasAl Viro
2015-01-29KEYS: close race between key lookup and freeingSasha Levin
2015-01-07KEYS: Fix stale key registration at error pathTakashi Iwai
2014-11-13selinux: fix inode security list corruptionStephen Smalley
2014-11-13evm: check xattr value length and type in evm_inode_setxattr()Dmitry Kasatkin
2014-09-17CAPABILITIES: remove undefined caps from all processesEric Paris
2014-06-23evm: prohibit userspace writing 'security.evm' HMAC valueMimi Zohar
2014-06-23ima: introduce ima_kernel_read()Dmitry Kasatkin
2014-06-20ima: audit log files opened with O_DIRECT flagMimi Zohar
2014-06-09device_cgroup: check if exception removal is allowedAristeu Rozanski
2014-06-09device_cgroup: rework device access check and exception checkingAristeu Rozanski
2014-04-13selinux: correctly label /proc inodes in use before the policy is loadedPaul Moore
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-12 03:56:38 +0000