aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
AgeCommit message (Expand)AuthorFilesLines
2025-05-28Merge tag 'net-next-6.16' of git://git.kernel.org/pub/scm/linux/kernel/git/ne...Linus Torvalds3-43/+1
2025-05-28Merge tag 'selinux-pr-20250527' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds11-85/+232
2025-04-12selinux: fix the kdoc header for task_avdcache_updatePaul Moore1-1/+1
2025-04-12selinux: remove a duplicated includePaul Moore1-1/+0
2025-04-11net: Retire DCCP socket.Kuniyuki Iwashima3-43/+1
2025-04-11selinux: reduce path walk overheadPaul Moore2-54/+185
2025-04-11selinux: support wildcard match in genfsconTakaya Saeki3-4/+17
2025-04-11selinux: drop copy-paste commentChristian Göttsche1-6/+0
2025-04-11selinux: unify OOM handling in network hashtablesChristian Göttsche4-9/+19
2025-04-11selinux: add likely hints for fast pathsChristian Göttsche3-3/+3
2025-04-11selinux: contify network namespace pointerChristian Göttsche1-1/+1
2025-04-11selinux: constify network address pointerChristian Göttsche4-8/+8
2025-04-08Use try_lookup_noperm() instead of d_hash_and_lookup() outside of VFSNeilBrown1-2/+2
2025-04-01Merge tag 'driver-core-6.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel...Linus Torvalds1-2/+5
2025-03-30Merge tag 'bpf-next-6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/bp...Linus Torvalds1-3/+3
2025-03-25Merge tag 'selinux-pr-20250323' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds7-16/+73
2025-03-25Merge tag 'lsm-pr-20250323' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2-2/+16
2025-03-17selinux: get netif_wildcard policycap from policy instead of cacheChristian Göttsche1-2/+1
2025-03-15security: Propagate caller information in bpf hooksBlaise Boscaccy1-3/+3
2025-03-07selinux: support wildcard network interface namesChristian Göttsche4-4/+22
2025-02-27selinux: add FILE__WATCH_MOUNTNSMiklos Szeredi2-1/+4
2025-02-26selinux: add permission checks for loading other kinds of kernel files"Kipp N. Davis"2-11/+51
2025-02-26perf: Remove unnecessary parameter of security checkLuo Gengkun1-1/+1
2025-02-15kernfs: Use RCU to access kernfs_node::name.Sebastian Andrzej Siewior1-2/+5
2025-02-07io_uring,lsm,selinux: add LSM hooks for io_uring_setup()Hamza Mahfooz2-1/+15
2025-02-07selinux: always check the file label in selinux_kernel_read_file()Paul Moore1-1/+1
2025-02-03selinux: fix spelling errorTanya Agarwal1-1/+1
2025-01-23Merge tag 'fsnotify_hsm_for_v6.14-rc1' of git://git.kernel.org/pub/scm/linux/...Linus Torvalds1-1/+2
2025-01-21Merge tag 'selinux-pr-20250121' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds20-165/+165
2025-01-21Merge tag 'lsm-pr-20250121' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-15/+34
2025-01-07selinux: make more use of str_read() when loading the policyChristian Göttsche3-22/+12
2025-01-07selinux: avoid unnecessary indirection in struct level_datumChristian Göttsche3-17/+10
2025-01-07selinux: use known type instead of void pointerChristian Göttsche8-74/+77
2025-01-07selinux: rename comparison functions for clarityChristian Göttsche7-16/+16
2025-01-07selinux: rework match_ipv6_addrmask()Christian Göttsche1-7/+5
2025-01-07selinux: constify and reconcile function parameter namesChristian Göttsche4-6/+6
2025-01-07selinux: avoid using types indicating user space interactionChristian Göttsche2-2/+2
2025-01-07selinux: supply missing field initializersChristian Göttsche2-2/+2
2025-01-07Merge tag 'selinux-pr-20250107' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds5-38/+65
2025-01-04selinux: match extended permissions to their base permissionsThiébaud Weksteen5-38/+65
2024-12-18Merge tag 'selinux-pr-20241217' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-2/+6
2024-12-15selinux: ignore unknown extended permissionsThiébaud Weksteen1-2/+6
2024-12-15selinux: add netlink nlmsg_type audit messageThiébaud Weksteen1-2/+2
2024-12-13selinux: add support for xperms in conditional policiesChristian Göttsche6-9/+26
2024-12-11selinux: Fix SCTP error inconsistency in selinux_socket_bind()Mikhail Ivanov1-1/+1
2024-12-11selinux: use native iterator typesChristian Göttsche3-4/+4
2024-12-11selinux: add generated av_permissions.h to targetsThomas Weißschuh1-4/+3
2024-12-10fsnotify: introduce pre-content permission eventsAmir Goldstein1-1/+2
2024-12-04lsm: secctx provider check on releaseCasey Schaufler1-8/+5
2024-12-04lsm: lsm_context in security_dentry_init_securityCasey Schaufler1-4/+4
2024-12-04lsm: use lsm_context in security_inode_getsecctxCasey Schaufler1-4/+6
2024-12-04lsm: replace context+len with lsm_contextCasey Schaufler1-5/+18
2024-12-04lsm: ensure the correct LSM context releaserCasey Schaufler1-2/+9
2024-11-30selinux: use sk_to_full_sk() in selinux_ip_output()Eric Dumazet1-1/+1
2024-11-25Merge tag 'mm-nonmm-stable-2024-11-24-02-05' of git://git.kernel.org/pub/scm/...Linus Torvalds1-1/+1
2024-11-18Merge tag 'lsm-pr-20241112' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds3-22/+38
2024-11-05security: replace memcpy() with get_task_comm()Yafang Shao1-1/+1
2024-10-11lsm: remove lsm_prop scaffoldingCasey Schaufler2-21/+1
2024-10-11lsm: create new security_cred_getlsmprop LSM hookCasey Schaufler1-0/+8
2024-10-11lsm: use lsm_prop in security_inode_getsecidCasey Schaufler1-6/+9
2024-10-11lsm: use lsm_prop in security_current_getsecidCasey Schaufler1-6/+11
2024-10-11lsm: use lsm_prop in security_ipc_getsecidCasey Schaufler1-3/+6
2024-10-11lsm: add lsmprop_to_secctx hookCasey Schaufler2-3/+16
2024-10-11lsm: use lsm_prop in security_audit_rule_matchCasey Schaufler2-5/+9
2024-10-07selinux: Deprecate /sys/fs/selinux/userStephen Smalley1-0/+4
2024-10-07selinux: apply clang format to security/selinux/nlmsgtab.cPaul Moore1-118/+118
2024-10-07selinux: streamline selinux_nlmsg_lookup()Paul Moore1-50/+38
2024-10-07selinux: Add netlink xperm supportThiébaud Weksteen8-51/+126
2024-10-03selinux: move genheaders to security/selinux/Masahiro Yamada3-2/+160
2024-10-03selinux: do not include <linux/*.h> headers from host programsMasahiro Yamada2-3/+12
2024-09-24Merge tag 'bpf-next-6.12-struct-fd' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds1-1/+1
2024-09-24Merge tag 'lsm-pr-20240923' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-1/+1
2024-09-19selinux,smack: properly reference the LSM blob in security_watch_key()Paul Moore1-1/+1
2024-09-16Merge tag 'lsm-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds3-127/+100
2024-09-16Merge tag 'selinux-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds8-76/+68
2024-09-16Merge tag 'vfs-6.12.file' of git://git.kernel.org/pub/scm/linux/kernel/git/vf...Linus Torvalds1-1/+1
2024-09-12security,bpf: constify struct path in bpf_token_create() LSM hookAndrii Nakryiko1-1/+1
2024-09-03selinux: fix style problems in security/selinux/include/audit.hPaul Moore1-23/+23
2024-08-31Merge tag 'lsm-pr-20240830' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-2/+2
2024-08-28selinux,smack: don't bypass permissions check in inode_setsecctx hookScott Mayhew1-2/+2
2024-08-28selinux: simplify avc_xperms_audit_required()Zhen Lei1-2/+2
2024-08-28selinux: mark both IPv4 and IPv6 accepted connection sockets as labeledGuido Trentalancia1-1/+1
2024-08-28file: reclaim 24 bytes from f_ownerChristian Brauner1-1/+1
2024-08-27selinux: replace kmem_cache_create() with KMEM_CACHE()Eric Suen4-23/+8
2024-08-26selinux: annotate false positive data race to avoid KCSAN warningsStephen Smalley1-1/+6
2024-08-08selinux: revert our use of vma_is_initial_heap()Paul Moore1-1/+11
2024-08-07selinux: add the processing of the failure of avc_add_xperms_decision()Zhen Lei1-1/+5
2024-08-06selinux: fix potential counting error in avc_add_xperms_decision()Zhen Lei1-1/+1
2024-07-31lsm: Refactor return value of LSM hook inode_copy_up_xattrXu Kuohai1-2/+2
2024-07-31lsm: Refactor return value of LSM hook vm_enough_memoryXu Kuohai1-11/+4
2024-07-29lsm: infrastructure management of the perf_event security blobCasey Schaufler2-14/+10
2024-07-29lsm: infrastructure management of the infiniband blobCasey Schaufler2-13/+8
2024-07-29lsm: infrastructure management of the dev_tun blobCasey Schaufler2-16/+11
2024-07-29lsm: infrastructure management of the key security blobCasey Schaufler2-17/+11
2024-07-29lsm: infrastructure management of the sock securityCasey Schaufler3-54/+54
2024-07-29selinux: refactor code to return ERR_PTR in selinux_netlbl_sock_genattrGaosheng Cui1-9/+9
2024-07-29selinux: Streamline type determination in security_compute_sidCanfeng Guo1-17/+19
2024-07-16Merge tag 'lsm-pr-20240715' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-16/+22
2024-07-16Merge tag 'selinux-pr-20240715' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds1-1/+1
2024-07-09selinux,smack: remove the capability checks in the removexattr hooksPaul Moore1-8/+2
2024-07-02selinux: Use 1UL for EBITMAP_BIT to match maps typeCanfeng Guo1-1/+1
2024-06-13ima: Avoid blocking in RCU read-side critical sectionGUO Zihua2-3/+6
2024-06-03lsm: fixup the inode xattr capability handlingPaul Moore1-8/+20
2024-05-15Merge tag 'integrity-v6.10' of ssh://ra.kernel.org/pub/scm/linux/kernel/git/z...Linus Torvalds1-1/+1
2024-05-15Merge tag 'selinux-pr-20240513' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds12-126/+146
2024-05-13netlabel: fix RCU annotation for IPv4 options on socket creationDavide Caratti1-1/+4
2024-04-30selinux: constify source policy in cond_policydb_dup()Christian Göttsche4-14/+17
2024-04-30selinux: avoid printk_ratelimit()Christian Göttsche1-2/+1
2024-04-30selinux: pre-allocate the status pageChristian Göttsche1-0/+6
2024-04-09security: allow finer granularity in permitting copy-up of security xattrsStefan Berger1-1/+1
2024-04-04selinux: clarify return code in filename_trans_read_helper_compat()Ondrej Mosnacek1-0/+1
2024-04-01selinux: avoid dereference of garbage after mount failureChristian Göttsche1-5/+7
2024-03-27selinux: use u32 as bit position type in ebitmap codeChristian Göttsche2-35/+34
2024-03-27selinux: improve symtab string hashingChristian Göttsche1-11/+11
2024-03-27selinux: dump statistics for more hash tablesChristian Göttsche2-7/+19
2024-03-27selinux: make more use of current_sid()Christian Göttsche2-21/+8
2024-03-27selinux: update numeric format specifiers for ebitmapsChristian Göttsche1-6/+6
2024-03-26selinux: improve error checking in sel_write_load()Paul Moore1-14/+16
2024-03-26selinux: cleanup selinux_lsm_getattr()Paul Moore1-18/+18
2024-03-26selinux: reject invalid ebitmapsChristian Göttsche1-0/+11
2024-03-14lsm: use 32-bit compatible data types in LSM syscallsCasey Schaufler1-2/+2
2024-03-12Merge tag 'lsm-pr-20240312' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-1/+2
2024-03-12Merge tag 'selinux-pr-20240312' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds22-731/+724
2024-02-29Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-1/+1
2024-02-23selinux: fix style issues in security/selinux/ss/symtab.cPaul Moore1-1/+3
2024-02-23selinux: fix style issues in security/selinux/ss/symtab.hPaul Moore1-5/+4
2024-02-23selinux: fix style issues in security/selinux/ss/sidtab.cPaul Moore1-32/+37
2024-02-23selinux: fix style issues in security/selinux/ss/sidtab.hPaul Moore1-17/+19
2024-02-23selinux: fix style issues in security/selinux/ss/services.hPaul Moore1-1/+2
2024-02-23selinux: fix style issues in security/selinux/ss/policydb.cPaul Moore1-192/+213
2024-02-23selinux: fix style issues in security/selinux/ss/policydb.hPaul Moore1-97/+95
2024-02-23selinux: fix style issues in security/selinux/ss/mls_types.hPaul Moore1-16/+16
2024-02-23selinux: fix style issues in security/selinux/ss/mls.cPaul Moore1-50/+33
2024-02-23selinux: fix style issues in security/selinux/ss/mls.hPaul Moore1-39/+19
2024-02-23selinux: fix style issues in security/selinux/ss/hashtab.cPaul Moore1-12/+11
2024-02-23selinux: fix style issues in security/selinux/ss/hashtab.hPaul Moore1-18/+17
2024-02-23selinux: fix style issues in security/selinux/ss/ebitmap.cPaul Moore1-28/+28
2024-02-23selinux: fix style issues in security/selinux/ss/ebitmap.hPaul Moore1-19/+23
2024-02-23selinux: fix style issues in security/selinux/ss/context.hPaul Moore1-1/+1
2024-02-23selinux: fix style issues in security/selinux/ss/context.hPaul Moore1-19/+22
2024-02-23selinux: fix style issues in security/selinux/ss/constraint.hPaul Moore1-33/+34
2024-02-23selinux: fix style issues in security/selinux/ss/conditional.cPaul Moore1-35/+33
2024-02-23selinux: fix style issues in security/selinux/ss/conditional.hPaul Moore1-12/+11
2024-02-23selinux: fix style issues in security/selinux/ss/avtab.cPaul Moore1-54/+51
2024-02-23selinux: fix style issues in security/selinux/ss/avtab.hPaul Moore1-37/+37
2024-02-23selinux: fix lsm_get_self_attr()Mickaël Salaün1-1/+1
2024-02-15security: Align inode_setattr hook definition with EVMRoberto Sassu1-1/+2
2024-02-02selinux: only filter copy-up xattrs following initializationDavid Disseldorp1-2/+3
2024-02-02selinux: correct return values in selinux_socket_getpeersec_dgram()Paul Moore1-6/+8
2024-01-25selinux: reduce the object class calculations at inode init timePaul Moore1-5/+4
2024-01-24bpf,selinux: Allocate bpf_security_struct per BPF tokenAndrii Nakryiko1-0/+25
2024-01-24bpf,lsm: Refactor bpf_map_alloc/bpf_map_free LSM hooksAndrii Nakryiko1-3/+4
2024-01-24bpf,lsm: Refactor bpf_prog_alloc/bpf_prog_free LSM hooksAndrii Nakryiko1-7/+8
2024-01-11Merge tag 'for-6.8/io_uring-2024-01-08' of git://git.kernel.dk/linuxLinus Torvalds1-1/+1
2024-01-10Merge tag 'header_cleanup-2024-01-10' of https://evilpiepirate.org/git/bcachefsLinus Torvalds1-0/+1
2024-01-09Merge tag 'lsm-pr-20240105' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-28/+145
2024-01-09Merge tag 'selinux-pr-20240105' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds19-600/+538
2024-01-04selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socketMickaël Salaün1-0/+7
2023-12-24lsm: new security_file_ioctl_compat() hookAlfred Piccioni1-0/+28
2023-12-22selinux: fix style issues in security/selinux/include/initial_sid_to_string.hPaul Moore1-29/+28
2023-12-22selinux: fix style issues in security/selinux/include/xfrm.hPaul Moore1-2/+2
2023-12-22selinux: fix style issues in security/selinux/include/security.hPaul Moore1-80/+75
2023-12-22selinux: fix style issues with security/selinux/include/policycap_names.hPaul Moore1-0/+3
2023-12-22selinux: fix style issues in security/selinux/include/policycap.hPaul Moore1-0/+1
2023-12-22selinux: fix style issues in security/selinux/include/objsec.hPaul Moore1-64/+65
2023-12-22selinux: fix style issues with security/selinux/include/netlabel.hPaul Moore1-33/+20
2023-12-22selinux: fix style issues in security/selinux/include/netif.hPaul Moore1-2/+2
2023-12-22selinux: fix style issues in security/selinux/include/ima.hPaul Moore1-1/+1
2023-12-22selinux: fix style issues in security/selinux/include/conditional.hPaul Moore1-2/+2
2023-12-22selinux: fix style issues in security/selinux/include/classmap.hPaul Moore1-210/+132
2023-12-22selinux: fix style issues in security/selinux/include/avc_ss.hPaul Moore1-1/+1
2023-12-22selinux: align avc_has_perm_noaudit() prototype with definitionPaul Moore1-1/+1
2023-12-22selinux: fix style issues in security/selinux/include/avc.hPaul Moore1-26/+15
2023-12-22selinux: fix style issues in security/selinux/include/audit.hPaul Moore1-1/+0
2023-12-20shm: Slim down dependenciesKent Overstreet1-0/+1
2023-12-15cred: get rid of CONFIG_DEBUG_CREDENTIALSJens Axboe1-6/+0
2023-12-12io_uring: split out cmd api into a separate headerPavel Begunkov1-1/+1
2023-12-07selinux: remove the wrong comment about multithreaded process handlingMunehisa Kamata1-1/+0
2023-11-21selinux: introduce an initial SID for early boot processesOndrej Mosnacek7-2/+76
2023-11-20selinux: refactor avtab_node comparisonsJacob Satterfield1-60/+41
2023-11-16selinux: update filenametr_hash() to use full_name_hash()Paul Moore1-9/+2
2023-11-16selinux: saner handling of policy reloadsAl Viro1-78/+66
2023-11-12lsm: mark the lsm_id variables are marked as staticPaul Moore1-1/+1
2023-11-12lsm: consolidate buffer size handling into lsm_fill_user_ctx()Paul Moore1-21/+23
2023-11-12SELinux: Add selfattr hooksCasey Schaufler1-27/+107
2023-11-12LSM: Identify modules by more than nameCasey Schaufler1-1/+8
2023-10-30Merge tag 'lsm-pr-20231030' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1-5/+5
2023-10-30Merge tag 'selinux-pr-20231030' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds7-30/+33
2023-10-18selinux: convert to new timestamp accessorsJeff Layton1-1/+1
2023-10-03selinux: simplify avtab_insert_node() prototypeJacob Satterfield1-13/+7
2023-09-14lsm: constify 'sb' parameter in security_sb_kern_mount()Khadija Kamran1-1/+1
2023-09-14lsm: constify 'bprm' parameter in security_bprm_committed_creds()Khadija Kamran1-1/+1
2023-09-13lsm: constify 'bprm' parameter in security_bprm_committing_creds()Khadija Kamran1-1/+1
2023-09-13lsm: constify 'sb' parameter in security_quotactl()Khadija Kamran1-2/+2
2023-09-13selinux: hweight optimization in avtab_read_itemJacob Satterfield1-5/+2
2023-09-13selinux: improve role transition hashingChristian Göttsche1-1/+1
2023-09-13selinux: simplify avtab slot calculationChristian Göttsche1-7/+1
2023-09-13selinux: improve debug configurationChristian Göttsche2-0/+12
2023-09-13selinux: print sum of chain lengths^2 for hash tablesChristian Göttsche4-3/+9
2023-09-12selinux: fix handling of empty opts in selinux_fs_context_submount()Ondrej Mosnacek1-2/+8
generated by cgit 1.2.3-korg (git 2.43.0) at 2025-07-04 02:03:48 +0000