summaryrefslogtreecommitdiffstats
Commit message (Expand)AuthorAgeFilesLines
* KEYS: The PKCS#7 test key type should use the secondary keyringDavid Howells2016-05-111-1/+1
* Merge branch 'stable-4.7' of git://git.infradead.org/users/pcmoore/selinux in...James Morris2016-05-066-61/+128
|\
| * selinux: apply execstack check on thread stacksStephen Smalley2016-04-261-2/+3
| * selinux: distinguish non-init user namespace capability checksStephen Smalley2016-04-262-17/+25
| * selinux: check ss_initialized before revalidating an inode labelPaul Moore2016-04-191-1/+1
| * selinux: delay inode label lookup as long as possiblePaul Moore2016-04-191-8/+13
| * selinux: don't revalidate an inode's label when explicitly setting itPaul Moore2016-04-191-2/+11
| * selinux: Change bool variable name to index.Prarit Bhargava2016-04-142-4/+4
| * selinux: restrict kernel module loadingJeff Vander Stoep2016-04-052-1/+48
| * selinux: consolidate the ptrace parent lookup codePaul Moore2016-04-051-21/+17
| * selinux: simply inode label states to INVALID and INITIALIZEDPaul Moore2016-04-052-4/+3
| * selinux: don't revalidate inodes in selinux_socket_getpeersec_dgram()Paul Moore2016-04-051-3/+5
| * netlabel: fix a problem with netlbl_secattr_catmap_setrng()Janak Desai2016-04-051-1/+1
* | Merge tag 'keys-next-20160505' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris2016-05-0656-717/+1341
|\ \
| * \ Merge branch 'keys-trust' into keys-nextDavid Howells2016-05-0441-517/+673
| |\ \
| | * | IMA: Use the the system trusted keyrings instead of .ima_mokDavid Howells2016-04-115-64/+34
| | * | certs: Add a secondary system keyring that can be added to dynamicallyDavid Howells2016-04-113-16/+88
| | * | KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTEDDavid Howells2016-04-117-59/+9
| | * | KEYS: Move the point of trust determination to __key_link()David Howells2016-04-119-76/+100
| | * | KEYS: Make the system trusted keyring depend on the asymmetric key typeDavid Howells2016-04-112-1/+2
| | * | X.509: Move the trust validation code out to its own fileDavid Howells2016-04-114-80/+116
| | * | X.509: Use verify_signature() if we have a struct key * to useDavid Howells2016-04-111-2/+1
| | * | KEYS: Generalise x509_request_asymmetric_key()David Howells2016-04-115-39/+37
| | * | KEYS: Move x509_request_asymmetric_key() to asymmetric_type.cDavid Howells2016-04-114-95/+94
| | * | KEYS: Add a facility to restrict new links into a keyringDavid Howells2016-04-1115-52/+198
| | * | PKCS#7: Make trust determination dependent on contents of trust keyringDavid Howells2016-04-069-32/+11
| | * | KEYS: Generalise system_verify_data() to provide access to internal contentDavid Howells2016-04-0615-173/+155
| * | | Merge branch 'keys-sig' into keys-nextDavid Howells2016-04-1213-191/+281
| |\ \ \ | | |/ /
| | * | X.509: Fix self-signed determinationDavid Howells2016-04-061-0/+9
| | * | X.509: Extract signature digest and make self-signed cert checks earlierDavid Howells2016-04-064-71/+110
| | * | PKCS#7: Make the signature a pointer rather than embedding itDavid Howells2016-04-064-48/+55
| | * | X.509: Retain the key verification dataDavid Howells2016-04-065-66/+67
| | * | KEYS: Add identifier pointers to public_key_signature structDavid Howells2016-04-062-0/+5
| | * | KEYS: Allow authentication data to be stored in an asymmetric keyDavid Howells2016-04-067-14/+43
| | * | X.509: Whitespace cleanupDavid Howells2016-04-061-2/+2
| | |/
| * | Merge branch 'keys-misc' into keys-nextDavid Howells2016-04-1211-50/+428
| |\ \
| | * | KEYS: Add KEYCTL_DH_COMPUTE commandMat Martineau2016-04-128-0/+233
| | * | Security: Keys: Big keys stored encryptedKirill Marinushkin2016-04-122-18/+184
| | * | KEYS: user_update should use copy of payload made during preparsingDavid Howells2016-04-121-31/+11
| | * | security: integrity: Remove select to deleted option PUBLIC_KEY_ALGO_RSAAndreas Ziegler2016-04-121-1/+0
| |/ /
* | | Yama: use atomic allocations when reportingSasha Levin2016-05-041-2/+2
* | | seccomp: Fix comment typoMickaël Salaün2016-05-041-1/+1
* | | ima: add support for creating files using the mknodat syscallMimi Zohar2016-05-014-1/+37
* | | ima: fix ima_inode_post_setattrMimi Zohar2016-05-012-1/+2
* | | vfs: forbid write access when reading a file into memoryDmitry Kasatkin2016-05-011-8/+21
* | | fs: fix over-zealous use of "const"Kees Cook2016-04-271-1/+1
* | | LSM: LoadPin for kernel file loading restrictionsKees Cook2016-04-219-0/+233
* | | fs: define a string representation of the kernel_read_file_id enumerationMimi Zohar2016-04-211-6/+25
* | | Yama: consolidate error reportingKees Cook2016-04-211-10/+21
* | | string_helpers: add kstrdup_quotable_fileKees Cook2016-04-212-0/+33
OpenPOWER on IntegriCloud