Sasha Levin 0112721df4 IMA: policy can be updated zero times ... Commit "IMA: policy can now be updated multiple times" assumed that the policy would be updated at least once. If there are zero updates, the temporary list head object will get added to the policy list, and later dereferenced as an IMA policy object, which means that invalid memory will be accessed. Changelog: - Move list_empty() test to ima_release_policy(), before audit msg - Mimi Signed-off-by: Sasha Levin <sasha.levin@oracle.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>		2015-12-24 18:56:45 -05:00
..
apparmor	apparmor: clarify CRYPTO dependency	2015-10-22 11:11:28 +11:00
integrity	IMA: policy can be updated zero times	2015-12-24 18:56:45 -05:00
keys	KEYS: prevent keys from being removed from specified keyrings	2015-12-15 10:01:43 -05:00
selinux	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2015-11-10 18:11:41 -08:00
smack	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2015-11-10 18:11:41 -08:00
tomoyo	LSM: Switch to lists of hooks	2015-05-12 15:00:41 +10:00
yama	Adding YAMA hooks also when YAMA is not stacked.	2015-08-04 01:36:18 +10:00
commoncap.c	capabilities: add a securebit to disable PR_CAP_AMBIENT_RAISE	2015-09-04 16:54:41 -07:00
device_cgroup.c	security/device_cgroup: Fix RCU_LOCKDEP_WARN() condition	2015-09-03 18:13:10 -07:00
inode.c	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2015-07-04 19:36:06 -07:00
Kconfig	Yama: remove needless CONFIG_SECURITY_YAMA_STACKED	2015-07-28 13:18:19 +10:00
lsm_audit.c	Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into next	2015-08-15 13:29:57 +10:00
Makefile	LSM: Switch to lists of hooks	2015-05-12 15:00:41 +10:00
min_addr.c	mmap_min_addr check CAP_SYS_RAWIO only for write	2010-04-23 08:56:31 +10:00
security.c	Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security	2015-09-08 12:41:25 -07:00