Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / 6f1560992075b162c3dcf144e6a35922e6b245b5 / security
  1. d8a89c3 apparmor: delete the dentry in aafs_remove() to avoid a leak by Chris Coulson · 6 years ago
  2. 4753e7a ima: fix freeing ongoing ahash_request by Sascha Hauer · 5 years ago
  3. b69c308 ima: always return negative code for error by Sascha Hauer · 5 years ago
  4. 1b42503 smack: use GFP_NOFS while holding inode_smack::smk_lock by Eric Biggers · 5 years ago
  5. ef9744a Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set by Jann Horn · 5 years ago
  6. 9a87ab2 security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb() by Jia-Ju Bai · 5 years ago
  7. ca77acd keys: Fix missing null pointer check in request_key_auth_describe() by Hillf Danton · 5 years ago
  8. 1711103 apparmor: reset pos on failure to unpack for various functions by Mike Salvatore · 5 years ago
  9. 46650ac selinux: fix memory leak in policydb_init() by Ondrej Mosnacek · 5 years ago
  10. 914026d selinux: fix empty write to keycreate file by Ondrej Mosnacek · 5 years ago
  11. 31c9958 apparmor: enforce nullbyte at end of tag string by Jann Horn · 5 years ago
  12. eb2b0bf apparmor: fix PROFILE_MEDIATES for untrusted input by John Johansen · 5 years ago
  13. 6e322a9 evm: check hash algorithm passed to init_desc() by Roberto Sassu · 5 years ago
  14. f85b87a ima: show rules with IMA_INMASK correctly by Roberto Sassu · 5 years ago
  15. a2ace9b selinux: avoid uninitialized variable warning by Arnd Bergmann · 6 years ago
  16. b21ca27 apparmorfs: fix use-after-free on symlink traversal by Al Viro · 6 years ago
  17. 9a0467e securityfs: fix use-after-free on symlink traversal by Al Viro · 6 years ago
  18. dfdfad3 selinux: do not report error on connect(AF_UNSPEC) by Paolo Abeni · 6 years ago
  19. 574be22 selinux: never allow relabeling on context mounts by Ondrej Mosnacek · 6 years ago
  20. 6b13ae5 selinux: avoid silent denials in permissive mode under RCU walk by Stephen Smalley · 6 years ago
  21. 145f6a7 selinux: use kernel linux/socket.h for genheaders and mdp by Paulo Alcantara · 6 years ago
  22. 628c99a8 device_cgroup: fix RCU imbalance in error case by Jann Horn · 6 years ago
  23. e30e0b0 selinux: do not override context on context mounts by Ondrej Mosnacek · 6 years ago
  24. c7dad09 security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblock by J. Bruce Fields · 6 years ago
  25. e4f6f82 selinux: add the missing walk_size + len check in selinux_sctp_bind_connect by Xin Long · 6 years ago
  26. 7268328 keys: Fix dependency loop between construction record and auth key by David Howells · 6 years ago
  27. 345af5a missing barriers in some of unix_sock ->addr and ->path accesses by Al Viro · 6 years ago
  28. d7807b6 apparmor: Fix aa_label_build() error handling for failed merges by John Johansen · 6 years ago
  29. 8b4b1d7 KEYS: always initialize keyring_index_key::desc_len by Eric Biggers · 6 years ago
  30. f812bec KEYS: allow reaching the keys quotas exactly by Eric Biggers · 6 years ago
  31. 54e71cb smack: fix access permissions for keyring by Zoran Markovic · 6 years ago
  32. 34ea589 selinux: always allow mounting submounts by Ondrej Mosnacek · 6 years ago
  33. 5a79e71 selinux: fix GPF on invalid policy by Stephen Smalley · 6 years ago
  34. a19aedf LSM: Check for NULL cred-security on free by James Morris · 6 years ago
  35. b955a2c Yama: Check for pid death before checking ancestry by Kees Cook · 6 years ago
  36. b37fdd9 selinux: policydb - fix byte order and alignment issues by Ondrej Mosnacek · 6 years ago
  37. 4c202ad selinux: add support for RTM_NEWCHAIN, RTM_DELCHAIN, and RTM_GETCHAIN by Paul Moore · 6 years ago
  38. 3962e78 selinux: Add __GFP_NOWARN to allocation at str_read() by Tetsuo Handa · 6 years ago
  39. c8a1685 apparmor: Fix uninitialized value in aa_split_fqname by Zubin Mithra · 6 years ago
  40. c75e3cb selinux: check length properly in SCTP bind hook by Ondrej Mosnacek · 6 years ago
  41. 8b259b9 ima: open a new file instance if no read permissions by Goldwyn Rodrigues · 6 years ago
  42. 13d3c98 ima: fix showing large 'violations' or 'runtime_measurements_count' by Eric Biggers · 6 years ago
  43. f77c846 selinux: fix mounting of cgroup2 under older policies by Stephen Smalley · 6 years ago
  44. 7a47855 Smack: ptrace capability use fixes by Casey Schaufler · 6 years ago
  45. 8c0f9f5 Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name" by Lubomir Rintel · 6 years ago
  46. 61a6bd8 Revert "x86/mm/legacy: Populate the user page-table with user pgd's" by Joerg Roedel · 6 years ago
  47. db44bf4 Merge tag 'apparmor-pr-2018-09-06' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor by Linus Torvalds · 6 years ago
  48. 8a2336e uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name by Randy Dunlap · 6 years ago
  49. edf4e7b apparmor: fix bad debug check in apparmor_secid_to_secctx() by John Johansen · 6 years ago
  50. 57bb8e3 Merge tag 'apparmor-pr-2018-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor by Linus Torvalds · 6 years ago
  51. 4def196 Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace by Linus Torvalds · 6 years ago
  52. c037bd6 apparmor: remove no-op permission check in policy_unpack by John Johansen · 6 years ago
  53. 1b1eeca init: allow initcall tables to be emitted using relative references by Ard Biesheuvel · 6 years ago
  54. 0a6b292 apparmor: fix an error code in __aa_create_ns() by Dan Carpenter · 6 years ago
  55. f91e654 Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 6 years ago
  56. c715ebe Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 6 years ago
  57. 04743f8 Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 6 years ago
  58. dafa5f6 Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 by Linus Torvalds · 6 years ago
  59. 9a76aba Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next by Linus Torvalds · 6 years ago
  60. e026bcc Merge tag 'kbuild-v4.19' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild by Linus Torvalds · 6 years ago
  61. 6f7dac1 Merge tag 'selinux-pr-20180814' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 6 years ago
  62. 92d4a03 Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 6 years ago
  63. 8c479c2 Merge tag 'hardened-usercopy-v4.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux by Linus Torvalds · 6 years ago
  64. a66b4cd Merge branch 'work.open3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 6 years ago
  65. 355139a cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() by Eddie.Horng · 6 years ago
  66. 7e4237f selinux: cleanup dentry and inodes on error in selinuxfs by nixiaoming · 6 years ago
  67. c5f5aee Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux by Herbert Xu · 6 years ago
  68. df6b4e6 Merge branch 'smack-for-4.19-a' of https://github.com/cschaufler/next-smack into next-smack by James Morris · 6 years ago
  69. ec403d8 ima: Get rid of ima_used_chip and use ima_tpm_chip != NULL instead by Stefan Berger · 6 years ago
  70. 5c2a640 ima: Use tpm_default_chip() and call TPM functions with a tpm_chip by Stefan Berger · 6 years ago
  71. 32a4f5e net: sched: introduce chain object to uapi by Jiri Pirko · 6 years ago
  72. d66a8ac Smack: Inform peer that IPv6 traffic has been blocked by Piotr Sawicki · 6 years ago
  73. a07ef95 Smack: Check UDP-Lite and DCCP protocols during IPv6 handling by Piotr Sawicki · 6 years ago
  74. 129a998 Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets by Piotr Sawicki · 6 years ago
  75. 3dd0f18 EVM: fix return value check in evm_write_xattrs() by Wei Yongjun · 6 years ago
  76. 24b87a1 apparmor: Fix failure to audit context info in build_change_hat by John Johansen · 6 years ago
  77. f4585bc apparmor: Fully initialize aa_perms struct when answering userspace query by Tyler Hicks · 6 years ago
  78. 7f3ebcf apparmor: Check buffer bounds when mapping permissions mask by Tyler Hicks · 6 years ago
  79. 7757d60 x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for x86_32 by Joerg Roedel · 6 years ago
  80. 6eb864c integrity: prevent deadlock during digsig verification. by Mikhail Kurinnoi · 6 years ago
  81. 5feeb61 evm: Allow non-SHA1 digital signatures by Matthew Garrett · 6 years ago
  82. e2861fa evm: Don't deadlock if a crypto algorithm is unavailable by Matthew Garrett · 6 years ago
  83. ac2409a integrity: silence warning when CONFIG_SECURITYFS is not enabled by Sudeep Holla · 6 years ago
  84. dba31ee ima: Differentiate auditing policy rules from "audit" actions by Stefan Berger · 6 years ago
  85. 2afd020 ima: Do not audit if CONFIG_INTEGRITY_AUDIT is not set by Stefan Berger · 6 years ago
  86. 3d2859d ima: Use audit_log_format() rather than audit_log_string() by Stefan Berger · 6 years ago
  87. 8a3bcaf ima: Call audit_log_string() rather than logging it untrusted by Stefan Berger · 6 years ago
  88. 87ea584 security: check for kstrdup() failure in lsm_append() by Eric Biggers · 6 years ago
  89. 83a68a0 security: export security_kernel_load_data function by Arnd Bergmann · 6 years ago
  90. 631d2b4 selinux: constify write_op[] by Eric Biggers · 6 years ago
  91. c417fbc kbuild: move bin2c back to scripts/ from scripts/basic/ by Masahiro Yamada · 6 years ago
  92. 4f0496d ima: based on policy warn about loading firmware (pre-allocated buffer) by Mimi Zohar · 6 years ago
  93. c77b8cd module: replace the existing LSM hook in init_module by Mimi Zohar · 6 years ago
  94. ef96837 ima: add build time policy by Mimi Zohar · 6 years ago
  95. fed2512 ima: based on policy require signed firmware (sysfs fallback) by Mimi Zohar · 6 years ago
  96. 16c267a ima: based on policy require signed kexec kernel images by Mimi Zohar · 6 years ago
  97. 377179c security: define new LSM hook named security_kernel_load_data by Mimi Zohar · 6 years ago
  98. 6035a27 IMA: don't propagate opened through the entire thing by Al Viro · 6 years ago
  99. 9481769 ->file_open(): lose cred argument by Al Viro · 6 years ago
  100. e3f20ae security_file_open(): lose cred argument by Al Viro · 6 years ago