Gitiles
Code Review
Sign In
gerrit-public.fairphone.software
/
kernel
/
msm-4.19
/
b0ebd811af889721d3fbef3657092cf028c16b7c
/
security
2bcc673
Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
by Linus Torvalds
· 7 years ago
8e9a2db
Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
by Linus Torvalds
· 7 years ago
b33e3cc
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 7 years ago
55b3a0c
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 7 years ago
e5729f8
ima: Remove redundant conditional operator
by Thiago Jung Bauermann
· 7 years ago
39adb92
ima: Fix bool initialization/comparison
by Thomas Meyer
· 7 years ago
7c9bc09
ima: check signature enforcement against cmdline param instead of CONFIG
by Bruno E. O. Meneguele
· 7 years ago
ebe7c0a
ima: fix hash algorithm initialization
by Boshi Wang
· 7 years ago
0485d06
EVM: Only complain about a missing HMAC key once
by Matthew Garrett
· 7 years ago
f00d797
EVM: Allow userspace to signal an RSA key has been loaded
by Matthew Garrett
· 7 years ago
096b854
EVM: Include security.apparmor in EVM measurements
by Matthew Garrett
· 7 years ago
a7d3d03
integrity: use kernel_read_file_from_path() to read x509 certs
by Christoph Hellwig
· 7 years ago
f3cc6b2
ima: always measure and audit files in policy
by Mimi Zohar
· 7 years ago
2068626
ima: don't remove the securityfs policy file
by Mimi Zohar
· 7 years ago
f7dc4c9
apparmor: fix off-by-one comparison on MAXMAPPED_SIG
by John Johansen
· 7 years ago
8c5db92
Merge branch 'linus' into locking/core, to resolve conflicts
by Ingo Molnar
· 7 years ago
ead7515
Merge tag 'spdx_identifiers-4.14-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
by Linus Torvalds
· 7 years ago
b244131
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
by Greg Kroah-Hartman
· 7 years ago
a3c812f
KEYS: trusted: fix writing past end of buffer in trusted_read()
by Eric Biggers
· 7 years ago
3239b6f
KEYS: return full count in keyring_read() if buffer is too small
by Eric Biggers
· 7 years ago
d6d80cb
Smack: Base support for overlayfs
by Casey Schaufler
· 7 years ago
80c094a
Revert "apparmor: add base infastructure for socket mediation"
by Linus Torvalds
· 7 years ago
9babb09
Merge tag 'v4.14-rc6' into locking/core, to pick up fixes
by Ingo Molnar
· 7 years ago
9273409
tomoyo: fix timestamping for y2038
by Arnd Bergmann
· 7 years ago
dbbbe11
capabilities: audit log other surprising conditions
by Richard Guy Briggs
· 7 years ago
588fb2c
capabilities: fix logic for effective root or real root
by Richard Guy Briggs
· 7 years ago
c0d1ade
capabilities: invert logic for clarity
by Richard Guy Briggs
· 7 years ago
02ebbaf
capabilities: remove a layer of conditional logic
by Richard Guy Briggs
· 7 years ago
9fbc2c7
capabilities: move audit log decision to function
by Richard Guy Briggs
· 7 years ago
81a6a01
capabilities: use intuitive names for id changes
by Richard Guy Briggs
· 7 years ago
9304b46
capabilities: use root_priveleged inline to clarify logic
by Richard Guy Briggs
· 7 years ago
fc7eadf
capabilities: rename has_cap to has_fcap
by Richard Guy Briggs
· 7 years ago
4c7e715
capabilities: intuitive names for cap gain status
by Richard Guy Briggs
· 7 years ago
db1a892
capabilities: factor out cap_bprm_set_creds privileged root
by Richard Guy Briggs
· 7 years ago
76ba89c
commoncap: move assignment of fs_ns to avoid null pointer dereference
by Colin Ian King
· 7 years ago
494b9ae7
Merge commit 'tags/keys-fixes-20171018' into fixes-v4.14-rc5
by James Morris
· 7 years ago
ab5c69f
KEYS: load key flags and expiry time atomically in proc_keys_show()
by Eric Biggers
· 7 years ago
9d6c871
KEYS: Load key expiry time atomically in keyring_search_iterator()
by Eric Biggers
· 7 years ago
1823d47
KEYS: load key flags and expiry time atomically in key_validate()
by Eric Biggers
· 7 years ago
60ff5b2
KEYS: don't let add_key() update an uninstantiated key
by David Howells
· 7 years ago
363b02d
KEYS: Fix race between updating and finding a negative key
by David Howells
· 7 years ago
3cd18d1
security/keys: BIG_KEY requires CONFIG_CRYPTO
by Arnd Bergmann
· 7 years ago
13923d0
KEYS: encrypted: fix dereference of NULL user_key_payload
by Eric Biggers
· 7 years ago
26c4eb1
locking/rwsem, security/apparmor: Replace homebrew use of write_can_lock() with lockdep
by Will Deacon
· 7 years ago
1d27e3e
timer: Remove expires and data arguments from DEFINE_TIMER
by Kees Cook
· 7 years ago
57e7ba0
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
by Casey Schaufler
· 7 years ago
2569e7e
Merge commit 'keys-fixes-20170927' into fixes-v4.14-rc3
by James Morris
· 7 years ago
428490e
security/keys: rewrite all of big_key crypto
by Jason A. Donenfeld
· 7 years ago
9108018
security/keys: properly zero out sensitive key material in big_key
by Jason A. Donenfeld
· 7 years ago
e007ce9
KEYS: use kmemdup() in request_key_auth_new()
by Eric Biggers
· 7 years ago
4aa68e0
KEYS: restrict /proc/keys by credentials at open time
by Eric Biggers
· 7 years ago
8f67456
KEYS: reset parent each time before searching key_user_tree
by Eric Biggers
· 7 years ago
37863c4
KEYS: prevent KEYCTL_READ on negative key
by Eric Biggers
· 7 years ago
237bbd2
KEYS: prevent creating a different user's keyrings
by Eric Biggers
· 7 years ago
e645016
KEYS: fix writing past end of user-supplied buffer in keyring_read()
by Eric Biggers
· 7 years ago
7fc0786
KEYS: fix key refcount leak in keyctl_read_key()
by Eric Biggers
· 7 years ago
884bee0
KEYS: fix key refcount leak in keyctl_assume_authority()
by Eric Biggers
· 7 years ago
f7b48cf
KEYS: don't revoke uninstantiated key in request_key_auth_new()
by Eric Biggers
· 7 years ago
44d8143
KEYS: fix cred refcount leak in request_key_auth_new()
by Eric Biggers
· 7 years ago
a302824
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 7 years ago
ab5348c
security: fix description of values returned by cap_inode_need_killpriv
by Stefan Berger
· 7 years ago
79444df
Merge tag 'apparmor-pr-2017-09-22' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor
by Linus Torvalds
· 7 years ago
bf81100
apparmor: fix apparmorfs DAC access permissions
by John Johansen
· 7 years ago
b1545db
apparmor: fix build failure on sparc caused by undeclared signals
by John Johansen
· 7 years ago
bc4d82f
apparmor: fix incorrect type assignment when freeing proxies
by John Johansen
· 7 years ago
15372b9
apparmor: ensure unconfined profiles have dfas initialized
by John Johansen
· 7 years ago
290638a
apparmor: fix race condition in null profile creation
by John Johansen
· 7 years ago
d07881d
apparmor: move new_null_profile to after profile lookup fns()
by John Johansen
· 7 years ago
651e28c
apparmor: add base infastructure for socket mediation
by John Johansen
· 7 years ago
cbf2d0e
apparmor: add more debug asserts to apparmorfs
by John Johansen
· 7 years ago
2410aa9
apparmor: make policy_unpack able to audit different info messages
by John Johansen
· 7 years ago
26b7899
apparmor: add support for absolute root view based labels
by John Johansen
· 7 years ago
f872af75
apparmor: cleanup conditional check for label in label_print
by John Johansen
· 7 years ago
2ea3ffb
apparmor: add mount mediation
by John Johansen
· 7 years ago
cd1dbf7
apparmor: add the ability to mediate signals
by John Johansen
· 7 years ago
c556170
apparmor: Redundant condition: prev_ns. in [label.c:1498]
by John Johansen
· 7 years ago
5d314a8
apparmor: Fix an error code in aafs_create()
by Dan Carpenter
· 7 years ago
86aea56
apparmor: Fix logical error in verify_header()
by Christos Gkekas
· 7 years ago
19fe43a
apparmor: Fix shadowed local variable in unpack_trans_table()
by Geert Uytterhoeven
· 7 years ago
581bfce
Merge branch 'work.set_fs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 7 years ago
7f85565
Merge tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
by Linus Torvalds
· 7 years ago
dd198ce
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
by Linus Torvalds
· 7 years ago
0fb02e71
Merge tag 'audit-pr-20170907' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
by Linus Torvalds
· 7 years ago
828f425
Merge tag 'secureexec-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
by Linus Torvalds
· 7 years ago
1912834
selinux: remove AVC init audit log message
by Richard Guy Briggs
· 7 years ago
e13ec93
fs: fix kernel_write prototype
by Christoph Hellwig
· 7 years ago
bdd1d2d
fs: fix kernel_read prototype
by Christoph Hellwig
· 7 years ago
8db6c34
Introduce v3 namespaced file capabilities
by Serge E. Hallyn
· 8 years ago
0c3014f
selinux: constify nf_hook_ops
by Arvind Yadav
· 7 years ago
901ef84
selinux: allow per-file labeling for cgroupfs
by Antonio Murdaca
· 8 years ago
5d72801
lsm_audit: update my email address
by Stephen Smalley
· 7 years ago
7efbb60
selinux: update my email address
by Stephen Smalley
· 7 years ago
476accb
selinux: use GFP_NOWAIT in the AVC kmem_caches
by Michal Hocko
· 7 years ago
af63f41
selinux: Generalize support for NNP/nosuid SELinux domain transitions
by Stephen Smalley
· 7 years ago
35b372b
smack: Remove redundant pdeath_signal clearing
by Kees Cook
· 7 years ago
2af6228
LSM: drop bprm_secureexec hook
by Kees Cook
· 7 years ago
ee67ae7
commoncap: Move cap_elevated calculation into bprm_set_creds
by Kees Cook
· 7 years ago
46d98eb
commoncap: Refactor to remove bprm_secureexec hook
by Kees Cook
· 7 years ago
ccbb6e1
smack: Refactor to remove bprm_secureexec hook
by Kees Cook
· 7 years ago
62874c3
selinux: Refactor to remove bprm_secureexec hook
by Kees Cook
· 7 years ago
Next »