Gitiles
Code Review
Sign In
gerrit-public.fairphone.software
/
kernel
/
msm-4.19
/
be32197cd6b8c37425ca954e719d236e6117a8ee
/
security
6040e57
Make the hardened user-copy code depend on having a hardened allocator
by Linus Torvalds
· 8 years ago
1eccfa0
Merge tag 'usercopy-v4.8' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
by Linus Torvalds
· 8 years ago
835c92d
Merge branch 'work.const-qstr' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 8 years ago
7a1e8b8
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 8 years ago
a867d73
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
by Linus Torvalds
· 8 years ago
6784725
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 8 years ago
554828e
Merge branch 'salted-string-hash'
by Linus Torvalds
· 8 years ago
7616ac7
apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling
by Arnd Bergmann
· 8 years ago
f5509cc
mm: Hardened usercopy
by Kees Cook
· 8 years ago
bbce2ad
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
by Linus Torvalds
· 8 years ago
4f3ccd7
qstr: constify dentry_init_security
by Al Viro
· 8 years ago
d4d03f7
apparmor: fix arg_size computation for when setprocattr is null terminated
by John Johansen
· 8 years ago
e89b808
apparmor: fix oops, validate buffer size in apparmor_setprocattr()
by Vegard Nossum
· 8 years ago
f4ee2de
apparmor: do not expose kernel stack
by Heinrich Schuchardt
· 8 years ago
58acf9d
apparmor: fix module parameters can be changed after policy is locked
by John Johansen
· 8 years ago
5f20fdf
apparmor: fix oops in profile_unpack() when policy_db is not present
by John Johansen
· 8 years ago
3197f5a
apparmor: don't check for vmalloc_addr if kvzalloc() failed
by John Johansen
· 8 years ago
1575617
apparmor: add missing id bounds check on dfa verification
by John Johansen
· 8 years ago
ff11847
apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task
by Jeff Mahoney
· 9 years ago
38dbd7d
apparmor: use list_next_entry instead of list_entry_next
by Geliang Tang
· 9 years ago
de7c4cc
apparmor: fix refcount race when finding a child profile
by John Johansen
· 9 years ago
0b938a2
apparmor: fix ref count leak when profile sha1 hash is read
by John Johansen
· 9 years ago
23ca7b6
apparmor: check that xindex is in trans_table bounds
by John Johansen
· 9 years ago
f7da2de
apparmor: ensure the target profile name is always audited
by John Johansen
· 9 years ago
7ee6da2
apparmor: fix audit full profile hname on successful load
by John Johansen
· 9 years ago
bf15cf0
apparmor: fix log failures for all profiles in a set
by John Johansen
· 9 years ago
f351841
apparmor: fix put() parent ref after updating the active ref
by John Johansen
· 9 years ago
6059f71
apparmor: add parameter to control whether policy hashing is used
by John Johansen
· 10 years ago
bd35db8
apparmor: internal paths should be treated as disconnected
by John Johansen
· 10 years ago
f2e561d
apparmor: fix disconnected bind mnts reconnection
by John Johansen
· 10 years ago
d671e890
apparmor: fix update the mtime of the profile file on replacement
by John Johansen
· 10 years ago
9049a79
apparmor: exec should not be returning ENOENT when it denies
by John Johansen
· 10 years ago
b6b1b81
apparmor: fix uninitialized lsm_audit member
by John Johansen
· 10 years ago
ec34fa2
apparmor: fix replacement bug that adds new child to old parent
by John Johansen
· 9 years ago
dcda617
apparmor: fix refcount bug in profile replacement
by John Johansen
· 9 years ago
e1e5fa9
Merge tag 'keys-misc-20160708' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into next
by James Morris
· 8 years ago
c632809
Merge branch 'smack-for-4.8' of https://github.com/cschaufler/smack-next into next
by James Morris
· 8 years ago
30a46a4
apparmor: fix oops, validate buffer size in apparmor_setprocattr()
by Vegard Nossum
· 8 years ago
d011a4d
Merge branch 'stable-4.8' of git://git.infradead.org/users/pcmoore/selinux into next
by James Morris
· 8 years ago
0b3c976
evm: Translate user/group ids relative to s_user_ns when computing HMAC
by Seth Forshee
· 10 years ago
b223f4e2
Merge branch 'd_real' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs into work.misc
by Al Viro
· 8 years ago
544e1ce
ima: extend the measurement entry specific pcr
by Eric Richter
· 8 years ago
a422638
ima: change integrity cache to store measured pcr
by Eric Richter
· 8 years ago
67696f6
ima: redefine duplicate template entries
by Eric Richter
· 8 years ago
5f6f027
ima: change ima_measurements_show() to display the entry specific pcr
by Eric Richter
· 8 years ago
14b1da8
ima: include pcr for each measurement log entry
by Eric Richter
· 8 years ago
725de7f
ima: extend ima_get_action() to return the policy pcr
by Eric Richter
· 8 years ago
0260643
ima: add policy support for extending different pcrs
by Eric Richter
· 8 years ago
96d450b
integrity: add measured_pcrs field to integrity cache
by Eric Richter
· 8 years ago
4fee524
calipso: Add a label cache.
by Huw Davies
· 8 years ago
a04e71f
netlabel: Pass a family parameter to netlbl_skbuff_err().
by Huw Davies
· 8 years ago
2917f57
calipso: Allow the lsm to label the skbuff directly.
by Huw Davies
· 8 years ago
e1adea9
calipso: Allow request sockets to be relabelled by the lsm.
by Huw Davies
· 8 years ago
1f440c9
netlabel: Prevent setsockopt() from changing the hop-by-hop option.
by Huw Davies
· 8 years ago
ceba183
calipso: Set the calipso socket label to match the secattr.
by Huw Davies
· 8 years ago
aad8289
selinux: Add support for unprivileged mounts from user namespaces
by Seth Forshee
· 9 years ago
809c02e
Smack: Handle labels consistently in untrusted mounts
by Seth Forshee
· 9 years ago
9f50eda
Smack: Add support for unprivileged mounts from user namespaces
by Seth Forshee
· 9 years ago
380cf5b
fs: Treat foreign mounts as nosuid
by Andy Lutomirski
· 8 years ago
d07b846
fs: Limit file caps to the user namespace of the super block
by Seth Forshee
· 9 years ago
d56d72c
KEYS: Use skcipher for big keys
by Herbert Xu
· 8 years ago
3832742
KEYS: potential uninitialized variable
by Dan Carpenter
· 8 years ago
309c5fa
selinux: fix type mismatch
by Heinrich Schuchardt
· 8 years ago
965475a
KEYS: Strip trailing spaces
by David Howells
· 8 years ago
8387ff2
vfs: make the string hashes salt the hash
by Linus Torvalds
· 8 years ago
8bebe88
selinux: import NetLabel category bitmaps correctly
by Paul Moore
· 8 years ago
18d872f
Smack: ignore null signal in smack_task_kill
by Rafal Krypa
· 9 years ago
40d2737
security: tomoyo: simplify the gc kthread creation
by Mike Danese
· 9 years ago
2885c1e
LSM: Fix for security_inode_getsecurity and -EOPNOTSUPP
by Casey Schaufler
· 8 years ago
4693fc7
KEYS: Add placeholder for KDF usage with DH
by Stephan Mueller
· 8 years ago
7ea5920
selinux: Only apply bounds checking to source types
by Stephen Smalley
· 9 years ago
4093d30
securityfs: ->d_parent is never NULL or negative
by Al Viro
· 8 years ago
07a8e62
drbd: ->d_parent is never NULL or negative
by Al Viro
· 8 years ago
d102a56
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 8 years ago
3767e25
switch ->setxattr() to passing dentry and inode separately
by Al Viro
· 8 years ago
dca6b41
Yama: fix double-spinlock and user access in atomic context
by Jann Horn
· 9 years ago
b8b5727
security/integrity/ima/ima_policy.c: use %pU to output UUID in printable format
by Andy Shevchenko
· 9 years ago
f4f27d0
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 9 years ago
a7fd20d
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
by Linus Torvalds
· 9 years ago
c52b761
Merge branch 'work.const-path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 9 years ago
7f427d3
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 9 years ago
91e8d0c
Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
by Linus Torvalds
· 9 years ago
b937190
LSM: LoadPin: provide enablement CONFIG
by Kees Cook
· 9 years ago
0e0162b
Merge branch 'ovl-fixes' into for-linus
by Al Viro
· 9 years ago
e800072
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
by David S. Miller
· 9 years ago
a6926cc
Merge branch 'stable-4.7' of git://git.infradead.org/users/pcmoore/selinux into next
by James Morris
· 9 years ago
0250abc
Merge tag 'keys-next-20160505' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into next
by James Morris
· 9 years ago
74f430c
Yama: use atomic allocations when reporting
by Sasha Levin
· 9 years ago
d55201c
Merge branch 'keys-trust' into keys-next
by David Howells
· 9 years ago
cf90ea9
ima: fix the string representation of the LSM/IMA hook enumeration ordering
by Mimi Zohar
· 9 years ago
05d1a71
ima: add support for creating files using the mknodat syscall
by Mimi Zohar
· 9 years ago
42a4c60
ima: fix ima_inode_post_setattr
by Mimi Zohar
· 9 years ago
c2316db
selinux: apply execstack check on thread stacks
by Stephen Smalley
· 9 years ago
8e4ff6f
selinux: distinguish non-init user namespace capability checks
by Stephen Smalley
· 9 years ago
457db29
security: Introduce security_settime64()
by Baolin Wang
· 9 years ago
9b09155
LSM: LoadPin for kernel file loading restrictions
by Kees Cook
· 9 years ago
8a56038
Yama: consolidate error reporting
by Kees Cook
· 9 years ago
10c9ead
rtnetlink: add new RTM_GETSTATS message to dump link stats
by Roopa Prabhu
· 9 years ago
1ac42476
selinux: check ss_initialized before revalidating an inode label
by Paul Moore
· 9 years ago
20cdef8
selinux: delay inode label lookup as long as possible
by Paul Moore
· 9 years ago
Next »