1. 6040e57 Make the hardened user-copy code depend on having a hardened allocator by Linus Torvalds · 8 years ago
  2. 1eccfa0 Merge tag 'usercopy-v4.8' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux by Linus Torvalds · 8 years ago
  3. 835c92d Merge branch 'work.const-qstr' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 8 years ago
  4. 7a1e8b8 Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 8 years ago
  5. a867d73 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace by Linus Torvalds · 8 years ago
  6. 6784725 Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 8 years ago
  7. 554828e Merge branch 'salted-string-hash' by Linus Torvalds · 8 years ago
  8. 7616ac7 apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling by Arnd Bergmann · 8 years ago
  9. f5509cc mm: Hardened usercopy by Kees Cook · 8 years ago
  10. bbce2ad Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 by Linus Torvalds · 8 years ago
  11. 4f3ccd7 qstr: constify dentry_init_security by Al Viro · 8 years ago
  12. d4d03f7 apparmor: fix arg_size computation for when setprocattr is null terminated by John Johansen · 8 years ago
  13. e89b808 apparmor: fix oops, validate buffer size in apparmor_setprocattr() by Vegard Nossum · 8 years ago
  14. f4ee2de apparmor: do not expose kernel stack by Heinrich Schuchardt · 8 years ago
  15. 58acf9d apparmor: fix module parameters can be changed after policy is locked by John Johansen · 8 years ago
  16. 5f20fdf apparmor: fix oops in profile_unpack() when policy_db is not present by John Johansen · 8 years ago
  17. 3197f5a apparmor: don't check for vmalloc_addr if kvzalloc() failed by John Johansen · 8 years ago
  18. 1575617 apparmor: add missing id bounds check on dfa verification by John Johansen · 8 years ago
  19. ff11847 apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task by Jeff Mahoney · 9 years ago
  20. 38dbd7d apparmor: use list_next_entry instead of list_entry_next by Geliang Tang · 9 years ago
  21. de7c4cc apparmor: fix refcount race when finding a child profile by John Johansen · 9 years ago
  22. 0b938a2 apparmor: fix ref count leak when profile sha1 hash is read by John Johansen · 9 years ago
  23. 23ca7b6 apparmor: check that xindex is in trans_table bounds by John Johansen · 9 years ago
  24. f7da2de apparmor: ensure the target profile name is always audited by John Johansen · 9 years ago
  25. 7ee6da2 apparmor: fix audit full profile hname on successful load by John Johansen · 9 years ago
  26. bf15cf0 apparmor: fix log failures for all profiles in a set by John Johansen · 9 years ago
  27. f351841 apparmor: fix put() parent ref after updating the active ref by John Johansen · 9 years ago
  28. 6059f71 apparmor: add parameter to control whether policy hashing is used by John Johansen · 10 years ago
  29. bd35db8 apparmor: internal paths should be treated as disconnected by John Johansen · 10 years ago
  30. f2e561d apparmor: fix disconnected bind mnts reconnection by John Johansen · 10 years ago
  31. d671e890 apparmor: fix update the mtime of the profile file on replacement by John Johansen · 10 years ago
  32. 9049a79 apparmor: exec should not be returning ENOENT when it denies by John Johansen · 10 years ago
  33. b6b1b81 apparmor: fix uninitialized lsm_audit member by John Johansen · 10 years ago
  34. ec34fa2 apparmor: fix replacement bug that adds new child to old parent by John Johansen · 9 years ago
  35. dcda617 apparmor: fix refcount bug in profile replacement by John Johansen · 9 years ago
  36. e1e5fa9 Merge tag 'keys-misc-20160708' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into next by James Morris · 8 years ago
  37. c632809 Merge branch 'smack-for-4.8' of https://github.com/cschaufler/smack-next into next by James Morris · 8 years ago
  38. 30a46a4 apparmor: fix oops, validate buffer size in apparmor_setprocattr() by Vegard Nossum · 8 years ago
  39. d011a4d Merge branch 'stable-4.8' of git://git.infradead.org/users/pcmoore/selinux into next by James Morris · 8 years ago
  40. 0b3c976 evm: Translate user/group ids relative to s_user_ns when computing HMAC by Seth Forshee · 10 years ago
  41. b223f4e2 Merge branch 'd_real' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs into work.misc by Al Viro · 8 years ago
  42. 544e1ce ima: extend the measurement entry specific pcr by Eric Richter · 8 years ago
  43. a422638 ima: change integrity cache to store measured pcr by Eric Richter · 8 years ago
  44. 67696f6 ima: redefine duplicate template entries by Eric Richter · 8 years ago
  45. 5f6f027 ima: change ima_measurements_show() to display the entry specific pcr by Eric Richter · 8 years ago
  46. 14b1da8 ima: include pcr for each measurement log entry by Eric Richter · 8 years ago
  47. 725de7f ima: extend ima_get_action() to return the policy pcr by Eric Richter · 8 years ago
  48. 0260643 ima: add policy support for extending different pcrs by Eric Richter · 8 years ago
  49. 96d450b integrity: add measured_pcrs field to integrity cache by Eric Richter · 8 years ago
  50. 4fee524 calipso: Add a label cache. by Huw Davies · 8 years ago
  51. a04e71f netlabel: Pass a family parameter to netlbl_skbuff_err(). by Huw Davies · 8 years ago
  52. 2917f57 calipso: Allow the lsm to label the skbuff directly. by Huw Davies · 8 years ago
  53. e1adea9 calipso: Allow request sockets to be relabelled by the lsm. by Huw Davies · 8 years ago
  54. 1f440c9 netlabel: Prevent setsockopt() from changing the hop-by-hop option. by Huw Davies · 8 years ago
  55. ceba183 calipso: Set the calipso socket label to match the secattr. by Huw Davies · 8 years ago
  56. aad8289 selinux: Add support for unprivileged mounts from user namespaces by Seth Forshee · 9 years ago
  57. 809c02e Smack: Handle labels consistently in untrusted mounts by Seth Forshee · 9 years ago
  58. 9f50eda Smack: Add support for unprivileged mounts from user namespaces by Seth Forshee · 9 years ago
  59. 380cf5b fs: Treat foreign mounts as nosuid by Andy Lutomirski · 8 years ago
  60. d07b846 fs: Limit file caps to the user namespace of the super block by Seth Forshee · 9 years ago
  61. d56d72c KEYS: Use skcipher for big keys by Herbert Xu · 8 years ago
  62. 3832742 KEYS: potential uninitialized variable by Dan Carpenter · 8 years ago
  63. 309c5fa selinux: fix type mismatch by Heinrich Schuchardt · 8 years ago
  64. 965475a KEYS: Strip trailing spaces by David Howells · 8 years ago
  65. 8387ff2 vfs: make the string hashes salt the hash by Linus Torvalds · 8 years ago
  66. 8bebe88 selinux: import NetLabel category bitmaps correctly by Paul Moore · 8 years ago
  67. 18d872f Smack: ignore null signal in smack_task_kill by Rafal Krypa · 9 years ago
  68. 40d2737 security: tomoyo: simplify the gc kthread creation by Mike Danese · 9 years ago
  69. 2885c1e LSM: Fix for security_inode_getsecurity and -EOPNOTSUPP by Casey Schaufler · 8 years ago
  70. 4693fc7 KEYS: Add placeholder for KDF usage with DH by Stephan Mueller · 8 years ago
  71. 7ea5920 selinux: Only apply bounds checking to source types by Stephen Smalley · 9 years ago
  72. 4093d30 securityfs: ->d_parent is never NULL or negative by Al Viro · 8 years ago
  73. 07a8e62 drbd: ->d_parent is never NULL or negative by Al Viro · 8 years ago
  74. d102a56 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 8 years ago
  75. 3767e25 switch ->setxattr() to passing dentry and inode separately by Al Viro · 8 years ago
  76. dca6b41 Yama: fix double-spinlock and user access in atomic context by Jann Horn · 9 years ago
  77. b8b5727 security/integrity/ima/ima_policy.c: use %pU to output UUID in printable format by Andy Shevchenko · 9 years ago
  78. f4f27d0 Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 9 years ago
  79. a7fd20d Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next by Linus Torvalds · 9 years ago
  80. c52b761 Merge branch 'work.const-path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 9 years ago
  81. 7f427d3 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 9 years ago
  82. 91e8d0c Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip by Linus Torvalds · 9 years ago
  83. b937190 LSM: LoadPin: provide enablement CONFIG by Kees Cook · 9 years ago
  84. 0e0162b Merge branch 'ovl-fixes' into for-linus by Al Viro · 9 years ago
  85. e800072 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net by David S. Miller · 9 years ago
  86. a6926cc Merge branch 'stable-4.7' of git://git.infradead.org/users/pcmoore/selinux into next by James Morris · 9 years ago
  87. 0250abc Merge tag 'keys-next-20160505' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into next by James Morris · 9 years ago
  88. 74f430c Yama: use atomic allocations when reporting by Sasha Levin · 9 years ago
  89. d55201c Merge branch 'keys-trust' into keys-next by David Howells · 9 years ago
  90. cf90ea9 ima: fix the string representation of the LSM/IMA hook enumeration ordering by Mimi Zohar · 9 years ago
  91. 05d1a71 ima: add support for creating files using the mknodat syscall by Mimi Zohar · 9 years ago
  92. 42a4c60 ima: fix ima_inode_post_setattr by Mimi Zohar · 9 years ago
  93. c2316db selinux: apply execstack check on thread stacks by Stephen Smalley · 9 years ago
  94. 8e4ff6f selinux: distinguish non-init user namespace capability checks by Stephen Smalley · 9 years ago
  95. 457db29 security: Introduce security_settime64() by Baolin Wang · 9 years ago
  96. 9b09155 LSM: LoadPin for kernel file loading restrictions by Kees Cook · 9 years ago
  97. 8a56038 Yama: consolidate error reporting by Kees Cook · 9 years ago
  98. 10c9ead rtnetlink: add new RTM_GETSTATS message to dump link stats by Roopa Prabhu · 9 years ago
  99. 1ac42476 selinux: check ss_initialized before revalidating an inode label by Paul Moore · 9 years ago
  100. 20cdef8 selinux: delay inode label lookup as long as possible by Paul Moore · 9 years ago