Gitiles
Code Review
Sign In
gerrit-public.fairphone.software
/
kernel
/
msm-4.9
/
41743ce604da75c820ebf7139315accfb2f72a02
/
security
1f89834
ima: re-initialize iint->atomic_flags
by Mimi Zohar
· 7 years ago
166f454
ima: re-introduce own integrity cache lock
by Dmitry Kasatkin
· 7 years ago
87043e4
EVM: Add support for portable signature format
by Matthew Garrett
· 7 years ago
5f9fb1a
ima: always measure and audit files in policy
by Mimi Zohar
· 7 years ago
5fed1ff
Revert "evm: Translate user/group ids relative to s_user_ns when computing HMAC"
by Eric W. Biederman
· 8 years ago
47ff762
selinux: Add __GFP_NOWARN to allocation at str_read()
by Tetsuo Handa
· 6 years ago
53de32d
ima: fix showing large 'violations' or 'runtime_measurements_count'
by Eric Biggers
· 6 years ago
eddbab1
evm: Don't deadlock if a crypto algorithm is unavailable
by Matthew Garrett
· 6 years ago
a64fa27
Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets
by Piotr Sawicki
· 6 years ago
d1f534f
selinux: use GFP_NOWAIT in the AVC kmem_caches
by Michal Hocko
· 7 years ago
ebc6dcb
Smack: Mark inode instant in smack_task_to_inode
by Casey Schaufler
· 6 years ago
81be552
ima: based on policy verify firmware signatures (pre-allocated buffer)
by Mimi Zohar
· 7 years ago
c738c80
selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
by Sachin Grover
· 6 years ago
28fffa9
Revert "ima: limit file hash setting by user to fix and log modes"
by Mimi Zohar
· 8 years ago
99d8240
ima: Fallback to the builtin hash algorithm
by Petr Vorel
· 7 years ago
8a5a436
integrity/security: fix digsig.c build error with header file
by Randy Dunlap
· 7 years ago
b983b2a
selinux: do not check open permission on sockets
by Stephen Smalley
· 7 years ago
1978d82
selinux: Remove redundant check for unknown labeling behavior
by Matthias Kaehlcke
· 7 years ago
00972ac
selinux: Remove unnecessary check of array base in selinux_set_mapping()
by Matthias Kaehlcke
· 8 years ago
27a0856
ima: relax requiring a file signature for new files with zero length
by Mimi Zohar
· 7 years ago
d55a55b
apparmor: Make path_max parameter readonly
by John Johansen
· 8 years ago
b243aa8
selinux: check for address length in selinux_socket_bind()
by Alexander Potapenko
· 8 years ago
077463b
security/keys: BIG_KEY requires CONFIG_CRYPTO
by Arnd Bergmann
· 7 years ago
5e6f51a
selinux: skip bounded transition processing if the policy isn't loaded
by Paul Moore
· 7 years ago
fe1cb58
selinux: ensure the context is NUL terminated in security_context_to_sid_core()
by Paul Moore
· 7 years ago
9692602
KEYS: encrypted: fix buffer overread in valid_master_desc()
by Eric Biggers
· 7 years ago
e71fac0
KPTI: Rename to PAGE_TABLE_ISOLATION
by Kees Cook
· 7 years ago
2c27217
x86/kaiser: Reenable PARAVIRT
by Borislav Petkov
· 7 years ago
1ce27de
kaiser: delete KAISER_REAL_SWITCH option
by Hugh Dickins
· 7 years ago
639c005
kaiser: KAISER depends on SMP
by Hugh Dickins
· 7 years ago
8f0baad
kaiser: merged update
by Dave Hansen
· 7 years ago
13be448
KAISER: Kernel Address Isolation
by Richard Fellner
· 8 years ago
982707e
KEYS: add missing permission check for request_key() destination
by Eric Biggers
· 7 years ago
b0a4608
ima: fix hash algorithm initialization
by Boshi Wang
· 7 years ago
2cfbb32
ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
by Roberto Sassu
· 7 years ago
31c8c49
security/keys: add CONFIG_KEYS_COMPAT to Kconfig
by Bilal Amarni
· 7 years ago
419ec34
KEYS: trusted: fix writing past end of buffer in trusted_read()
by Eric Biggers
· 7 years ago
64a2345
KEYS: trusted: sanitize all key material
by Eric Biggers
· 7 years ago
ab71bee
apparmor: fix undefined reference to `aa_g_hash_policy'
by John Johansen
· 8 years ago
0be72ae
KEYS: return full count in keyring_read() if buffer is too small
by Eric Biggers
· 7 years ago
63c8e45
KEYS: Fix race between updating and finding a negative key
by David Howells
· 7 years ago
da0c750
KEYS: don't let add_key() update an uninstantiated key
by David Howells
· 7 years ago
fec442e
KEYS: encrypted: fix dereference of NULL user_key_payload
by Eric Biggers
· 7 years ago
88c195d
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
by Casey Schaufler
· 7 years ago
dda70d2
KEYS: prevent KEYCTL_READ on negative key
by Eric Biggers
· 7 years ago
bfe9d7b
KEYS: prevent creating a different user's keyrings
by Eric Biggers
· 7 years ago
47e8bd1
KEYS: fix writing past end of user-supplied buffer in keyring_read()
by Eric Biggers
· 7 years ago
0c70fb8
security/keys: rewrite all of big_key crypto
by Jason A. Donenfeld
· 7 years ago
2f9be92
security/keys: properly zero out sensitive key material in big_key
by Jason A. Donenfeld
· 7 years ago
73a0a68
KEYS: Fix an error code in request_master_key()
by Dan Carpenter
· 8 years ago
d24c1c1
KEYS: encrypted: avoid encrypting/decrypting stack buffers
by Eric Biggers
· 7 years ago
2436976
KEYS: fix freeing uninitialized memory in key_update()
by Eric Biggers
· 7 years ago
1b253e0
KEYS: fix dereferencing NULL payload with nonzero length
by Eric Biggers
· 7 years ago
91034255
ima: accept previously set IMA_NEW_FILE
by Daniel Glöckner
· 8 years ago
174a74d
KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings
by Eric Biggers
· 8 years ago
b2dd90e
KEYS: Change the name of the dead type to ".dead" to prevent user access
by David Howells
· 8 years ago
a5c6e0a
KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings
by David Howells
· 8 years ago
d9cc316
ima: fix ima_d_path() possible race with rename
by Mimi Zohar
· 8 years ago
6cbaf7b
selinux: fix off-by-one in setprocattr
by Stephen Smalley
· 8 years ago
825e6a0
ima: fix memory leak in ima_release_policy
by Eric Richter
· 8 years ago
3d40658
apparmor: fix change_hat not finding hat after policy replacement
by John Johansen
· 8 years ago
31e6ec4
security/keys: make BIG_KEYS dependent on stdrng.
by Artem Savkov
· 8 years ago
7df3e59
KEYS: Sort out big_key initialisation
by David Howells
· 8 years ago
03dab86
KEYS: Fix short sprintf buffer in /proc/keys show function
by David Howells
· 8 years ago
86c5bf7
Merge branch 'mm-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
by Linus Torvalds
· 8 years ago
d17af50
mm: Change vm_is_stack_for_task() to vm_is_stack_for_current()
by Andy Lutomirski
· 8 years ago
9beae1e
mm: replace get_user_pages_remote() write/force parameters with gup_flags
by Lorenzo Stoakes
· 8 years ago
101105b
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 8 years ago
3873691
Merge remote-tracking branch 'ovl/rename2' into for-linus
by Al Viro
· 8 years ago
97d2116
Merge branch 'work.xattr' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 8 years ago
abb5a14
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 8 years ago
5638733
Merge branch 'printk-cleanups'
by Linus Torvalds
· 8 years ago
4bcc595
printk: reinstate KERN_CONT for printing continuation lines
by Linus Torvalds
· 8 years ago
f334bcd
Merge remote-tracking branch 'ovl/misc' into work.misc
by Al Viro
· 8 years ago
5d6c319
xattr: Add __vfs_{get,set,remove}xattr helpers
by Andreas Gruenbacher
· 8 years ago
2ab704a
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
by Linus Torvalds
· 8 years ago
a3443cd
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 8 years ago
3cd013a
Merge branch 'stable-4.9' of git://git.infradead.org/users/pcmoore/audit
by Linus Torvalds
· 8 years ago
1b46065
securityfs: fix securityfs_create_dir comment
by Laurent Georget
· 8 years ago
078cd82
fs: Replace CURRENT_TIME with current_time() for inode timestamps
by Deepa Dinamani
· 8 years ago
2773bf0
fs: rename "rename2" i_op to "rename"
by Miklos Szeredi
· 8 years ago
18fc84d
vfs: remove unused i_op->rename
by Miklos Szeredi
· 8 years ago
2ddfdd4
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
by Linus Torvalds
· 8 years ago
456bee9
KEYS: Fix skcipher IV clobbering
by Herbert Xu
· 8 years ago
8a17ef9d
Merge branch 'stable-4.9' of git://git.infradead.org/users/pcmoore/selinux into next
by James Morris
· 8 years ago
43af5de
lsm,audit,selinux: Introduce a new audit data type LSM_AUDIT_DATA_FILE
by Vivek Goyal
· 8 years ago
de2f4b3
Merge branch 'stable-4.9' of git://git.infradead.org/users/pcmoore/selinux into next
by James Morris
· 8 years ago
e71b9df
ima: use file_dentry()
by Miklos Szeredi
· 8 years ago
9b6a9ec
selinux: fix error return code in policydb_read()
by Wei Yongjun
· 8 years ago
c60b906
Smack: Signal delivery as an append operation
by Casey Schaufler
· 8 years ago
80a7704
Merge tag 'usercopy-v4.8-rc6-part2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
by Linus Torvalds
· 8 years ago
8e1f74e
usercopy: remove page-spanning test for now
by Kees Cook
· 8 years ago
fa2bea2
audit: consistently record PIDs with task_tgid_nr()
by Paul Moore
· 8 years ago
7c686af
selinux: fix overflow and 0 length allocations
by William Roberts
· 8 years ago
3bc7bcf
selinux: initialize structures
by William Roberts
· 8 years ago
74d977b
selinux: detect invalid ebitmap
by William Roberts
· 8 years ago
63e24c4
Smack: Use memdup_user() rather than duplicating its implementation
by Markus Elfring
· 8 years ago
6040e57
Make the hardened user-copy code depend on having a hardened allocator
by Linus Torvalds
· 8 years ago
348a0db
selinux: drop SECURITY_SELINUX_POLICYDB_VERSION_MAX
by William Roberts
· 8 years ago
a518b0a
selinux: Implement dentry_create_files_as() hook
by Vivek Goyal
· 8 years ago
Next »