Gitiles
Code Review
Sign In
gerrit-public.fairphone.software
/
kernel
/
msm-4.9
/
a9c122e96c3e96a71b4be55d1b0d5583cdeddc9c
/
security
1e42dec
ima: always return negative code for error
by Sascha Hauer
· 5 years ago
1e4c7ce
smack: use GFP_NOFS while holding inode_smack::smk_lock
by Eric Biggers
· 5 years ago
128373c
Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set
by Jann Horn
· 5 years ago
5f0b9f0
security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb()
by Jia-Ju Bai
· 5 years ago
b94178b
keys: Fix missing null pointer check in request_key_auth_describe()
by Hillf Danton
· 5 years ago
ae190f0
selinux: fix memory leak in policydb_init()
by Ondrej Mosnacek
· 5 years ago
4a60589
apparmor: enforce nullbyte at end of tag string
by Jann Horn
· 6 years ago
869d1e4
selinux: never allow relabeling on context mounts
by Ondrej Mosnacek
· 6 years ago
b2b2862
device_cgroup: fix RCU imbalance in error case
by Jann Horn
· 6 years ago
992baf5
selinux: do not override context on context mounts
by Ondrej Mosnacek
· 6 years ago
713b91c
missing barriers in some of unix_sock ->addr and ->path accesses
by Al Viro
· 6 years ago
ccc2aae
KEYS: restrict /proc/keys by credentials at open time
by Eric Biggers
· 7 years ago
dc070cd
KEYS: always initialize keyring_index_key::desc_len
by Eric Biggers
· 6 years ago
6704b9d
KEYS: allow reaching the keys quotas exactly
by Eric Biggers
· 6 years ago
f096ede
smack: fix access permissions for keyring
by Zoran Markovic
· 6 years ago
62044cb
selinux: always allow mounting submounts
by Ondrej Mosnacek
· 6 years ago
aedbb45
selinux: fix GPF on invalid policy
by Stephen Smalley
· 6 years ago
a017e39
LSM: Check for NULL cred-security on free
by James Morris
· 6 years ago
4fd72a1
Yama: Check for pid death before checking ancestry
by Kees Cook
· 6 years ago
1f89834
ima: re-initialize iint->atomic_flags
by Mimi Zohar
· 7 years ago
166f454
ima: re-introduce own integrity cache lock
by Dmitry Kasatkin
· 7 years ago
87043e4
EVM: Add support for portable signature format
by Matthew Garrett
· 7 years ago
5f9fb1a
ima: always measure and audit files in policy
by Mimi Zohar
· 8 years ago
5fed1ff
Revert "evm: Translate user/group ids relative to s_user_ns when computing HMAC"
by Eric W. Biederman
· 8 years ago
47ff762
selinux: Add __GFP_NOWARN to allocation at str_read()
by Tetsuo Handa
· 6 years ago
53de32d
ima: fix showing large 'violations' or 'runtime_measurements_count'
by Eric Biggers
· 6 years ago
eddbab1
evm: Don't deadlock if a crypto algorithm is unavailable
by Matthew Garrett
· 7 years ago
a64fa27
Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets
by Piotr Sawicki
· 6 years ago
d1f534f
selinux: use GFP_NOWAIT in the AVC kmem_caches
by Michal Hocko
· 7 years ago
ebc6dcb
Smack: Mark inode instant in smack_task_to_inode
by Casey Schaufler
· 7 years ago
81be552
ima: based on policy verify firmware signatures (pre-allocated buffer)
by Mimi Zohar
· 7 years ago
c738c80
selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
by Sachin Grover
· 7 years ago
28fffa9
Revert "ima: limit file hash setting by user to fix and log modes"
by Mimi Zohar
· 8 years ago
99d8240
ima: Fallback to the builtin hash algorithm
by Petr Vorel
· 7 years ago
8a5a436
integrity/security: fix digsig.c build error with header file
by Randy Dunlap
· 7 years ago
b983b2a
selinux: do not check open permission on sockets
by Stephen Smalley
· 8 years ago
1978d82
selinux: Remove redundant check for unknown labeling behavior
by Matthias Kaehlcke
· 8 years ago
00972ac
selinux: Remove unnecessary check of array base in selinux_set_mapping()
by Matthias Kaehlcke
· 8 years ago
27a0856
ima: relax requiring a file signature for new files with zero length
by Mimi Zohar
· 7 years ago
d55a55b
apparmor: Make path_max parameter readonly
by John Johansen
· 8 years ago
b243aa8
selinux: check for address length in selinux_socket_bind()
by Alexander Potapenko
· 8 years ago
077463b
security/keys: BIG_KEY requires CONFIG_CRYPTO
by Arnd Bergmann
· 7 years ago
5e6f51a
selinux: skip bounded transition processing if the policy isn't loaded
by Paul Moore
· 7 years ago
fe1cb58
selinux: ensure the context is NUL terminated in security_context_to_sid_core()
by Paul Moore
· 7 years ago
9692602
KEYS: encrypted: fix buffer overread in valid_master_desc()
by Eric Biggers
· 8 years ago
e71fac0
KPTI: Rename to PAGE_TABLE_ISOLATION
by Kees Cook
· 7 years ago
2c27217
x86/kaiser: Reenable PARAVIRT
by Borislav Petkov
· 7 years ago
1ce27de
kaiser: delete KAISER_REAL_SWITCH option
by Hugh Dickins
· 7 years ago
639c005
kaiser: KAISER depends on SMP
by Hugh Dickins
· 7 years ago
8f0baad
kaiser: merged update
by Dave Hansen
· 7 years ago
13be448
KAISER: Kernel Address Isolation
by Richard Fellner
· 8 years ago
982707e
KEYS: add missing permission check for request_key() destination
by Eric Biggers
· 7 years ago
b0a4608
ima: fix hash algorithm initialization
by Boshi Wang
· 7 years ago
2cfbb32
ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
by Roberto Sassu
· 7 years ago
31c8c49
security/keys: add CONFIG_KEYS_COMPAT to Kconfig
by Bilal Amarni
· 8 years ago
419ec34
KEYS: trusted: fix writing past end of buffer in trusted_read()
by Eric Biggers
· 7 years ago
64a2345
KEYS: trusted: sanitize all key material
by Eric Biggers
· 8 years ago
ab71bee
apparmor: fix undefined reference to `aa_g_hash_policy'
by John Johansen
· 8 years ago
0be72ae
KEYS: return full count in keyring_read() if buffer is too small
by Eric Biggers
· 7 years ago
63c8e45
KEYS: Fix race between updating and finding a negative key
by David Howells
· 7 years ago
da0c750
KEYS: don't let add_key() update an uninstantiated key
by David Howells
· 7 years ago
fec442e
KEYS: encrypted: fix dereference of NULL user_key_payload
by Eric Biggers
· 7 years ago
88c195d
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
by Casey Schaufler
· 7 years ago
dda70d2
KEYS: prevent KEYCTL_READ on negative key
by Eric Biggers
· 7 years ago
bfe9d7b
KEYS: prevent creating a different user's keyrings
by Eric Biggers
· 7 years ago
47e8bd1
KEYS: fix writing past end of user-supplied buffer in keyring_read()
by Eric Biggers
· 7 years ago
0c70fb8
security/keys: rewrite all of big_key crypto
by Jason A. Donenfeld
· 7 years ago
2f9be92
security/keys: properly zero out sensitive key material in big_key
by Jason A. Donenfeld
· 7 years ago
73a0a68
KEYS: Fix an error code in request_master_key()
by Dan Carpenter
· 8 years ago
d24c1c1
KEYS: encrypted: avoid encrypting/decrypting stack buffers
by Eric Biggers
· 8 years ago
2436976
KEYS: fix freeing uninitialized memory in key_update()
by Eric Biggers
· 8 years ago
1b253e0
KEYS: fix dereferencing NULL payload with nonzero length
by Eric Biggers
· 8 years ago
91034255
ima: accept previously set IMA_NEW_FILE
by Daniel Glöckner
· 8 years ago
174a74d
KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings
by Eric Biggers
· 8 years ago
b2dd90e
KEYS: Change the name of the dead type to ".dead" to prevent user access
by David Howells
· 8 years ago
a5c6e0a
KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings
by David Howells
· 8 years ago
d9cc316
ima: fix ima_d_path() possible race with rename
by Mimi Zohar
· 8 years ago
6cbaf7b
selinux: fix off-by-one in setprocattr
by Stephen Smalley
· 8 years ago
825e6a0
ima: fix memory leak in ima_release_policy
by Eric Richter
· 8 years ago
3d40658
apparmor: fix change_hat not finding hat after policy replacement
by John Johansen
· 8 years ago
31e6ec4
security/keys: make BIG_KEYS dependent on stdrng.
by Artem Savkov
· 8 years ago
7df3e59
KEYS: Sort out big_key initialisation
by David Howells
· 8 years ago
03dab86
KEYS: Fix short sprintf buffer in /proc/keys show function
by David Howells
· 8 years ago
86c5bf7
Merge branch 'mm-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
by Linus Torvalds
· 8 years ago
d17af50
mm: Change vm_is_stack_for_task() to vm_is_stack_for_current()
by Andy Lutomirski
· 8 years ago
9beae1e
mm: replace get_user_pages_remote() write/force parameters with gup_flags
by Lorenzo Stoakes
· 8 years ago
101105b
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 8 years ago
3873691
Merge remote-tracking branch 'ovl/rename2' into for-linus
by Al Viro
· 8 years ago
97d2116
Merge branch 'work.xattr' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 8 years ago
abb5a14
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 8 years ago
5638733
Merge branch 'printk-cleanups'
by Linus Torvalds
· 8 years ago
4bcc595
printk: reinstate KERN_CONT for printing continuation lines
by Linus Torvalds
· 8 years ago
f334bcd
Merge remote-tracking branch 'ovl/misc' into work.misc
by Al Viro
· 8 years ago
5d6c319
xattr: Add __vfs_{get,set,remove}xattr helpers
by Andreas Gruenbacher
· 8 years ago
2ab704a
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
by Linus Torvalds
· 8 years ago
a3443cd
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 8 years ago
3cd013a
Merge branch 'stable-4.9' of git://git.infradead.org/users/pcmoore/audit
by Linus Torvalds
· 8 years ago
1b46065
securityfs: fix securityfs_create_dir comment
by Laurent Georget
· 8 years ago
078cd82
fs: Replace CURRENT_TIME with current_time() for inode timestamps
by Deepa Dinamani
· 8 years ago
2773bf0
fs: rename "rename2" i_op to "rename"
by Miklos Szeredi
· 8 years ago
Next »