Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-5.4 / 687f523c134b7f0bd040ee1230f6d17990d54172 / security
  1. 8aa7285 security: commoncap: fix -Wstringop-overread warning by Arnd Bergmann · 3 years, 8 months ago
  2. 752589c integrity: double check iint_cache was initialized by Mimi Zohar · 3 years, 8 months ago
  3. 47a5d1b Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") by Eric W. Biederman · 3 years, 8 months ago
  4. 4ceb5ca smackfs: restrict bytes count in smackfs write functions by Sabyrzhan Tasbolatov · 3 years, 10 months ago
  5. 2910038 KEYS: trusted: Fix migratable=1 failing by Jarkko Sakkinen · 3 years, 10 months ago
  6. 0fec327 certs: Fix blacklist flag type confusion by David Howells · 4 years ago
  7. 33a2e62 capabilities: Don't allow writing ambiguous v3 file capabilities by Eric W. Biederman · 4 years ago
  8. 091b409 ima: Free IMA measurement buffer after kexec syscall by Lakshmi Ramasubramanian · 3 years, 9 months ago
  9. e436d3f ima: Free IMA measurement buffer on error by Lakshmi Ramasubramanian · 3 years, 9 months ago
  10. 3d5afca evm: Fix memleak in init_desc by Dinghao Liu · 3 years, 10 months ago
  11. 43e3cf4 cap: fix conversions on getxattr by Miklos Szeredi · 3 years, 10 months ago
  12. 08eb8a7 dump_common_audit_data(): fix racy accesses to ->d_name by Al Viro · 3 years, 10 months ago
  13. 26d72a8 ima: Don't modify file descriptor mode on the fly by Roberto Sassu · 4 years ago
  14. c807042 selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling by Paul Moore · 4 years ago
  15. 4aae08a selinux: fix error initialization in inode_doinit_with_dentry() by Tianyue Ren · 4 years, 1 month ago
  16. c4405cd ima: extend boot_aggregate with kernel measurements by Maurizio Drocco · 4 years, 5 months ago
  17. 68dae71b selinux: Fix error return code in sel_ib_pkey_sid_slow() by Chen Zhou · 4 years ago
  18. 801863f evm: Check size of security.evm before using it by Roberto Sassu · 4 years, 2 months ago
  19. 68e3b25 ima: Don't ignore errors from crypto_shash_update() by Roberto Sassu · 4 years, 2 months ago
  20. 8ebf2b7 device_cgroup: Fix RCU list debugging warning by Amol Grover · 4 years, 7 months ago
  21. f72a51e selinux: sel_avc_get_stat_idx should increase position index by Vasily Averin · 4 years, 10 months ago
  22. b7316f5 selinux: allow labeling before policy is loaded by Jonathan Lebon · 5 years ago
  23. b2b8438 Smack: prevent underflow in smk_set_cipso() by Dan Carpenter · 4 years, 4 months ago
  24. 6749926 Smack: fix another vsscanf out of bounds by Dan Carpenter · 4 years, 4 months ago
  25. 2092075 ima: Have the LSM free its audit rule by Tyler Hicks · 4 years, 4 months ago
  26. df6aeb5 ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime by Bruno Meneguele · 4 years, 4 months ago
  27. 5f5fb7c Smack: fix use-after-free in smk_write_relabel_self() by Eric Biggers · 4 years, 4 months ago
  28. d79e57db4 apparmor: ensure that dfa state tables have entries by John Johansen · 4 years, 8 months ago
  29. ae3c09e selinux: fix double free by Tom Rix · 4 years, 5 months ago
  30. a78c65c apparmor: fix nnp subset test for unconfined by John Johansen · 5 years ago
  31. 039a79e apparmor: check/put label on apparmor_sk_clone_security() by Mauricio Faria de Oliveira · 4 years, 6 months ago
  32. 88bc3e0 apparmor: fix introspection of of task mode for unconfined tasks by John Johansen · 4 years, 5 months ago
  33. e131e70 ima: Set again build_ima_appraise variable by Krzysztof Struczynski · 4 years, 7 months ago
  34. 2600136 ima: Remove redundant policy rule set in add_rules() by Krzysztof Struczynski · 4 years, 7 months ago
  35. 6de5045 evm: Fix possible memory leak in evm_calc_hmac_or_hash() by Roberto Sassu · 4 years, 7 months ago
  36. ce7f038 ima: Remove __init annotation from ima_pcrread() by Roberto Sassu · 4 years, 5 months ago
  37. f387759c ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init() by Roberto Sassu · 4 years, 6 months ago
  38. 6471238 ima: Directly assign the ima_default_policy pointer to ima_rules by Roberto Sassu · 4 years, 6 months ago
  39. 4ce29d9 ima: Evaluate error in init_ima() by Roberto Sassu · 4 years, 8 months ago
  40. 5f7272b ima: Switch to ima_hash_algo for boot aggregate by Roberto Sassu · 4 years, 8 months ago
  41. 0698eac ima: Fix ima digest hash table key calculation by Krzysztof Struczynski · 4 years, 7 months ago
  42. b208332 selinux: fix error return code in policydb_read() by Wei Yongjun · 4 years, 7 months ago
  43. 6eec65c9 lockdown: Allow unprivileged users to see lockdown status by Jeremy Cline · 4 years, 6 months ago
  44. 9c09a77 Smack: slab-out-of-bounds in vsscanf by Casey Schaufler · 4 years, 7 months ago
  45. 0b11ec4 mm: add kvfree_sensitive() for freeing sensitive data objects by Waiman Long · 4 years, 5 months ago
  46. 3f14df5 smack: avoid unused 'sip' variable warning by Arnd Bergmann · 4 years, 7 months ago
  47. 1610cd9 evm: Fix RCU list related warnings by Madhuparna Bhowmik · 4 years, 7 months ago
  48. 99c63ba powerpc/xmon: Restrict when kernel is locked down by Christopher M. Riedl · 5 years ago
  49. 68fe063 exec: Always set cap_ambient in cap_bprm_set_creds by Eric W. Biederman · 4 years, 6 months ago
  50. 870a45e apparmor: Fix aa_label refcnt leak in policy_update by Xiyu Yang · 4 years, 7 months ago
  51. 054934a apparmor: fix potential label refcnt leak in aa_change_profile by Xiyu Yang · 4 years, 8 months ago
  52. 97d817b apparmor: Fix use-after-free in aa_audit_rule_init by Navid Emamdoost · 5 years ago
  53. dd540f2 evm: Fix a small race in init_desc() by Dan Carpenter · 4 years, 6 months ago
  54. 48bbd44 ima: Fix return value of ima_write_policy() by Roberto Sassu · 4 years, 7 months ago
  55. 1066327 evm: Check also if *tfm is an error pointer in init_desc() by Roberto Sassu · 4 years, 7 months ago
  56. 4aedc53 ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash() by Roberto Sassu · 4 years, 7 months ago
  57. eeef0d9 selinux: properly handle multiple messages in selinux_netlink_send() by Paul Moore · 4 years, 7 months ago
  58. 419d8fb KEYS: Avoid false positive ENOMEM error on key read by Waiman Long · 4 years, 8 months ago
  59. f1afcf9 KEYS: Don't write out to userspace while holding key semaphore by Waiman Long · 4 years, 8 months ago
  60. a0aaafe keys: Fix proc_keys_next to increase position index by Vasily Averin · 4 years, 7 months ago
  61. 4b67e5a KEYS: reaching the keys quotas correctly by Yang Xu · 4 years, 9 months ago
  62. 4a1e1dda efi: Only print errors about failing to get certs if EFI vars are found by Javier Martinez Canillas · 4 years, 9 months ago
  63. e8807eb ima: ima/lsm policy rule loading logic bug fixes by Janne Karhunen · 4 years, 10 months ago
  64. 111749f selinux: ensure we cleanup the internal AVC counters on error in avc_update() by Jaihind Yadav · 5 years ago
  65. 0e44cd8 selinux: ensure we cleanup the internal AVC counters on error in avc_insert() by Paul Moore · 5 years ago
  66. 2d8fdc5 selinux: fall back to ref-walk if audit is required by Stephen Smalley · 5 years ago
  67. 875e01d selinux: fix regression introduced by move_mount(2) syscall by Stephen Smalley · 4 years, 10 months ago
  68. 3b2e595 selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" by Stephen Smalley · 5 years ago
  69. 59c458d broken ping to ipv6 linklocal addresses on debian buster by Casey Schaufler · 4 years, 10 months ago
  70. 99652ee tomoyo: Use atomic_t for statistics counter by Tetsuo Handa · 4 years, 11 months ago
  71. 1b32e6e tomoyo: Suppress RCU warning at list_for_each_entry_rcu(). by Tetsuo Handa · 5 years ago
  72. e0d2bf5 apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock by John Johansen · 4 years, 11 months ago
  73. 9c24cc6 tomoyo: Don't use nifty names on sockets. by Tetsuo Handa · 5 years ago
  74. 4f13232 apparmor: fix unsigned len comparison with less than zero by Colin Ian King · 5 years ago
  75. 359efcc efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN by Javier Martinez Canillas · 5 years ago
  76. 2ef4591 Merge tag 'selinux-pr-20191007' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 5 years ago
  77. 7a8beb7 integrity: remove pointless subdir-$(CONFIG_...) by Masahiro Yamada · 5 years ago
  78. 6b190d3 integrity: remove unneeded, broken attempt to add -fshort-wchar by Masahiro Yamada · 5 years ago
  79. 2a52439 selinux: fix context string corruption in convert_context() by Ondrej Mosnacek · 5 years ago
  80. aefcf2f Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 5 years ago
  81. f1f2f61 Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity by Linus Torvalds · 5 years ago
  82. 9f75c82 KEYS: trusted: correctly initialize digests and fix locking issue by Roberto Sassu · 5 years ago
  83. e94f8cc Merge tag 'smack-for-5.4-rc1' of git://github.com/cschaufler/smack-next by Linus Torvalds · 5 years ago
  84. 1b5fb41 Merge tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux by Linus Torvalds · 5 years ago
  85. 5825a95 Merge tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 5 years ago
  86. 21ab858 LSM: SafeSetID: Stop releasing uninitialized ruleset by Micah Morton · 5 years ago
  87. f8a9bc6 security: constify some arrays in lockdown LSM by Matthew Garrett · 5 years ago
  88. d41a3ef keys: Fix missing null pointer check in request_key_auth_describe() by Hillf Danton · 5 years ago
  89. 169ce0c selinux: fix residual uses of current_security() for the SELinux blob by Stephen Smalley · 5 years ago
  90. e5bfad3 smack: use GFP_NOFS while holding inode_smack::smk_lock by Eric Biggers · 5 years ago
  91. 3f4287e security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb() by Jia-Ju Bai · 5 years ago
  92. a1a07f2 smack: fix some kernel-doc notations by luanshi · 5 years ago
  93. 3675f05 Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set by Jann Horn · 5 years ago
  94. 846d2db keys: ensure that ->match_free() is called in request_key_and_link() by Eric Biggers · 5 years ago
  95. 2a7f0e5 ima: ima_api: Use struct_size() in kzalloc() by Gustavo A. R. Silva · 5 years ago
  96. fa5b571 ima: use struct_size() in kzalloc() by Gustavo A. R. Silva · 5 years ago
  97. 556d971 ima: Fix use after free in ima_read_modsig() by Thiago Jung Bauermann · 5 years ago
  98. 116f21b selinux: avoid atomic_t usage in sidtab by Ondrej Mosnacek · 5 years ago
  99. b602614 lockdown: Print current->comm in restriction messages by Matthew Garrett · 5 years ago
  100. ccbd54f tracefs: Restrict tracefs when the kernel is locked down by Matthew Garrett · 5 years ago