Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-5.4 / c61417fef99a84f8f35ddb6ea27985bc2347acda / security
  1. 4a1e1dda efi: Only print errors about failing to get certs if EFI vars are found by Javier Martinez Canillas · 4 years, 9 months ago
  2. e8807eb ima: ima/lsm policy rule loading logic bug fixes by Janne Karhunen · 4 years, 10 months ago
  3. 111749f selinux: ensure we cleanup the internal AVC counters on error in avc_update() by Jaihind Yadav · 5 years ago
  4. 0e44cd8 selinux: ensure we cleanup the internal AVC counters on error in avc_insert() by Paul Moore · 5 years ago
  5. 2d8fdc5 selinux: fall back to ref-walk if audit is required by Stephen Smalley · 5 years ago
  6. 875e01d selinux: fix regression introduced by move_mount(2) syscall by Stephen Smalley · 4 years, 10 months ago
  7. 3b2e595 selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" by Stephen Smalley · 5 years ago
  8. 59c458d broken ping to ipv6 linklocal addresses on debian buster by Casey Schaufler · 4 years, 10 months ago
  9. 99652ee tomoyo: Use atomic_t for statistics counter by Tetsuo Handa · 4 years, 11 months ago
  10. 1b32e6e tomoyo: Suppress RCU warning at list_for_each_entry_rcu(). by Tetsuo Handa · 5 years ago
  11. e0d2bf5 apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock by John Johansen · 4 years, 11 months ago
  12. 9c24cc6 tomoyo: Don't use nifty names on sockets. by Tetsuo Handa · 5 years ago
  13. 4f13232 apparmor: fix unsigned len comparison with less than zero by Colin Ian King · 5 years ago
  14. 359efcc efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN by Javier Martinez Canillas · 5 years ago
  15. 2ef4591 Merge tag 'selinux-pr-20191007' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 5 years ago
  16. 7a8beb7 integrity: remove pointless subdir-$(CONFIG_...) by Masahiro Yamada · 5 years ago
  17. 6b190d3 integrity: remove unneeded, broken attempt to add -fshort-wchar by Masahiro Yamada · 5 years ago
  18. 2a52439 selinux: fix context string corruption in convert_context() by Ondrej Mosnacek · 5 years ago
  19. aefcf2f Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 5 years ago
  20. f1f2f61 Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity by Linus Torvalds · 5 years ago
  21. 9f75c82 KEYS: trusted: correctly initialize digests and fix locking issue by Roberto Sassu · 5 years ago
  22. e94f8cc Merge tag 'smack-for-5.4-rc1' of git://github.com/cschaufler/smack-next by Linus Torvalds · 5 years ago
  23. 1b5fb41 Merge tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux by Linus Torvalds · 5 years ago
  24. 5825a95 Merge tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 5 years ago
  25. 21ab858 LSM: SafeSetID: Stop releasing uninitialized ruleset by Micah Morton · 5 years ago
  26. f8a9bc6 security: constify some arrays in lockdown LSM by Matthew Garrett · 5 years ago
  27. d41a3ef keys: Fix missing null pointer check in request_key_auth_describe() by Hillf Danton · 5 years ago
  28. 169ce0c selinux: fix residual uses of current_security() for the SELinux blob by Stephen Smalley · 5 years ago
  29. e5bfad3 smack: use GFP_NOFS while holding inode_smack::smk_lock by Eric Biggers · 5 years ago
  30. 3f4287e security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb() by Jia-Ju Bai · 5 years ago
  31. a1a07f2 smack: fix some kernel-doc notations by luanshi · 5 years ago
  32. 3675f05 Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set by Jann Horn · 5 years ago
  33. 846d2db keys: ensure that ->match_free() is called in request_key_and_link() by Eric Biggers · 5 years ago
  34. 2a7f0e5 ima: ima_api: Use struct_size() in kzalloc() by Gustavo A. R. Silva · 5 years ago
  35. fa5b571 ima: use struct_size() in kzalloc() by Gustavo A. R. Silva · 5 years ago
  36. 556d971 ima: Fix use after free in ima_read_modsig() by Thiago Jung Bauermann · 5 years ago
  37. 116f21b selinux: avoid atomic_t usage in sidtab by Ondrej Mosnacek · 5 years ago
  38. b602614 lockdown: Print current->comm in restriction messages by Matthew Garrett · 5 years ago
  39. ccbd54f tracefs: Restrict tracefs when the kernel is locked down by Matthew Garrett · 5 years ago
  40. 5496197 debugfs: Restrict debugfs when the kernel is locked down by David Howells · 5 years ago
  41. 29d3c1c kexec: Allow kexec_file() with appropriate IMA policy when locked down by Matthew Garrett · 5 years ago
  42. b0c8fdc lockdown: Lock down perf when in confidentiality mode by David Howells · 5 years ago
  43. 9d1f8be5 bpf: Restrict bpf when kernel lockdown is in confidentiality mode by David Howells · 5 years ago
  44. a94549d lockdown: Lock down tracing and perf kprobes when in confidentiality mode by David Howells · 5 years ago
  45. 02e935b lockdown: Lock down /proc/kcore by David Howells · 5 years ago
  46. 906357f x86/mmiotrace: Lock down the testmmiotrace module by David Howells · 5 years ago
  47. 20657f6 lockdown: Lock down module params that specify hardware parameters (eg. ioport) by David Howells · 5 years ago
  48. 794edf3 lockdown: Lock down TIOCSSERIAL by David Howells · 5 years ago
  49. 3f19cad lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down by David Howells · 5 years ago
  50. f474e14 ACPI: Limit access to custom_method when the kernel is locked down by Matthew Garrett · 5 years ago
  51. 95f5e95 x86/msr: Restrict MSR access when the kernel is locked down by Matthew Garrett · 5 years ago
  52. 96c4f67 x86: Lock down IO port access when the kernel is locked down by Matthew Garrett · 5 years ago
  53. eb627e1 PCI: Lock down BAR access when the kernel is locked down by Matthew Garrett · 5 years ago
  54. 38bd94b hibernate: Disable when the kernel is locked down by Josh Boyer · 5 years ago
  55. 99d5cadf kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE by Jiri Bohac · 5 years ago
  56. 7d31f46 kexec_load: Disable at runtime if the kernel is locked down by Matthew Garrett · 5 years ago
  57. 9b9d8dd lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked down by Matthew Garrett · 5 years ago
  58. 49fcf73 lockdown: Enforce module signatures if the kernel is locked down by David Howells · 5 years ago
  59. 000d388 security: Add a static lockdown policy LSM by Matthew Garrett · 5 years ago
  60. 9e47d31 security: Add a "locked down" LSM hook by Matthew Garrett · 5 years ago
  61. e6b1db9 security: Support early LSMs by Matthew Garrett · 5 years ago
  62. 2d6c252 KEYS: trusted: allow module init if TPM is inactive or deactivated by Roberto Sassu · 5 years ago
  63. ac5656d fanotify, inotify, dnotify, security: add security hook for fs notifications by Aaron Goidel · 5 years ago
  64. 4ece312 ima: fix freeing ongoing ahash_request by Sascha Hauer · 5 years ago
  65. f5e1040 ima: always return negative code for error by Sascha Hauer · 5 years ago
  66. e509225 ima: Store the measurement again when appraising a modsig by Thiago Jung Bauermann · 5 years ago
  67. 3878d50 ima: Define ima-modsig template by Thiago Jung Bauermann · 5 years ago
  68. 1558822 ima: Collect modsig by Thiago Jung Bauermann · 5 years ago
  69. 39b0709 ima: Implement support for module-style appended signatures by Thiago Jung Bauermann · 5 years ago
  70. a5fbeb6 ima: Factor xattr_verify() out of ima_appraise_measurement() by Thiago Jung Bauermann · 5 years ago
  71. 9044d62 ima: Add modsig appraise_type option for module-style appended signatures by Thiago Jung Bauermann · 5 years ago
  72. cf38fed integrity: Select CONFIG_KEYS instead of depending on it by Thiago Jung Bauermann · 5 years ago
  73. 9b80c36 selinux: always return a secid from the network caches if we find one by Paul Moore · 5 years ago
  74. f07ea1d selinux: policydb - rename type_val_to_struct_array by Ondrej Mosnacek · 5 years ago
  75. 2492aca selinux: policydb - fix some checkpatch.pl warnings by Ondrej Mosnacek · 5 years ago
  76. 0eb2f29 selinux: shuffle around policydb.c to get rid of forward declarations by Paul Moore · 5 years ago
  77. 4f1a6ef Merge tag 'selinux-pr-20190801' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 5 years ago
  78. b36f281 ima: initialize the "template" field with the default template by Mimi Zohar · 5 years ago
  79. 4538523 selinux: fix memory leak in policydb_init() by Ondrej Mosnacek · 5 years ago
  80. c622fc5 Merge tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux by Linus Torvalds · 5 years ago
  81. 40233e7 Merge tag 'selinux-pr-20190726' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 5 years ago
  82. 173e6ee structleak: disable STRUCTLEAK_BYREF in combination with KASAN_STACK by Arnd Bergmann · 5 years ago
  83. acbc372 selinux: check sidtab limit before adding a new entry by Ondrej Mosnacek · 5 years ago
  84. 933a90b Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 5 years ago
  85. eec4844 proc/sysctl: add shared variables for range check by Matteo Croce · 5 years ago
  86. c309b6f Merge tag 'docs/v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media by Linus Torvalds · 5 years ago
  87. e10337d LSM: SafeSetID: fix use of literal -1 in capable hook by Jann Horn · 6 years ago
  88. 4f72123 LSM: SafeSetID: verify transitive constrainedness by Jann Horn · 6 years ago
  89. fbd9acb LSM: SafeSetID: add read handler by Jann Horn · 6 years ago
  90. 03638e6 LSM: SafeSetID: rewrite userspace API to atomic updates by Jann Horn · 6 years ago
  91. 71a9897 LSM: SafeSetID: fix userns handling in securityfs by Jann Horn · 6 years ago
  92. 78ae7df LSM: SafeSetID: refactor policy parsing by Jann Horn · 6 years ago
  93. 8068866 LSM: SafeSetID: refactor safesetid_security_capable() by Jann Horn · 6 years ago
  94. 1cd02a2 LSM: SafeSetID: refactor policy hash table by Jann Horn · 6 years ago
  95. 7ef6b30 LSM: SafeSetID: fix check for setresuid(new1, new2, new3) by Jann Horn · 6 years ago
  96. c783d52 LSM: SafeSetID: fix pr_warn() to include newline by Jann Horn · 6 years ago
  97. da82c92 docs: cgroup-v1: add it to the admin-guide book by Mauro Carvalho Chehab · 5 years ago
  98. e8d776f docs: x86: move two x86-specific files to x86 arch dir by Mauro Carvalho Chehab · 6 years ago
  99. ef8f3d4 Merge branch 'akpm' (patches from Andrew) by Linus Torvalds · 5 years ago
  100. 6471384 mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options by Alexander Potapenko · 5 years ago