1. fd4d564 SELinux: if sel_make_bools errors don't leave inconsistent state by Eric Paris · 13 years ago
  2. a4a9980 selinux: KASAN: slab-out-of-bounds in xattr_getsecurity by Sachin Grover · 6 years ago
  3. abcfd64 KEYS: add missing permission check for request_key() destination by Eric Biggers · 7 years ago
  4. 8ed8e50 KEYS: Don't permit request_key() to construct a new keyring by David Howells · 9 years ago
  5. 1e7c24a KEYS: Fix stale key registration at error path by Takashi Iwai · 10 years ago
  6. 829089b key: Fix resource leak by Alan Cox · 12 years ago
  7. a1d714b Fix: compat_rw_copy_check_uvector() misuse in aio, readv, writev, and security keys by Mathieu Desnoyers · 12 years ago
  8. f60eef7 keys: fix race with concurrent install_user_keyrings() by David Howells · 12 years ago
  9. 88395c5 UPSTREAM: KEYS: encrypted: fix buffer overread in valid_master_desc() by Eric Biggers · 7 years ago
  10. 75bdf91 KEYS: prevent KEYCTL_READ on negative key by Eric Biggers · 7 years ago
  11. 64fa6cd KEYS: fix dereferencing NULL payload with nonzero length by Eric Biggers · 7 years ago
  12. 1728511 vfs: Add permission2 for filesystems with per mount permissions by Daniel Rosenberg · 8 years ago
  13. ddaa16d consitify do_mount() arguments by Al Viro · 12 years ago
  14. 043ab94 selinux: enable genfscon labeling for sysfs and pstore files by Stephen Smalley · 9 years ago
  15. f9aecb3 selinux: enable per-file labeling for debugfs files. by Stephen Smalley · 9 years ago
  16. 810be00 selinux: correctly label /proc inodes in use before the policy is loaded by Paul Moore · 11 years ago
  17. 4299410 UPSTREAM: selinux: fix bug in conditional rules handling by Stephen Smalley · 9 years ago
  18. 281fafc BACKPORT: commoncap: don't alloc the credential unless needed in cap_task_prctl by Tetsuo Handa · 10 years ago
  19. d10c6e1 UPSTREAM: capabilities: ambient capabilities by Andy Lutomirski · 9 years ago
  20. 2a600d7 SELinux: include definition of new capabilities by Eric Paris · 12 years ago
  21. 3bcbe59 sched: move no_new_privs into new atomic flags by Kees Cook · 10 years ago
  22. f79f7c8 Fix execve behavior apparmor for PR_{GET,SET}_NO_NEW_PRIVS by John Johansen · 13 years ago
  23. 397a85e Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs by Andy Lutomirski · 13 years ago
  24. 3b3c7c9 selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables by Lorenzo Colitti · 9 years ago
  25. 697a112 selinux: add SOCK_DIAG_BY_FAMILY to the list of netlink message types by Paul Moore · 11 years ago
  26. b8f8392 FROMLIST: security,perf: Allow further restriction of perf_event_open by Jeff Vander Stoep · 8 years ago
  27. a7cca09 move d_rcu from overlapping d_child to overlapping d_alias by Al Viro · 10 years ago
  28. f9db0a4 KEYS: Fix handling of stored error in a negatively instantiated user key by David Howells · 9 years ago
  29. 7edb5e8 KEYS: Fix race between read and revoke by David Howells · 9 years ago
  30. e44b57e selinux: fix off-by-one in setprocattr by Stephen Smalley · 8 years ago
  31. 379fa51 KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings by Eric Biggers · 8 years ago
  32. bbc60dd KEYS: Change the name of the dead type to ".dead" to prevent user access by David Howells · 8 years ago
  33. 90396b2 KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings by David Howells · 8 years ago
  34. 91937d3 selinux: Android kernel compatibility with M userspace by Jeff Vander Stoep · 9 years ago
  35. 581be71 selinux: extended permissions for ioctls by Jeff Vander Stoep · 9 years ago
  36. 98df88f security: add ioctl specific auditing to lsm_audit by Jeff Vander Stoep · 9 years ago
  37. 4ac6187 selinux: remove unnecessary pointer reassignment by Jeff Vander Stoep · 10 years ago
  38. 399e7f7 Revert "security: lsm_audit: add ioctl specific auditing" by Jeff Vander Stoep · 9 years ago
  39. 1db0d29 Revert "SELinux: per-command whitelisting of ioctls" by Jeff Vander Stoep · 9 years ago
  40. ab56076 Revert "SELinux: use deletion-safe iterator to free list" by Jeff Vander Stoep · 9 years ago
  41. 14bbe78 Revert "SELinux: ss: Fix policy write for ioctl operations" by Jeff Vander Stoep · 9 years ago
  42. 1391b79 Merge LA.BF.1.1.3_rb1.13 into FP2 by chrmhoffmann · 8 years ago
  43. 57d7ea5 FPII-2740:KEYS: Fix short sprintf buffer in /proc/keys show function by David Howells · 8 years ago
  44. 194cce9 FPII-2605 : Elevation of privilege vulnerability in kernel security subsystem (device specific) CVE-2015-7872 A-31253168 by Jeron Susan · 8 years ago
  45. 9819791 FPII-2317: Elevation of privilege vulnerability in kernel security subsystem CVE-2016-4470 A-29823941 by Jeron Susan · 8 years ago
  46. f9a4bd2 FPII-2316: Elevation of privilege vulnerability in kernel security subsystem CVE-2014-9529 A-29510361 by Jeron Susan · 8 years ago
  47. f356ec9 SELinux: ss: Fix policy write for ioctl operations by Ravi Kumar Siddojigari · 9 years ago
  48. fc73488 SELinux: add default_type statements by Eric Paris · 13 years ago
  49. 25c1d54 SELinux: allow default source/target selectors for user/role/range by Eric Paris · 13 years ago
  50. 6506870 SELinux: use deletion-safe iterator to free list by Jeff Vander Stoep · 10 years ago
  51. 27975d3 selinux: Report permissive mode in avc: denied messages. by Stephen Smalley · 11 years ago
  52. fd290c6 SELinux: per-command whitelisting of ioctls by Jeff Vander Stoep · 10 years ago
  53. 290627a security: lsm_audit: add ioctl specific auditing by Jeff Vander Stoep · 10 years ago
  54. 2c08805 pstore: selinux: add security in-core xattr support for pstore and debugfs by Mark Salyzyn · 10 years ago
  55. 24fc717 SELinux: Update policy version to support constraints info by Richard Haines · 11 years ago
  56. 9ac1509 Merge "security: selinux: Add Per-File-Encryption hooks" by Linux Build Service Account · 10 years ago
  57. 0249420 Merge "platform: msm: add Per-File-Tagger (PFT) driver" by Linux Build Service Account · 10 years ago
  58. 9d24c49 platform: msm: add Per-File-Tagger (PFT) driver by Amir Samuelov · 10 years ago
  59. 6a22e46 security: selinux: Add Per-File-Encryption hooks by Amir Samuelov · 10 years ago
  60. 041bfc2 SELinux: Fix kernel BUG on empty security contexts. by Stephen Smalley · 11 years ago
  61. 9028065 selinux: Fix Kernel panic due to NULL pointer dereference by Satya Durga Srinivasu Prabhala · 11 years ago
  62. 48a2370 Add security hooks to binder and implement the hooks for SELinux. by Stephen Smalley · 12 years ago
  63. e9a85c7 security: Add proper checks for Android specific capability checks by Tushar Behera · 13 years ago
  64. 957265b Merge commit 'v3.4-rc4' into android-3.4 by Colin Cross · 13 years ago
  65. ab2965e Merge commit 'v3.4-rc3' into android-3.4 by Colin Cross · 13 years ago
  66. 51b79be security: fix compile error in commoncap.c by Jonghwan Choi · 13 years ago
  67. d52fc5d fcaps: clear the same personality flags as suid when fcaps are used by Eric Paris · 13 years ago
  68. 86812bb Smack: move label list initialization by Casey Schaufler · 13 years ago
  69. 923e9a1 Smack: build when CONFIG_AUDIT not defined by Kees Cook · 13 years ago
  70. 0432013 security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_capable(). by Chia-chi Yeh · 15 years ago
  71. b61c37f lsm_audit: don't specify the audit pre/post callbacks in 'struct common_audit_data' by Linus Torvalds · 13 years ago
  72. 3f0882c SELinux: do not allocate stack space for AVC data unless needed by Eric Paris · 13 years ago
  73. f8294f1 SELinux: remove avd from slow_avc_audit() by Eric Paris · 13 years ago
  74. 7f6a47c SELinux: remove avd from selinux_audit_data by Eric Paris · 13 years ago
  75. 48c62af LSM: shrink the common_audit_data data union by Eric Paris · 13 years ago
  76. 3b3b0e4 LSM: shrink sizeof LSM specific portion of common_audit_data by Eric Paris · 13 years ago
  77. 8bb1f22 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 13 years ago
  78. 2f99c36 get rid of pointless includes of ext2_fs.h by Al Viro · 13 years ago
  79. a1c2aa1 selinuxfs: merge dentry allocation into sel_make_dir() by Al Viro · 13 years ago
  80. cdb0f9a selinux: inline avc_audit() and avc_has_perm_noaudit() into caller by Linus Torvalds · 13 years ago
  81. a554bea selinux: don't inline slow-path code into avc_has_perm_noaudit() by Linus Torvalds · 13 years ago
  82. a591afc Merge branch 'x86-x32-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip by Linus Torvalds · 13 years ago
  83. 0195c00 Merge tag 'split-asm_system_h-for-linus-20120328' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-asm_system by Linus Torvalds · 13 years ago
  84. 9ffc93f Remove all #inclusions of asm/system.h by David Howells · 13 years ago
  85. 0421ea9 apparmor: Fix change_onexec when called from a confined task by John Johansen · 13 years ago
  86. 778aae8 SELinux: selinux/xfrm.h needs net/flow.h by David Howells · 13 years ago
  87. 9d944ef usermodehelper: kill umh_wait, renumber UMH_* constants by Oleg Nesterov · 13 years ago
  88. 70834d3 usermodehelper: use UMH_WAIT_PROC consistently by Oleg Nesterov · 13 years ago
  89. f63d395 Merge tag 'nfs-for-3.4-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs by Linus Torvalds · 13 years ago
  90. 48aab2f security: optimize avc_audit() common path by Linus Torvalds · 13 years ago
  91. e2a0883 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 13 years ago
  92. 3556485 Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 13 years ago
  93. 9f39383 Merge branch 'kmap_atomic' of git://github.com/congwang/linux by Linus Torvalds · 13 years ago
  94. 40ffe67 switch unix_sock to struct path by Al Viro · 13 years ago
  95. 0d9cabd Merge branch 'for-3.4' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup by Linus Torvalds · 13 years ago
  96. c58e037 tomoyo: remove the second argument of k[un]map_atomic() by Cong Wang · 13 years ago
  97. 09f61cd Merge branch 'for-security' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor into next by James Morris · 13 years ago
  98. 7e57014 AppArmor: Fix location of const qualifier on generated string tables by Tetsuo Handa · 13 years ago
  99. 7d7473d TOMOYO: Return error if fails to delete a domain by Tetsuo Handa · 13 years ago
  100. b01d3fb Merge branch 'for-security' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor into next by James Morris · 13 years ago