Gitiles
Code Review
Sign In
gerrit-public.fairphone.software
/
kernel
/
msm
/
5408292f80371f0e434d9df10608f7d51415c0da
/
security
fd4d564
SELinux: if sel_make_bools errors don't leave inconsistent state
by Eric Paris
· 13 years ago
a4a9980
selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
by Sachin Grover
· 6 years ago
abcfd64
KEYS: add missing permission check for request_key() destination
by Eric Biggers
· 7 years ago
8ed8e50
KEYS: Don't permit request_key() to construct a new keyring
by David Howells
· 9 years ago
1e7c24a
KEYS: Fix stale key registration at error path
by Takashi Iwai
· 10 years ago
829089b
key: Fix resource leak
by Alan Cox
· 12 years ago
a1d714b
Fix: compat_rw_copy_check_uvector() misuse in aio, readv, writev, and security keys
by Mathieu Desnoyers
· 12 years ago
f60eef7
keys: fix race with concurrent install_user_keyrings()
by David Howells
· 12 years ago
88395c5
UPSTREAM: KEYS: encrypted: fix buffer overread in valid_master_desc()
by Eric Biggers
· 7 years ago
75bdf91
KEYS: prevent KEYCTL_READ on negative key
by Eric Biggers
· 7 years ago
64fa6cd
KEYS: fix dereferencing NULL payload with nonzero length
by Eric Biggers
· 7 years ago
1728511
vfs: Add permission2 for filesystems with per mount permissions
by Daniel Rosenberg
· 8 years ago
ddaa16d
consitify do_mount() arguments
by Al Viro
· 12 years ago
043ab94
selinux: enable genfscon labeling for sysfs and pstore files
by Stephen Smalley
· 9 years ago
f9aecb3
selinux: enable per-file labeling for debugfs files.
by Stephen Smalley
· 9 years ago
810be00
selinux: correctly label /proc inodes in use before the policy is loaded
by Paul Moore
· 11 years ago
4299410
UPSTREAM: selinux: fix bug in conditional rules handling
by Stephen Smalley
· 9 years ago
281fafc
BACKPORT: commoncap: don't alloc the credential unless needed in cap_task_prctl
by Tetsuo Handa
· 10 years ago
d10c6e1
UPSTREAM: capabilities: ambient capabilities
by Andy Lutomirski
· 9 years ago
2a600d7
SELinux: include definition of new capabilities
by Eric Paris
· 12 years ago
3bcbe59
sched: move no_new_privs into new atomic flags
by Kees Cook
· 10 years ago
f79f7c8
Fix execve behavior apparmor for PR_{GET,SET}_NO_NEW_PRIVS
by John Johansen
· 13 years ago
397a85e
Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs
by Andy Lutomirski
· 13 years ago
3b3c7c9
selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables
by Lorenzo Colitti
· 9 years ago
697a112
selinux: add SOCK_DIAG_BY_FAMILY to the list of netlink message types
by Paul Moore
· 11 years ago
b8f8392
FROMLIST: security,perf: Allow further restriction of perf_event_open
by Jeff Vander Stoep
· 8 years ago
a7cca09
move d_rcu from overlapping d_child to overlapping d_alias
by Al Viro
· 10 years ago
f9db0a4
KEYS: Fix handling of stored error in a negatively instantiated user key
by David Howells
· 9 years ago
7edb5e8
KEYS: Fix race between read and revoke
by David Howells
· 9 years ago
e44b57e
selinux: fix off-by-one in setprocattr
by Stephen Smalley
· 8 years ago
379fa51
KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings
by Eric Biggers
· 8 years ago
bbc60dd
KEYS: Change the name of the dead type to ".dead" to prevent user access
by David Howells
· 8 years ago
90396b2
KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings
by David Howells
· 8 years ago
91937d3
selinux: Android kernel compatibility with M userspace
by Jeff Vander Stoep
· 9 years ago
581be71
selinux: extended permissions for ioctls
by Jeff Vander Stoep
· 9 years ago
98df88f
security: add ioctl specific auditing to lsm_audit
by Jeff Vander Stoep
· 9 years ago
4ac6187
selinux: remove unnecessary pointer reassignment
by Jeff Vander Stoep
· 10 years ago
399e7f7
Revert "security: lsm_audit: add ioctl specific auditing"
by Jeff Vander Stoep
· 9 years ago
1db0d29
Revert "SELinux: per-command whitelisting of ioctls"
by Jeff Vander Stoep
· 9 years ago
ab56076
Revert "SELinux: use deletion-safe iterator to free list"
by Jeff Vander Stoep
· 9 years ago
14bbe78
Revert "SELinux: ss: Fix policy write for ioctl operations"
by Jeff Vander Stoep
· 9 years ago
1391b79
Merge LA.BF.1.1.3_rb1.13 into FP2
by chrmhoffmann
· 8 years ago
57d7ea5
FPII-2740:KEYS: Fix short sprintf buffer in /proc/keys show function
by David Howells
· 8 years ago
194cce9
FPII-2605 : Elevation of privilege vulnerability in kernel security subsystem (device specific) CVE-2015-7872 A-31253168
by Jeron Susan
· 8 years ago
9819791
FPII-2317: Elevation of privilege vulnerability in kernel security subsystem CVE-2016-4470 A-29823941
by Jeron Susan
· 8 years ago
f9a4bd2
FPII-2316: Elevation of privilege vulnerability in kernel security subsystem CVE-2014-9529 A-29510361
by Jeron Susan
· 8 years ago
f356ec9
SELinux: ss: Fix policy write for ioctl operations
by Ravi Kumar Siddojigari
· 9 years ago
fc73488
SELinux: add default_type statements
by Eric Paris
· 13 years ago
25c1d54
SELinux: allow default source/target selectors for user/role/range
by Eric Paris
· 13 years ago
6506870
SELinux: use deletion-safe iterator to free list
by Jeff Vander Stoep
· 10 years ago
27975d3
selinux: Report permissive mode in avc: denied messages.
by Stephen Smalley
· 11 years ago
fd290c6
SELinux: per-command whitelisting of ioctls
by Jeff Vander Stoep
· 10 years ago
290627a
security: lsm_audit: add ioctl specific auditing
by Jeff Vander Stoep
· 10 years ago
2c08805
pstore: selinux: add security in-core xattr support for pstore and debugfs
by Mark Salyzyn
· 10 years ago
24fc717
SELinux: Update policy version to support constraints info
by Richard Haines
· 11 years ago
9ac1509
Merge "security: selinux: Add Per-File-Encryption hooks"
by Linux Build Service Account
· 10 years ago
0249420
Merge "platform: msm: add Per-File-Tagger (PFT) driver"
by Linux Build Service Account
· 10 years ago
9d24c49
platform: msm: add Per-File-Tagger (PFT) driver
by Amir Samuelov
· 10 years ago
6a22e46
security: selinux: Add Per-File-Encryption hooks
by Amir Samuelov
· 10 years ago
041bfc2
SELinux: Fix kernel BUG on empty security contexts.
by Stephen Smalley
· 11 years ago
9028065
selinux: Fix Kernel panic due to NULL pointer dereference
by Satya Durga Srinivasu Prabhala
· 11 years ago
48a2370
Add security hooks to binder and implement the hooks for SELinux.
by Stephen Smalley
· 12 years ago
e9a85c7
security: Add proper checks for Android specific capability checks
by Tushar Behera
· 13 years ago
957265b
Merge commit 'v3.4-rc4' into android-3.4
by Colin Cross
· 13 years ago
ab2965e
Merge commit 'v3.4-rc3' into android-3.4
by Colin Cross
· 13 years ago
51b79be
security: fix compile error in commoncap.c
by Jonghwan Choi
· 13 years ago
d52fc5d
fcaps: clear the same personality flags as suid when fcaps are used
by Eric Paris
· 13 years ago
86812bb
Smack: move label list initialization
by Casey Schaufler
· 13 years ago
923e9a1
Smack: build when CONFIG_AUDIT not defined
by Kees Cook
· 13 years ago
0432013
security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_capable().
by Chia-chi Yeh
· 15 years ago
b61c37f
lsm_audit: don't specify the audit pre/post callbacks in 'struct common_audit_data'
by Linus Torvalds
· 13 years ago
3f0882c
SELinux: do not allocate stack space for AVC data unless needed
by Eric Paris
· 13 years ago
f8294f1
SELinux: remove avd from slow_avc_audit()
by Eric Paris
· 13 years ago
7f6a47c
SELinux: remove avd from selinux_audit_data
by Eric Paris
· 13 years ago
48c62af
LSM: shrink the common_audit_data data union
by Eric Paris
· 13 years ago
3b3b0e4
LSM: shrink sizeof LSM specific portion of common_audit_data
by Eric Paris
· 13 years ago
8bb1f22
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 13 years ago
2f99c36
get rid of pointless includes of ext2_fs.h
by Al Viro
· 13 years ago
a1c2aa1
selinuxfs: merge dentry allocation into sel_make_dir()
by Al Viro
· 13 years ago
cdb0f9a
selinux: inline avc_audit() and avc_has_perm_noaudit() into caller
by Linus Torvalds
· 13 years ago
a554bea
selinux: don't inline slow-path code into avc_has_perm_noaudit()
by Linus Torvalds
· 13 years ago
a591afc
Merge branch 'x86-x32-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
by Linus Torvalds
· 13 years ago
0195c00
Merge tag 'split-asm_system_h-for-linus-20120328' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-asm_system
by Linus Torvalds
· 13 years ago
9ffc93f
Remove all #inclusions of asm/system.h
by David Howells
· 13 years ago
0421ea9
apparmor: Fix change_onexec when called from a confined task
by John Johansen
· 13 years ago
778aae8
SELinux: selinux/xfrm.h needs net/flow.h
by David Howells
· 13 years ago
9d944ef
usermodehelper: kill umh_wait, renumber UMH_* constants
by Oleg Nesterov
· 13 years ago
70834d3
usermodehelper: use UMH_WAIT_PROC consistently
by Oleg Nesterov
· 13 years ago
f63d395
Merge tag 'nfs-for-3.4-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs
by Linus Torvalds
· 13 years ago
48aab2f
security: optimize avc_audit() common path
by Linus Torvalds
· 13 years ago
e2a0883
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 13 years ago
3556485
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 13 years ago
9f39383
Merge branch 'kmap_atomic' of git://github.com/congwang/linux
by Linus Torvalds
· 13 years ago
40ffe67
switch unix_sock to struct path
by Al Viro
· 13 years ago
0d9cabd
Merge branch 'for-3.4' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup
by Linus Torvalds
· 13 years ago
c58e037
tomoyo: remove the second argument of k[un]map_atomic()
by Cong Wang
· 13 years ago
09f61cd
Merge branch 'for-security' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor into next
by James Morris
· 13 years ago
7e57014
AppArmor: Fix location of const qualifier on generated string tables
by Tetsuo Handa
· 13 years ago
7d7473d
TOMOYO: Return error if fails to delete a domain
by Tetsuo Handa
· 13 years ago
b01d3fb
Merge branch 'for-security' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor into next
by James Morris
· 13 years ago
Next »