Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / c53b8cfa00ca0532cf87043a6067235dde8c87f1 / security
  1. f39e855 netfilter: remove ip_queue support by Pablo Neira Ayuso · 12 years ago
  2. b891846 nick kvfree() from apparmor by Al Viro · 10 years ago
  3. a2b5474 selinux/nlmsg: add XFRM_MSG_NEWSPDINFO by Nicolas Dichtel · 9 years ago
  4. 1c2c11f fs: create and use seq_show_option for escaping by Kees Cook · 9 years ago
  5. dcc579c selinux/nlmsg: add XFRM_MSG_MAPPING by Nicolas Dichtel · 9 years ago
  6. bb9b659 selinux/nlmsg: add XFRM_MSG_MIGRATE by Nicolas Dichtel · 9 years ago
  7. 4c4317bb selinux/nlmsg: add XFRM_MSG_REPORT by Nicolas Dichtel · 9 years ago
  8. 7ad7a43 selinux/nlmsg: add XFRM_MSG_[NEW|GET]SADINFO by Nicolas Dichtel · 9 years ago
  9. 195a51c selinux/nlmsg: add XFRM_MSG_GETSPDINFO by Nicolas Dichtel · 9 years ago
  10. 2738336 selinux: fix sel_write_enforce broken return value by Joe Perches · 9 years ago
  11. 053ba5d smack: fix possible use after frees in task_security() callers by Andrey Ryabinin · 9 years ago
  12. 2e4ec7d evm: check xattr value length and type in evm_inode_setxattr() by Dmitry Kasatkin · 10 years ago
  13. f557ff4 selinux: fix inode security list corruption by Stephen Smalley · 10 years ago
  14. 7e96304 evm: prohibit userspace writing 'security.evm' HMAC value by Mimi Zohar · 10 years ago
  15. a580c01 SELinux: bigendian problems with filename trans rules by Eric Paris · 10 years ago
  16. c408d8a SELinux: Fix memory leak upon loading policy by Tetsuo Handa · 10 years ago
  17. c7e9742 SELinux: Fix possible NULL pointer dereference in selinux_inode_permission() by Steven Rostedt · 10 years ago
  18. a737983 selinux: process labeled IPsec TCP SYN-ACK packets properly in selinux_ip_postroute() by Paul Moore · 11 years ago
  19. c09348c selinux: look for IPsec labels on both inbound and outbound packets by Paul Moore · 11 years ago
  20. cdeb0b0 selinux: selinux_setprocattr()->ptrace_parent() needs rcu_read_lock() by Oleg Nesterov · 11 years ago
  21. 619af68 selinux: fix broken peer recv check by Chad Hanson · 11 years ago
  22. 96d2c17 selinux: handle TCP SYN-ACK packets correctly in selinux_ip_postroute() by Paul Moore · 11 years ago
  23. 3ac7b8d selinux: handle TCP SYN-ACK packets correctly in selinux_ip_output() by Paul Moore · 11 years ago
  24. 0c3753b selinux: correct locking in selinux_netlbl_socket_connect) by Paul Moore · 11 years ago
  25. c27c680 Revert "ima: policy for RAMFS" by Mimi Zohar · 11 years ago
  26. dea8590 selinux: use GFP_ATOMIC under spin_lock by Dan Carpenter · 11 years ago
  27. 38a32ad evm: checking if removexattr is not a NULL by Dmitry Kasatkin · 11 years ago
  28. 7785b94 selinux: fix sel_netnode_insert() suspicious rcu dereference by Dave Jones · 12 years ago
  29. 36afb82 Yama: handle 32-bit userspace prctl by Kees Cook · 12 years ago
  30. f17e923 posix_types.h: Cleanup stale __NFDBITS and related definitions by Josh Boyer · 12 years ago
  31. fd4d564 SELinux: if sel_make_bools errors don't leave inconsistent state by Eric Paris · 12 years ago
  32. a4a9980 selinux: KASAN: slab-out-of-bounds in xattr_getsecurity by Sachin Grover · 6 years ago
  33. abcfd64 KEYS: add missing permission check for request_key() destination by Eric Biggers · 7 years ago
  34. 8ed8e50 KEYS: Don't permit request_key() to construct a new keyring by David Howells · 9 years ago
  35. 1e7c24a KEYS: Fix stale key registration at error path by Takashi Iwai · 10 years ago
  36. 829089b key: Fix resource leak by Alan Cox · 12 years ago
  37. a1d714b Fix: compat_rw_copy_check_uvector() misuse in aio, readv, writev, and security keys by Mathieu Desnoyers · 11 years ago
  38. f60eef7 keys: fix race with concurrent install_user_keyrings() by David Howells · 11 years ago
  39. 88395c5 UPSTREAM: KEYS: encrypted: fix buffer overread in valid_master_desc() by Eric Biggers · 6 years ago
  40. 75bdf91 KEYS: prevent KEYCTL_READ on negative key by Eric Biggers · 7 years ago
  41. 64fa6cd KEYS: fix dereferencing NULL payload with nonzero length by Eric Biggers · 7 years ago
  42. 1728511 vfs: Add permission2 for filesystems with per mount permissions by Daniel Rosenberg · 8 years ago
  43. ddaa16d consitify do_mount() arguments by Al Viro · 12 years ago
  44. 043ab94 selinux: enable genfscon labeling for sysfs and pstore files by Stephen Smalley · 9 years ago
  45. f9aecb3 selinux: enable per-file labeling for debugfs files. by Stephen Smalley · 9 years ago
  46. 810be00 selinux: correctly label /proc inodes in use before the policy is loaded by Paul Moore · 10 years ago
  47. 4299410 UPSTREAM: selinux: fix bug in conditional rules handling by Stephen Smalley · 9 years ago
  48. 281fafc BACKPORT: commoncap: don't alloc the credential unless needed in cap_task_prctl by Tetsuo Handa · 10 years ago
  49. d10c6e1 UPSTREAM: capabilities: ambient capabilities by Andy Lutomirski · 9 years ago
  50. 2a600d7 SELinux: include definition of new capabilities by Eric Paris · 12 years ago
  51. 3bcbe59 sched: move no_new_privs into new atomic flags by Kees Cook · 10 years ago
  52. f79f7c8 Fix execve behavior apparmor for PR_{GET,SET}_NO_NEW_PRIVS by John Johansen · 12 years ago
  53. 397a85e Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs by Andy Lutomirski · 12 years ago
  54. 3b3c7c9 selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables by Lorenzo Colitti · 8 years ago
  55. 697a112 selinux: add SOCK_DIAG_BY_FAMILY to the list of netlink message types by Paul Moore · 10 years ago
  56. b8f8392 FROMLIST: security,perf: Allow further restriction of perf_event_open by Jeff Vander Stoep · 8 years ago
  57. a7cca09 move d_rcu from overlapping d_child to overlapping d_alias by Al Viro · 10 years ago
  58. f9db0a4 KEYS: Fix handling of stored error in a negatively instantiated user key by David Howells · 9 years ago
  59. 7edb5e8 KEYS: Fix race between read and revoke by David Howells · 9 years ago
  60. e44b57e selinux: fix off-by-one in setprocattr by Stephen Smalley · 7 years ago
  61. 379fa51 KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings by Eric Biggers · 7 years ago
  62. bbc60dd KEYS: Change the name of the dead type to ".dead" to prevent user access by David Howells · 7 years ago
  63. 90396b2 KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings by David Howells · 7 years ago
  64. 91937d3 selinux: Android kernel compatibility with M userspace by Jeff Vander Stoep · 9 years ago
  65. 581be71 selinux: extended permissions for ioctls by Jeff Vander Stoep · 9 years ago
  66. 98df88f security: add ioctl specific auditing to lsm_audit by Jeff Vander Stoep · 9 years ago
  67. 4ac6187 selinux: remove unnecessary pointer reassignment by Jeff Vander Stoep · 9 years ago
  68. 399e7f7 Revert "security: lsm_audit: add ioctl specific auditing" by Jeff Vander Stoep · 9 years ago
  69. 1db0d29 Revert "SELinux: per-command whitelisting of ioctls" by Jeff Vander Stoep · 9 years ago
  70. ab56076 Revert "SELinux: use deletion-safe iterator to free list" by Jeff Vander Stoep · 9 years ago
  71. 14bbe78 Revert "SELinux: ss: Fix policy write for ioctl operations" by Jeff Vander Stoep · 9 years ago
  72. 1391b79 Merge LA.BF.1.1.3_rb1.13 into FP2 by chrmhoffmann · 7 years ago
  73. 57d7ea5 FPII-2740:KEYS: Fix short sprintf buffer in /proc/keys show function by David Howells · 8 years ago
  74. 194cce9 FPII-2605 : Elevation of privilege vulnerability in kernel security subsystem (device specific) CVE-2015-7872 A-31253168 by Jeron Susan · 8 years ago
  75. 9819791 FPII-2317: Elevation of privilege vulnerability in kernel security subsystem CVE-2016-4470 A-29823941 by Jeron Susan · 8 years ago
  76. f9a4bd2 FPII-2316: Elevation of privilege vulnerability in kernel security subsystem CVE-2014-9529 A-29510361 by Jeron Susan · 8 years ago
  77. f356ec9 SELinux: ss: Fix policy write for ioctl operations by Ravi Kumar Siddojigari · 9 years ago
  78. fc73488 SELinux: add default_type statements by Eric Paris · 12 years ago
  79. 25c1d54 SELinux: allow default source/target selectors for user/role/range by Eric Paris · 12 years ago
  80. 6506870 SELinux: use deletion-safe iterator to free list by Jeff Vander Stoep · 9 years ago
  81. 27975d3 selinux: Report permissive mode in avc: denied messages. by Stephen Smalley · 10 years ago
  82. fd290c6 SELinux: per-command whitelisting of ioctls by Jeff Vander Stoep · 9 years ago
  83. 290627a security: lsm_audit: add ioctl specific auditing by Jeff Vander Stoep · 9 years ago
  84. 2c08805 pstore: selinux: add security in-core xattr support for pstore and debugfs by Mark Salyzyn · 9 years ago
  85. 24fc717 SELinux: Update policy version to support constraints info by Richard Haines · 11 years ago
  86. 9ac1509 Merge "security: selinux: Add Per-File-Encryption hooks" by Linux Build Service Account · 10 years ago
  87. 0249420 Merge "platform: msm: add Per-File-Tagger (PFT) driver" by Linux Build Service Account · 10 years ago
  88. 9d24c49 platform: msm: add Per-File-Tagger (PFT) driver by Amir Samuelov · 10 years ago
  89. 6a22e46 security: selinux: Add Per-File-Encryption hooks by Amir Samuelov · 10 years ago
  90. 041bfc2 SELinux: Fix kernel BUG on empty security contexts. by Stephen Smalley · 10 years ago
  91. 9028065 selinux: Fix Kernel panic due to NULL pointer dereference by Satya Durga Srinivasu Prabhala · 11 years ago
  92. 48a2370 Add security hooks to binder and implement the hooks for SELinux. by Stephen Smalley · 12 years ago
  93. e9a85c7 security: Add proper checks for Android specific capability checks by Tushar Behera · 12 years ago
  94. 957265b Merge commit 'v3.4-rc4' into android-3.4 by Colin Cross · 12 years ago
  95. ab2965e Merge commit 'v3.4-rc3' into android-3.4 by Colin Cross · 12 years ago
  96. 51b79be security: fix compile error in commoncap.c by Jonghwan Choi · 12 years ago
  97. d52fc5d fcaps: clear the same personality flags as suid when fcaps are used by Eric Paris · 12 years ago
  98. 86812bb Smack: move label list initialization by Casey Schaufler · 12 years ago
  99. 923e9a1 Smack: build when CONFIG_AUDIT not defined by Kees Cook · 12 years ago
  100. 0432013 security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_capable(). by Chia-chi Yeh · 15 years ago