Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / refs/heads/rel/10/fp2/23.02.0-rel / security
  1. e7ef24d security: Add a cred_getsecid hook by Matthew Garrett · 6 years ago
  2. e6dc2a6 BACKPORT: binder: use cred instead of task for selinux checks by Todd Kjos · 2 years, 9 months ago
  3. 526d40c userns: Use cred->user_ns instead of cred->user->user_ns by Eric W. Biederman · 13 years ago
  4. 3fca16d selinux: properly handle multiple messages in selinux_netlink_send() by Paul Moore · 4 years, 2 months ago
  5. 1c07808 selinux: update netlink socket classes by Stephen Smalley · 9 years ago
  6. 08e3b57 selinux: Remove unused permission definitions by Stephen Smalley · 9 years ago
  7. 744c99d locks: rename file-private locks to "open file description locks" by Jeff Layton · 10 years ago
  8. f68ae18 locks: add new fcntl cmd values for handling file private locks by Jeff Layton · 10 years ago
  9. 8b326f1 selinux: properly handle multiple messages in selinux_netlink_send() by Paul Moore · 4 years, 2 months ago
  10. a1de117 selinux: rate-limit netlink message warnings in selinux_nlmsg_perm() by Vladis Dronov · 9 years ago
  11. 33d97cf selinux: Print 'sclass' as string when unrecognized netlink message occurs by Marek Milkovic · 9 years ago
  12. 4359f5e selinux: convert WARN_ONCE() to printk() in selinux_nlmsg_perm() by Richard Guy Briggs · 10 years ago
  13. 811b3eb selinux: cleanup error reporting in selinux_nlmsg_perm() by Richard Guy Briggs · 10 years ago
  14. b9cf9b4 selinux: replace obsolete NLMSG_* with type safe nlmsg_* by Hong zhi guo · 11 years ago
  15. 0ba8cec selinux: netlink: Move away from NLMSG_PUT(). by David S. Miller · 12 years ago
  16. f39e855 netfilter: remove ip_queue support by Pablo Neira Ayuso · 12 years ago
  17. b891846 nick kvfree() from apparmor by Al Viro · 10 years ago
  18. a2b5474 selinux/nlmsg: add XFRM_MSG_NEWSPDINFO by Nicolas Dichtel · 9 years ago
  19. 1c2c11f fs: create and use seq_show_option for escaping by Kees Cook · 9 years ago
  20. dcc579c selinux/nlmsg: add XFRM_MSG_MAPPING by Nicolas Dichtel · 9 years ago
  21. bb9b659 selinux/nlmsg: add XFRM_MSG_MIGRATE by Nicolas Dichtel · 9 years ago
  22. 4c4317bb selinux/nlmsg: add XFRM_MSG_REPORT by Nicolas Dichtel · 9 years ago
  23. 7ad7a43 selinux/nlmsg: add XFRM_MSG_[NEW|GET]SADINFO by Nicolas Dichtel · 9 years ago
  24. 195a51c selinux/nlmsg: add XFRM_MSG_GETSPDINFO by Nicolas Dichtel · 9 years ago
  25. 2738336 selinux: fix sel_write_enforce broken return value by Joe Perches · 9 years ago
  26. 053ba5d smack: fix possible use after frees in task_security() callers by Andrey Ryabinin · 9 years ago
  27. 2e4ec7d evm: check xattr value length and type in evm_inode_setxattr() by Dmitry Kasatkin · 10 years ago
  28. f557ff4 selinux: fix inode security list corruption by Stephen Smalley · 10 years ago
  29. 7e96304 evm: prohibit userspace writing 'security.evm' HMAC value by Mimi Zohar · 10 years ago
  30. a580c01 SELinux: bigendian problems with filename trans rules by Eric Paris · 10 years ago
  31. c408d8a SELinux: Fix memory leak upon loading policy by Tetsuo Handa · 11 years ago
  32. c7e9742 SELinux: Fix possible NULL pointer dereference in selinux_inode_permission() by Steven Rostedt · 10 years ago
  33. a737983 selinux: process labeled IPsec TCP SYN-ACK packets properly in selinux_ip_postroute() by Paul Moore · 11 years ago
  34. c09348c selinux: look for IPsec labels on both inbound and outbound packets by Paul Moore · 11 years ago
  35. cdeb0b0 selinux: selinux_setprocattr()->ptrace_parent() needs rcu_read_lock() by Oleg Nesterov · 11 years ago
  36. 619af68 selinux: fix broken peer recv check by Chad Hanson · 11 years ago
  37. 96d2c17 selinux: handle TCP SYN-ACK packets correctly in selinux_ip_postroute() by Paul Moore · 11 years ago
  38. 3ac7b8d selinux: handle TCP SYN-ACK packets correctly in selinux_ip_output() by Paul Moore · 11 years ago
  39. 0c3753b selinux: correct locking in selinux_netlbl_socket_connect) by Paul Moore · 11 years ago
  40. c27c680 Revert "ima: policy for RAMFS" by Mimi Zohar · 11 years ago
  41. dea8590 selinux: use GFP_ATOMIC under spin_lock by Dan Carpenter · 11 years ago
  42. 38a32ad evm: checking if removexattr is not a NULL by Dmitry Kasatkin · 11 years ago
  43. 7785b94 selinux: fix sel_netnode_insert() suspicious rcu dereference by Dave Jones · 12 years ago
  44. 36afb82 Yama: handle 32-bit userspace prctl by Kees Cook · 12 years ago
  45. f17e923 posix_types.h: Cleanup stale __NFDBITS and related definitions by Josh Boyer · 12 years ago
  46. fd4d564 SELinux: if sel_make_bools errors don't leave inconsistent state by Eric Paris · 12 years ago
  47. a4a9980 selinux: KASAN: slab-out-of-bounds in xattr_getsecurity by Sachin Grover · 6 years ago
  48. abcfd64 KEYS: add missing permission check for request_key() destination by Eric Biggers · 7 years ago
  49. 8ed8e50 KEYS: Don't permit request_key() to construct a new keyring by David Howells · 9 years ago
  50. 1e7c24a KEYS: Fix stale key registration at error path by Takashi Iwai · 10 years ago
  51. 829089b key: Fix resource leak by Alan Cox · 12 years ago
  52. a1d714b Fix: compat_rw_copy_check_uvector() misuse in aio, readv, writev, and security keys by Mathieu Desnoyers · 11 years ago
  53. f60eef7 keys: fix race with concurrent install_user_keyrings() by David Howells · 11 years ago
  54. 88395c5 UPSTREAM: KEYS: encrypted: fix buffer overread in valid_master_desc() by Eric Biggers · 6 years ago
  55. 75bdf91 KEYS: prevent KEYCTL_READ on negative key by Eric Biggers · 7 years ago
  56. 64fa6cd KEYS: fix dereferencing NULL payload with nonzero length by Eric Biggers · 7 years ago
  57. 1728511 vfs: Add permission2 for filesystems with per mount permissions by Daniel Rosenberg · 8 years ago
  58. ddaa16d consitify do_mount() arguments by Al Viro · 12 years ago
  59. 043ab94 selinux: enable genfscon labeling for sysfs and pstore files by Stephen Smalley · 9 years ago
  60. f9aecb3 selinux: enable per-file labeling for debugfs files. by Stephen Smalley · 9 years ago
  61. 810be00 selinux: correctly label /proc inodes in use before the policy is loaded by Paul Moore · 10 years ago
  62. 4299410 UPSTREAM: selinux: fix bug in conditional rules handling by Stephen Smalley · 9 years ago
  63. 281fafc BACKPORT: commoncap: don't alloc the credential unless needed in cap_task_prctl by Tetsuo Handa · 10 years ago
  64. d10c6e1 UPSTREAM: capabilities: ambient capabilities by Andy Lutomirski · 9 years ago
  65. 2a600d7 SELinux: include definition of new capabilities by Eric Paris · 12 years ago
  66. 3bcbe59 sched: move no_new_privs into new atomic flags by Kees Cook · 10 years ago
  67. f79f7c8 Fix execve behavior apparmor for PR_{GET,SET}_NO_NEW_PRIVS by John Johansen · 12 years ago
  68. 397a85e Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs by Andy Lutomirski · 12 years ago
  69. 3b3c7c9 selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables by Lorenzo Colitti · 8 years ago
  70. 697a112 selinux: add SOCK_DIAG_BY_FAMILY to the list of netlink message types by Paul Moore · 10 years ago
  71. b8f8392 FROMLIST: security,perf: Allow further restriction of perf_event_open by Jeff Vander Stoep · 8 years ago
  72. a7cca09 move d_rcu from overlapping d_child to overlapping d_alias by Al Viro · 10 years ago
  73. f9db0a4 KEYS: Fix handling of stored error in a negatively instantiated user key by David Howells · 9 years ago
  74. 7edb5e8 KEYS: Fix race between read and revoke by David Howells · 9 years ago
  75. e44b57e selinux: fix off-by-one in setprocattr by Stephen Smalley · 7 years ago
  76. 379fa51 KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings by Eric Biggers · 7 years ago
  77. bbc60dd KEYS: Change the name of the dead type to ".dead" to prevent user access by David Howells · 7 years ago
  78. 90396b2 KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings by David Howells · 7 years ago
  79. 91937d3 selinux: Android kernel compatibility with M userspace by Jeff Vander Stoep · 9 years ago
  80. 581be71 selinux: extended permissions for ioctls by Jeff Vander Stoep · 9 years ago
  81. 98df88f security: add ioctl specific auditing to lsm_audit by Jeff Vander Stoep · 9 years ago
  82. 4ac6187 selinux: remove unnecessary pointer reassignment by Jeff Vander Stoep · 9 years ago
  83. 399e7f7 Revert "security: lsm_audit: add ioctl specific auditing" by Jeff Vander Stoep · 9 years ago
  84. 1db0d29 Revert "SELinux: per-command whitelisting of ioctls" by Jeff Vander Stoep · 9 years ago
  85. ab56076 Revert "SELinux: use deletion-safe iterator to free list" by Jeff Vander Stoep · 9 years ago
  86. 14bbe78 Revert "SELinux: ss: Fix policy write for ioctl operations" by Jeff Vander Stoep · 9 years ago
  87. 1391b79 Merge LA.BF.1.1.3_rb1.13 into FP2 by chrmhoffmann · 7 years ago
  88. 57d7ea5 FPII-2740:KEYS: Fix short sprintf buffer in /proc/keys show function by David Howells · 8 years ago
  89. 194cce9 FPII-2605 : Elevation of privilege vulnerability in kernel security subsystem (device specific) CVE-2015-7872 A-31253168 by Jeron Susan · 8 years ago
  90. 9819791 FPII-2317: Elevation of privilege vulnerability in kernel security subsystem CVE-2016-4470 A-29823941 by Jeron Susan · 8 years ago
  91. f9a4bd2 FPII-2316: Elevation of privilege vulnerability in kernel security subsystem CVE-2014-9529 A-29510361 by Jeron Susan · 8 years ago
  92. f356ec9 SELinux: ss: Fix policy write for ioctl operations by Ravi Kumar Siddojigari · 9 years ago
  93. fc73488 SELinux: add default_type statements by Eric Paris · 12 years ago
  94. 25c1d54 SELinux: allow default source/target selectors for user/role/range by Eric Paris · 12 years ago
  95. 6506870 SELinux: use deletion-safe iterator to free list by Jeff Vander Stoep · 9 years ago
  96. 27975d3 selinux: Report permissive mode in avc: denied messages. by Stephen Smalley · 10 years ago
  97. fd290c6 SELinux: per-command whitelisting of ioctls by Jeff Vander Stoep · 9 years ago
  98. 290627a security: lsm_audit: add ioctl specific auditing by Jeff Vander Stoep · 9 years ago
  99. 2c08805 pstore: selinux: add security in-core xattr support for pstore and debugfs by Mark Salyzyn · 10 years ago
  100. 24fc717 SELinux: Update policy version to support constraints info by Richard Haines · 11 years ago