1. af9e57b security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblock by J. Bruce Fields · 6 years ago
  2. 7b1386a keys: Fix dependency loop between construction record and auth key by David Howells · 6 years ago
  3. 727a261 missing barriers in some of unix_sock ->addr and ->path accesses by Al Viro · 6 years ago
  4. 865c798 apparmor: Fix aa_label_build() error handling for failed merges by John Johansen · 6 years ago
  5. 50d039d KEYS: always initialize keyring_index_key::desc_len by Eric Biggers · 6 years ago
  6. fe303ba KEYS: allow reaching the keys quotas exactly by Eric Biggers · 6 years ago
  7. 9c58ef2 smack: fix access permissions for keyring by Zoran Markovic · 6 years ago
  8. fbbfb5c selinux: always allow mounting submounts by Ondrej Mosnacek · 6 years ago
  9. 484636b selinux: fix GPF on invalid policy by Stephen Smalley · 6 years ago
  10. b9f9379 LSM: Check for NULL cred-security on free by James Morris · 6 years ago
  11. 41c13bf Yama: Check for pid death before checking ancestry by Kees Cook · 6 years ago
  12. 2524f5d selinux: policydb - fix byte order and alignment issues by Ondrej Mosnacek · 6 years ago
  13. d467320 ima: re-initialize iint->atomic_flags by Mimi Zohar · 7 years ago
  14. 281c07f ima: re-introduce own integrity cache lock by Dmitry Kasatkin · 7 years ago
  15. e099863 EVM: Add support for portable signature format by Matthew Garrett · 7 years ago
  16. de72a0f ima: always measure and audit files in policy by Mimi Zohar · 8 years ago
  17. 9520db1 selinux: Add __GFP_NOWARN to allocation at str_read() by Tetsuo Handa · 6 years ago
  18. d0a636a apparmor: Fix uninitialized value in aa_split_fqname by Zubin Mithra · 6 years ago
  19. 4c6fda1 ima: fix showing large 'violations' or 'runtime_measurements_count' by Eric Biggers · 6 years ago
  20. 50ec69e Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name" by Lubomir Rintel · 6 years ago
  21. 55bdb77 security: check for kstrdup() failure in lsm_append() by Eric Biggers · 7 years ago
  22. c818695 evm: Don't deadlock if a crypto algorithm is unavailable by Matthew Garrett · 7 years ago
  23. bff66313 Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets by Piotr Sawicki · 7 years ago
  24. 448b549 uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name by Randy Dunlap · 6 years ago
  25. 5a842ec cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() by Eddie.Horng · 7 years ago
  26. 4545cfb Smack: Mark inode instant in smack_task_to_inode by Casey Schaufler · 7 years ago
  27. cffbdb7 ima: based on policy verify firmware signatures (pre-allocated buffer) by Mimi Zohar · 7 years ago
  28. 9808c97 selinux: KASAN: slab-out-of-bounds in xattr_getsecurity by Sachin Grover · 7 years ago
  29. cd2399b ima: Fallback to the builtin hash algorithm by Petr Vorel · 7 years ago
  30. bc72e4f ima: Fix Kconfig to select TPM 2.0 CRB interface by Jiandi An · 7 years ago
  31. 09897fc integrity/security: fix digsig.c build error with header file by Randy Dunlap · 7 years ago
  32. 77df079 commoncap: Handle memory allocation failure. by Tetsuo Handa · 7 years ago
  33. 54b990e apparmor: fix resource audit messages when auditing peer by John Johansen · 7 years ago
  34. a0358f6 apparmor: fix display of .ns_name for containers by John Johansen · 7 years ago
  35. 1d0d8be apparmor: fix logging of the existence test for signals by John Johansen · 7 years ago
  36. ea60e54 /dev/mem: Add bounce buffer for copy-out by Kees Cook · 7 years ago
  37. fd6170b ima: relax requiring a file signature for new files with zero length by Mimi Zohar · 7 years ago
  38. ca18145 selinux: skip bounded transition processing if the policy isn't loaded by Paul Moore · 7 years ago
  39. 116df86 selinux: ensure the context is NUL terminated in security_context_to_sid_core() by Paul Moore · 7 years ago
  40. 516868c ima/policy: fix parsing of fsuuid by Mike Rapoport · 7 years ago
  41. c3e7fc9 security/Kconfig: Correct the Documentation reference for PTI by W. Trevor King · 7 years ago
  42. 233363f apparmor: fix ptrace label match when matching stacked labels by John Johansen · 7 years ago
  43. f5edee8 apparmor: fix regression in mount mediation when feature set is pinned by John Johansen · 7 years ago
  44. df4373c capabilities: fix buffer overread on very short xattr by Eric Biggers · 7 years ago
  45. 3dfd9fd x86/mm/pti: Add Kconfig by Dave Hansen · 7 years ago
  46. 8970889 apparmor: fix leak of null profile name if profile allocation fails by John Johansen · 7 years ago
  47. 28e7c9a KEYS: reject NULL restriction string when type is specified by Eric Biggers · 7 years ago
  48. 69d5894 KEYS: add missing permission check for request_key() destination by Eric Biggers · 7 years ago
  49. 7c50347 ima: fix hash algorithm initialization by Boshi Wang · 7 years ago
  50. 69af226 apparmor: fix oops in audit_signal_cb hook by John Johansen · 7 years ago
  51. 87eb84b ima: do not update security.ima if appraisal status is not INTEGRITY_PASS by Roberto Sassu · 7 years ago
  52. f7dc4c9 apparmor: fix off-by-one comparison on MAXMAPPED_SIG by John Johansen · 7 years ago
  53. ead7515 Merge tag 'spdx_identifiers-4.14-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core by Linus Torvalds · 7 years ago
  54. b244131 License cleanup: add SPDX GPL-2.0 license identifier to files with no license by Greg Kroah-Hartman · 7 years ago
  55. a3c812f KEYS: trusted: fix writing past end of buffer in trusted_read() by Eric Biggers · 7 years ago
  56. 3239b6f KEYS: return full count in keyring_read() if buffer is too small by Eric Biggers · 7 years ago
  57. 80c094a Revert "apparmor: add base infastructure for socket mediation" by Linus Torvalds · 7 years ago
  58. 76ba89c commoncap: move assignment of fs_ns to avoid null pointer dereference by Colin Ian King · 7 years ago
  59. 494b9ae7 Merge commit 'tags/keys-fixes-20171018' into fixes-v4.14-rc5 by James Morris · 7 years ago
  60. ab5c69f KEYS: load key flags and expiry time atomically in proc_keys_show() by Eric Biggers · 7 years ago
  61. 9d6c871 KEYS: Load key expiry time atomically in keyring_search_iterator() by Eric Biggers · 7 years ago
  62. 1823d47 KEYS: load key flags and expiry time atomically in key_validate() by Eric Biggers · 7 years ago
  63. 60ff5b2 KEYS: don't let add_key() update an uninstantiated key by David Howells · 7 years ago
  64. 363b02d KEYS: Fix race between updating and finding a negative key by David Howells · 7 years ago
  65. 3cd18d1 security/keys: BIG_KEY requires CONFIG_CRYPTO by Arnd Bergmann · 7 years ago
  66. 13923d0 KEYS: encrypted: fix dereference of NULL user_key_payload by Eric Biggers · 7 years ago
  67. 57e7ba0 lsm: fix smack_inode_removexattr and xattr_getsecurity memleak by Casey Schaufler · 7 years ago
  68. 2569e7e Merge commit 'keys-fixes-20170927' into fixes-v4.14-rc3 by James Morris · 7 years ago
  69. 428490e security/keys: rewrite all of big_key crypto by Jason A. Donenfeld · 7 years ago
  70. 9108018 security/keys: properly zero out sensitive key material in big_key by Jason A. Donenfeld · 7 years ago
  71. e007ce9 KEYS: use kmemdup() in request_key_auth_new() by Eric Biggers · 7 years ago
  72. 4aa68e0 KEYS: restrict /proc/keys by credentials at open time by Eric Biggers · 7 years ago
  73. 8f67456 KEYS: reset parent each time before searching key_user_tree by Eric Biggers · 7 years ago
  74. 37863c4 KEYS: prevent KEYCTL_READ on negative key by Eric Biggers · 7 years ago
  75. 237bbd2 KEYS: prevent creating a different user's keyrings by Eric Biggers · 7 years ago
  76. e645016 KEYS: fix writing past end of user-supplied buffer in keyring_read() by Eric Biggers · 7 years ago
  77. 7fc0786 KEYS: fix key refcount leak in keyctl_read_key() by Eric Biggers · 7 years ago
  78. 884bee0 KEYS: fix key refcount leak in keyctl_assume_authority() by Eric Biggers · 7 years ago
  79. f7b48cf KEYS: don't revoke uninstantiated key in request_key_auth_new() by Eric Biggers · 7 years ago
  80. 44d8143 KEYS: fix cred refcount leak in request_key_auth_new() by Eric Biggers · 7 years ago
  81. a302824 Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 7 years ago
  82. ab5348c security: fix description of values returned by cap_inode_need_killpriv by Stefan Berger · 8 years ago
  83. 79444df Merge tag 'apparmor-pr-2017-09-22' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor by Linus Torvalds · 7 years ago
  84. bf81100 apparmor: fix apparmorfs DAC access permissions by John Johansen · 7 years ago
  85. b1545db apparmor: fix build failure on sparc caused by undeclared signals by John Johansen · 7 years ago
  86. bc4d82f apparmor: fix incorrect type assignment when freeing proxies by John Johansen · 7 years ago
  87. 15372b9 apparmor: ensure unconfined profiles have dfas initialized by John Johansen · 7 years ago
  88. 290638a apparmor: fix race condition in null profile creation by John Johansen · 7 years ago
  89. d07881d apparmor: move new_null_profile to after profile lookup fns() by John Johansen · 7 years ago
  90. 651e28c apparmor: add base infastructure for socket mediation by John Johansen · 8 years ago
  91. cbf2d0e apparmor: add more debug asserts to apparmorfs by John Johansen · 8 years ago
  92. 2410aa9 apparmor: make policy_unpack able to audit different info messages by John Johansen · 8 years ago
  93. 26b7899 apparmor: add support for absolute root view based labels by John Johansen · 7 years ago
  94. f872af75 apparmor: cleanup conditional check for label in label_print by John Johansen · 7 years ago
  95. 2ea3ffb apparmor: add mount mediation by John Johansen · 8 years ago
  96. cd1dbf7 apparmor: add the ability to mediate signals by John Johansen · 8 years ago
  97. c556170 apparmor: Redundant condition: prev_ns. in [label.c:1498] by John Johansen · 7 years ago
  98. 5d314a8 apparmor: Fix an error code in aafs_create() by Dan Carpenter · 8 years ago
  99. 86aea56 apparmor: Fix logical error in verify_header() by Christos Gkekas · 8 years ago
  100. 19fe43a apparmor: Fix shadowed local variable in unpack_trans_table() by Geert Uytterhoeven · 8 years ago