Gitiles
Code Review
Sign In
LeafOS
/
LeafOS-Devices
/
android_kernel_samsung_exynos9820
/
557301cf33aeccdb830bdf4664bd7ce74d73093b
/
security
af9e57b
security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblock
by J. Bruce Fields
· 6 years ago
7b1386a
keys: Fix dependency loop between construction record and auth key
by David Howells
· 6 years ago
727a261
missing barriers in some of unix_sock ->addr and ->path accesses
by Al Viro
· 6 years ago
865c798
apparmor: Fix aa_label_build() error handling for failed merges
by John Johansen
· 6 years ago
50d039d
KEYS: always initialize keyring_index_key::desc_len
by Eric Biggers
· 6 years ago
fe303ba
KEYS: allow reaching the keys quotas exactly
by Eric Biggers
· 6 years ago
9c58ef2
smack: fix access permissions for keyring
by Zoran Markovic
· 6 years ago
fbbfb5c
selinux: always allow mounting submounts
by Ondrej Mosnacek
· 6 years ago
484636b
selinux: fix GPF on invalid policy
by Stephen Smalley
· 6 years ago
b9f9379
LSM: Check for NULL cred-security on free
by James Morris
· 6 years ago
41c13bf
Yama: Check for pid death before checking ancestry
by Kees Cook
· 6 years ago
2524f5d
selinux: policydb - fix byte order and alignment issues
by Ondrej Mosnacek
· 6 years ago
d467320
ima: re-initialize iint->atomic_flags
by Mimi Zohar
· 7 years ago
281c07f
ima: re-introduce own integrity cache lock
by Dmitry Kasatkin
· 7 years ago
e099863
EVM: Add support for portable signature format
by Matthew Garrett
· 7 years ago
de72a0f
ima: always measure and audit files in policy
by Mimi Zohar
· 8 years ago
9520db1
selinux: Add __GFP_NOWARN to allocation at str_read()
by Tetsuo Handa
· 6 years ago
d0a636a
apparmor: Fix uninitialized value in aa_split_fqname
by Zubin Mithra
· 6 years ago
4c6fda1
ima: fix showing large 'violations' or 'runtime_measurements_count'
by Eric Biggers
· 6 years ago
50ec69e
Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name"
by Lubomir Rintel
· 6 years ago
55bdb77
security: check for kstrdup() failure in lsm_append()
by Eric Biggers
· 7 years ago
c818695
evm: Don't deadlock if a crypto algorithm is unavailable
by Matthew Garrett
· 7 years ago
bff66313
Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets
by Piotr Sawicki
· 7 years ago
448b549
uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name
by Randy Dunlap
· 6 years ago
5a842ec
cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias()
by Eddie.Horng
· 7 years ago
4545cfb
Smack: Mark inode instant in smack_task_to_inode
by Casey Schaufler
· 7 years ago
cffbdb7
ima: based on policy verify firmware signatures (pre-allocated buffer)
by Mimi Zohar
· 7 years ago
9808c97
selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
by Sachin Grover
· 7 years ago
cd2399b
ima: Fallback to the builtin hash algorithm
by Petr Vorel
· 7 years ago
bc72e4f
ima: Fix Kconfig to select TPM 2.0 CRB interface
by Jiandi An
· 7 years ago
09897fc
integrity/security: fix digsig.c build error with header file
by Randy Dunlap
· 7 years ago
77df079
commoncap: Handle memory allocation failure.
by Tetsuo Handa
· 7 years ago
54b990e
apparmor: fix resource audit messages when auditing peer
by John Johansen
· 7 years ago
a0358f6
apparmor: fix display of .ns_name for containers
by John Johansen
· 7 years ago
1d0d8be
apparmor: fix logging of the existence test for signals
by John Johansen
· 7 years ago
ea60e54
/dev/mem: Add bounce buffer for copy-out
by Kees Cook
· 7 years ago
fd6170b
ima: relax requiring a file signature for new files with zero length
by Mimi Zohar
· 7 years ago
ca18145
selinux: skip bounded transition processing if the policy isn't loaded
by Paul Moore
· 7 years ago
116df86
selinux: ensure the context is NUL terminated in security_context_to_sid_core()
by Paul Moore
· 7 years ago
516868c
ima/policy: fix parsing of fsuuid
by Mike Rapoport
· 7 years ago
c3e7fc9
security/Kconfig: Correct the Documentation reference for PTI
by W. Trevor King
· 7 years ago
233363f
apparmor: fix ptrace label match when matching stacked labels
by John Johansen
· 7 years ago
f5edee8
apparmor: fix regression in mount mediation when feature set is pinned
by John Johansen
· 7 years ago
df4373c
capabilities: fix buffer overread on very short xattr
by Eric Biggers
· 7 years ago
3dfd9fd
x86/mm/pti: Add Kconfig
by Dave Hansen
· 7 years ago
8970889
apparmor: fix leak of null profile name if profile allocation fails
by John Johansen
· 7 years ago
28e7c9a
KEYS: reject NULL restriction string when type is specified
by Eric Biggers
· 7 years ago
69d5894
KEYS: add missing permission check for request_key() destination
by Eric Biggers
· 7 years ago
7c50347
ima: fix hash algorithm initialization
by Boshi Wang
· 7 years ago
69af226
apparmor: fix oops in audit_signal_cb hook
by John Johansen
· 7 years ago
87eb84b
ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
by Roberto Sassu
· 7 years ago
f7dc4c9
apparmor: fix off-by-one comparison on MAXMAPPED_SIG
by John Johansen
· 7 years ago
ead7515
Merge tag 'spdx_identifiers-4.14-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
by Linus Torvalds
· 7 years ago
b244131
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
by Greg Kroah-Hartman
· 7 years ago
a3c812f
KEYS: trusted: fix writing past end of buffer in trusted_read()
by Eric Biggers
· 7 years ago
3239b6f
KEYS: return full count in keyring_read() if buffer is too small
by Eric Biggers
· 7 years ago
80c094a
Revert "apparmor: add base infastructure for socket mediation"
by Linus Torvalds
· 7 years ago
76ba89c
commoncap: move assignment of fs_ns to avoid null pointer dereference
by Colin Ian King
· 7 years ago
494b9ae7
Merge commit 'tags/keys-fixes-20171018' into fixes-v4.14-rc5
by James Morris
· 7 years ago
ab5c69f
KEYS: load key flags and expiry time atomically in proc_keys_show()
by Eric Biggers
· 7 years ago
9d6c871
KEYS: Load key expiry time atomically in keyring_search_iterator()
by Eric Biggers
· 7 years ago
1823d47
KEYS: load key flags and expiry time atomically in key_validate()
by Eric Biggers
· 7 years ago
60ff5b2
KEYS: don't let add_key() update an uninstantiated key
by David Howells
· 7 years ago
363b02d
KEYS: Fix race between updating and finding a negative key
by David Howells
· 7 years ago
3cd18d1
security/keys: BIG_KEY requires CONFIG_CRYPTO
by Arnd Bergmann
· 7 years ago
13923d0
KEYS: encrypted: fix dereference of NULL user_key_payload
by Eric Biggers
· 7 years ago
57e7ba0
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
by Casey Schaufler
· 7 years ago
2569e7e
Merge commit 'keys-fixes-20170927' into fixes-v4.14-rc3
by James Morris
· 7 years ago
428490e
security/keys: rewrite all of big_key crypto
by Jason A. Donenfeld
· 7 years ago
9108018
security/keys: properly zero out sensitive key material in big_key
by Jason A. Donenfeld
· 7 years ago
e007ce9
KEYS: use kmemdup() in request_key_auth_new()
by Eric Biggers
· 7 years ago
4aa68e0
KEYS: restrict /proc/keys by credentials at open time
by Eric Biggers
· 7 years ago
8f67456
KEYS: reset parent each time before searching key_user_tree
by Eric Biggers
· 7 years ago
37863c4
KEYS: prevent KEYCTL_READ on negative key
by Eric Biggers
· 7 years ago
237bbd2
KEYS: prevent creating a different user's keyrings
by Eric Biggers
· 7 years ago
e645016
KEYS: fix writing past end of user-supplied buffer in keyring_read()
by Eric Biggers
· 7 years ago
7fc0786
KEYS: fix key refcount leak in keyctl_read_key()
by Eric Biggers
· 7 years ago
884bee0
KEYS: fix key refcount leak in keyctl_assume_authority()
by Eric Biggers
· 7 years ago
f7b48cf
KEYS: don't revoke uninstantiated key in request_key_auth_new()
by Eric Biggers
· 7 years ago
44d8143
KEYS: fix cred refcount leak in request_key_auth_new()
by Eric Biggers
· 7 years ago
a302824
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 7 years ago
ab5348c
security: fix description of values returned by cap_inode_need_killpriv
by Stefan Berger
· 8 years ago
79444df
Merge tag 'apparmor-pr-2017-09-22' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor
by Linus Torvalds
· 7 years ago
bf81100
apparmor: fix apparmorfs DAC access permissions
by John Johansen
· 7 years ago
b1545db
apparmor: fix build failure on sparc caused by undeclared signals
by John Johansen
· 7 years ago
bc4d82f
apparmor: fix incorrect type assignment when freeing proxies
by John Johansen
· 7 years ago
15372b9
apparmor: ensure unconfined profiles have dfas initialized
by John Johansen
· 7 years ago
290638a
apparmor: fix race condition in null profile creation
by John Johansen
· 7 years ago
d07881d
apparmor: move new_null_profile to after profile lookup fns()
by John Johansen
· 7 years ago
651e28c
apparmor: add base infastructure for socket mediation
by John Johansen
· 8 years ago
cbf2d0e
apparmor: add more debug asserts to apparmorfs
by John Johansen
· 8 years ago
2410aa9
apparmor: make policy_unpack able to audit different info messages
by John Johansen
· 8 years ago
26b7899
apparmor: add support for absolute root view based labels
by John Johansen
· 7 years ago
f872af75
apparmor: cleanup conditional check for label in label_print
by John Johansen
· 7 years ago
2ea3ffb
apparmor: add mount mediation
by John Johansen
· 8 years ago
cd1dbf7
apparmor: add the ability to mediate signals
by John Johansen
· 8 years ago
c556170
apparmor: Redundant condition: prev_ns. in [label.c:1498]
by John Johansen
· 7 years ago
5d314a8
apparmor: Fix an error code in aafs_create()
by Dan Carpenter
· 8 years ago
86aea56
apparmor: Fix logical error in verify_header()
by Christos Gkekas
· 8 years ago
19fe43a
apparmor: Fix shadowed local variable in unpack_trans_table()
by Geert Uytterhoeven
· 8 years ago
Next »