Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / kernel / common / a941384fba3f1b14965be38c3351af78999307b7 / security
  1. 8027ba4 ima: Do not print policy rule with inactive LSM labels by Stefan Berger · 2 years, 11 months ago
  2. 8171c8a ima: Allow template selection with ima_template[_fmt]= after ima_hash= by Roberto Sassu · 2 years, 11 months ago
  3. 0795b71 ima: Remove ima_policy file before directory by Stefan Berger · 3 years ago
  4. 7fea2e5 integrity: check the return value of audit_log_start() by Xiaoke Wang · 3 years ago
  5. f446089 selinux: fix double free of cond_list on error paths by Vratislav Bendel · 2 years, 11 months ago
  6. b2b1b49 selinux: fix potential memleak in selinux_add_opt() by Bernard Zhao · 3 years, 1 month ago
  7. 4833ad4 selinux: initialize proto variable in selinux_ip_postroute_compat() by Tom Rix · 3 years ago
  8. 0643d91 tomoyo: use hwight16() in tomoyo_domain_quota_is_ok() by Tetsuo Handa · 3 years ago
  9. e2048a1 tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok(). by Dmitry Vyukov · 3 years ago
  10. b17dd53 selinux: fix NULL-pointer dereference when hashtab allocation fails by Ondrej Mosnacek · 3 years, 1 month ago
  11. eaafc59 fortify: Explicitly disable Clang support by Kees Cook · 3 years, 8 months ago
  12. 851b622 apparmor: fix error check by Tom Rix · 4 years, 3 months ago
  13. d337537 smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi by Tetsuo Handa · 3 years, 2 months ago
  14. c11aecb smackfs: use __GFP_NOFAIL for smk_cipso_doi() by Tetsuo Handa · 3 years, 2 months ago
  15. 3fac6fe smackfs: Fix use-after-free in netlbl_catmap_walk() by Pawan Gupta · 3 years, 4 months ago
  16. c7400e2 evm: mark evm_fixmode as __ro_after_init by Austin Kim · 3 years, 2 months ago
  17. db04fb4 selinux: fix race condition when computing ocontext SIDs by Ondrej Mosnacek · 3 years, 5 months ago
  18. 0d9f4ae binder: use cred instead of task for selinux checks by Todd Kjos · 3 years, 2 months ago
  19. df19d95 Smack: Fix wrong semantics in smk_access_entry() by Tianjia Zhang · 3 years, 6 months ago
  20. 34d099a IMA: remove the dependency on CRYPTO_MD5 by THOBY Simon · 3 years, 4 months ago
  21. 5cc1ee3 IMA: remove -Wmissing-prototypes warning by Austin Kim · 3 years, 6 months ago
  22. d8c3859 bpf: Add lockdown check for probe_write_user helper by Daniel Borkmann · 3 years, 5 months ago
  23. f4984f6 selinux: correct the return value when loads initial sids by Xiu Jianfeng · 3 years, 5 months ago
  24. 3780348 smackfs: restrict bytes count in smk_set_cipso() by Tetsuo Handa · 3 years, 9 months ago
  25. f383718 selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC by Minchan Kim · 3 years, 7 months ago
  26. 912d16a evm: fix writing <securityfs>/evm overflow by Mimi Zohar · 3 years, 8 months ago
  27. 5312426 evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded by Roberto Sassu · 3 years, 8 months ago
  28. 7b84c7d evm: Execute evm_inode_init_security() only when an HMAC key is loaded by Roberto Sassu · 3 years, 8 months ago
  29. 1573d59 integrity: Load mokx variables into the blacklist keyring by Eric Snowberg · 4 years ago
  30. 4510906 certs: Add EFI_CERT_X509_GUID support for dbx entries by Eric Snowberg · 4 years ago
  31. 31c9a4b KEYS: trusted: Fix memory leak on object td by Colin Ian King · 3 years, 8 months ago
  32. 6b4b3b8 ima: Fix the error code for restoring the PCR value by Li Huafei · 3 years, 10 months ago
  33. 09a119a security: keys: trusted: fix TPM2 authorizations by James Bottomley · 4 years ago
  34. 4c0ddc8 selinux: add proper NULL termination to the secclass_map permissions by Paul Moore · 3 years, 8 months ago
  35. f37b9c142 security: commoncap: fix -Wstringop-overread warning by Arnd Bergmann · 3 years, 9 months ago
  36. bf84ef2 KEYS: trusted: Fix TPM reservation for seal/unseal by James Bottomley · 3 years, 8 months ago
  37. a28124e selinux: fix race between old and new sidtab by Ondrej Mosnacek · 3 years, 9 months ago
  38. fd75d73 selinux: fix cond_list corruption when changing booleans by Ondrej Mosnacek · 3 years, 9 months ago
  39. 4f29b08 selinux: make nslot handling in avtab more robust by Ondrej Mosnacek · 3 years, 9 months ago
  40. 546f7fc integrity: double check iint_cache was initialized by Mimi Zohar · 3 years, 9 months ago
  41. 19c9967 selinux: fix variable scope issue in live sidtab conversion by Ondrej Mosnacek · 3 years, 9 months ago
  42. 9731e08 selinux: don't log MAC_POLICY_LOAD record on failed policy load by Ondrej Mosnacek · 3 years, 9 months ago
  43. 5d5422a Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") by Eric W. Biederman · 3 years, 10 months ago
  44. aa40f5e tomoyo: recognize kernel threads correctly by Tetsuo Handa · 4 years ago
  45. e004209 tomoyo: ignore data race while checking quota by Tetsuo Handa · 4 years ago
  46. fa5b656 smackfs: restrict bytes count in smackfs write functions by Sabyrzhan Tasbolatov · 4 years ago
  47. 67118bb KEYS: trusted: Reserve TPM for seal and unseal operations by Jarkko Sakkinen · 4 years ago
  48. 54c527c KEYS: trusted: Fix migratable=1 failing by Jarkko Sakkinen · 4 years ago
  49. 9d83cc1 KEYS: trusted: Fix incorrect handling of tpm_get_random() by Jarkko Sakkinen · 4 years ago
  50. 2fe9215 selinux: fix inconsistency between inode_getxattr and inode_listsecurity by Amir Goldstein · 4 years ago
  51. d7b0efa certs: Fix blacklist flag type confusion by David Howells · 4 years, 1 month ago
  52. 6e223a3 watch_queue: Drop references to /dev/watch_queue by Gabriel Krisman Bertazi · 4 years, 1 month ago
  53. 54b4e5d capabilities: Don't allow writing ambiguous v3 file capabilities by Eric W. Biederman · 4 years ago
  54. c365d33 ima: Free IMA measurement buffer after kexec syscall by Lakshmi Ramasubramanian · 3 years, 11 months ago
  55. 1facf24 ima: Free IMA measurement buffer on error by Lakshmi Ramasubramanian · 3 years, 11 months ago
  56. 494e9ec evm: Fix memleak in init_desc by Dinghao Liu · 4 years ago
  57. 02dee03 cap: fix conversions on getxattr by Miklos Szeredi · 4 years ago
  58. a3fddad dump_common_audit_data(): fix racy accesses to ->d_name by Al Viro · 4 years ago
  59. 0f2206e ima: Don't modify file descriptor mode on the fly by Roberto Sassu · 4 years, 1 month ago
  60. 8f939ab Smack: Handle io_uring kernel thread privileges by Casey Schaufler · 4 years ago
  61. 6e5ea34 selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling by Paul Moore · 4 years, 2 months ago
  62. f0d7de0 selinux: fix error initialization in inode_doinit_with_dentry() by Tianyue Ren · 4 years, 3 months ago
  63. 30636a5 Merge tag 'selinux-pr-20201113' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 4 years, 1 month ago
  64. c350f8b selinux: Fix error return code in sel_ib_pkey_sid_slow() by Chen Zhou · 4 years, 2 months ago
  65. 4739eea ima: Replace zero-length array with flexible-array member by Gustavo A. R. Silva · 4 years, 4 months ago
  66. 81ecf91 Merge tag 'safesetid-5.10' of git://github.com/micah-morton/linux by Linus Torvalds · 4 years, 2 months ago
  67. 91989c7 task_work: cleanup notification modes by Jens Axboe · 4 years, 2 months ago
  68. 9ff9b0d Merge tag 'net-next-5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next by Linus Torvalds · 4 years, 2 months ago
  69. 840e5bb Merge tag 'integrity-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity by Linus Torvalds · 4 years, 2 months ago
  70. 726eb70 Merge tag 'char-misc-5.10-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc by Linus Torvalds · 4 years, 2 months ago
  71. 7b54081 Merge tag 'selinux-pr-20201012' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 4 years, 3 months ago
  72. 99a6740 Merge tag 'Smack-for-5.10' of git://github.com/cschaufler/smack-next by Linus Torvalds · 4 years, 3 months ago
  73. b274279 Merge tag 'tomoyo-pr-20201012' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1 by Linus Torvalds · 4 years, 3 months ago
  74. 03ca0ec LSM: SafeSetID: Fix warnings reported by test bot by Thomas Cedeno · 4 years, 5 months ago
  75. 5294bac LSM: SafeSetID: Add GID security policy handling by Thomas Cedeno · 4 years, 5 months ago
  76. 39a5101 Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 by Linus Torvalds · 4 years, 3 months ago
  77. 85ed13e Merge branch 'work.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 4 years, 3 months ago
  78. e6412f9 Merge tag 'efi-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip by Linus Torvalds · 4 years, 3 months ago
  79. a207516 tomoyo: Loosen pathname/domainname validation. by Tetsuo Handa · 4 years, 4 months ago
  80. edd6153 Smack: Remove unnecessary variable initialization by Casey Schaufler · 4 years, 3 months ago
  81. 0fa8e08 fs/kernel_file_read: Add "offset" arg for partial reads by Kees Cook · 4 years, 3 months ago
  82. 34736da IMA: Add support for file reads without contents by Scott Branden · 4 years, 3 months ago
  83. 2039bda LSM: Add "contents" flag to kernel_read_file hook by Kees Cook · 4 years, 3 months ago
  84. 4f2d99b firmware_loader: Use security_post_load_data() by Kees Cook · 4 years, 3 months ago
  85. b64fcae LSM: Introduce kernel_post_load_data() hook by Kees Cook · 4 years, 3 months ago
  86. 8853528 fs/kernel_read_file: Add file_size output argument by Kees Cook · 4 years, 3 months ago
  87. 113eeb5 fs/kernel_read_file: Switch buffer size arg to size_t by Kees Cook · 4 years, 3 months ago
  88. f7a4f68 fs/kernel_read_file: Remove redundant size argument by Kees Cook · 4 years, 3 months ago
  89. b89999d0 fs/kernel_read_file: Split into separate include file by Scott Branden · 4 years, 3 months ago
  90. c307459 fs/kernel_read_file: Remove FIRMWARE_PREALLOC_BUFFER enum by Kees Cook · 4 years, 3 months ago
  91. 5d47b39 security/keys: remove compat_keyctl_instantiate_key_iov by Christoph Hellwig · 4 years, 3 months ago
  92. 89cd35c iov_iter: transparently handle compat iovecs in import_iovec by Christoph Hellwig · 4 years, 3 months ago
  93. 0b7e44d integrity: Asymmetric digsig supports SM2-with-SM3 algorithm by Tianjia Zhang · 4 years, 3 months ago
  94. 3ab0a7a Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net by David S. Miller · 4 years, 3 months ago
  95. bf0afe6 Smack: Fix build when NETWORK_SECMARK is not set by Casey Schaufler · 4 years, 3 months ago
  96. aa662fc ima: Fix NULL pointer dereference in ima_file_hash by KP Singh · 4 years, 3 months ago
  97. 726bd89 integrity: Load certs from the EFI MOK config table by Lenny Szubowicz · 4 years, 4 months ago
  98. 38a1f03 integrity: Move import of MokListRT certs to a separate routine by Lenny Szubowicz · 4 years, 4 months ago
  99. 1e484d3 Merge tag 'fixes-v5.9a' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 4 years, 3 months ago
  100. 8861d0a selinux: Add helper functions to get and set checkreqprot by Lakshmi Ramasubramanian · 4 years, 3 months ago