Gitiles
Code Review
Sign In
review.shift-gmbh.com
/
SHIFTPHONES
/
mainline
/
linux
/
4ff0eccbb5c4487ef065931f5c566d85a5bfb5c9
/
security
359efcc
efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
by Javier Martinez Canillas
· 5 years ago
2ef4591
Merge tag 'selinux-pr-20191007' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
by Linus Torvalds
· 5 years ago
7a8beb7
integrity: remove pointless subdir-$(CONFIG_...)
by Masahiro Yamada
· 5 years ago
6b190d3
integrity: remove unneeded, broken attempt to add -fshort-wchar
by Masahiro Yamada
· 5 years ago
2a52439
selinux: fix context string corruption in convert_context()
by Ondrej Mosnacek
· 5 years ago
aefcf2f
Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 5 years ago
f1f2f61
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
by Linus Torvalds
· 5 years ago
9f75c82
KEYS: trusted: correctly initialize digests and fix locking issue
by Roberto Sassu
· 5 years ago
e94f8cc
Merge tag 'smack-for-5.4-rc1' of git://github.com/cschaufler/smack-next
by Linus Torvalds
· 5 years ago
1b5fb41
Merge tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux
by Linus Torvalds
· 5 years ago
5825a95
Merge tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
by Linus Torvalds
· 5 years ago
21ab858
LSM: SafeSetID: Stop releasing uninitialized ruleset
by Micah Morton
· 5 years ago
f8a9bc6
security: constify some arrays in lockdown LSM
by Matthew Garrett
· 5 years ago
d41a3ef
keys: Fix missing null pointer check in request_key_auth_describe()
by Hillf Danton
· 5 years ago
169ce0c
selinux: fix residual uses of current_security() for the SELinux blob
by Stephen Smalley
· 5 years ago
e5bfad3
smack: use GFP_NOFS while holding inode_smack::smk_lock
by Eric Biggers
· 5 years ago
3f4287e
security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb()
by Jia-Ju Bai
· 5 years ago
a1a07f2
smack: fix some kernel-doc notations
by luanshi
· 5 years ago
3675f05
Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set
by Jann Horn
· 5 years ago
846d2db
keys: ensure that ->match_free() is called in request_key_and_link()
by Eric Biggers
· 5 years ago
2a7f0e5
ima: ima_api: Use struct_size() in kzalloc()
by Gustavo A. R. Silva
· 5 years ago
fa5b571
ima: use struct_size() in kzalloc()
by Gustavo A. R. Silva
· 6 years ago
556d971
ima: Fix use after free in ima_read_modsig()
by Thiago Jung Bauermann
· 5 years ago
116f21b
selinux: avoid atomic_t usage in sidtab
by Ondrej Mosnacek
· 5 years ago
b602614
lockdown: Print current->comm in restriction messages
by Matthew Garrett
· 5 years ago
ccbd54f
tracefs: Restrict tracefs when the kernel is locked down
by Matthew Garrett
· 5 years ago
5496197
debugfs: Restrict debugfs when the kernel is locked down
by David Howells
· 5 years ago
29d3c1c
kexec: Allow kexec_file() with appropriate IMA policy when locked down
by Matthew Garrett
· 5 years ago
b0c8fdc
lockdown: Lock down perf when in confidentiality mode
by David Howells
· 5 years ago
9d1f8be5
bpf: Restrict bpf when kernel lockdown is in confidentiality mode
by David Howells
· 5 years ago
a94549d
lockdown: Lock down tracing and perf kprobes when in confidentiality mode
by David Howells
· 5 years ago
02e935b
lockdown: Lock down /proc/kcore
by David Howells
· 5 years ago
906357f
x86/mmiotrace: Lock down the testmmiotrace module
by David Howells
· 5 years ago
20657f6
lockdown: Lock down module params that specify hardware parameters (eg. ioport)
by David Howells
· 5 years ago
794edf3
lockdown: Lock down TIOCSSERIAL
by David Howells
· 5 years ago
3f19cad
lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down
by David Howells
· 5 years ago
f474e14
ACPI: Limit access to custom_method when the kernel is locked down
by Matthew Garrett
· 5 years ago
95f5e95
x86/msr: Restrict MSR access when the kernel is locked down
by Matthew Garrett
· 5 years ago
96c4f67
x86: Lock down IO port access when the kernel is locked down
by Matthew Garrett
· 5 years ago
eb627e1
PCI: Lock down BAR access when the kernel is locked down
by Matthew Garrett
· 5 years ago
38bd94b
hibernate: Disable when the kernel is locked down
by Josh Boyer
· 5 years ago
99d5cadf
kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
by Jiri Bohac
· 5 years ago
7d31f46
kexec_load: Disable at runtime if the kernel is locked down
by Matthew Garrett
· 5 years ago
9b9d8dd
lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked down
by Matthew Garrett
· 5 years ago
49fcf73
lockdown: Enforce module signatures if the kernel is locked down
by David Howells
· 5 years ago
000d388
security: Add a static lockdown policy LSM
by Matthew Garrett
· 5 years ago
9e47d31
security: Add a "locked down" LSM hook
by Matthew Garrett
· 5 years ago
e6b1db9
security: Support early LSMs
by Matthew Garrett
· 5 years ago
2d6c252
KEYS: trusted: allow module init if TPM is inactive or deactivated
by Roberto Sassu
· 5 years ago
ac5656d
fanotify, inotify, dnotify, security: add security hook for fs notifications
by Aaron Goidel
· 5 years ago
4ece312
ima: fix freeing ongoing ahash_request
by Sascha Hauer
· 5 years ago
f5e1040
ima: always return negative code for error
by Sascha Hauer
· 5 years ago
e509225
ima: Store the measurement again when appraising a modsig
by Thiago Jung Bauermann
· 6 years ago
3878d50
ima: Define ima-modsig template
by Thiago Jung Bauermann
· 6 years ago
1558822
ima: Collect modsig
by Thiago Jung Bauermann
· 6 years ago
39b0709
ima: Implement support for module-style appended signatures
by Thiago Jung Bauermann
· 6 years ago
a5fbeb6
ima: Factor xattr_verify() out of ima_appraise_measurement()
by Thiago Jung Bauermann
· 6 years ago
9044d62
ima: Add modsig appraise_type option for module-style appended signatures
by Thiago Jung Bauermann
· 6 years ago
cf38fed
integrity: Select CONFIG_KEYS instead of depending on it
by Thiago Jung Bauermann
· 6 years ago
9b80c36
selinux: always return a secid from the network caches if we find one
by Paul Moore
· 5 years ago
f07ea1d
selinux: policydb - rename type_val_to_struct_array
by Ondrej Mosnacek
· 5 years ago
2492aca
selinux: policydb - fix some checkpatch.pl warnings
by Ondrej Mosnacek
· 5 years ago
0eb2f29
selinux: shuffle around policydb.c to get rid of forward declarations
by Paul Moore
· 5 years ago
4f1a6ef
Merge tag 'selinux-pr-20190801' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
by Linus Torvalds
· 5 years ago
b36f281
ima: initialize the "template" field with the default template
by Mimi Zohar
· 5 years ago
4538523
selinux: fix memory leak in policydb_init()
by Ondrej Mosnacek
· 5 years ago
c622fc5
Merge tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
by Linus Torvalds
· 5 years ago
40233e7
Merge tag 'selinux-pr-20190726' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
by Linus Torvalds
· 5 years ago
173e6ee
structleak: disable STRUCTLEAK_BYREF in combination with KASAN_STACK
by Arnd Bergmann
· 5 years ago
acbc372
selinux: check sidtab limit before adding a new entry
by Ondrej Mosnacek
· 5 years ago
933a90b
Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 5 years ago
eec4844
proc/sysctl: add shared variables for range check
by Matteo Croce
· 5 years ago
c309b6f
Merge tag 'docs/v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media
by Linus Torvalds
· 5 years ago
e10337d
LSM: SafeSetID: fix use of literal -1 in capable hook
by Jann Horn
· 6 years ago
4f72123
LSM: SafeSetID: verify transitive constrainedness
by Jann Horn
· 6 years ago
fbd9acb
LSM: SafeSetID: add read handler
by Jann Horn
· 6 years ago
03638e6
LSM: SafeSetID: rewrite userspace API to atomic updates
by Jann Horn
· 6 years ago
71a9897
LSM: SafeSetID: fix userns handling in securityfs
by Jann Horn
· 6 years ago
78ae7df
LSM: SafeSetID: refactor policy parsing
by Jann Horn
· 6 years ago
8068866
LSM: SafeSetID: refactor safesetid_security_capable()
by Jann Horn
· 6 years ago
1cd02a2
LSM: SafeSetID: refactor policy hash table
by Jann Horn
· 6 years ago
7ef6b30
LSM: SafeSetID: fix check for setresuid(new1, new2, new3)
by Jann Horn
· 6 years ago
c783d52
LSM: SafeSetID: fix pr_warn() to include newline
by Jann Horn
· 6 years ago
da82c92
docs: cgroup-v1: add it to the admin-guide book
by Mauro Carvalho Chehab
· 6 years ago
e8d776f
docs: x86: move two x86-specific files to x86 arch dir
by Mauro Carvalho Chehab
· 6 years ago
ef8f3d4
Merge branch 'akpm' (patches from Andrew)
by Linus Torvalds
· 5 years ago
6471384
mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options
by Alexander Potapenko
· 5 years ago
c079512
Merge tag 'loadpin-v5.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
by Linus Torvalds
· 5 years ago
237f83d
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
by Linus Torvalds
· 5 years ago
028db3e
Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"
by Linus Torvalds
· 5 years ago
e9a83bd
Merge tag 'docs-5.3' of git://git.lwn.net/linux
by Linus Torvalds
· 5 years ago
9d22167
Merge branch 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 5 years ago
5ad18b2
Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
by Linus Torvalds
· 5 years ago
92c1d65
Merge branch 'for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup
by Linus Torvalds
· 5 years ago
8b68150
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
by Linus Torvalds
· 5 years ago
0f75ef6
Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
by Linus Torvalds
· 5 years ago
c84ca91
Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
by Linus Torvalds
· 5 years ago
c236b6d
Merge tag 'keys-request-20190626' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
by Linus Torvalds
· 5 years ago
d44a627
Merge tag 'keys-misc-20190619' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
by Linus Torvalds
· 5 years ago
7c0f896
Merge tag 'selinux-pr-20190702' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
by Linus Torvalds
· 5 years ago
Next »