1. 359efcc efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN by Javier Martinez Canillas · 5 years ago
  2. 2ef4591 Merge tag 'selinux-pr-20191007' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 5 years ago
  3. 7a8beb7 integrity: remove pointless subdir-$(CONFIG_...) by Masahiro Yamada · 5 years ago
  4. 6b190d3 integrity: remove unneeded, broken attempt to add -fshort-wchar by Masahiro Yamada · 5 years ago
  5. 2a52439 selinux: fix context string corruption in convert_context() by Ondrej Mosnacek · 5 years ago
  6. aefcf2f Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 5 years ago
  7. f1f2f61 Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity by Linus Torvalds · 5 years ago
  8. 9f75c82 KEYS: trusted: correctly initialize digests and fix locking issue by Roberto Sassu · 5 years ago
  9. e94f8cc Merge tag 'smack-for-5.4-rc1' of git://github.com/cschaufler/smack-next by Linus Torvalds · 5 years ago
  10. 1b5fb41 Merge tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux by Linus Torvalds · 5 years ago
  11. 5825a95 Merge tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 5 years ago
  12. 21ab858 LSM: SafeSetID: Stop releasing uninitialized ruleset by Micah Morton · 5 years ago
  13. f8a9bc6 security: constify some arrays in lockdown LSM by Matthew Garrett · 5 years ago
  14. d41a3ef keys: Fix missing null pointer check in request_key_auth_describe() by Hillf Danton · 5 years ago
  15. 169ce0c selinux: fix residual uses of current_security() for the SELinux blob by Stephen Smalley · 5 years ago
  16. e5bfad3 smack: use GFP_NOFS while holding inode_smack::smk_lock by Eric Biggers · 5 years ago
  17. 3f4287e security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb() by Jia-Ju Bai · 5 years ago
  18. a1a07f2 smack: fix some kernel-doc notations by luanshi · 5 years ago
  19. 3675f05 Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set by Jann Horn · 5 years ago
  20. 846d2db keys: ensure that ->match_free() is called in request_key_and_link() by Eric Biggers · 5 years ago
  21. 2a7f0e5 ima: ima_api: Use struct_size() in kzalloc() by Gustavo A. R. Silva · 5 years ago
  22. fa5b571 ima: use struct_size() in kzalloc() by Gustavo A. R. Silva · 6 years ago
  23. 556d971 ima: Fix use after free in ima_read_modsig() by Thiago Jung Bauermann · 5 years ago
  24. 116f21b selinux: avoid atomic_t usage in sidtab by Ondrej Mosnacek · 5 years ago
  25. b602614 lockdown: Print current->comm in restriction messages by Matthew Garrett · 5 years ago
  26. ccbd54f tracefs: Restrict tracefs when the kernel is locked down by Matthew Garrett · 5 years ago
  27. 5496197 debugfs: Restrict debugfs when the kernel is locked down by David Howells · 5 years ago
  28. 29d3c1c kexec: Allow kexec_file() with appropriate IMA policy when locked down by Matthew Garrett · 5 years ago
  29. b0c8fdc lockdown: Lock down perf when in confidentiality mode by David Howells · 5 years ago
  30. 9d1f8be5 bpf: Restrict bpf when kernel lockdown is in confidentiality mode by David Howells · 5 years ago
  31. a94549d lockdown: Lock down tracing and perf kprobes when in confidentiality mode by David Howells · 5 years ago
  32. 02e935b lockdown: Lock down /proc/kcore by David Howells · 5 years ago
  33. 906357f x86/mmiotrace: Lock down the testmmiotrace module by David Howells · 5 years ago
  34. 20657f6 lockdown: Lock down module params that specify hardware parameters (eg. ioport) by David Howells · 5 years ago
  35. 794edf3 lockdown: Lock down TIOCSSERIAL by David Howells · 5 years ago
  36. 3f19cad lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down by David Howells · 5 years ago
  37. f474e14 ACPI: Limit access to custom_method when the kernel is locked down by Matthew Garrett · 5 years ago
  38. 95f5e95 x86/msr: Restrict MSR access when the kernel is locked down by Matthew Garrett · 5 years ago
  39. 96c4f67 x86: Lock down IO port access when the kernel is locked down by Matthew Garrett · 5 years ago
  40. eb627e1 PCI: Lock down BAR access when the kernel is locked down by Matthew Garrett · 5 years ago
  41. 38bd94b hibernate: Disable when the kernel is locked down by Josh Boyer · 5 years ago
  42. 99d5cadf kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE by Jiri Bohac · 5 years ago
  43. 7d31f46 kexec_load: Disable at runtime if the kernel is locked down by Matthew Garrett · 5 years ago
  44. 9b9d8dd lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked down by Matthew Garrett · 5 years ago
  45. 49fcf73 lockdown: Enforce module signatures if the kernel is locked down by David Howells · 5 years ago
  46. 000d388 security: Add a static lockdown policy LSM by Matthew Garrett · 5 years ago
  47. 9e47d31 security: Add a "locked down" LSM hook by Matthew Garrett · 5 years ago
  48. e6b1db9 security: Support early LSMs by Matthew Garrett · 5 years ago
  49. 2d6c252 KEYS: trusted: allow module init if TPM is inactive or deactivated by Roberto Sassu · 5 years ago
  50. ac5656d fanotify, inotify, dnotify, security: add security hook for fs notifications by Aaron Goidel · 5 years ago
  51. 4ece312 ima: fix freeing ongoing ahash_request by Sascha Hauer · 5 years ago
  52. f5e1040 ima: always return negative code for error by Sascha Hauer · 5 years ago
  53. e509225 ima: Store the measurement again when appraising a modsig by Thiago Jung Bauermann · 6 years ago
  54. 3878d50 ima: Define ima-modsig template by Thiago Jung Bauermann · 6 years ago
  55. 1558822 ima: Collect modsig by Thiago Jung Bauermann · 6 years ago
  56. 39b0709 ima: Implement support for module-style appended signatures by Thiago Jung Bauermann · 6 years ago
  57. a5fbeb6 ima: Factor xattr_verify() out of ima_appraise_measurement() by Thiago Jung Bauermann · 6 years ago
  58. 9044d62 ima: Add modsig appraise_type option for module-style appended signatures by Thiago Jung Bauermann · 6 years ago
  59. cf38fed integrity: Select CONFIG_KEYS instead of depending on it by Thiago Jung Bauermann · 6 years ago
  60. 9b80c36 selinux: always return a secid from the network caches if we find one by Paul Moore · 5 years ago
  61. f07ea1d selinux: policydb - rename type_val_to_struct_array by Ondrej Mosnacek · 5 years ago
  62. 2492aca selinux: policydb - fix some checkpatch.pl warnings by Ondrej Mosnacek · 5 years ago
  63. 0eb2f29 selinux: shuffle around policydb.c to get rid of forward declarations by Paul Moore · 5 years ago
  64. 4f1a6ef Merge tag 'selinux-pr-20190801' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 5 years ago
  65. b36f281 ima: initialize the "template" field with the default template by Mimi Zohar · 5 years ago
  66. 4538523 selinux: fix memory leak in policydb_init() by Ondrej Mosnacek · 5 years ago
  67. c622fc5 Merge tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux by Linus Torvalds · 5 years ago
  68. 40233e7 Merge tag 'selinux-pr-20190726' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 5 years ago
  69. 173e6ee structleak: disable STRUCTLEAK_BYREF in combination with KASAN_STACK by Arnd Bergmann · 5 years ago
  70. acbc372 selinux: check sidtab limit before adding a new entry by Ondrej Mosnacek · 5 years ago
  71. 933a90b Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 5 years ago
  72. eec4844 proc/sysctl: add shared variables for range check by Matteo Croce · 5 years ago
  73. c309b6f Merge tag 'docs/v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media by Linus Torvalds · 5 years ago
  74. e10337d LSM: SafeSetID: fix use of literal -1 in capable hook by Jann Horn · 6 years ago
  75. 4f72123 LSM: SafeSetID: verify transitive constrainedness by Jann Horn · 6 years ago
  76. fbd9acb LSM: SafeSetID: add read handler by Jann Horn · 6 years ago
  77. 03638e6 LSM: SafeSetID: rewrite userspace API to atomic updates by Jann Horn · 6 years ago
  78. 71a9897 LSM: SafeSetID: fix userns handling in securityfs by Jann Horn · 6 years ago
  79. 78ae7df LSM: SafeSetID: refactor policy parsing by Jann Horn · 6 years ago
  80. 8068866 LSM: SafeSetID: refactor safesetid_security_capable() by Jann Horn · 6 years ago
  81. 1cd02a2 LSM: SafeSetID: refactor policy hash table by Jann Horn · 6 years ago
  82. 7ef6b30 LSM: SafeSetID: fix check for setresuid(new1, new2, new3) by Jann Horn · 6 years ago
  83. c783d52 LSM: SafeSetID: fix pr_warn() to include newline by Jann Horn · 6 years ago
  84. da82c92 docs: cgroup-v1: add it to the admin-guide book by Mauro Carvalho Chehab · 6 years ago
  85. e8d776f docs: x86: move two x86-specific files to x86 arch dir by Mauro Carvalho Chehab · 6 years ago
  86. ef8f3d4 Merge branch 'akpm' (patches from Andrew) by Linus Torvalds · 5 years ago
  87. 6471384 mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options by Alexander Potapenko · 5 years ago
  88. c079512 Merge tag 'loadpin-v5.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux by Linus Torvalds · 5 years ago
  89. 237f83d Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next by Linus Torvalds · 5 years ago
  90. 028db3e Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" by Linus Torvalds · 5 years ago
  91. e9a83bd Merge tag 'docs-5.3' of git://git.lwn.net/linux by Linus Torvalds · 5 years ago
  92. 9d22167 Merge branch 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 5 years ago
  93. 5ad18b2 Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace by Linus Torvalds · 5 years ago
  94. 92c1d65 Merge branch 'for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup by Linus Torvalds · 5 years ago
  95. 8b68150 Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity by Linus Torvalds · 5 years ago
  96. 0f75ef6 Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs by Linus Torvalds · 5 years ago
  97. c84ca91 Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs by Linus Torvalds · 5 years ago
  98. c236b6d Merge tag 'keys-request-20190626' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs by Linus Torvalds · 5 years ago
  99. d44a627 Merge tag 'keys-misc-20190619' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs by Linus Torvalds · 5 years ago
  100. 7c0f896 Merge tag 'selinux-pr-20190702' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux by Linus Torvalds · 5 years ago