Gitiles
Code Review
Sign In
review.shift-gmbh.com
/
SHIFTPHONES
/
mainline
/
linux
/
b9f7d245e34b1f42b5389b015962a2f022d4ece2
/
security
c9341ee
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 8 years ago
42e1b14
Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
by Linus Torvalds
· 8 years ago
5217660
KEYS: Use memzero_explicit() for secret data
by Dan Carpenter
· 8 years ago
57cb17e
KEYS: Fix an error code in request_master_key()
by Dan Carpenter
· 8 years ago
a2a1547
Merge branch 'stable-4.11' of git://git.infradead.org/users/pcmoore/selinux into next
by James Morris
· 8 years ago
0c461cb
selinux: fix off-by-one in setprocattr
by Stephen Smalley
· 8 years ago
e2241be
Merge branch 'stable-4.10' of git://git.infradead.org/users/pcmoore/selinux into next
by James Morris
· 8 years ago
1ea0ce4
selinux: allow changing labels for cgroupfs
by Antonio Murdaca
· 8 years ago
a050a57
selinux: fix off-by-one in setprocattr
by Stephen Smalley
· 8 years ago
20f482a
ima: allow to check MAY_APPEND
by Lans Zhang
· 8 years ago
bc15ed6
ima: fix ima_d_path() possible race with rename
by Mimi Zohar
· 8 years ago
710584b
Merge branch 'smack-for-4.11' of git://github.com/cschaufler/smack-next into next
by James Morris
· 8 years ago
d69dece5
LSM: Add /sys/kernel/security/lsm
by Casey Schaufler
· 8 years ago
3ccb76c
apparmor: fix undefined reference to `aa_g_hash_policy'
by John Johansen
· 8 years ago
e6bfa25
apparmor: replace remaining BUG_ON() asserts with AA_BUG()
by John Johansen
· 8 years ago
2c17cd3
apparmor: fix restricted endian type warnings for policy unpack
by John Johansen
· 8 years ago
e6e8bf4
apparmor: fix restricted endian type warnings for dfa unpack
by John Johansen
· 8 years ago
ca4bd5a
apparmor: add check for apparmor enabled in module parameters missing it
by John Johansen
· 8 years ago
d4669f0
apparmor: add per cpu work buffers to avoid allocating buffers at every hook
by John Johansen
· 8 years ago
e3ea1ca
apparmor: sysctl to enable unprivileged user ns AppArmor policy loading
by Tyler Hicks
· 9 years ago
e025be0
apparmor: support querying extended trusted helper extra data
by William Hua
· 8 years ago
12eb87d
apparmor: update cap audit to check SECURITY_CAP_NOAUDIT
by John Johansen
· 8 years ago
31f75bf
apparmor: make computing policy hashes conditional on kernel parameter
by John Johansen
· 8 years ago
aa9a39a
apparmor: convert change_profile to use fqname later to give better control
by John Johansen
· 8 years ago
c3e1e58
apparmor: fix change_hat debug output
by John Johansen
· 8 years ago
5ef50d0
apparmor: remove unused op parameter from simple_write_to_buffer()
by John Johansen
· 8 years ago
ef88a7a
apparmor: change aad apparmor_audit_data macro to a fn macro
by John Johansen
· 8 years ago
47f6e5c
apparmor: change op from int to const char *
by John Johansen
· 8 years ago
55a26eb
apparmor: rename context abreviation cxt to the more standard ctx
by John Johansen
· 8 years ago
a20aa95
apparmor: fail task profile update if current_cred isn't real_cred
by John Johansen
· 8 years ago
b7fd2c0
apparmor: add per policy ns .load, .replace, .remove interface files
by John Johansen
· 8 years ago
12dd717
apparmor: pass the subject profile into profile replace/remove
by John Johansen
· 8 years ago
04dc715
apparmor: audit policy ns specified in policy load
by John Johansen
· 8 years ago
5ac8c35
apparmor: allow introspecting the loaded policy pre internal transform
by John Johansen
· 8 years ago
fc1c9fd
apparmor: add ns name to the audit data for policy loads
by John Johansen
· 8 years ago
078c73c6
apparmor: add profile and ns params to aa_may_manage_policy()
by John Johansen
· 8 years ago
fd2a804
apparmor: add ns being viewed as a param to policy_admin_capable()
by John Johansen
· 8 years ago
2bd8dbb
apparmor: add ns being viewed as a param to policy_view_capable()
by John Johansen
· 8 years ago
a6f2330
apparmor: allow specifying the profile doing the management
by John Johansen
· 8 years ago
3e3e569
apparmor: allow introspecting the policy namespace name
by John Johansen
· 8 years ago
b79473f
apparmor: Make aa_remove_profile() callable from a different view
by John Johansen
· 8 years ago
ee2351e
apparmor: track ns level so it can be used to help in view checks
by John Johansen
· 8 years ago
a71ada3
apparmor: add special .null file used to "close" fds at exec
by John Johansen
· 8 years ago
34c426a
apparmor: provide userspace flag indicating binfmt_elf_mmap change
by John Johansen
· 8 years ago
11c236b
apparmor: add a default null dfa
by John Johansen
· 8 years ago
6604d4c
apparmor: allow policydb to be used as the file dfa
by John Johansen
· 8 years ago
293a488
apparmor: add get_dfa() fn
by John Johansen
· 8 years ago
474d6b75
apparmor: prepare to support newer versions of policy
by John Johansen
· 8 years ago
5ebfb12
apparmor: add support for force complain flag to support learning mode
by John Johansen
· 8 years ago
abbf873
apparmor: remove paranoid load switch
by John Johansen
· 8 years ago
181f7c9
apparmor: name null-XXX profiles after the executable
by John Johansen
· 8 years ago
30b026a
apparmor: pass gfp_t parameter into profile allocation
by John Johansen
· 8 years ago
73688d1
apparmor: refactor prepare_ns() and make usable from different views
by John Johansen
· 8 years ago
5fd1b95
apparmor: update policy_destroy to use new debug asserts
by John Johansen
· 8 years ago
d102d89
apparmor: pass gfp param into aa_policy_init()
by John Johansen
· 8 years ago
bbe4a7c
apparmor: constify policy name and hname
by John Johansen
· 8 years ago
6e474e3
apparmor: rename hname_tail to basename
by John Johansen
· 8 years ago
efeee83
apparmor: rename mediated_filesystem() to path_mediated_fs()
by John Johansen
· 8 years ago
680cd62
apparmor: add debug assert AA_BUG and Kconfig to control debug info
by John Johansen
· 8 years ago
57e36bb
apparmor: add macro for bug asserts to check that a lock is held
by John Johansen
· 8 years ago
92b6d8e
apparmor: allow ns visibility question to consider subnses
by John Johansen
· 8 years ago
31617dd
apparmor: add fn to lookup profiles by fqname
by John Johansen
· 8 years ago
3b0aaf5
apparmor: add lib fn to find the "split" for fqnames
by John Johansen
· 8 years ago
9a2d40c
apparmor: add strn version of aa_find_ns
by John Johansen
· 8 years ago
1741e9e
apparmor: add strn version of lookup_profile fn
by John Johansen
· 8 years ago
8399588
apparmor: rename replacedby to proxy
by John Johansen
· 8 years ago
d97d51d
apparmor: rename PFLAG_INVALID to PFLAG_STALE
by John Johansen
· 8 years ago
121d4a9
apparmor: rename sid to secid
by John Johansen
· 8 years ago
98849df
apparmor: rename namespace to ns to improve code line lengths
by John Johansen
· 8 years ago
cff281f
apparmor: split apparmor policy namespaces code into its own file
by John Johansen
· 8 years ago
fe6bb31
apparmor: split out shared policy_XXX fns to lib
by John Johansen
· 8 years ago
12557dc
apparmor: move lib definitions into separate lib include
by John Johansen
· 8 years ago
8486adf
apparmor: use designated initializers
by Kees Cook
· 8 years ago
a7f6c1b
AppArmor: Use GFP_KERNEL for __aa_kvmalloc().
by Tetsuo Handa
· 8 years ago
6b1ffa0
locking/atomic, kref: Use kref_get_unless_zero() more
by Peter Zijlstra
· 8 years ago
3a2f5a5
security,selinux,smack: kill security_task_wait hook
by Stephen Smalley
· 8 years ago
b4ba35c
selinux: drop unused socket security classes
by Stephen Smalley
· 8 years ago
83a1e53
Smack: ignore private inode for file functions
by Seung-Woo Kim
· 8 years ago
805b65a
Smack: fix d_instantiate logic for sockfs and pipefs
by Rafal Krypa
· 8 years ago
c9d238a
SMACK: Use smk_tskacc() instead of smk_access() for proper logging
by Himanshu Shukla
· 8 years ago
348dc28
Smack: Traverse the smack_known_list using list_for_each_entry_rcu macro
by Vishal Goel
· 8 years ago
3d4f673
SMACK: Free the i_security blob in inode using RCU
by Himanshu Shukla
· 8 years ago
d54a197
SMACK: Delete list_head repeated initialization
by Himanshu Shukla
· 8 years ago
2e962e2
SMACK: Add new lock for adding entry in smack master list
by Vishal Goel
· 8 years ago
0c96d1f
Smack: Fix the issue of wrong SMACK label update in socket bind fail case
by Vishal Goel
· 8 years ago
9d44c97
Smack: Fix the issue of permission denied error in ipv6 hook
by Vishal Goel
· 8 years ago
3c7ce34
SMACK: Add the rcu synchronization mechanism in ipv6 hooks
by Vishal Goel
· 8 years ago
900fde0
selinux: default to security isid in sel_make_bools() if no sid is found
by Gary Tierney
· 8 years ago
4262fb5
selinux: log errors when loading new policy
by Gary Tierney
· 8 years ago
b21507e
proc,security: move restriction on writing /proc/pid/attr nodes to proc
by Stephen Smalley
· 8 years ago
be0554c
selinux: clean up cred usage and simplify
by Stephen Smalley
· 8 years ago
01593d3
selinux: allow context mounts on tmpfs, ramfs, devpts within user namespaces
by Stephen Smalley
· 8 years ago
ef37979
selinux: handle ICMPv6 consistently with ICMP
by Stephen Smalley
· 8 years ago
a2c7c6f
selinux: add security in-core xattr support for tracefs
by Yongqin Liu
· 8 years ago
da69a53
selinux: support distinctions among all network address families
by Stephen Smalley
· 8 years ago
7c0f6ba
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
by Linus Torvalds
· 8 years ago
6732714
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 8 years ago
bfc5e3a
selinux: use the kernel headers when building scripts/selinux
by Paul Moore
· 8 years ago
98e1d55d
ima: platform-independent hash value
by Andreas Steffen
· 8 years ago
d68a6fe
ima: define a canonical binary_runtime_measurements list format
by Mimi Zohar
· 8 years ago
Next »