index
:
kernel/git/wtarreau/testing.git
master
slhttp/standalone-3.13-rc3
txmark/3.10-neta-ixgbe
txmark/3.11-ndiv
txmark/3.11-neta
Various patches I use in tests
Willy Tarreau
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
security
Age
Commit message (
Expand
)
Author
Files
Lines
2016-09-07
Merge tag 'usercopy-v4.8-rc6-part2' of git://git.kernel.org/pub/scm/linux/ker...
Linus Torvalds
1
-0
/
+11
2016-09-07
usercopy: remove page-spanning test for now
Kees Cook
1
-0
/
+11
2016-08-19
Make the hardened user-copy code depend on having a hardened allocator
Linus Torvalds
1
-0
/
+1
2016-08-08
Merge tag 'usercopy-v4.8' of git://git.kernel.org/pub/scm/linux/kernel/git/ke...
Linus Torvalds
1
-0
/
+28
2016-08-06
Merge branch 'work.const-qstr' of git://git.kernel.org/pub/scm/linux/kernel/g...
Linus Torvalds
2
-2
/
+2
2016-07-29
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...
Linus Torvalds
36
-195
/
+345
2016-07-29
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...
Linus Torvalds
5
-8
/
+73
2016-07-28
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...
Linus Torvalds
1
-9
/
+6
2016-07-28
Merge branch 'salted-string-hash'
Linus Torvalds
3
-4
/
+4
2016-07-27
apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling
Arnd Bergmann
3
-3
/
+7
2016-07-26
mm: Hardened usercopy
Kees Cook
1
-0
/
+28
2016-07-26
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...
Linus Torvalds
1
-12
/
+18
2016-07-20
qstr: constify dentry_init_security
Al Viro
2
-2
/
+2
2016-07-12
apparmor: fix arg_size computation for when setprocattr is null terminated
John Johansen
1
-1
/
+1
2016-07-12
apparmor: fix oops, validate buffer size in apparmor_setprocattr()
Vegard Nossum
1
-17
/
+19
2016-07-12
apparmor: do not expose kernel stack
Heinrich Schuchardt
1
-1
/
+3
2016-07-12
apparmor: fix module parameters can be changed after policy is locked
John Johansen
3
-13
/
+29
2016-07-12
apparmor: fix oops in profile_unpack() when policy_db is not present
John Johansen
1
-0
/
+3
2016-07-12
apparmor: don't check for vmalloc_addr if kvzalloc() failed
John Johansen
1
-5
/
+5
2016-07-12
apparmor: add missing id bounds check on dfa verification
John Johansen
2
-0
/
+3
2016-07-12
apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task
Jeff Mahoney
1
-2
/
+4
2016-07-12
apparmor: use list_next_entry instead of list_entry_next
Geliang Tang
1
-5
/
+3
2016-07-12
apparmor: fix refcount race when finding a child profile
John Johansen
1
-1
/
+3
2016-07-12
apparmor: fix ref count leak when profile sha1 hash is read
John Johansen
1
-0
/
+1
2016-07-12
apparmor: check that xindex is in trans_table bounds
John Johansen
1
-1
/
+1
2016-07-12
apparmor: ensure the target profile name is always audited
John Johansen
1
-11
/
+9
2016-07-12
apparmor: fix audit full profile hname on successful load
John Johansen
1
-1
/
+1
2016-07-12
apparmor: fix log failures for all profiles in a set
John Johansen
1
-10
/
+19
2016-07-12
apparmor: fix put() parent ref after updating the active ref
John Johansen
1
-1
/
+1
2016-07-12
apparmor: add parameter to control whether policy hashing is used
John Johansen
4
-6
/
+25
2016-07-12
apparmor: internal paths should be treated as disconnected
John Johansen
1
-28
/
+36
2016-07-12
apparmor: fix disconnected bind mnts reconnection
John Johansen
1
-1
/
+4
2016-07-12
apparmor: fix update the mtime of the profile file on replacement
John Johansen
1
-0
/
+2
2016-07-12
apparmor: exec should not be returning ENOENT when it denies
John Johansen
1
-1
/
+1
2016-07-12
apparmor: fix uninitialized lsm_audit member
John Johansen
2
-2
/
+4
2016-07-12
apparmor: fix replacement bug that adds new child to old parent
John Johansen
1
-1
/
+1
2016-07-12
apparmor: fix refcount bug in profile replacement
John Johansen
1
-2
/
+2
2016-07-09
Merge tag 'keys-misc-20160708' of git://git.kernel.org/pub/scm/linux/kernel/g...
James Morris
2
-2
/
+2
2016-07-08
Merge branch 'smack-for-4.8' of https://github.com/cschaufler/smack-next into...
James Morris
1
-0
/
+3
2016-07-08
apparmor: fix oops, validate buffer size in apparmor_setprocattr()
Vegard Nossum
1
-17
/
+19
2016-07-07
Merge branch 'stable-4.8' of git://git.infradead.org/users/pcmoore/selinux in...
James Morris
7
-64
/
+73
2016-07-05
evm: Translate user/group ids relative to s_user_ns when computing HMAC
Seth Forshee
1
-2
/
+2
2016-06-30
Merge branch 'd_real' of git://git.kernel.org/pub/scm/linux/kernel/git/mszere...
Al Viro
5
-7
/
+14
2016-06-30
ima: extend the measurement entry specific pcr
Eric Richter
1
-3
/
+3
2016-06-30
ima: change integrity cache to store measured pcr
Eric Richter
3
-3
/
+11
2016-06-30
ima: redefine duplicate template entries
Eric Richter
1
-3
/
+4
2016-06-30
ima: change ima_measurements_show() to display the entry specific pcr
Eric Richter
1
-5
/
+4
2016-06-30
ima: include pcr for each measurement log entry
Eric Richter
4
-8
/
+13
2016-06-30
ima: extend ima_get_action() to return the policy pcr
Eric Richter
5
-7
/
+14
2016-06-30
ima: add policy support for extending different pcrs
Eric Richter
1
-1
/
+28
2016-06-30
integrity: add measured_pcrs field to integrity cache
Eric Richter
2
-0
/
+3
2016-06-27
calipso: Add a label cache.
Huw Davies
1
-3
/
+6
2016-06-27
netlabel: Pass a family parameter to netlbl_skbuff_err().
Huw Davies
4
-8
/
+10
2016-06-27
calipso: Allow the lsm to label the skbuff directly.
Huw Davies
1
-0
/
+15
2016-06-27
calipso: Allow request sockets to be relabelled by the lsm.
Huw Davies
1
-1
/
+1
2016-06-27
netlabel: Prevent setsockopt() from changing the hop-by-hop option.
Huw Davies
1
-1
/
+16
2016-06-27
calipso: Set the calipso socket label to match the secattr.
Huw Davies
1
-1
/
+1
2016-06-24
selinux: Add support for unprivileged mounts from user namespaces
Seth Forshee
1
-0
/
+23
2016-06-24
Smack: Handle labels consistently in untrusted mounts
Seth Forshee
1
-10
/
+19
2016-06-24
Smack: Add support for unprivileged mounts from user namespaces
Seth Forshee
2
-12
/
+37
2016-06-24
fs: Treat foreign mounts as nosuid
Andy Lutomirski
2
-2
/
+8
2016-06-24
fs: Limit file caps to the user namespace of the super block
Seth Forshee
1
-0
/
+2
2016-06-24
KEYS: Use skcipher for big keys
Herbert Xu
1
-12
/
+18
2016-06-16
KEYS: potential uninitialized variable
Dan Carpenter
1
-1
/
+1
2016-06-15
selinux: fix type mismatch
Heinrich Schuchardt
1
-1
/
+1
2016-06-14
KEYS: Strip trailing spaces
David Howells
2
-2
/
+2
2016-06-10
vfs: make the string hashes salt the hash
Linus Torvalds
3
-4
/
+4
2016-06-09
selinux: import NetLabel category bitmaps correctly
Paul Moore
1
-1
/
+1
2016-06-08
Smack: ignore null signal in smack_task_kill
Rafal Krypa
1
-0
/
+3
2016-06-06
security: tomoyo: simplify the gc kthread creation
Mike Danese
1
-7
/
+2
2016-06-06
LSM: Fix for security_inode_getsecurity and -EOPNOTSUPP
Casey Schaufler
1
-4
/
+25
2016-06-03
KEYS: Add placeholder for KDF usage with DH
Stephan Mueller
4
-6
/
+13
2016-05-31
selinux: Only apply bounds checking to source types
Stephen Smalley
1
-48
/
+22
2016-05-29
securityfs: ->d_parent is never NULL or negative
Al Viro
1
-5
/
+6
2016-05-29
drbd: ->d_parent is never NULL or negative
Al Viro
1
-4
/
+0
2016-05-27
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...
Linus Torvalds
1
-1
/
+1
2016-05-27
switch ->setxattr() to passing dentry and inode separately
Al Viro
1
-1
/
+1
2016-05-26
Yama: fix double-spinlock and user access in atomic context
Jann Horn
1
-6
/
+63
2016-05-20
security/integrity/ima/ima_policy.c: use %pU to output UUID in printable format
Andy Shevchenko
1
-12
/
+2
2016-05-19
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...
Linus Torvalds
34
-185
/
+909
2016-05-17
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Linus Torvalds
1
-1
/
+3
2016-05-17
Merge branch 'work.const-path' of git://git.kernel.org/pub/scm/linux/kernel/g...
Linus Torvalds
13
-106
/
+83
2016-05-17
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...
Linus Torvalds
4
-14
/
+15
2016-05-17
Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/ke...
Linus Torvalds
2
-2
/
+2
2016-05-17
LSM: LoadPin: provide enablement CONFIG
Kees Cook
2
-6
/
+15
2016-05-17
Merge branch 'ovl-fixes' into for-linus
Al Viro
1
-2
/
+2
2016-05-09
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
David S. Miller
1
-2
/
+2
2016-05-06
Merge branch 'stable-4.7' of git://git.infradead.org/users/pcmoore/selinux in...
James Morris
5
-60
/
+127
2016-05-06
Merge tag 'keys-next-20160505' of git://git.kernel.org/pub/scm/linux/kernel/g...
James Morris
19
-112
/
+516
2016-05-04
Yama: use atomic allocations when reporting
Sasha Levin
1
-2
/
+2
2016-05-04
Merge branch 'keys-trust' into keys-next
David Howells
10
-62
/
+128
2016-05-04
ima: fix the string representation of the LSM/IMA hook enumeration ordering
Mimi Zohar
1
-2
/
+2
2016-05-01
ima: add support for creating files using the mknodat syscall
Mimi Zohar
2
-1
/
+29
2016-05-01
ima: fix ima_inode_post_setattr
Mimi Zohar
2
-1
/
+2
2016-04-26
selinux: apply execstack check on thread stacks
Stephen Smalley
1
-2
/
+3
2016-04-26
selinux: distinguish non-init user namespace capability checks
Stephen Smalley
2
-17
/
+25
2016-04-22
security: Introduce security_settime64()
Baolin Wang
2
-2
/
+2
2016-04-21
LSM: LoadPin for kernel file loading restrictions
Kees Cook
6
-0
/
+205
2016-04-21
Yama: consolidate error reporting
Kees Cook
1
-10
/
+21
2016-04-20
rtnetlink: add new RTM_GETSTATS message to dump link stats
Roopa Prabhu
1
-1
/
+3
2016-04-19
selinux: check ss_initialized before revalidating an inode label
Paul Moore
1
-1
/
+1
2016-04-19
selinux: delay inode label lookup as long as possible
Paul Moore
1
-8
/
+13
2016-04-19
selinux: don't revalidate an inode's label when explicitly setting it
Paul Moore
1
-2
/
+11
2016-04-14
selinux: Change bool variable name to index.
Prarit Bhargava
2
-4
/
+4
2016-04-12
KEYS: Add KEYCTL_DH_COMPUTE command
Mat Martineau
6
-0
/
+193
2016-04-12
Security: Keys: Big keys stored encrypted
Kirill Marinushkin
2
-18
/
+184
2016-04-12
KEYS: user_update should use copy of payload made during preparsing
David Howells
1
-31
/
+11
2016-04-12
security: integrity: Remove select to deleted option PUBLIC_KEY_ALGO_RSA
Andreas Ziegler
1
-1
/
+0
2016-04-11
IMA: Use the the system trusted keyrings instead of .ima_mok
David Howells
4
-53
/
+32
2016-04-11
KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTED
David Howells
3
-39
/
+4
2016-04-11
KEYS: Move the point of trust determination to __key_link()
David Howells
2
-4
/
+35
2016-04-11
KEYS: Add a facility to restrict new links into a keyring
David Howells
8
-33
/
+124
2016-04-11
->getxattr(): pass dentry and inode as separate arguments
Al Viro
4
-10
/
+11
2016-04-11
security: drop the unused hook skb_owned_by
Paolo Abeni
1
-1
/
+0
2016-04-10
don't bother with ->d_inode->i_sb - it's always equal to ->d_sb
Al Viro
3
-4
/
+4
2016-04-05
selinux: restrict kernel module loading
Jeff Vander Stoep
2
-1
/
+48
2016-04-05
selinux: consolidate the ptrace parent lookup code
Paul Moore
1
-21
/
+17
2016-04-05
selinux: simply inode label states to INVALID and INITIALIZED
Paul Moore
2
-4
/
+3
2016-04-05
selinux: don't revalidate inodes in selinux_socket_getpeersec_dgram()
Paul Moore
1
-3
/
+5
2016-03-28
constify ima_d_path()
Al Viro
2
-2
/
+2
2016-03-28
constify security_sb_pivotroot()
Al Viro
2
-2
/
+2
2016-03-28
constify security_path_chroot()
Al Viro
2
-2
/
+2
2016-03-28
constify security_path_{link,rename}
Al Viro
3
-9
/
+9
2016-03-28
apparmor: remove useless checks for NULL ->mnt
Al Viro
1
-2
/
+2
2016-03-28
constify security_path_{mkdir,mknod,symlink}
Al Viro
3
-9
/
+9
2016-03-28
constify security_path_{unlink,rmdir}
Al Viro
3
-6
/
+6
2016-03-28
apparmor: constify common_perm_...()
Al Viro
1
-4
/
+4
2016-03-28
apparmor: constify aa_path_link()
Al Viro
2
-2
/
+2
2016-03-28
apparmor: new helper - common_path_perm()
Al Viro
1
-35
/
+12
2016-03-28
constify chmod_common/security_path_chmod
Al Viro
3
-3
/
+3
2016-03-28
constify security_sb_mount()
Al Viro
3
-3
/
+3
2016-03-28
constify chown_common/security_path_chown
Al Viro
3
-3
/
+3
2016-03-28
tomoyo: constify assorted struct path *
Al Viro
3
-13
/
+13
2016-03-28
apparmor_path_truncate(): path->mnt is never NULL
Al Viro
1
-1
/
+1
2016-03-28
constify security_path_truncate()
Al Viro
3
-3
/
+3
2016-03-27
[apparmor] constify struct path * in a bunch of helpers
Al Viro
5
-8
/
+8
2016-03-20
Merge branch 'mm-pkeys-for-linus' of git://git.kernel.org/pub/scm/linux/kerne...
Linus Torvalds
1
-1
/
+8
2016-03-17
Merge tag 'tty-4.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/greg...
Linus Torvalds
1
-2
/
+2
2016-03-17
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...
Linus Torvalds
20
-227
/
+450
2016-03-17
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert...
Linus Torvalds
1
-32
/
+50
2016-03-04
Merge tag 'keys-next-20160303' of git://git.kernel.org/pub/scm/linux/kernel/g...
James Morris
5
-25
/
+12
2016-03-04
Merge branch 'stable-4.6' of git://git.infradead.org/users/pcmoore/selinux in...
James Morris
1
-1
/
+1
2016-03-03
X.509: Make algo identifiers text instead of enum
David Howells
2
-4
/
+5
2016-03-03
akcipher: Move the RSA DER encoding check to the crypto layer
David Howells
1
-0
/
+1
2016-02-26
Merge branch 'stable-4.5' of git://git.infradead.org/users/pcmoore/selinux in...
James Morris
1
-1
/
+1
2016-02-26
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...
James Morris
13
-163
/
+418
2016-02-22
Merge branch 'smack-for-4.6' of https://github.com/cschaufler/smack-next into...
James Morris
1
-32
/
+14
2016-02-21
ima: require signed IMA policy
Mimi Zohar
1
-0
/
+7
2016-02-21
ima: measure and appraise the IMA policy itself
Mimi Zohar
4
-3
/
+24
2016-02-21
ima: load policy using path
Dmitry Kasatkin
1
-2
/
+43
2016-02-21
ima: support for kexec image and initramfs
Mimi Zohar
3
-7
/
+27
2016-02-21
ima: remove firmware and module specific cached status info
Mimi Zohar
5
-39
/
+28
2016-02-21
module: replace copy_module_from_fd with kernel version
Mimi Zohar
2
-34
/
+13
2016-02-21
security: define kernel_read_file hook
Mimi Zohar
2
-0
/
+29
2016-02-21
firmware: replace call to fw_read_file_contents() with kernel version
Mimi Zohar
2
-24
/
+10
2016-02-20
ima: define a new hook to measure and appraise a file already in memory
Mimi Zohar
7
-15
/
+57
2016-02-19
selinux: Don't sleep inside inode_getsecid hook
Andreas Gruenbacher
1
-1
/
+1
2016-02-18
ima: calculate the hash of a buffer using aynchronous hash(ahash)
Mimi Zohar
1
-2
/
+73
2016-02-18
ima: provide buffer hash calculation function
Dmitry Kasatkin
2
-0
/
+49
2016-02-18
vfs: define kernel_read_file_id enumeration
Mimi Zohar
1
-2
/
+3
2016-02-18
vfs: define a generic function to read a file from the kernel
Mimi Zohar
1
-0
/
+8
2016-02-18
ima: use "ima_hooks" enum as function argument
Mimi Zohar
5
-27
/
+37
2016-02-18
ima: refactor ima_policy_show() to display "ima_hooks" rules
Mimi Zohar
1
-27
/
+36
2016-02-18
ima: separate 'security.ima' reading functionality from collect
Dmitry Kasatkin
8
-40
/
+33
2016-02-18
security/keys: make big_key.c explicitly non-modular
Paul Gortmaker
1
-14
/
+1
2016-02-18
integrity: convert digsig to akcipher api
Tadeusz Struk
2
-7
/
+4
2016-02-16
smack: fix cache of access labels
José Bollo
1
-2
/
+6
2016-02-16
mm/gup: Introduce get_user_pages_remote()
Dave Hansen
1
-1
/
+8
2016-02-14
Merge 4.5-rc4 into tty-next
Greg Kroah-Hartman
2
-1
/
+3
2016-02-12
EVM: Use crypto_memneq() for digest comparisons
Ryan Ware
1
-1
/
+2
2016-02-11
Smack: Remove pointless hooks
Casey Schaufler
1
-30
/
+8
2016-02-10
KEYS: CONFIG_KEYS_DEBUG_PROC_KEYS is no longer an option
David Howells
1
-1
/
+0
2016-02-10
tpm: fix checks for policy digest existence in tpm2_seal_trusted()
Jarkko Sakkinen
1
-6
/
+5
2016-02-09
KEYS: Add an alloc flag to convey the builtinness of a key
David Howells
1
-0
/
+2
2016-02-09
selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables
Lorenzo Colitti
1
-0
/
+1
2016-02-09
crypto: keys - Revert "convert public key to akcipher api"
Herbert Xu
2
-4
/
+7
2016-02-08
IMA: fix non-ANSI declaration of ima_check_policy()
Colin Ian King
1
-1
/
+1
2016-02-06
integrity: convert digsig to akcipher api
Tadeusz Struk
2
-7
/
+4
2016-02-01
Merge 4.5-rc2 into tty-next
Greg Kroah-Hartman
1
-1
/
+2
2016-01-28
selinux: use absolute path to include directory
Andy Shevchenko
1
-1
/
+1
2016-01-28
KEYS: Only apply KEY_FLAG_KEEP to a key if a parent keyring has it set
David Howells
1
-1
/
+2
2016-01-27
tty: Make tty_files_lock per-tty
Peter Hurley
1
-2
/
+2
2016-01-27
KEYS: Use skcipher
Herbert Xu
1
-32
/
+50
2016-01-22
wrappers for ->i_mutex access
Al Viro
3
-11
/
+11
2016-01-20
ptrace: use fsuid, fsgid, effective creds for fs access checks
Jann Horn
1
-1
/
+6
2016-01-20
security: let security modules use PTRACE_MODE_* with bitmasks
Jann Horn
2
-7
/
+5
2016-01-20
KEYS: Fix keyring ref leak in join_session_keyring()
Yevgeny Pats
1
-0
/
+1
2016-01-17
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...
Linus Torvalds
29
-160
/
+967
2016-01-14
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into...
James Morris
1
-8
/
+2
2016-01-12
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...
Linus Torvalds
4
-168
/
+82
2016-01-11
Merge branch 'work.xattr' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...
Linus Torvalds
1
-2
/
+0
2016-01-10
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...
James Morris
3
-21
/
+17
2016-01-08
Merge branch 'for-linus' into work.misc
Al Viro
1
-9
/
+9
2016-01-08
selinux: Inode label revalidation performance fix
Andreas Gruenbacher
1
-8
/
+2
2016-01-07
KEYS: refcount bug fix
Mimi Zohar
2
-12
/
+8
2016-01-04
fix the leak in integrity_read_file()
Al Viro
1
-5
/
+6
2016-01-04
selinuxfs: switch to memdup_user_nul()
Al Viro
1
-73
/
+41
2016-01-04
convert a bunch of open-coded instances of memdup_user_nul()
Al Viro
2
-90
/
+35
2016-01-03
ima: ima_write_policy() limit locking
Petko Manolov
1
-9
/
+9
2015-12-26
Merge branch 'smack-for-4.5' of https://github.com/cschaufler/smack-next into...
James Morris
1
-1
/
+23
[next]