index
:
kernel/git/elder/linux.git
korg-master
master
Alex Elder's fork of linux.git
Alex Elder
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
security
Age
Commit message (
Expand
)
Author
Files
Lines
2017-11-02
Merge tag 'spdx_identifiers-4.14-rc8' of git://git.kernel.org/pub/scm/linux/k...
Linus Torvalds
49
-0
/
+49
2017-11-02
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
Greg Kroah-Hartman
49
-0
/
+49
2017-11-02
KEYS: trusted: fix writing past end of buffer in trusted_read()
Eric Biggers
1
-11
/
+12
2017-11-02
KEYS: return full count in keyring_read() if buffer is too small
Eric Biggers
1
-20
/
+19
2017-10-26
Revert "apparmor: add base infastructure for socket mediation"
Linus Torvalds
12
-840
/
+16
2017-10-19
commoncap: move assignment of fs_ns to avoid null pointer dereference
Colin Ian King
1
-1
/
+2
2017-10-19
Merge commit 'tags/keys-fixes-20171018' into fixes-v4.14-rc5
James Morris
14
-53
/
+88
2017-10-18
KEYS: load key flags and expiry time atomically in proc_keys_show()
Eric Biggers
1
-10
/
+14
2017-10-18
KEYS: Load key expiry time atomically in keyring_search_iterator()
Eric Biggers
1
-1
/
+3
2017-10-18
KEYS: load key flags and expiry time atomically in key_validate()
Eric Biggers
1
-3
/
+4
2017-10-18
KEYS: don't let add_key() update an uninstantiated key
David Howells
1
-0
/
+10
2017-10-18
KEYS: Fix race between updating and finding a negative key
David Howells
12
-39
/
+49
2017-10-18
security/keys: BIG_KEY requires CONFIG_CRYPTO
Arnd Bergmann
1
-0
/
+1
2017-10-12
KEYS: encrypted: fix dereference of NULL user_key_payload
Eric Biggers
1
-0
/
+7
2017-10-04
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
Casey Schaufler
1
-30
/
+25
2017-09-28
Merge commit 'keys-fixes-20170927' into fixes-v4.14-rc3
James Morris
9
-152
/
+137
2017-09-25
security/keys: rewrite all of big_key crypto
Jason A. Donenfeld
2
-71
/
+60
2017-09-25
security/keys: properly zero out sensitive key material in big_key
Jason A. Donenfeld
1
-6
/
+6
2017-09-25
KEYS: use kmemdup() in request_key_auth_new()
Eric Biggers
1
-3
/
+2
2017-09-25
KEYS: restrict /proc/keys by credentials at open time
Eric Biggers
1
-6
/
+2
2017-09-25
KEYS: reset parent each time before searching key_user_tree
Eric Biggers
1
-2
/
+2
2017-09-25
KEYS: prevent KEYCTL_READ on negative key
Eric Biggers
1
-0
/
+5
2017-09-25
KEYS: prevent creating a different user's keyrings
Eric Biggers
4
-12
/
+21
2017-09-25
KEYS: fix writing past end of user-supplied buffer in keyring_read()
Eric Biggers
1
-9
/
+5
2017-09-25
KEYS: fix key refcount leak in keyctl_read_key()
Eric Biggers
1
-1
/
+1
2017-09-25
KEYS: fix key refcount leak in keyctl_assume_authority()
Eric Biggers
1
-4
/
+2
2017-09-25
KEYS: don't revoke uninstantiated key in request_key_auth_new()
Eric Biggers
1
-1
/
+0
2017-09-25
KEYS: fix cred refcount leak in request_key_auth_new()
Eric Biggers
1
-37
/
+31
2017-09-24
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/...
Linus Torvalds
1
-3
/
+3
2017-09-23
security: fix description of values returned by cap_inode_need_killpriv
Stefan Berger
1
-3
/
+3
2017-09-23
Merge tag 'apparmor-pr-2017-09-22' of git://git.kernel.org/pub/scm/linux/kern...
Linus Torvalds
24
-137
/
+2088
2017-09-22
apparmor: fix apparmorfs DAC access permissions
John Johansen
1
-4
/
+4
2017-09-22
apparmor: fix build failure on sparc caused by undeclared signals
John Johansen
1
-1
/
+4
2017-09-22
apparmor: fix incorrect type assignment when freeing proxies
John Johansen
1
-1
/
+1
2017-09-22
apparmor: ensure unconfined profiles have dfas initialized
John Johansen
1
-0
/
+2
2017-09-22
apparmor: fix race condition in null profile creation
John Johansen
1
-3
/
+11
2017-09-22
apparmor: move new_null_profile to after profile lookup fns()
John Johansen
1
-79
/
+79
2017-09-22
apparmor: add base infastructure for socket mediation
John Johansen
12
-16
/
+840
2017-09-22
apparmor: add more debug asserts to apparmorfs
John Johansen
1
-0
/
+17
2017-09-22
apparmor: make policy_unpack able to audit different info messages
John Johansen
2
-16
/
+40
2017-09-22
apparmor: add support for absolute root view based labels
John Johansen
2
-1
/
+10
2017-09-22
apparmor: cleanup conditional check for label in label_print
John Johansen
1
-14
/
+8
2017-09-22
apparmor: add mount mediation
John Johansen
9
-4
/
+841
2017-09-22
apparmor: add the ability to mediate signals
John Johansen
7
-0
/
+231
2017-09-22
apparmor: Redundant condition: prev_ns. in [label.c:1498]
John Johansen
1
-1
/
+1
2017-09-22
apparmor: Fix an error code in aafs_create()
Dan Carpenter
1
-1
/
+3
2017-09-22
apparmor: Fix logical error in verify_header()
Christos Gkekas
1
-1
/
+1
2017-09-22
apparmor: Fix shadowed local variable in unpack_trans_table()
Geert Uytterhoeven
1
-2
/
+2
2017-09-14
Merge branch 'work.set_fs' of git://git.kernel.org/pub/scm/linux/kernel/git/v...
Linus Torvalds
1
-2
/
+4
2017-09-12
Merge tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/...
Linus Torvalds
28
-56
/
+78
2017-09-11
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...
Linus Torvalds
1
-21
/
+256
2017-09-07
Merge tag 'audit-pr-20170907' of git://git.kernel.org/pub/scm/linux/kernel/gi...
Linus Torvalds
1
-2
/
+0
2017-09-07
Merge tag 'secureexec-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel...
Linus Torvalds
9
-120
/
+23
2017-09-05
selinux: remove AVC init audit log message
Richard Guy Briggs
1
-2
/
+0
2017-09-04
fs: fix kernel_write prototype
Christoph Hellwig
1
-1
/
+2
2017-09-04
fs: fix kernel_read prototype
Christoph Hellwig
1
-1
/
+2
2017-09-01
Introduce v3 namespaced file capabilities
Serge E. Hallyn
1
-19
/
+251
2017-08-28
selinux: constify nf_hook_ops
Arvind Yadav
1
-1
/
+1
2017-08-22
selinux: allow per-file labeling for cgroupfs
Antonio Murdaca
1
-1
/
+3
2017-08-17
lsm_audit: update my email address
Stephen Smalley
1
-1
/
+1
2017-08-17
selinux: update my email address
Stephen Smalley
25
-25
/
+25
2017-08-08
selinux: use GFP_NOWAIT in the AVC kmem_caches
Michal Hocko
1
-8
/
+6
2017-08-02
selinux: Generalize support for NNP/nosuid SELinux domain transitions
Stephen Smalley
4
-16
/
+42
2017-08-01
smack: Remove redundant pdeath_signal clearing
Kees Cook
1
-15
/
+0
2017-08-01
LSM: drop bprm_secureexec hook
Kees Cook
1
-5
/
+0
2017-08-01
commoncap: Move cap_elevated calculation into bprm_set_creds
Kees Cook
1
-42
/
+10
2017-08-01
commoncap: Refactor to remove bprm_secureexec hook
Kees Cook
1
-4
/
+8
2017-08-01
smack: Refactor to remove bprm_secureexec hook
Kees Cook
1
-17
/
+4
2017-08-01
selinux: Refactor to remove bprm_secureexec hook
Kees Cook
1
-19
/
+5
2017-08-01
apparmor: Refactor to remove bprm_secureexec hook
Kees Cook
4
-23
/
+1
2017-08-01
exec: Rename bprm->cred_prepared to called_set_creds
Kees Cook
4
-4
/
+4
2017-07-31
netfilter: nf_hook_ops structs can be const
Florian Westphal
2
-2
/
+2
2017-07-25
selinux: Assign proper class to PF_UNIX/SOCK_RAW sockets
Luis Ressel
1
-0
/
+1
2017-07-25
sync to Linus v4.13-rc2 for subsystem developers to work against
James Morris
24
-334
/
+365
2017-07-21
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
David S. Miller
4
-1
/
+15
2017-07-20
security: Use user_namespace::level to avoid redundant iterations in cap_capa...
Kirill Tkhai
1
-2
/
+5
2017-07-19
Merge tag 'gcc-plugins-v4.13-rc2' of git://git.kernel.org/pub/scm/linux/kerne...
Linus Torvalds
1
-1
/
+1
2017-07-18
xfrm: remove flow cache
Florian Westphal
1
-3
/
+1
2017-07-18
LSM: Remove security_task_create() hook.
Tetsuo Handa
1
-5
/
+0
2017-07-14
KEYS: DH: validate __spare field
Eric Biggers
2
-0
/
+7
2017-07-12
include/linux/string.h: add the option of fortified string.h functions
Daniel Micay
1
-0
/
+7
2017-07-05
Merge branch 'work.memdup_user' of git://git.kernel.org/pub/scm/linux/kernel/...
Linus Torvalds
1
-7
/
+5
2017-07-05
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Linus Torvalds
1
-1
/
+2
2017-07-05
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...
Linus Torvalds
68
-2111
/
+8342
2017-07-03
Merge tag 'docs-4.13' of git://git.lwn.net/linux
Linus Torvalds
8
-8
/
+9
2017-07-03
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/ker...
Linus Torvalds
1
-0
/
+1
2017-07-03
Merge tag 'uuid-for-4.13' of git://git.infradead.org/users/hch/uuid
Linus Torvalds
2
-8
/
+6
2017-06-30
randstruct: Mark various structs for randomization
Kees Cook
1
-1
/
+1
2017-06-30
ima_write_policy(): don't open-code memdup_user_nul()
Al Viro
1
-9
/
+4
2017-06-28
apparmor: put back designators in struct initialisers
Stephen Rothwell
1
-2
/
+2
2017-06-23
Merge branch 'stable-4.13' of git://git.infradead.org/users/pcmoore/selinux i...
James Morris
17
-108
/
+821
2017-06-21
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
David S. Miller
1
-3
/
+2
2017-06-21
ima: Log the same audit cause whenever a file has no signature
Thiago Jung Bauermann
1
-1
/
+2
2017-06-21
ima: Simplify policy_func_show.
Thiago Jung Bauermann
2
-62
/
+21
2017-06-21
integrity: Small code improvements
Thiago Jung Bauermann
6
-9
/
+11
2017-06-21
ima: fix get_binary_runtime_size()
Roberto Sassu
1
-1
/
+1
2017-06-21
ima: use ima_parse_buf() to parse template data
Roberto Sassu
1
-31
/
+13
2017-06-21
ima: use ima_parse_buf() to parse measurements headers
Roberto Sassu
1
-52
/
+28
2017-06-21
ima: introduce ima_parse_buf()
Roberto Sassu
2
-0
/
+67
2017-06-21
ima: Add cgroups2 to the defaults list
Laura Abbott
1
-0
/
+3
2017-06-21
ima: use memdup_user_nul
Geliang Tang
1
-9
/
+4
2017-06-21
ima: fix up #endif comments
Tycho Andersen
1
-2
/
+2
2017-06-21
IMA: Correct Kconfig dependencies for hash selection
Ben Hutchings
1
-4
/
+4
2017-06-21
ima: define is_ima_appraise_enabled()
Mimi Zohar
1
-0
/
+10
2017-06-21
ima: define Kconfig IMA_APPRAISE_BOOTPARAM option
Mimi Zohar
2
-0
/
+10
2017-06-21
ima: define a set of appraisal rules requiring file signatures
Mimi Zohar
1
-1
/
+25
2017-06-21
ima: extend the "ima_policy" boot command line to support multiple policies
Mimi Zohar
1
-5
/
+10
2017-06-21
rtnetlink: add NEWCACHEREPORT message type
Julien Gomes
1
-1
/
+2
2017-06-21
Merge branch 'smack-for-4.13' of git://github.com/cschaufler/smack-next into ...
James Morris
4
-18
/
+31
2017-06-20
selinux: enable genfscon labeling for tracefs
Jeff Vander Stoep
1
-0
/
+1
2017-06-20
sched/wait: Split out the wait_bit*() APIs from <linux/wait.h> into <linux/wa...
Ingo Molnar
1
-0
/
+1
2017-06-13
selinux: fix double free in selinux_parse_opts_str()
Paul Moore
1
-3
/
+2
2017-06-10
apparmor: export that basic profile namespaces are supported
John Johansen
1
-0
/
+7
2017-06-10
apparmor: add stacked domain labels interface
John Johansen
2
-0
/
+8
2017-06-10
apparmor: add domain label stacking info to apparmorfs
John Johansen
3
-0
/
+39
2017-06-10
apparmor: move change_profile mediation to using labels
John Johansen
1
-68
/
+123
2017-06-10
apparmor: move change_hat mediation to using labels
John Johansen
1
-102
/
+201
2017-06-10
apparmor: move exec domain mediation to using labels
John Johansen
2
-259
/
+678
2017-06-10
apparmor: support v7 transition format compatible with label_parse
John Johansen
2
-7
/
+15
2017-06-10
apparmor: mediate files when they are received
John Johansen
2
-0
/
+7
2017-06-10
apparmor: rework file permission to cache file access in file->ctx
John Johansen
1
-6
/
+76
2017-06-10
apparmor: move path_link mediation to using labels
John Johansen
3
-47
/
+59
2017-06-10
apparmor: refactor path name lookup and permission checks around labels
John Johansen
3
-45
/
+85
2017-06-10
apparmor: update aa_audit_file() to use labels
John Johansen
3
-9
/
+18
2017-06-10
apparmor: move aa_file_perm() to use labels
John Johansen
3
-37
/
+64
2017-06-10
apparmor: allow ptrace checks to be finer grained than just capability
John Johansen
3
-0
/
+68
2017-06-10
apparmor: move ptrace checks to using labels
John Johansen
5
-80
/
+58
2017-06-10
apparmor: add cross check permission helper macros
John Johansen
1
-1
/
+41
2017-06-10
apparmor: move resource checks to using labels
John Johansen
3
-42
/
+80
2017-06-10
apparmor: move capability checks to using labels
John Johansen
5
-29
/
+58
2017-06-10
apparmor: update query interface to support label queries
John Johansen
1
-7
/
+39
2017-06-10
apparmor: switch getprocattr to using label_print fns()
John Johansen
3
-37
/
+27
2017-06-10
apparmor: switch from profiles to using labels on contexts
John Johansen
20
-529
/
+686
2017-06-10
apparmor: add the base fns() for domain labels
John Johansen
2
-0
/
+2561
2017-06-10
apparmor: revalidate files during exec
John Johansen
4
-0
/
+81
2017-06-10
apparmor: cleanup rename XXX_file_context() to XXX_file_ctx()
John Johansen
2
-11
/
+16
2017-06-10
apparmor: convert aa_change_XXX bool parameters to flags
John Johansen
5
-32
/
+29
2017-06-10
apparmor: cleanup remove unused and not fully implemented profile rename
John Johansen
1
-37
/
+2
2017-06-10
apparmor: refactor updating profiles to the newest parent
John Johansen
1
-4
/
+31
2017-06-10
apparmor: share profile name on replacement
John Johansen
3
-9
/
+72
2017-06-10
apparmor: convert to profile block critical sections
John Johansen
8
-56
/
+162
2017-06-10
apparmor: move bprm_committing_creds/committed_creds to lsm.c
John Johansen
3
-32
/
+30
2017-06-10
apparmor: fix display of ns name
John Johansen
1
-1
/
+1
2017-06-10
apparmor: fix apparmor_query data
John Johansen
1
-2
/
+6
2017-06-10
apparmor: fix policy load/remove semantics
John Johansen
2
-15
/
+13
2017-06-10
apparmor: add namespace lookup fns()
John Johansen
3
-4
/
+73
2017-06-10
apparmor: cleanup __find_child()
John Johansen
1
-8
/
+8
2017-06-10
apparmor: provide information about path buffer size at boot
John Johansen
1
-2
/
+9
2017-06-10
apparmor: add profile permission query ability
John Johansen
1
-1
/
+102
2017-06-10
apparmor: switch from file_perms to aa_perms
John Johansen
5
-48
/
+29
2017-06-10
apparmor: add gerneric permissions struct and support fns
John Johansen
4
-17
/
+153
2017-06-10
apparmor: add fn to test if profile supports a given mediation class
John Johansen
1
-0
/
+10
2017-06-10
apparmor: speed up transactional queries
John Johansen
1
-11
/
+114
2017-06-10
apparmor: add label data availability to the feature set
John Johansen
1
-0
/
+10
2017-06-10
apparmor: add mkdir/rmdir interface to manage policy namespaces
John Johansen
1
-1
/
+94
2017-06-10
apparmor: add policy revision file interface
John Johansen
4
-1
/
+116
2017-06-10
apparmor: provide finer control over policy management
John Johansen
3
-23
/
+35
2017-06-09
security/selinux: allow security_sb_clone_mnt_opts to enable/disable native l...
Scott Mayhew
2
-4
/
+38
2017-06-09
selinux: use kmem_cache for ebitmap
Junil Lee
3
-6
/
+27
2017-06-09
apparmor: rework perm mapping to a slightly broader set
John Johansen
5
-53
/
+133
2017-06-09
KEYS: fix refcount_inc() on zero
Mark Rutland
1
-7
/
+4
2017-06-09
KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP API
Mat Martineau
2
-103
/
+171
2017-06-09
KEYS: DH: ensure the KDF counter is properly aligned
Eric Biggers
1
-13
/
+3
2017-06-09
KEYS: DH: don't feed uninitialized "otherinfo" into KDF
Eric Biggers
1
-1
/
+1
2017-06-09
KEYS: DH: forbid using digest_null as the KDF hash
Eric Biggers
1
-1
/
+11
2017-06-09
KEYS: sanitize key structs before freeing
Eric Biggers
1
-3
/
+1
2017-06-09
KEYS: trusted: sanitize all key material
Eric Biggers
1
-28
/
+22
2017-06-09
KEYS: encrypted: sanitize all key material
Eric Biggers
1
-18
/
+13
2017-06-09
KEYS: user_defined: sanitize key payloads
Eric Biggers
1
-4
/
+12
2017-06-09
KEYS: sanitize add_key() and keyctl() key payloads
Eric Biggers
1
-3
/
+9
2017-06-09
KEYS: fix freeing uninitialized memory in key_update()
Eric Biggers
1
-3
/
+2
2017-06-09
KEYS: fix dereferencing NULL payload with nonzero length
Eric Biggers
1
-2
/
+2
2017-06-09
KEYS: encrypted: use constant-time HMAC comparison
Eric Biggers
1
-2
/
+3
2017-06-09
KEYS: encrypted: fix race causing incorrect HMAC calculations
Eric Biggers
1
-83
/
+32
2017-06-09
KEYS: encrypted: fix buffer overread in valid_master_desc()
Eric Biggers
1
-16
/
+15
2017-06-09
KEYS: encrypted: avoid encrypting/decrypting stack buffers
Eric Biggers
1
-8
/
+9
2017-06-09
KEYS: put keyring if install_session_keyring_to_cred() fails
Eric Biggers
1
-3
/
+4
2017-06-09
KEYS: Delete an error message for a failed memory allocation in get_derived_k...
Markus Elfring
1
-3
/
+2
2017-06-09
security: use READ_ONCE instead of deprecated ACCESS_ONCE
Davidlohr Bueso
1
-6
/
+6
2017-06-09
security/keys: add CONFIG_KEYS_COMPAT to Kconfig
Bilal Amarni
1
-0
/
+4
2017-06-08
apparmor: move permissions into their own file to be more easily shared
John Johansen
4
-19
/
+43
2017-06-08
apparmor: convert from securityfs to apparmorfs for policy ns files
John Johansen
1
-26
/
+37
2017-06-08
apparmor: allow specifying an already created dir to create ns entries in
John Johansen
3
-7
/
+8
2017-06-08
apparmor: rename apparmor file fns and data to indicate use
John Johansen
9
-127
/
+172
2017-06-08
apparmor: add custom apparmorfs that will be used by policy namespace files
John Johansen
1
-17
/
+336
2017-06-08
apparmor: use macro template to simplify namespace seq_files
John Johansen
1
-29
/
+24
2017-06-08
apparmor: use macro template to simplify profile seq_files
John Johansen
1
-61
/
+36
2017-06-08
apparmor: move to per loaddata files, instead of replicating in profiles
John Johansen
7
-69
/
+409
2017-06-08
securityfs: add the ability to support symlinks
John Johansen
1
-21
/
+123
2017-06-08
apparmor: Move path lookup to using preallocated buffers
John Johansen
4
-86
/
+53
2017-06-08
apparmor: allow profiles to provide info to disconnected paths
John Johansen
6
-17
/
+34
2017-06-08
apparmor: make internal lib fn skipn_spaces available to the rest of apparmor
John Johansen
2
-1
/
+2
2017-06-08
apparmor: move file context into file.h
John Johansen
2
-32
/
+32
2017-06-08
security/apparmor: Use POSIX-compatible "printf '%s'"
Thomas Schneider
1
-2
/
+2
2017-06-08
apparmor: Fix error cod in __aa_fs_profile_mkdir()
Dan Carpenter
1
-2
/
+4
2017-06-08
apparmorfs: Use seq_putc() in two functions
Markus Elfring
1
-2
/
+2
2017-06-08
apparmorfs: Combine two function calls into one in aa_fs_seq_raw_abi_show()
Markus Elfring
1
-4
/
+3
2017-06-05
fs: switch ->s_uuid to uuid_t
Christoph Hellwig
2
-2
/
+2
2017-06-05
ima/policy: switch to use uuid_t
Christoph Hellwig
1
-6
/
+5
2017-06-05
block: remove blk_part_pack_uuid
Christoph Hellwig
1
-2
/
+1
[next]