index
:
kernel/git/mattst88/alpha.git
alpha-next
for-linus
master
DEC Alpha maintenance tree
Matt Turner
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
security
Age
Commit message (
Expand
)
Author
Files
Lines
2017-07-14
KEYS: DH: validate __spare field
Eric Biggers
2
-0
/
+7
2017-07-12
include/linux/string.h: add the option of fortified string.h functions
Daniel Micay
1
-0
/
+7
2017-07-05
Merge branch 'work.memdup_user' of git://git.kernel.org/pub/scm/linux/kernel/...
Linus Torvalds
1
-7
/
+5
2017-07-05
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Linus Torvalds
1
-1
/
+2
2017-07-05
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...
Linus Torvalds
68
-2111
/
+8342
2017-07-03
Merge tag 'docs-4.13' of git://git.lwn.net/linux
Linus Torvalds
8
-8
/
+9
2017-07-03
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/ker...
Linus Torvalds
1
-0
/
+1
2017-07-03
Merge tag 'uuid-for-4.13' of git://git.infradead.org/users/hch/uuid
Linus Torvalds
2
-8
/
+6
2017-06-30
ima_write_policy(): don't open-code memdup_user_nul()
Al Viro
1
-9
/
+4
2017-06-28
apparmor: put back designators in struct initialisers
Stephen Rothwell
1
-2
/
+2
2017-06-23
Merge branch 'stable-4.13' of git://git.infradead.org/users/pcmoore/selinux i...
James Morris
17
-108
/
+821
2017-06-21
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
David S. Miller
1
-3
/
+2
2017-06-21
ima: Log the same audit cause whenever a file has no signature
Thiago Jung Bauermann
1
-1
/
+2
2017-06-21
ima: Simplify policy_func_show.
Thiago Jung Bauermann
2
-62
/
+21
2017-06-21
integrity: Small code improvements
Thiago Jung Bauermann
6
-9
/
+11
2017-06-21
ima: fix get_binary_runtime_size()
Roberto Sassu
1
-1
/
+1
2017-06-21
ima: use ima_parse_buf() to parse template data
Roberto Sassu
1
-31
/
+13
2017-06-21
ima: use ima_parse_buf() to parse measurements headers
Roberto Sassu
1
-52
/
+28
2017-06-21
ima: introduce ima_parse_buf()
Roberto Sassu
2
-0
/
+67
2017-06-21
ima: Add cgroups2 to the defaults list
Laura Abbott
1
-0
/
+3
2017-06-21
ima: use memdup_user_nul
Geliang Tang
1
-9
/
+4
2017-06-21
ima: fix up #endif comments
Tycho Andersen
1
-2
/
+2
2017-06-21
IMA: Correct Kconfig dependencies for hash selection
Ben Hutchings
1
-4
/
+4
2017-06-21
ima: define is_ima_appraise_enabled()
Mimi Zohar
1
-0
/
+10
2017-06-21
ima: define Kconfig IMA_APPRAISE_BOOTPARAM option
Mimi Zohar
2
-0
/
+10
2017-06-21
ima: define a set of appraisal rules requiring file signatures
Mimi Zohar
1
-1
/
+25
2017-06-21
ima: extend the "ima_policy" boot command line to support multiple policies
Mimi Zohar
1
-5
/
+10
2017-06-21
rtnetlink: add NEWCACHEREPORT message type
Julien Gomes
1
-1
/
+2
2017-06-21
Merge branch 'smack-for-4.13' of git://github.com/cschaufler/smack-next into ...
James Morris
4
-18
/
+31
2017-06-20
selinux: enable genfscon labeling for tracefs
Jeff Vander Stoep
1
-0
/
+1
2017-06-20
sched/wait: Split out the wait_bit*() APIs from <linux/wait.h> into <linux/wa...
Ingo Molnar
1
-0
/
+1
2017-06-13
selinux: fix double free in selinux_parse_opts_str()
Paul Moore
1
-3
/
+2
2017-06-10
apparmor: export that basic profile namespaces are supported
John Johansen
1
-0
/
+7
2017-06-10
apparmor: add stacked domain labels interface
John Johansen
2
-0
/
+8
2017-06-10
apparmor: add domain label stacking info to apparmorfs
John Johansen
3
-0
/
+39
2017-06-10
apparmor: move change_profile mediation to using labels
John Johansen
1
-68
/
+123
2017-06-10
apparmor: move change_hat mediation to using labels
John Johansen
1
-102
/
+201
2017-06-10
apparmor: move exec domain mediation to using labels
John Johansen
2
-259
/
+678
2017-06-10
apparmor: support v7 transition format compatible with label_parse
John Johansen
2
-7
/
+15
2017-06-10
apparmor: mediate files when they are received
John Johansen
2
-0
/
+7
2017-06-10
apparmor: rework file permission to cache file access in file->ctx
John Johansen
1
-6
/
+76
2017-06-10
apparmor: move path_link mediation to using labels
John Johansen
3
-47
/
+59
2017-06-10
apparmor: refactor path name lookup and permission checks around labels
John Johansen
3
-45
/
+85
2017-06-10
apparmor: update aa_audit_file() to use labels
John Johansen
3
-9
/
+18
2017-06-10
apparmor: move aa_file_perm() to use labels
John Johansen
3
-37
/
+64
2017-06-10
apparmor: allow ptrace checks to be finer grained than just capability
John Johansen
3
-0
/
+68
2017-06-10
apparmor: move ptrace checks to using labels
John Johansen
5
-80
/
+58
2017-06-10
apparmor: add cross check permission helper macros
John Johansen
1
-1
/
+41
2017-06-10
apparmor: move resource checks to using labels
John Johansen
3
-42
/
+80
2017-06-10
apparmor: move capability checks to using labels
John Johansen
5
-29
/
+58
2017-06-10
apparmor: update query interface to support label queries
John Johansen
1
-7
/
+39
2017-06-10
apparmor: switch getprocattr to using label_print fns()
John Johansen
3
-37
/
+27
2017-06-10
apparmor: switch from profiles to using labels on contexts
John Johansen
20
-529
/
+686
2017-06-10
apparmor: add the base fns() for domain labels
John Johansen
2
-0
/
+2561
2017-06-10
apparmor: revalidate files during exec
John Johansen
4
-0
/
+81
2017-06-10
apparmor: cleanup rename XXX_file_context() to XXX_file_ctx()
John Johansen
2
-11
/
+16
2017-06-10
apparmor: convert aa_change_XXX bool parameters to flags
John Johansen
5
-32
/
+29
2017-06-10
apparmor: cleanup remove unused and not fully implemented profile rename
John Johansen
1
-37
/
+2
2017-06-10
apparmor: refactor updating profiles to the newest parent
John Johansen
1
-4
/
+31
2017-06-10
apparmor: share profile name on replacement
John Johansen
3
-9
/
+72
2017-06-10
apparmor: convert to profile block critical sections
John Johansen
8
-56
/
+162
2017-06-10
apparmor: move bprm_committing_creds/committed_creds to lsm.c
John Johansen
3
-32
/
+30
2017-06-10
apparmor: fix display of ns name
John Johansen
1
-1
/
+1
2017-06-10
apparmor: fix apparmor_query data
John Johansen
1
-2
/
+6
2017-06-10
apparmor: fix policy load/remove semantics
John Johansen
2
-15
/
+13
2017-06-10
apparmor: add namespace lookup fns()
John Johansen
3
-4
/
+73
2017-06-10
apparmor: cleanup __find_child()
John Johansen
1
-8
/
+8
2017-06-10
apparmor: provide information about path buffer size at boot
John Johansen
1
-2
/
+9
2017-06-10
apparmor: add profile permission query ability
John Johansen
1
-1
/
+102
2017-06-10
apparmor: switch from file_perms to aa_perms
John Johansen
5
-48
/
+29
2017-06-10
apparmor: add gerneric permissions struct and support fns
John Johansen
4
-17
/
+153
2017-06-10
apparmor: add fn to test if profile supports a given mediation class
John Johansen
1
-0
/
+10
2017-06-10
apparmor: speed up transactional queries
John Johansen
1
-11
/
+114
2017-06-10
apparmor: add label data availability to the feature set
John Johansen
1
-0
/
+10
2017-06-10
apparmor: add mkdir/rmdir interface to manage policy namespaces
John Johansen
1
-1
/
+94
2017-06-10
apparmor: add policy revision file interface
John Johansen
4
-1
/
+116
2017-06-10
apparmor: provide finer control over policy management
John Johansen
3
-23
/
+35
2017-06-09
security/selinux: allow security_sb_clone_mnt_opts to enable/disable native l...
Scott Mayhew
2
-4
/
+38
2017-06-09
selinux: use kmem_cache for ebitmap
Junil Lee
3
-6
/
+27
2017-06-09
apparmor: rework perm mapping to a slightly broader set
John Johansen
5
-53
/
+133
2017-06-09
KEYS: fix refcount_inc() on zero
Mark Rutland
1
-7
/
+4
2017-06-09
KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP API
Mat Martineau
2
-103
/
+171
2017-06-09
KEYS: DH: ensure the KDF counter is properly aligned
Eric Biggers
1
-13
/
+3
2017-06-09
KEYS: DH: don't feed uninitialized "otherinfo" into KDF
Eric Biggers
1
-1
/
+1
2017-06-09
KEYS: DH: forbid using digest_null as the KDF hash
Eric Biggers
1
-1
/
+11
2017-06-09
KEYS: sanitize key structs before freeing
Eric Biggers
1
-3
/
+1
2017-06-09
KEYS: trusted: sanitize all key material
Eric Biggers
1
-28
/
+22
2017-06-09
KEYS: encrypted: sanitize all key material
Eric Biggers
1
-18
/
+13
2017-06-09
KEYS: user_defined: sanitize key payloads
Eric Biggers
1
-4
/
+12
2017-06-09
KEYS: sanitize add_key() and keyctl() key payloads
Eric Biggers
1
-3
/
+9
2017-06-09
KEYS: fix freeing uninitialized memory in key_update()
Eric Biggers
1
-3
/
+2
2017-06-09
KEYS: fix dereferencing NULL payload with nonzero length
Eric Biggers
1
-2
/
+2
2017-06-09
KEYS: encrypted: use constant-time HMAC comparison
Eric Biggers
1
-2
/
+3
2017-06-09
KEYS: encrypted: fix race causing incorrect HMAC calculations
Eric Biggers
1
-83
/
+32
2017-06-09
KEYS: encrypted: fix buffer overread in valid_master_desc()
Eric Biggers
1
-16
/
+15
2017-06-09
KEYS: encrypted: avoid encrypting/decrypting stack buffers
Eric Biggers
1
-8
/
+9
2017-06-09
KEYS: put keyring if install_session_keyring_to_cred() fails
Eric Biggers
1
-3
/
+4
2017-06-09
KEYS: Delete an error message for a failed memory allocation in get_derived_k...
Markus Elfring
1
-3
/
+2
2017-06-09
security: use READ_ONCE instead of deprecated ACCESS_ONCE
Davidlohr Bueso
1
-6
/
+6
2017-06-09
security/keys: add CONFIG_KEYS_COMPAT to Kconfig
Bilal Amarni
1
-0
/
+4
2017-06-08
apparmor: move permissions into their own file to be more easily shared
John Johansen
4
-19
/
+43
2017-06-08
apparmor: convert from securityfs to apparmorfs for policy ns files
John Johansen
1
-26
/
+37
2017-06-08
apparmor: allow specifying an already created dir to create ns entries in
John Johansen
3
-7
/
+8
2017-06-08
apparmor: rename apparmor file fns and data to indicate use
John Johansen
9
-127
/
+172
2017-06-08
apparmor: add custom apparmorfs that will be used by policy namespace files
John Johansen
1
-17
/
+336
2017-06-08
apparmor: use macro template to simplify namespace seq_files
John Johansen
1
-29
/
+24
2017-06-08
apparmor: use macro template to simplify profile seq_files
John Johansen
1
-61
/
+36
2017-06-08
apparmor: move to per loaddata files, instead of replicating in profiles
John Johansen
7
-69
/
+409
2017-06-08
securityfs: add the ability to support symlinks
John Johansen
1
-21
/
+123
2017-06-08
apparmor: Move path lookup to using preallocated buffers
John Johansen
4
-86
/
+53
2017-06-08
apparmor: allow profiles to provide info to disconnected paths
John Johansen
6
-17
/
+34
2017-06-08
apparmor: make internal lib fn skipn_spaces available to the rest of apparmor
John Johansen
2
-1
/
+2
2017-06-08
apparmor: move file context into file.h
John Johansen
2
-32
/
+32
2017-06-08
security/apparmor: Use POSIX-compatible "printf '%s'"
Thomas Schneider
1
-2
/
+2
2017-06-08
apparmor: Fix error cod in __aa_fs_profile_mkdir()
Dan Carpenter
1
-2
/
+4
2017-06-08
apparmorfs: Use seq_putc() in two functions
Markus Elfring
1
-2
/
+2
2017-06-08
apparmorfs: Combine two function calls into one in aa_fs_seq_raw_abi_show()
Markus Elfring
1
-4
/
+3
2017-06-05
fs: switch ->s_uuid to uuid_t
Christoph Hellwig
2
-2
/
+2
2017-06-05
ima/policy: switch to use uuid_t
Christoph Hellwig
1
-6
/
+5
2017-06-05
block: remove blk_part_pack_uuid
Christoph Hellwig
1
-2
/
+1
2017-06-02
selinux: use pernet operations for hook registration
Florian Westphal
1
-4
/
+20
2017-06-01
Smack: Use cap_capable in privilege check
Casey Schaufler
2
-9
/
+12
2017-06-01
Smack: Safer check for a socket in file_receive
Casey Schaufler
1
-1
/
+1
2017-06-01
smack: use pernet operations for hook registration
Florian Westphal
1
-8
/
+18
2017-05-25
sel_write_validatetrans(): don't open-code memdup_user_nul()
Al Viro
1
-7
/
+5
2017-05-23
selinux: Add a cache for quicker retreival of PKey SIDs
Daniel Jurgens
5
-3
/
+288
2017-05-23
selinux: Add IB Port SMP access vector
Daniel Jurgens
5
-0
/
+75
2017-05-23
selinux: Implement Infiniband PKey "Access" access vector
Daniel Jurgens
5
-0
/
+77
2017-05-23
selinux: Allocate and free infiniband security hooks
Daniel Jurgens
2
-1
/
+29
2017-05-23
selinux: Create policydb version for Infiniband support
Daniel Jurgens
3
-24
/
+118
2017-05-23
IB/core: Enforce security on management datagrams
Daniel Jurgens
1
-0
/
+6
2017-05-23
selinux lsm IB/core: Implement LSM notification system
Daniel Jurgens
3
-0
/
+33
2017-05-23
IB/core: Enforce PKey security on QPs
Daniel Jurgens
2
-0
/
+31
2017-05-23
selinux: Remove redundant check for unknown labeling behavior
Matthias Kaehlcke
1
-16
/
+0
2017-05-23
selinux: log policy capability state when a policy is loaded
Stephen Smalley
3
-11
/
+27
2017-05-23
selinux: do not check open permission on sockets
Stephen Smalley
1
-3
/
+7
2017-05-23
selinux: add a map permission check for mmap
Stephen Smalley
2
-1
/
+13
2017-05-23
selinux: only invoke capabilities and selinux for CAP_MAC_ADMIN checks
Stephen Smalley
1
-8
/
+15
2017-05-23
selinux: Return an error code only as a constant in sidtab_insert()
Markus Elfring
1
-17
/
+10
2017-05-23
selinux: Return directly after a failed memory allocation in policydb_index()
Markus Elfring
1
-10
/
+5
2017-05-23
selinux: Use task_alloc hook rather than task_create hook
Tetsuo Handa
1
-2
/
+3
2017-05-22
Sync to mainline for security submaintainers to work against
James Morris
15
-106
/
+63
2017-05-18
doc: ReSTify keys-trusted-encrypted.txt
Kees Cook
3
-3
/
+3
2017-05-18
doc: ReSTify keys-request-key.txt
Kees Cook
2
-2
/
+2
2017-05-18
doc: ReSTify Yama.txt
Kees Cook
1
-1
/
+2
2017-05-18
doc: ReSTify apparmor.txt
Kees Cook
2
-2
/
+2
2017-05-15
security: Grammar s/allocates/allocated/
Geert Uytterhoeven
1
-1
/
+1
2017-05-15
LSM: Enable multiple calls to security_add_hooks() for the same LSM
Mickaël Salaün
1
-0
/
+19
2017-05-09
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...
Linus Torvalds
3
-4
/
+4
2017-05-08
apparmorfs: replace CURRENT_TIME with current_time()
Deepa Dinamani
1
-1
/
+1
2017-05-08
treewide: use kv[mz]alloc* rather than opencoded variants
Michal Hocko
1
-16
/
+6
2017-05-08
mm: introduce kv[mz]alloc helpers
Michal Hocko
5
-44
/
+3
2017-05-03
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...
Linus Torvalds
41
-590
/
+851
2017-05-02
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Linus Torvalds
1
-0
/
+1
2017-05-02
Merge tag 'docs-4.12' of git://git.lwn.net/linux
Linus Torvalds
1
-4
/
+8
2017-05-01
Merge branch 'work.uaccess' of git://git.kernel.org/pub/scm/linux/kernel/git/...
Linus Torvalds
2
-10
/
+1
2017-04-26
fs: constify tree_descr arrays passed to simple_fill_super()
Eric Biggers
3
-4
/
+4
2017-04-26
HAVE_ARCH_HARDENED_USERCOPY is unconditional now
Al Viro
1
-9
/
+0
2017-04-21
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
David S. Miller
3
-27
/
+39
2017-04-19
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/li...
James Morris
2
-34
/
+94
2017-04-19
Merge branch 'smack-for-4.12' of git://github.com/cschaufler/smack-next into ...
James Morris
2
-4
/
+2
2017-04-19
Merge branch 'stable-4.12' of git://git.infradead.org/users/pcmoore/selinux i...
James Morris
8
-60
/
+57
2017-04-18
KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings
Eric Biggers
2
-24
/
+31
2017-04-18
KEYS: Change the name of the dead type to ".dead" to prevent user access
David Howells
1
-1
/
+1
2017-04-18
KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings
David Howells
1
-2
/
+7
2017-04-18
Merge tag 'keys-next-20170412' of git://git.kernel.org/pub/scm/linux/kernel/g...
James Morris
12
-49
/
+568
2017-04-11
keys: select CONFIG_CRYPTO when selecting DH / KDF
Stephan Müller
1
-0
/
+1
2017-04-07
apparmor: Make path_max parameter readonly
John Johansen
1
-1
/
+1
2017-04-07
apparmor: fix parameters so that the permission test is bypassed at boot
John Johansen
2
-26
/
+23
2017-04-07
apparmor: fix invalid reference to index variable of iterator line 836
John Johansen
1
-2
/
+4
2017-04-07
apparmor: use SHASH_DESC_ON_STACK
Nicolas Iooss
1
-19
/
+13
2017-04-07
security/apparmor/lsm.c: set debug messages
Valentin Rothberg
1
-1
/
+1
2017-04-07
apparmor: fix boolreturn.cocci warnings
kbuild test robot
1
-2
/
+2
2017-04-04
Smack: Use GFP_KERNEL for smk_netlbl_mls().
Tetsuo Handa
1
-1
/
+1
2017-04-04
smack: fix double free in smack_parse_opts_str()
Tetsuo Handa
1
-3
/
+1
2017-04-04
KEYS: add SP800-56A KDF support for DH
Stephan Mueller
7
-18
/
+275
2017-04-04
KEYS: Add KEYCTL_RESTRICT_KEYRING
Mat Martineau
4
-0
/
+170
2017-04-04
KEYS: Consistent ordering for __key_link_begin and restrict check
Mat Martineau
1
-11
/
+13
2017-04-04
KEYS: Use structure to capture key restriction function and data
Mat Martineau
6
-16
/
+108
2017-04-03
KEYS: Split role of the keyring pointer for keyring restrict functions
Mat Martineau
2
-4
/
+7
2017-04-03
KEYS: Use a typedef for restrict_link function pointers
Mat Martineau
2
-9
/
+3
2017-04-03
security, keys: convert key_user.usage from atomic_t to refcount_t
Elena Reshetova
4
-6
/
+7
2017-04-03
security, keys: convert key.usage from atomic_t to refcount_t
Elena Reshetova
5
-10
/
+10
2017-04-02
kernel-api.rst: fix a series of errors when parsing C files
mchehab@s-opensource.com
1
-4
/
+8
2017-03-31
selinux: Fix an uninitialized variable bug
Dan Carpenter
1
-1
/
+1
2017-03-30
TOMOYO: Use designated initializers
Kees Cook
2
-16
/
+16
2017-03-29
selinux: Remove unnecessary check of array base in selinux_set_mapping()
Matthias Kaehlcke
1
-1
/
+1
2017-03-29
selinuxfs: Use seq_puts() in sel_avc_stats_seq_show()
Markus Elfring
1
-4
/
+4
2017-03-29
selinux: Adjust two checks for null pointers
Markus Elfring
1
-2
/
+2
2017-03-29
selinux: Use kmalloc_array() in sidtab_init()
Markus Elfring
1
-1
/
+1
2017-03-29
selinux: Return directly after a failed kzalloc() in roles_init()
Markus Elfring
1
-2
/
+1
2017-03-29
selinux: Return directly after a failed kzalloc() in perm_read()
Markus Elfring
1
-2
/
+1
2017-03-29
selinux: Return directly after a failed kzalloc() in common_read()
Markus Elfring
1
-2
/
+1
2017-03-29
selinux: Return directly after a failed kzalloc() in class_read()
Markus Elfring
1
-2
/
+1
2017-03-29
selinux: Return directly after a failed kzalloc() in role_read()
Markus Elfring
1
-2
/
+1
2017-03-29
selinux: Return directly after a failed kzalloc() in type_read()
Markus Elfring
1
-2
/
+1
2017-03-29
selinux: Return directly after a failed kzalloc() in user_read()
Markus Elfring
1
-2
/
+1
2017-03-29
selinux: Improve another size determination in sens_read()
Markus Elfring
1
-1
/
+1
2017-03-29
selinux: Return directly after a failed kzalloc() in sens_read()
Markus Elfring
1
-2
/
+1
2017-03-29
selinux: Return directly after a failed kzalloc() in cat_read()
Markus Elfring
1
-2
/
+1
[next]