index
:
kernel/git/bwh/linux-stable.git
linux-3.16.y
linux-3.2.y
master
my Linux stable branches
Ben Hutchings
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
security
Age
Commit message (
Expand
)
Author
Files
Lines
2020-06-11
selinux: properly handle multiple messages in selinux_netlink_send()
Paul Moore
1
-24
/
+44
2020-06-11
selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()
Vladis Dronov
1
-4
/
+5
2020-06-11
selinux: Print 'sclass' as string when unrecognized netlink message occurs
Marek Milkovic
1
-2
/
+3
2020-06-11
selinux: convert WARN_ONCE() to printk() in selinux_nlmsg_perm()
Richard Guy Briggs
1
-3
/
+4
2020-06-11
selinux: cleanup error reporting in selinux_nlmsg_perm()
Richard Guy Briggs
1
-4
/
+3
2019-12-10
smack: use GFP_NOFS while holding inode_smack::smk_lock
Eric Biggers
2
-3
/
+3
2019-12-10
Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set
Jann Horn
1
-1
/
+2
2019-11-22
keys: Fix missing null pointer check in request_key_auth_describe()
Hillf Danton
1
-0
/
+6
2019-11-22
selinux: fix memory leak in policydb_init()
Ondrej Mosnacek
1
-1
/
+5
2019-10-05
apparmor: enforce nullbyte at end of tag string
Jann Horn
1
-1
/
+1
2019-08-13
device_cgroup: fix RCU imbalance in error case
Jann Horn
1
-1
/
+1
2019-07-09
selinux: avoid silent denials in permissive mode under RCU walk
Stephen Smalley
3
-5
/
+28
2019-07-09
security/selinux: pass 'flags' arg to avc_audit() and avc_has_perm_flags()
NeilBrown
3
-4
/
+25
2019-05-02
apparmor: provide userspace flag indicating binfmt_elf_mmap change
John Johansen
1
-0
/
+1
2019-05-02
KEYS: always initialize keyring_index_key::desc_len
Eric Biggers
4
-6
/
+4
2019-05-02
KEYS: restrict /proc/keys by credentials at open time
Eric Biggers
1
-6
/
+2
2019-05-02
KEYS: allow reaching the keys quotas exactly
Eric Biggers
1
-2
/
+2
2019-05-02
Yama: Check for pid death before checking ancestry
Kees Cook
1
-1
/
+3
2019-02-11
ima: fix showing large 'violations' or 'runtime_measurements_count'
Eric Biggers
1
-3
/
+3
2018-12-16
KEYS: encrypted: fix buffer overread in valid_master_desc()
Eric Biggers
1
-16
/
+15
2018-12-16
apparmor: remove no-op permission check in policy_unpack
John Johansen
1
-32
/
+0
2018-10-21
selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
Sachin Grover
1
-1
/
+1
2018-06-16
ima: relax requiring a file signature for new files with zero length
Mimi Zohar
1
-1
/
+2
2018-02-13
apparmor: ensure that undecidable profile attachments fail
John Johansen
1
-16
/
+37
2018-02-13
ima: fix hash algorithm initialization
Boshi Wang
1
-0
/
+4
2018-01-09
KPTI: Rename to PAGE_TABLE_ISOLATION
Kees Cook
1
-1
/
+1
2018-01-09
x86/kaiser: Reenable PARAVIRT
Borislav Petkov
1
-1
/
+1
2018-01-09
KAISER: Kernel Address Isolation
Richard Fellner
1
-0
/
+10
2018-01-01
KEYS: add missing permission check for request_key() destination
Eric Biggers
1
-9
/
+37
2018-01-01
security: let security modules use PTRACE_MODE_* with bitmasks
Jann Horn
2
-7
/
+5
2018-01-01
KEYS: trusted: fix writing past end of buffer in trusted_read()
Eric Biggers
1
-11
/
+12
2018-01-01
KEYS: trusted: sanitize all key material
Eric Biggers
1
-27
/
+21
2018-01-01
KEYS: return full count in keyring_read() if buffer is too small
Eric Biggers
1
-20
/
+19
2018-01-01
KEYS: encrypted: fix dereference of NULL user_key_payload
Eric Biggers
1
-0
/
+7
2018-01-01
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
Casey Schaufler
1
-30
/
+25
2018-01-01
Smack: remove unneeded NULL-termination from securtity label
Konstantin Khlebnikov
1
-3
/
+3
2018-01-01
security/keys: properly zero out sensitive key material in big_key
Jason A. Donenfeld
1
-1
/
+1
2018-01-01
KEYS: prevent creating a different user's keyrings
Eric Biggers
4
-12
/
+23
2018-01-01
KEYS: fix writing past end of user-supplied buffer in keyring_read()
Eric Biggers
1
-9
/
+5
2018-01-01
KEYS: fix key refcount leak in keyctl_read_key()
Eric Biggers
1
-1
/
+1
2018-01-01
KEYS: fix key refcount leak in keyctl_assume_authority()
Eric Biggers
1
-4
/
+2
2018-01-01
KEYS: don't revoke uninstantiated key in request_key_auth_new()
Eric Biggers
1
-1
/
+0
2018-01-01
KEYS: fix cred refcount leak in request_key_auth_new()
Eric Biggers
1
-37
/
+31
2017-11-11
KEYS: don't let add_key() update an uninstantiated key
David Howells
1
-0
/
+10
2017-11-11
KEYS: prevent KEYCTL_READ on negative key
Eric Biggers
1
-0
/
+5
2017-10-12
sched: move no_new_privs into new atomic flags
Kees Cook
1
-2
/
+2
2017-09-15
ptrace: use fsuid, fsgid, effective creds for fs access checks
Jann Horn
1
-1
/
+6
2017-09-15
selinux: fix double free in selinux_parse_opts_str()
Paul Moore
1
-3
/
+2
2017-09-15
KEYS: fix dereferencing NULL payload with nonzero length
Eric Biggers
1
-2
/
+2
2017-08-26
ima: accept previously set IMA_NEW_FILE
Daniel Glöckner
1
-2
/
+3
2017-08-26
ima: pass 'opened' flag to identify newly created files
Dmitry Kasatkin
3
-11
/
+11
2017-07-18
KEYS: Change the name of the dead type to ".dead" to prevent user access
David Howells
1
-1
/
+1
2017-06-05
KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings
Eric Biggers
2
-24
/
+31
2017-06-05
KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings
David Howells
1
-2
/
+7
2017-06-05
KEYS: Reinstate EPERM for a key type name beginning with a '.'
David Howells
1
-0
/
+2
2017-06-05
KEYS: special dot prefixed keyring name bug fix
Mimi Zohar
1
-2
/
+4
2017-06-05
KEYS: Fix an error code in request_master_key()
Dan Carpenter
1
-1
/
+1
2017-04-04
keys: Guard against null match function in keyring_search_aux()
Ben Hutchings
1
-3
/
+3
2017-04-04
vfs: Commit to never having exectuables on proc and sysfs.
Eric W. Biederman
1
-1
/
+1
2017-02-26
selinux: fix off-by-one in setprocattr
Stephen Smalley
1
-1
/
+1
2017-02-23
apparmor: fix change_hat not finding hat after policy replacement
John Johansen
1
-2
/
+4
2016-11-20
KEYS: Fix short sprintf buffer in /proc/keys show function
David Howells
1
-1
/
+1
2016-08-22
KEYS: potential uninitialized variable
Dan Carpenter
1
-1
/
+1
2016-02-16
EVM: Use crypto_memneq() for digest comparisons
Ryan Ware
1
-1
/
+2
2016-01-25
KEYS: Fix keyring ref leak in join_session_keyring()
Yevgeny Pats
1
-0
/
+1
2016-01-05
KEYS: Fix race between read and revoke
David Howells
1
-9
/
+9
2015-10-28
KEYS: Don't permit request_key() to construct a new keyring
David Howells
1
-0
/
+3
2015-10-28
KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring
David Howells
1
-2
/
+4
2015-10-28
KEYS: Fix race between key destruction and finding a keyring by name
David Howells
1
-4
/
+4
2015-09-29
fs: create and use seq_show_option for escaping
Kees Cook
1
-1
/
+1
2015-08-27
ima: extend "mask" policy matching support
Mimi Zohar
1
-5
/
+15
2015-08-27
ima: add support for new "euid" policy condition
Mimi Zohar
1
-4
/
+23
2015-08-20
sysfs: Create mountpoints with sysfs_create_mount_point
Eric W. Biederman
3
-16
/
+13
2015-08-11
evm: labeling pseudo filesystems exception
Mimi Zohar
1
-0
/
+12
2015-08-11
KEYS: ensure we free the assoc array edit if edit is valid
Colin Ian King
1
-3
/
+5
2015-07-15
ima: fix ima_show_template_data_ascii()
Mimi Zohar
3
-4
/
+5
2015-07-15
selinux: fix setting of security labels on NFS
J. Bruce Fields
1
-1
/
+2
2015-04-10
selinux: fix sel_write_enforce broken return value
Joe Perches
1
-1
/
+1
2015-02-24
smack: fix possible use after frees in task_security() callers
Andrey Ryabinin
2
-9
/
+21
2015-01-15
KEYS: close race between key lookup and freeing
Sasha Levin
1
-2
/
+2
2015-01-15
move d_rcu from overlapping d_child to overlapping d_alias
Al Viro
1
-3
/
+3
2015-01-15
KEYS: Fix stale key registration at error path
Takashi Iwai
1
-1
/
+4
2014-11-17
selinux: fix inode security list corruption
Stephen Smalley
1
-1
/
+1
2014-11-14
evm: properly handle INTEGRITY_NOXATTRS EVM status
Dmitry Kasatkin
1
-0
/
+7
2014-11-13
evm: check xattr value length and type in evm_inode_setxattr()
Dmitry Kasatkin
1
-3
/
+6
2014-11-13
ima: check xattr value length and type in the ima_inode_setxattr()
Dmitry Kasatkin
2
-0
/
+3
2014-10-30
ima: provide flag to identify new empty files
Dmitry Kasatkin
3
-7
/
+13
2014-10-30
ima: fix fallback to use new_sync_read()
Dmitry Kasatkin
1
-4
/
+4
2014-09-17
CAPABILITIES: remove undefined caps from all processes
Eric Paris
1
-0
/
+3
2014-06-13
Merge branch 'serge-next-2' of git://git.kernel.org/pub/scm/linux/kernel/git/...
Linus Torvalds
7
-28
/
+114
2014-06-12
ima: introduce ima_kernel_read()
Dmitry Kasatkin
1
-1
/
+31
2014-06-12
evm: prohibit userspace writing 'security.evm' HMAC value
Mimi Zohar
1
-2
/
+10
2014-06-12
ima: check inode integrity cache in violation check
Dmitry Kasatkin
1
-2
/
+7
2014-06-12
ima: prevent unnecessary policy checking
Dmitry Kasatkin
1
-9
/
+4
2014-06-12
evm: provide option to protect additional SMACK xattrs
Dmitry Kasatkin
2
-0
/
+22
2014-06-12
evm: replace HMAC version with attribute mask
Dmitry Kasatkin
4
-11
/
+33
2014-06-12
ima: prevent new digsig xattr from being replaced
Mimi Zohar
1
-3
/
+7
2014-06-12
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Linus Torvalds
1
-1
/
+1
2014-06-10
Merge branch 'serge-next-1' of git://git.kernel.org/pub/scm/linux/kernel/git/...
Linus Torvalds
23
-133
/
+382
2014-06-09
Merge branch 'for-3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c...
Linus Torvalds
1
-20
/
+13
2014-06-03
ima: audit log files opened with O_DIRECT flag
Mimi Zohar
4
-3
/
+19
2014-06-03
selinux: conditionally reschedule in hashtab_insert while loading selinux policy
Dave Jones
1
-0
/
+3
2014-06-03
selinux: conditionally reschedule in mls_convert_context while loading selinu...
Dave Jones
1
-0
/
+2
2014-06-03
selinux: reject setexeccon() on MNT_NOSUID applications with -EACCES
Paul Moore
1
-2
/
+4
2014-06-03
selinux: Report permissive mode in avc: denied messages.
Stephen Smalley
3
-5
/
+11
2014-05-24
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
David S. Miller
3
-58
/
+159
2014-05-20
Merge branch 'smack-for-3.16' of git://git.gitorious.org/smack-next/kernel in...
James Morris
4
-73
/
+297
2014-05-16
device_cgroup: use css_has_online_children() instead of has_children()
Tejun Heo
1
-17
/
+2
2014-05-16
device_cgroup: remove direct access to cgroup->children
Tejun Heo
1
-2
/
+10
2014-05-16
cgroup: remove css_parent()
Tejun Heo
1
-4
/
+4
2014-05-13
cgroup: replace cftype->write_string() with cftype->write()
Tejun Heo
1
-7
/
+7
2014-05-13
Merge branch 'for-3.15-fixes' of git://git.kernel.org/pub/scm/linux/kernel/gi...
Linus Torvalds
1
-43
/
+159
2014-05-12
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
David S. Miller
1
-3
/
+3
2014-05-06
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...
Linus Torvalds
2
-15
/
+0
2014-05-06
Warning in scanf string typing
Toralf Förster
1
-1
/
+1
2014-05-06
nick kvfree() from apparmor
Al Viro
2
-15
/
+0
2014-05-05
device_cgroup: check if exception removal is allowed
Aristeu Rozanski
1
-3
/
+38
2014-05-04
device_cgroup: fix the comment format for recently added functions
Aristeu Rozanski
1
-17
/
+16
2014-04-30
Smack: Label cgroup files for systemd
Casey Schaufler
1
-12
/
+18
2014-04-23
Smack: Verify read access on file open - v3
Casey Schaufler
1
-3
/
+16
2014-04-22
audit: add netlink audit protocol bind to check capabilities on multicast join
Richard Guy Briggs
1
-1
/
+1
2014-04-22
locks: rename file-private locks to "open file description locks"
Jeff Layton
1
-3
/
+3
2014-04-21
device_cgroup: rework device access check and exception checking
Aristeu Rozanski
1
-40
/
+122
2014-04-15
security: Convert use of typedef ctl_table to struct ctl_table
Joe Perches
1
-1
/
+1
2014-04-14
Merge tag 'keys-20140314' of git://git.kernel.org/pub/scm/linux/kernel/git/dh...
James Morris
11
-49
/
+45
2014-04-14
Merge commit 'v3.14' into next
James Morris
15
-53
/
+93
2014-04-12
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...
Linus Torvalds
3
-4
/
+4
2014-04-12
Merge git://git.infradead.org/users/eparis/audit
Linus Torvalds
2
-5
/
+8
2014-04-11
Smack: bidirectional UDS connect check
Casey Schaufler
2
-23
/
+27
2014-04-11
Smack: Correctly remove SMACK64TRANSMUTE attribute
Casey Schaufler
1
-6
/
+19
2014-04-11
SMACK: Fix handling value==NULL in post setxattr
José Bollo
1
-1
/
+3
2014-04-11
bugfix patch for SMACK
Pankaj Kumar
1
-2
/
+2
2014-04-11
Smack: adds smackfs/ptrace interface
Lukasz Pawelczyk
4
-2
/
+108
2014-04-11
Smack: unify all ptrace accesses in the smack
Lukasz Pawelczyk
1
-13
/
+71
2014-04-11
Smack: fix the subject/object order in smack_ptrace_traceme()
Lukasz Pawelczyk
3
-9
/
+29
2014-04-11
Minor improvement of 'smack_sb_kern_mount'
José Bollo
1
-3
/
+5
2014-04-04
Merge branch 'locks-3.15' of git://git.samba.org/jlayton/linux
Linus Torvalds
1
-0
/
+3
2014-04-04
Merge branch 'cross-rename' of git://git.kernel.org/pub/scm/linux/kernel/git/...
Linus Torvalds
1
-2
/
+20
2014-04-03
Merge branch 'for-3.15' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c...
Linus Torvalds
1
-8
/
+4
2014-04-03
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...
Linus Torvalds
26
-175
/
+208
2014-04-02
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Linus Torvalds
1
-2
/
+3
2014-04-01
get rid of pointless checks for NULL ->i_op
Al Viro
3
-4
/
+4
2014-04-01
vfs: add cross-rename
Miklos Szeredi
1
-0
/
+16
2014-04-01
security: add flags to rename hooks
Miklos Szeredi
1
-2
/
+4
2014-03-31
Merge branch 'compat' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/l...
Linus Torvalds
1
-2
/
+2
2014-03-31
locks: add new fcntl cmd values for handling file private locks
Jeff Layton
1
-0
/
+3
2014-03-25
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
David S. Miller
8
-29
/
+46
2014-03-20
audit: anchor all pid references in the initial pid namespace
Richard Guy Briggs
2
-5
/
+8
2014-03-19
selinux: correctly label /proc inodes in use before the policy is loaded
Paul Moore
1
-9
/
+27
2014-03-19
selinux: put the mmap() DAC controls before the MAC controls
Paul Moore
1
-12
/
+8
2014-03-19
cgroup: drop const from @buffer of cftype->write_string()
Tejun Heo
1
-2
/
+2
2014-03-18
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klasse...
David S. Miller
8
-29
/
+46
2014-03-14
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
David S. Miller
1
-1
/
+5
2014-03-14
smack: fix key permission verification
Dmitry Kasatkin
1
-1
/
+6
2014-03-14
KEYS: Move the flags representing required permission to linux/key.h
David Howells
11
-48
/
+39
2014-03-12
Merge branch 'next-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/zo...
James Morris
18
-134
/
+153
2014-03-10
selinux: add gfp argument to security_xfrm_policy_alloc and fix callers
Nikolay Aleksandrov
8
-29
/
+46
2014-03-09
KEYS: Make the keyring cycle detector ignore other keyrings of the same name
David Howells
1
-1
/
+5
2014-03-07
evm: enable key retention service automatically
Dmitry Kasatkin
1
-2
/
+3
2014-03-07
ima: skip memory allocation for empty files
Dmitry Kasatkin
1
-8
/
+12
2014-03-07
evm: EVM does not use MD5
Dmitry Kasatkin
1
-1
/
+0
2014-03-07
ima: return d_name.name if d_path fails
Dmitry Kasatkin
2
-7
/
+2
2014-03-07
integrity: fix checkpatch errors
Dmitry Kasatkin
11
-70
/
+69
2014-03-07
ima: fix erroneous removal of security.ima xattr
Dmitry Kasatkin
1
-2
/
+4
2014-03-07
security: integrity: Use a more current logging style
Joe Perches
7
-11
/
+27
2014-03-07
Merge tag 'v3.13' into for-3.15
Eric Paris
67
-1633
/
+3320
2014-03-07
ima: reduce memory usage when a template containing the n field is used
Roberto Sassu
2
-17
/
+13
2014-03-07
ima: restore the original behavior for sending data with ima template
Roberto Sassu
3
-4
/
+10
2014-03-07
Integrity: Pass commname via get_task_comm()
Tetsuo Handa
1
-1
/
+2
2014-03-07
ima: use static const char array definitions
Mimi Zohar
4
-10
/
+10
2014-03-07
security: have cap_dentry_init_security return error
Jeff Layton
1
-1
/
+1
2014-03-06
security/compat: convert to COMPAT_SYSCALL_DEFINE
Heiko Carstens
1
-2
/
+2
2014-03-05
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
David S. Miller
1
-4
/
+4
2014-03-04
ima: new helper: file_inode(file)
Libo Chen
1
-1
/
+1
2014-02-24
Merge branch 'stable-3.14' of git://git.infradead.org/users/pcmoore/selinux i...
James Morris
1
-4
/
+4
2014-02-20
SELinux: bigendian problems with filename trans rules
Eric Paris
1
-4
/
+4
2014-02-17
security: cleanup Makefiles to use standard syntax for specifying sub-directo...
Sam Ravnborg
2
-8
/
+8
2014-02-12
flowcache: Make flow cache name space aware
Fan Du
1
-2
/
+3
2014-02-10
Merge branch 'stable-3.14' of git://git.infradead.org/users/pcmoore/selinux i...
James Morris
2
-0
/
+6
2014-02-08
cgroup: clean up cgroup_subsys names and initialization
Tejun Heo
1
-6
/
+2
2014-02-06
security: replace strict_strto*() with kstrto*()
Jingoo Han
7
-12
/
+12
2014-02-05
SELinux: Fix kernel BUG on empty security contexts.
Stephen Smalley
1
-0
/
+4
2014-02-05
selinux: add SOCK_DIAG_BY_FAMILY to the list of netlink message types
Paul Moore
1
-0
/
+2
2014-02-05
Merge tag 'v3.13' into stable-3.14
Paul Moore
54
-1239
/
+2802
2014-02-05
security: select correct default LSM_MMAP_MIN_ADDR on arm on arm64
Colin Cross
1
-1
/
+1
2014-01-23
Merge git://git.infradead.org/users/eparis/audit
Linus Torvalds
2
-11
/
+6
2014-01-21
Merge branch 'for-3.14' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c...
Linus Torvalds
1
-4
/
+3
2014-01-21
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...
Linus Torvalds
11
-148
/
+366
2014-01-13
smack: call WARN_ONCE() instead of calling audit_log_start()
Richard Guy Briggs
1
-3
/
+2
2014-01-13
selinux: call WARN_ONCE() instead of calling audit_log_start()
Richard Guy Briggs
1
-8
/
+4
2014-01-12
SELinux: Fix possible NULL pointer dereference in selinux_inode_permission()
Steven Rostedt
2
-3
/
+22
2014-01-08
Merge branch 'master' of git://git.infradead.org/users/pcmoore/selinux into next
James Morris
1
-1
/
+13
2014-01-07
SELinux: Fix memory leak upon loading policy
Tetsuo Handa
1
-1
/
+13
2014-01-07
Merge branch 'master' of git://git.infradead.org/users/pcmoore/selinux into next
James Morris
7
-39
/
+164
2014-01-06
Merge to v3.13-rc7 for prerequisite changes in the Xen code for TPM
James Morris
29
-326
/
+361
2014-01-03
ima: remove unneeded size_limit argument from ima_eventdigest_init_common()
Roberto Sassu
1
-8
/
+6
2014-01-03
ima: pass HASH_ALGO__LAST as hash algo in ima_eventdigest_init()
Roberto Sassu
1
-2
/
+2
2014-01-03
ima: change the default hash algorithm to SHA1 in ima_eventdigest_ng_init()
Roberto Sassu
1
-1
/
+1
2013-12-31
Smack: File receive audit correction
Casey Schaufler
1
-1
/
+1
2013-12-31
Smack: Rationalize mount restrictions
Casey Schaufler
1
-54
/
+29
[next]