System Audit Discussions

Show patches with: Archived = No | 309 patches

« 1 2 3 4 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
tools: update astyle config for astyle v3.2.x	tools: update astyle config for astyle v3.2.x	- - -	---	2023-04-28	Paul Moore	pcmoore	Accepted
tests/io_uring: set a filter for the io_uring ops we want to catch	tests/io_uring: set a filter for the io_uring ops we want to catch	- - -	---	2023-03-17	Paul Moore		Accepted
MAINTAINERS: update the audit entry	MAINTAINERS: update the audit entry	- - -	---	2023-11-15	Paul Moore	pcmoore	Accepted
kernel: auditfilter: Remove unnecessary ‘0’ values from ret	kernel: auditfilter: Remove unnecessary ‘0’ values from ret	- - -	---	2023-12-28	Li zeming	pcmoore	Accepted
io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL	io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL	- - -	---	2024-01-23	Paul Moore	pcmoore	Handled Elsewhere
audit: use pid.is_auditd to make auditd_test_task() faster	audit: use pid.is_auditd to make auditd_test_task() faster	- - -	---	2023-04-14	Eiichi Tsukata	pcmoore	Rejected
audit: use mmget() instead of get_task_exe_file() when auditing @current	audit: use mmget() instead of get_task_exe_file() when auditing @current	- - -	---	2023-10-18	Paul Moore	pcmoore	Superseded
audit: Use KMEM_CACHE instead of kmem_cache_create	audit: Use KMEM_CACHE instead of kmem_cache_create	- - -	---	2024-01-24	Kunwu Chan	pcmoore	Accepted
audit: io_uring openat triggers audit reference count underflow in worker thread	audit: io_uring openat triggers audit reference count underflow in worker thread	- - -	---	2023-10-06	Dan Clash	pcmoore	Changes Requested
audit: fix possible soft lockup in __audit_inode_child()	audit: fix possible soft lockup in __audit_inode_child()	- - -	---	2023-08-05	Gaosheng Cui	pcmoore	Changes Requested
audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare()	audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare()	- - -	---	2023-11-15	Paul Moore	pcmoore	Accepted
audit: check syscall bitmap on entry to avoid extra work	audit: check syscall bitmap on entry to avoid extra work	- - -	---	2023-05-23	Ivan Babrou	pcmoore	Rejected
audit: Annotate struct audit_chunk with __counted_by	audit: Annotate struct audit_chunk with __counted_by	- 1 -	---	2023-08-17	Kees Cook	pcmoore	Accepted
audit: add task history record	audit: add task history record	- - -	---	2023-08-11	Tetsuo Handa	pcmoore	Rejected
audit,io_uring: io_uring openat triggers audit reference count underflow	audit,io_uring: io_uring openat triggers audit reference count underflow	1 1 -	---	2023-10-12	Dan Clash	pcmoore	Accepted
[v39,18/42] LSM: Use lsmcontext in security_lsmblob_to_secctx	Untitled series #810617	- - -	---	2023-12-15	Casey Schaufler	pcmoore	Handled Elsewhere
[v39,17/42] LSM: Use lsmcontext in security_secid_to_secctx	Untitled series #810617	- - -	---	2023-12-15	Casey Schaufler	pcmoore	Handled Elsewhere
[v39,16/42] LSM: Ensure the correct LSM context releaser	Untitled series #810617	3 2 -	---	2023-12-15	Casey Schaufler	pcmoore	Handled Elsewhere
[v39,13/42] LSM: Create new security_cred_getlsmblob LSM hook	Untitled series #810617	2 2 -	---	2023-12-15	Casey Schaufler	pcmoore	Handled Elsewhere
[v39,11/42] LSM: Use lsmblob in security_inode_getsecid	Untitled series #810617	2 2 -	---	2023-12-15	Casey Schaufler	pcmoore	Handled Elsewhere
[v39,08/42] LSM: Use lsmblob in security_ipc_getsecid	Untitled series #810617	2 2 -	---	2023-12-15	Casey Schaufler	pcmoore	Handled Elsewhere
[v3] ima: Avoid blocking in RCU read-side critical section	[v3] ima: Avoid blocking in RCU read-side critical section	- 2 -	---	2024-05-07	Guozihua (Scott)	pcmoore	Handled Elsewhere
[v3] audit: don't take task_lock() in audit_exe_compare() code path	[v3] audit: don't take task_lock() in audit_exe_compare() code path	- 2 -	---	2023-10-24	Paul Moore	pcmoore	Accepted
[v3,2/2] fs/xattr: add *at family syscalls	Untitled series #848331	- 1 -	---	2024-04-26	Christian Göttsche	pcmoore	Handled Elsewhere
[v2] TaskTracker : Simplified thread information tracker.	[v2] TaskTracker : Simplified thread information tracker.	- - -	---	2023-08-06	Tetsuo Handa	pcmoore	Handled Elsewhere
[v2] audit: Send netlink ACK before setting connection in auditd_set	[v2] audit: Send netlink ACK before setting connection in auditd_set	- - -	---	2023-10-18	Chris Riches	pcmoore	Accepted
[v2] audit: fix possible soft lockup in __audit_inode_child()	[v2] audit: fix possible soft lockup in __audit_inode_child()	- - -	---	2023-08-08	Gaosheng Cui	pcmoore	Accepted
[v2] audit: don't take task_lock() in audit_exe_compare() code path	[v2] audit: don't take task_lock() in audit_exe_compare() code path	- 1 -	---	2023-10-24	Paul Moore	pcmoore	Superseded
[v2,5/5] audit: do not use exclusive wait in audit_receive()	audit: refactors and fixes for potential deadlocks	- - -	---	2023-05-11	Eiichi Tsukata	pcmoore	Rejected
[v2,4/5] audit: check if audit_queue is full after prepare_to_wait_exclusive()	audit: refactors and fixes for potential deadlocks	- - -	---	2023-05-11	Eiichi Tsukata	pcmoore	Rejected
[v2,3/5] audit: convert DECLARE_WAITQUEUE to DEFINE_WAIT	audit: refactors and fixes for potential deadlocks	- - -	---	2023-05-11	Eiichi Tsukata	pcmoore	Changes Requested
[v2,25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr()	fs: use type-safe uid representation for filesystem capabilities	- - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,24/25] commoncap: use vfs fscaps interfaces	fs: use type-safe uid representation for filesystem capabilities	- - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,23/25] commoncap: remove cap_inode_getsecurity()	fs: use type-safe uid representation for filesystem capabilities	1 - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,22/25] fs: use vfs interfaces for capabilities xattrs	fs: use type-safe uid representation for filesystem capabilities	- - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,21/25] ovl: use vfs_{get,set}_fscaps() for copy-up	fs: use type-safe uid representation for filesystem capabilities	- 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,20/25] ovl: add fscaps handlers	fs: use type-safe uid representation for filesystem capabilities	- - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,2/5] audit: account backlog waiting time in audit_receive()	audit: refactors and fixes for potential deadlocks	- - -	---	2023-05-11	Eiichi Tsukata	pcmoore	Rejected
[v2,2/2] audit: replace auditd_conn.pid with auditd_pid	audit: syscall audit optimization (> +6% faster)	- - -	---	2023-04-18	Eiichi Tsukata	pcmoore	Rejected
[v2,19/25] fs: add vfs_remove_fscaps()	fs: use type-safe uid representation for filesystem capabilities	- - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,18/25] fs: add vfs_set_fscaps()	fs: use type-safe uid representation for filesystem capabilities	- - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,17/25] fs: add vfs_get_fscaps()	fs: use type-safe uid representation for filesystem capabilities	- 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,16/25] fs: add inode operations to get/set/remove fscaps	fs: use type-safe uid representation for filesystem capabilities	- 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,15/25] security: call evm fscaps hooks from generic security hooks	fs: use type-safe uid representation for filesystem capabilities	- - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,14/25] evm: add support for fscaps security hooks	fs: use type-safe uid representation for filesystem capabilities	- - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,13/25] smack: add hooks for fscaps operations	fs: use type-safe uid representation for filesystem capabilities	- - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,12/25] selinux: add hooks for fscaps operations	fs: use type-safe uid representation for filesystem capabilities	- - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,11/25] security: add hooks for set/get/remove of fscaps	fs: use type-safe uid representation for filesystem capabilities	1 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,10/25] xattr: use is_fscaps_xattr()	fs: use type-safe uid representation for filesystem capabilities	- 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,1/5] audit: refactor queue full checks	audit: refactors and fixes for potential deadlocks	- - -	---	2023-05-11	Eiichi Tsukata	pcmoore	Changes Requested
[v2,1/2] audit: add global auditd_pid to make auditd_test_task() faster	audit: syscall audit optimization (> +6% faster)	- - -	---	2023-04-18	Eiichi Tsukata	pcmoore	Rejected
[v2,09/25] commoncap: use is_fscaps_xattr()	fs: use type-safe uid representation for filesystem capabilities	- 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,08/25] xattr: add is_fscaps_xattr() helper	fs: use type-safe uid representation for filesystem capabilities	- 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,07/25] capability: provide a helper for converting vfs_caps to xattr for userspace	fs: use type-safe uid representation for filesystem capabilities	- 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,06/25] capability: provide helpers for converting between xattrs and vfs_caps	fs: use type-safe uid representation for filesystem capabilities	- - -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,05/25] capability: use vfsuid_t for vfs_caps rootids	fs: use type-safe uid representation for filesystem capabilities	1 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,04/25] capability: rename cpu_vfs_cap_data to vfs_caps	fs: use type-safe uid representation for filesystem capabilities	1 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data	fs: use type-safe uid representation for filesystem capabilities	- 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,02/25] mnt_idmapping: include cred.h	fs: use type-safe uid representation for filesystem capabilities	- 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v2,01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h	fs: use type-safe uid representation for filesystem capabilities	- 1 -	---	2024-02-21	Seth Forshee	pcmoore	Handled Elsewhere
[v18,21/21] MAINTAINERS: ipe: add ipe maintainer information	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,20/21] Documentation: add ipe documentation	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,19/21] ipe: kunit test for parser	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,18/21] scripts: add boot policy generation program	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,17/21] ipe: enable support for fs-verity as a trust provider	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,16/21] fsverity: expose verified fsverity built-in signatures to LSMs	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,15/21] security: add security_inode_setintegrity() hook	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,14/21] ipe: add support for dm-verity as a trust provider	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,13/21] dm verity: expose root hash digest and signature data to LSMs	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,12/21] dm: add finalize hook to target_type	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,11/21] block,lsm: add LSM blob and new LSM hooks for block device	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,10/21] ipe: add permissive toggle	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,09/21] uapi\|audit\|ipe: add ipe auditing support	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,08/21] ipe: add userspace interface	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,07/21] security: add new securityfs delete function	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,06/21] ipe: introduce 'boot_verified' as a trust provider	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,05/21] initramfs\|security: Add a security hook to do_populate_rootfs()	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,04/21] ipe: add LSM hooks on execution and kernel read	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,03/21] ipe: add evaluation loop	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,02/21] ipe: add policy parser	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v18,01/21] security: add ipe lsm	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-05-03	Fan Wu	pcmoore	Handled Elsewhere
[v17,21/21] MAINTAINERS: ipe: add ipe maintainer information	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,20/21] Documentation: add ipe documentation	Integrity Policy Enforcement LSM (IPE)	- 1 -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,19/21] ipe: kunit test for parser	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,18/21] scripts: add boot policy generation program	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,17/21] ipe: enable support for fs-verity as a trust provider	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,16/21] fsverity: expose verified fsverity built-in signatures to LSMs	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,15/21] security: add security_inode_setintegrity() hook	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,14/21] ipe: add support for dm-verity as a trust provider	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,13/21] dm verity: consume root hash digest and expose signature data via LSM hook	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,12/21] dm: add finalize hook to target_type	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,11/21] block,lsm: add LSM blob and new LSM hooks for block device	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,10/21] ipe: add permissive toggle	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,09/21] uapi\|audit\|ipe: add ipe auditing support	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,08/21] ipe: add userspace interface	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,07/21] security: add new securityfs delete function	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,06/21] ipe: introduce 'boot_verified' as a trust provider	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,05/21] initramfs\|security: Add a security hook to do_populate_rootfs()	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,04/21] ipe: add LSM hooks on execution and kernel read	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere
[v17,03/21] ipe: add evaluation loop	Integrity Policy Enforcement LSM (IPE)	- - -	---	2024-04-13	Fan Wu	pcmoore	Handled Elsewhere

« 1 2 3 4 »