Show patches with: Submitter = Kees Cook       |    State = Action Required       |   325 patches
« 1 2 3 4 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
hfsplus: Use struct_group_attr() for memcpy() region hfsplus: Use struct_group_attr() for memcpy() region 1 - - --- 2021-11-19 Kees Cook New
selftests: proc: Make sure wchan works when it exists selftests: proc: Make sure wchan works when it exists - - - --- 2021-10-08 Kees Cook New
[v2,6/6] leaking_addresses: Always print a trailing newline wchan: Fix ORC support and leaky fallback 1 - - --- 2021-09-29 Kees Cook New
[v2,5/6] x86: Fix get_wchan() to support the ORC unwinder wchan: Fix ORC support and leaky fallback - - - --- 2021-09-29 Kees Cook New
[v2,4/6] proc: Only report /proc/$pid/wchan when process is blocked wchan: Fix ORC support and leaky fallback - - - --- 2021-09-29 Kees Cook New
[v2,3/6] proc: Use task_is_running() for wchan in /proc/$pid/stat wchan: Fix ORC support and leaky fallback - - - --- 2021-09-29 Kees Cook New
[v2,2/6] sched: Add wrapper for get_wchan() to keep task blocked wchan: Fix ORC support and leaky fallback - - - --- 2021-09-29 Kees Cook New
[v2,1/6] Revert "proc/wchan: use printk format instead of lookup_symbol_name()" wchan: Fix ORC support and leaky fallback - - - --- 2021-09-29 Kees Cook New
[3/3] x86: Fix get_wchan() to support the ORC unwinder wchan: Fix ORC support and leaky fallback - - - --- 2021-09-24 Kees Cook New
[2/3] leaking_addresses: Always print a trailing newline wchan: Fix ORC support and leaky fallback - - - --- 2021-09-24 Kees Cook New
[1/3] Revert "proc/wchan: use printk format instead of lookup_symbol_name()" wchan: Fix ORC support and leaky fallback 1 - - --- 2021-09-24 Kees Cook New
proc: Disable /proc/$pid/wchan proc: Disable /proc/$pid/wchan - - - --- 2021-09-23 Kees Cook New
[v2] binfmt_elf: Reintroduce using MAP_FIXED_NOREPLACE [v2] binfmt_elf: Reintroduce using MAP_FIXED_NOREPLACE - - - --- 2021-09-16 Kees Cook New
binfmt_elf: Reintroduce using MAP_FIXED_NOREPLACE binfmt_elf: Reintroduce using MAP_FIXED_NOREPLACE - - - --- 2021-09-01 Kees Cook New
[v3,5/5] pstore/blk: Include zone in pstore_device_info Use the normal block device I/O path - 1 - --- 2021-06-16 Kees Cook New
[v3,4/5] pstore/blk: Fix kerndoc and redundancy on blkdev param Use the normal block device I/O path - 1 - --- 2021-06-16 Kees Cook New
[v3,3/5] pstore/blk: Use the normal block device I/O path Use the normal block device I/O path - 1 - --- 2021-06-16 Kees Cook New
[v3,2/5] pstore/blk: Move verify_size() macro out of function Use the normal block device I/O path - - - --- 2021-06-16 Kees Cook New
[v3,1/5] pstore/blk: Improve failure reporting Use the normal block device I/O path - 1 - --- 2021-06-16 Kees Cook New
[v2,4/4] pstore/blk: Fix kerndoc and redundancy on blkdev param Include zone in pstore_device_info - 1 - --- 2021-06-15 Kees Cook New
[v2,3/4] pstore/blk: Include zone in pstore_device_info Include zone in pstore_device_info - - - --- 2021-06-15 Kees Cook New
[v2,2/4] pstore/blk: Use the normal block device I/O path Include zone in pstore_device_info - 1 - --- 2021-06-15 Kees Cook New
[v2,1/4] pstore/blk: Improve failure reporting Include zone in pstore_device_info - - - --- 2021-06-15 Kees Cook New
pstore/blk: Use the normal block device I/O path pstore/blk: Use the normal block device I/O path - - - --- 2021-06-14 Kees Cook New
[v4,3/3] sysfs: Unconditionally use vmalloc for buffer sysfs: Unconditionally use vmalloc for buffer - - - --- 2021-04-01 Kees Cook New
[v4,2/3] seq_file: Fix clang warning for NULL pointer arithmetic sysfs: Unconditionally use vmalloc for buffer - 2 - --- 2021-04-01 Kees Cook New
[v4,1/3] lkdtm/heap: Add vmalloc linear overflow test sysfs: Unconditionally use vmalloc for buffer - - - --- 2021-04-01 Kees Cook New
[v3] sysfs: Unconditionally use vmalloc for buffer [v3] sysfs: Unconditionally use vmalloc for buffer - - - --- 2021-04-01 Kees Cook New
[v2] seq_file: Unconditionally use vmalloc for buffer [v2] seq_file: Unconditionally use vmalloc for buffer - - - --- 2021-03-15 Kees Cook New
seq_file: Unconditionally use vmalloc for buffer seq_file: Unconditionally use vmalloc for buffer - 1 - --- 2021-03-12 Kees Cook New
[RFC,6/6] security/fbfam: Mitigate a fork brute force attack Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,5/6] security/fbfam: Detect a fork brute force attack Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,4/6] security/fbfam: Add a new sysctl to control the crashing rate threshold Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,3/6] security/fbfam: Use the api to manage statistics Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,2/6] security/fbfam: Add the api to manage statistics Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,1/6] security/fbfam: Add a Kconfig to enable the fbfam feature Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[13/13] fs/kernel_file_read: Add "offset" arg for partial reads Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[12/13] LSM: Add "contents" flag to kernel_read_file hook Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[11/13] module: Call security_kernel_post_load_data() Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[10/13] firmware_loader: Use security_post_load_data() Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[09/13] LSM: Introduce kernel_post_load_data() hook Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[08/13] fs/kernel_read_file: Add file_size output argument Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[07/13] fs/kernel_read_file: Switch buffer size arg to size_t Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[06/13] fs/kernel_read_file: Remove redundant size argument Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[05/13] fs/kernel_read_file: Split into separate source file Introduce partial kernel_read_file() support 1 - - --- 2020-07-17 Kees Cook New
[04/13] fs/kernel_read_file: Split into separate include file Introduce partial kernel_read_file() support 1 1 - --- 2020-07-17 Kees Cook New
[03/13] fs/kernel_read_file: Remove FIRMWARE_EFI_EMBEDDED enum Introduce partial kernel_read_file() support 1 - - --- 2020-07-17 Kees Cook New
[02/13] fs/kernel_read_file: Remove FIRMWARE_PREALLOC_BUFFER enum Introduce partial kernel_read_file() support 1 - - --- 2020-07-17 Kees Cook New
[01/13] firmware_loader: EFI firmware loader must handle pre-allocated buffer Introduce partial kernel_read_file() support 1 - - --- 2020-07-17 Kees Cook New
[v7,9/9] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD Add seccomp notifier ioctl that enables adding fds - - - --- 2020-07-09 Kees Cook New
[v7,8/9] seccomp: Introduce addfd ioctl to seccomp user notifier Add seccomp notifier ioctl that enables adding fds - 1 - --- 2020-07-09 Kees Cook New
[v7,7/9] fs: Expand __receive_fd() to accept existing fd Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-09 Kees Cook New
[v7,6/9] pidfd: Replace open-coded receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-09 Kees Cook New
[v7,5/9] fs: Add receive_fd() wrapper for __receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-09 Kees Cook New
[v7,4/9] fs: Move __scm_install_fd() to __receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-09 Kees Cook New
[v7,3/9] net/scm: Regularize compat handling of scm_detach_fds() Add seccomp notifier ioctl that enables adding fds 1 - - --- 2020-07-09 Kees Cook New
[v7,2/9] pidfd: Add missing sock updates for pidfd_getfd() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-07-09 Kees Cook New
[v7,1/9] net/compat: Add missing sock updates for SCM_RIGHTS Add seccomp notifier ioctl that enables adding fds 1 - - --- 2020-07-09 Kees Cook New
[v6.1,6/7] seccomp: Introduce addfd ioctl to seccomp user notifier Untitled series #315383 - - - --- 2020-07-09 Kees Cook New
[4/4] module: Add hook for security_kernel_post_read_file() Fix misused kernel_read_file() enums - - - --- 2020-07-07 Kees Cook New
[3/4] fs: Remove FIRMWARE_EFI_EMBEDDED from kernel_read_file() enums Fix misused kernel_read_file() enums - - - --- 2020-07-07 Kees Cook New
[2/4] fs: Remove FIRMWARE_PREALLOC_BUFFER from kernel_read_file() enums Fix misused kernel_read_file() enums - - - --- 2020-07-07 Kees Cook New
[1/4] firmware_loader: EFI firmware loader must handle pre-allocated buffer Fix misused kernel_read_file() enums - - - --- 2020-07-07 Kees Cook New
[v6,7/7] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD Add seccomp notifier ioctl that enables adding fds - - - --- 2020-07-06 Kees Cook New
[v6,6/7] seccomp: Introduce addfd ioctl to seccomp user notifier Add seccomp notifier ioctl that enables adding fds - - - --- 2020-07-06 Kees Cook New
[v6,5/7] fs: Expand __receive_fd() to accept existing fd Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-06 Kees Cook New
[v6,4/7] pidfd: Replace open-coded partial receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-06 Kees Cook New
[v6,3/7] fs: Add receive_fd() wrapper for __receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-06 Kees Cook New
[v6,2/7] fs: Move __scm_install_fd() to __receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-06 Kees Cook New
[v6,1/7] net/scm: Regularize compat handling of scm_detach_fds() Add seccomp notifier ioctl that enables adding fds 1 - - --- 2020-07-06 Kees Cook New
slab: Fix misplaced __free_one() slab: Fix misplaced __free_one() 1 - - --- 2020-06-26 Kees Cook New
[v5,7/7] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v5,6/7] seccomp: Introduce addfd ioctl to seccomp user notifier Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v5,5/7] fs: Expand __fd_install_received() to accept fd Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v5,4/7] pidfd: Replace open-coded partial fd_install_received() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v5,3/7] fs: Add fd_install_received() wrapper for __fd_install_received() Add seccomp notifier ioctl that enables adding fds - 1 - --- 2020-06-17 Kees Cook New
[v5,2/7] fs: Move __scm_install_fd() to __fd_install_received() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v5,1/7] net/scm: Regularize compat handling of scm_detach_fds() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v4,11/11] seccomp: Fix ioctl number for SECCOMP_IOCTL_NOTIF_ID_VALID Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,10/11] seccomp: Switch addfd to Extensible Argument ioctl Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,09/11] selftests/seccomp: Rename user_trap_syscall() to user_notif_syscall() Add seccomp notifier ioctl that enables adding fds - 1 - --- 2020-06-16 Kees Cook New
[v4,08/11] selftests/seccomp: Make kcmp() less required Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,07/11] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,06/11] seccomp: Introduce addfd ioctl to seccomp user notifier Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,05/11] fs: Expand __fd_install_received() to accept fd Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,04/11] pidfd: Replace open-coded partial fd_install_received() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,03/11] fs: Add fd_install_received() wrapper for __fd_install_received() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,02/11] fs: Move __scm_install_fd() to __fd_install_received() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,01/11] net/scm: Regularize compat handling of scm_detach_fds() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v2,3/3] exec: Move path_noexec() check earlier Relocate execve() sanity checks - - - --- 2020-06-05 Kees Cook New
[v2,2/3] exec: Move S_ISREG() check earlier Relocate execve() sanity checks - - - --- 2020-06-05 Kees Cook New
[v2,1/3] exec: Change uselib(2) IS_SREG() failure to EACCES Relocate execve() sanity checks 1 - - --- 2020-06-05 Kees Cook New
[4/4] fs: Include FMODE_EXEC when converting flags to f_mode Relocate execve() sanity checks - - - --- 2020-05-18 Kees Cook New
[3/4] exec: Relocate path_noexec() check Relocate execve() sanity checks - - - --- 2020-05-18 Kees Cook New
[2/4] exec: Relocate S_ISREG() check Relocate execve() sanity checks - - - --- 2020-05-18 Kees Cook New
[1/4] exec: Change uselib(2) IS_SREG() failure to EACCES Relocate execve() sanity checks 1 - - --- 2020-05-18 Kees Cook New
seccomp: Report number of loaded filters in /proc/$pid/status seccomp: Report number of loaded filters in /proc/$pid/status - - - --- 2020-05-13 Kees Cook New
sysctl: Make sure proc handlers can't expose heap memory sysctl: Make sure proc handlers can't expose heap memory 1 - - --- 2020-05-04 Kees Cook New
fs_parse: Remove pr_notice() about each validation fs_parse: Remove pr_notice() about each validation - 1 - --- 2020-03-07 Kees Cook New
fcntl: Distribute switch variables for initialization fcntl: Distribute switch variables for initialization - - - --- 2020-02-20 Kees Cook New
« 1 2 3 4 »