Show patches with: Submitter = Kees Cook       |    State = Action Required       |   295 patches
« 1 2 3 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,6/6] security/fbfam: Mitigate a fork brute force attack Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,5/6] security/fbfam: Detect a fork brute force attack Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,4/6] security/fbfam: Add a new sysctl to control the crashing rate threshold Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,3/6] security/fbfam: Use the api to manage statistics Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,2/6] security/fbfam: Add the api to manage statistics Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,1/6] security/fbfam: Add a Kconfig to enable the fbfam feature Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[13/13] fs/kernel_file_read: Add "offset" arg for partial reads Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[12/13] LSM: Add "contents" flag to kernel_read_file hook Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[11/13] module: Call security_kernel_post_load_data() Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[10/13] firmware_loader: Use security_post_load_data() Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[09/13] LSM: Introduce kernel_post_load_data() hook Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[08/13] fs/kernel_read_file: Add file_size output argument Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[07/13] fs/kernel_read_file: Switch buffer size arg to size_t Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[06/13] fs/kernel_read_file: Remove redundant size argument Introduce partial kernel_read_file() support - - - --- 2020-07-17 Kees Cook New
[05/13] fs/kernel_read_file: Split into separate source file Introduce partial kernel_read_file() support 1 - - --- 2020-07-17 Kees Cook New
[04/13] fs/kernel_read_file: Split into separate include file Introduce partial kernel_read_file() support 1 1 - --- 2020-07-17 Kees Cook New
[03/13] fs/kernel_read_file: Remove FIRMWARE_EFI_EMBEDDED enum Introduce partial kernel_read_file() support 1 - - --- 2020-07-17 Kees Cook New
[02/13] fs/kernel_read_file: Remove FIRMWARE_PREALLOC_BUFFER enum Introduce partial kernel_read_file() support 1 - - --- 2020-07-17 Kees Cook New
[01/13] firmware_loader: EFI firmware loader must handle pre-allocated buffer Introduce partial kernel_read_file() support 1 - - --- 2020-07-17 Kees Cook New
[v7,9/9] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD Add seccomp notifier ioctl that enables adding fds - - - --- 2020-07-09 Kees Cook New
[v7,8/9] seccomp: Introduce addfd ioctl to seccomp user notifier Add seccomp notifier ioctl that enables adding fds - 1 - --- 2020-07-09 Kees Cook New
[v7,7/9] fs: Expand __receive_fd() to accept existing fd Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-09 Kees Cook New
[v7,6/9] pidfd: Replace open-coded receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-09 Kees Cook New
[v7,5/9] fs: Add receive_fd() wrapper for __receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-09 Kees Cook New
[v7,4/9] fs: Move __scm_install_fd() to __receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-09 Kees Cook New
[v7,3/9] net/scm: Regularize compat handling of scm_detach_fds() Add seccomp notifier ioctl that enables adding fds 1 - - --- 2020-07-09 Kees Cook New
[v7,2/9] pidfd: Add missing sock updates for pidfd_getfd() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-07-09 Kees Cook New
[v7,1/9] net/compat: Add missing sock updates for SCM_RIGHTS Add seccomp notifier ioctl that enables adding fds 1 - - --- 2020-07-09 Kees Cook New
[v6.1,6/7] seccomp: Introduce addfd ioctl to seccomp user notifier Untitled series #315383 - - - --- 2020-07-09 Kees Cook New
[4/4] module: Add hook for security_kernel_post_read_file() Fix misused kernel_read_file() enums - - - --- 2020-07-07 Kees Cook New
[3/4] fs: Remove FIRMWARE_EFI_EMBEDDED from kernel_read_file() enums Fix misused kernel_read_file() enums - - - --- 2020-07-07 Kees Cook New
[2/4] fs: Remove FIRMWARE_PREALLOC_BUFFER from kernel_read_file() enums Fix misused kernel_read_file() enums - - - --- 2020-07-07 Kees Cook New
[1/4] firmware_loader: EFI firmware loader must handle pre-allocated buffer Fix misused kernel_read_file() enums - - - --- 2020-07-07 Kees Cook New
[v6,7/7] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD Add seccomp notifier ioctl that enables adding fds - - - --- 2020-07-06 Kees Cook New
[v6,6/7] seccomp: Introduce addfd ioctl to seccomp user notifier Add seccomp notifier ioctl that enables adding fds - - - --- 2020-07-06 Kees Cook New
[v6,5/7] fs: Expand __receive_fd() to accept existing fd Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-06 Kees Cook New
[v6,4/7] pidfd: Replace open-coded partial receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-06 Kees Cook New
[v6,3/7] fs: Add receive_fd() wrapper for __receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-06 Kees Cook New
[v6,2/7] fs: Move __scm_install_fd() to __receive_fd() Add seccomp notifier ioctl that enables adding fds 1 1 - --- 2020-07-06 Kees Cook New
[v6,1/7] net/scm: Regularize compat handling of scm_detach_fds() Add seccomp notifier ioctl that enables adding fds 1 - - --- 2020-07-06 Kees Cook New
slab: Fix misplaced __free_one() slab: Fix misplaced __free_one() 1 - - --- 2020-06-26 Kees Cook New
[v5,7/7] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v5,6/7] seccomp: Introduce addfd ioctl to seccomp user notifier Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v5,5/7] fs: Expand __fd_install_received() to accept fd Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v5,4/7] pidfd: Replace open-coded partial fd_install_received() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v5,3/7] fs: Add fd_install_received() wrapper for __fd_install_received() Add seccomp notifier ioctl that enables adding fds - 1 - --- 2020-06-17 Kees Cook New
[v5,2/7] fs: Move __scm_install_fd() to __fd_install_received() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v5,1/7] net/scm: Regularize compat handling of scm_detach_fds() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-17 Kees Cook New
[v4,11/11] seccomp: Fix ioctl number for SECCOMP_IOCTL_NOTIF_ID_VALID Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,10/11] seccomp: Switch addfd to Extensible Argument ioctl Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,09/11] selftests/seccomp: Rename user_trap_syscall() to user_notif_syscall() Add seccomp notifier ioctl that enables adding fds - 1 - --- 2020-06-16 Kees Cook New
[v4,08/11] selftests/seccomp: Make kcmp() less required Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,07/11] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,06/11] seccomp: Introduce addfd ioctl to seccomp user notifier Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,05/11] fs: Expand __fd_install_received() to accept fd Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,04/11] pidfd: Replace open-coded partial fd_install_received() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,03/11] fs: Add fd_install_received() wrapper for __fd_install_received() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,02/11] fs: Move __scm_install_fd() to __fd_install_received() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v4,01/11] net/scm: Regularize compat handling of scm_detach_fds() Add seccomp notifier ioctl that enables adding fds - - - --- 2020-06-16 Kees Cook New
[v2,3/3] exec: Move path_noexec() check earlier Relocate execve() sanity checks - - - --- 2020-06-05 Kees Cook New
[v2,2/3] exec: Move S_ISREG() check earlier Relocate execve() sanity checks - - - --- 2020-06-05 Kees Cook New
[v2,1/3] exec: Change uselib(2) IS_SREG() failure to EACCES Relocate execve() sanity checks 1 - - --- 2020-06-05 Kees Cook New
[4/4] fs: Include FMODE_EXEC when converting flags to f_mode Relocate execve() sanity checks - - - --- 2020-05-18 Kees Cook New
[3/4] exec: Relocate path_noexec() check Relocate execve() sanity checks - - - --- 2020-05-18 Kees Cook New
[2/4] exec: Relocate S_ISREG() check Relocate execve() sanity checks - - - --- 2020-05-18 Kees Cook New
[1/4] exec: Change uselib(2) IS_SREG() failure to EACCES Relocate execve() sanity checks 1 - - --- 2020-05-18 Kees Cook New
seccomp: Report number of loaded filters in /proc/$pid/status seccomp: Report number of loaded filters in /proc/$pid/status - - - --- 2020-05-13 Kees Cook New
sysctl: Make sure proc handlers can't expose heap memory sysctl: Make sure proc handlers can't expose heap memory 1 - - --- 2020-05-04 Kees Cook New
fs_parse: Remove pr_notice() about each validation fs_parse: Remove pr_notice() about each validation - 1 - --- 2020-03-07 Kees Cook New
fcntl: Distribute switch variables for initialization fcntl: Distribute switch variables for initialization - - - --- 2020-02-20 Kees Cook New
[v3,2/3] linux/stddef.h: Add sizeof_member() macro treewide: Use sizeof_member() macro - - - --- 2019-10-29 Kees Cook New
[v3,1/3] MIPS: OCTEON: Replace SIZEOF_FIELD() macro treewide: Use sizeof_member() macro - - - --- 2019-10-29 Kees Cook New
[v2,4/4] include: Remove FIELD_SIZEOF() and sizeof_field() macros treewide: Use sizeof_member() macro - - - --- 2019-10-10 Kees Cook New
[v2,2/4] linux/stddef.h: Add sizeof_member() macro treewide: Use sizeof_member() macro - - - --- 2019-10-10 Kees Cook New
[v2,1/4] MIPS: OCTEON: Replace SIZEOF_FIELD() macro treewide: Use sizeof_member() macro - - - --- 2019-10-10 Kees Cook New
[3/3] lib: Introduce test_stackinit module gcc-plugins: Introduce stackinit plugin - - - --- 2019-01-23 Kees Cook New
[2/3] gcc-plugins: Introduce stackinit plugin gcc-plugins: Introduce stackinit plugin - - - --- 2019-01-23 Kees Cook New
[1/3] treewide: Lift switch variables out of switches gcc-plugins: Introduce stackinit plugin 2 1 - --- 2019-01-23 Kees Cook New
fanotify: Make sure to check event_len when copying fanotify: Make sure to check event_len when copying - - - --- 2018-12-04 Kees Cook New
[38/38] lkdtm: Update usercopy tests for whitelisting - - - --- 2018-01-11 Kees Cook New
[37/38] usercopy: Restrict non-usercopy caches to size 0 - - - --- 2018-01-11 Kees Cook New
[36/38] kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl - - - --- 2018-01-11 Kees Cook New
[35/38] kvm: whitelist struct kvm_vcpu_arch 3 - - --- 2018-01-11 Kees Cook New
[34/38] arm: Implement thread_struct whitelist for hardened usercopy - - - --- 2018-01-11 Kees Cook New
[33/38] arm64: Implement thread_struct whitelist for hardened usercopy - - - --- 2018-01-11 Kees Cook New
[32/38] x86: Implement thread_struct whitelist for hardened usercopy 1 - - --- 2018-01-11 Kees Cook New
[31/38] fork: Provide usercopy whitelisting for task_struct 1 - - --- 2018-01-11 Kees Cook New
[30/38] fork: Define usercopy region in thread_stack slab caches 1 - - --- 2018-01-11 Kees Cook New
[29/38] fork: Define usercopy region in mm_struct slab caches 1 - - --- 2018-01-11 Kees Cook New
[28/38] net: Restrict unwhitelisted proto caches to size 0 - - - --- 2018-01-11 Kees Cook New
[27/38] sctp: Copy struct sctp_sock.autoclose to userspace using put_user() - - - --- 2018-01-11 Kees Cook New
[26/38] sctp: Define usercopy region in SCTP proto slab cache - - - --- 2018-01-11 Kees Cook New
[25/38] caif: Define usercopy region in caif proto slab cache - - - --- 2018-01-11 Kees Cook New
[24/38] ip: Define usercopy region in IP proto slab cache - - - --- 2018-01-11 Kees Cook New
[23/38] net: Define usercopy region in struct proto slab cache - - - --- 2018-01-11 Kees Cook New
[22/38] scsi: Define usercopy region in scsi_sense_cache slab cache - - - --- 2018-01-11 Kees Cook New
[21/38] cifs: Define usercopy region in cifs_request slab cache - - - --- 2018-01-11 Kees Cook New
[20/38] vxfs: Define usercopy region in vxfs_inode slab cache - - - --- 2018-01-11 Kees Cook New
[19/38] ufs: Define usercopy region in ufs_inode_cache slab cache - - - --- 2018-01-11 Kees Cook New
[18/38] orangefs: Define usercopy region in orangefs_inode_cache slab cache - - - --- 2018-01-11 Kees Cook New
« 1 2 3 »