Security modules development

Show patches with: State = Action Required | Archived = No | 161 patches

« 1 2 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[v2,lsm/dev] net: corrections for security_secid_to_secctx returns	[v2,lsm/dev] net: corrections for security_secid_to_secctx returns	- - -	---	2024-12-20	Casey Schaufler		New
[RESEND] apparmor: Use str_yes_no() helper function	[RESEND] apparmor: Use str_yes_no() helper function	1 - -	---	2024-12-20	Thorsten Blum		New
[v7,bpf-next,7/7] selftests/bpf: Test kfuncs that set and remove xattr from BPF programs	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v7,bpf-next,6/7] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v7,bpf-next,5/7] bpf: Use btf_kfunc_id_set.remap logic for bpf_dynptr_from_skb	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v7,bpf-next,4/7] bpf: Extend btf_kfunc_id_set to handle kfunc polymorphism	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v7,bpf-next,3/7] bpf: lsm: Add two more sleepable hooks	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v7,bpf-next,2/7] selftests/bpf: Extend test fs_kfuncs to cover security.bpf. xattr names	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v7,bpf-next,1/7] fs/xattr: bpf: Introduce security.bpf. xattr name prefix	Enable writing xattr from BPF programs	1 1 -	---	2024-12-19	Song Liu		New
[2/2] io_uring: use security_uring_allowed()	[1/2] lsm: add LSM hooks for io_uring_setup()	- - -	---	2024-12-19	Hamza Mahfooz		New
[1/2] lsm: add LSM hooks for io_uring_setup()	[1/2] lsm: add LSM hooks for io_uring_setup()	- - -	---	2024-12-19	Hamza Mahfooz		New
lsm,io_uring: add LSM hooks for io_uring_setup()	lsm,io_uring: add LSM hooks for io_uring_setup()	- - -	---	2024-12-19	Hamza Mahfooz		New
[v6,bpf-next,7/7] selftests/bpf: Test kfuncs that set and remove xattr from BPF programs	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v6,bpf-next,6/7] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v6,bpf-next,5/7] bpf: Use btf_kfunc_id_set.remap logic for bpf_dynptr_from_skb	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v6,bpf-next,4/7] bpf: Extend btf_kfunc_id_set to handle kfunc polymorphism	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v6,bpf-next,3/7] bpf: lsm: Add two more sleepable hooks	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v6,bpf-next,2/7] selftests/bpf: Extend test fs_kfuncs to cover security.bpf. xattr names	Enable writing xattr from BPF programs	- - -	---	2024-12-19	Song Liu		New
[v6,bpf-next,1/7] fs/xattr: bpf: Introduce security.bpf. xattr name prefix	Enable writing xattr from BPF programs	1 1 -	---	2024-12-19	Song Liu		New
[v2] capability: Remove unused has_capability	[v2] capability: Remove unused has_capability	- 1 -	---	2024-12-19	Dr. David Alan Gilbert		New
[11/11] reboot: retire hw_protection_reboot and hw_protection_shutdown helpers	reboot: support runtime configuration of emergency hw_protection action	- - -	---	2024-12-19	Ahmad Fatoum		New
[10/11] thermal: core: allow user configuration of hardware protection action	reboot: support runtime configuration of emergency hw_protection action	- - -	---	2024-12-19	Ahmad Fatoum		New
[09/11] dt-bindings: thermal: give OS some leeway in absence of critical-action	reboot: support runtime configuration of emergency hw_protection action	- - -	---	2024-12-19	Ahmad Fatoum		New
[08/11] platform/chrome: cros_ec_lpc: prepare for hw_protection_shutdown removal	reboot: support runtime configuration of emergency hw_protection action	- - -	---	2024-12-19	Ahmad Fatoum		New
[07/11] regulator: allow user configuration of hardware protection action	reboot: support runtime configuration of emergency hw_protection action	- - -	---	2024-12-19	Ahmad Fatoum		New
[06/11] reboot: add support for configuring emergency hardware protection action	reboot: support runtime configuration of emergency hw_protection action	- - -	---	2024-12-19	Ahmad Fatoum		New
[05/11] reboot: indicate whether it is a HARDWARE PROTECTION reboot or shutdown	reboot: support runtime configuration of emergency hw_protection action	- - -	---	2024-12-19	Ahmad Fatoum		New
[04/11] reboot: rename now misleading hw_protection symbols	reboot: support runtime configuration of emergency hw_protection action	- - -	---	2024-12-19	Ahmad Fatoum		New
[03/11] docs: thermal: sync hardware protection doc with code	reboot: support runtime configuration of emergency hw_protection action	- - -	---	2024-12-19	Ahmad Fatoum		New
[02/11] reboot: reboot, not shutdown, on hw_protection_reboot timeout	reboot: support runtime configuration of emergency hw_protection action	- - -	---	2024-12-19	Ahmad Fatoum		New
[01/11] reboot: replace __hw_protection_shutdown bool action parameter with an enum	reboot: support runtime configuration of emergency hw_protection action	- - -	---	2024-12-19	Ahmad Fatoum		New
[v2,2/2] docs/zh_CN: Add security lsm Chinese translation	Add security index Chinese translation and add security lsm Chinese translation	- 1 -	---	2024-12-19	Yuehui Zhao		New
[v2,1/2] docs/zh_CN: Add security index Chinese translation	Add security index Chinese translation and add security lsm Chinese translation	- 1 -	---	2024-12-19	Yuehui Zhao		New
[v2,5/5] drivers: Remove get_task_comm() and print task comm directly	Remove get_task_comm() and print task comm directly	- 2 -	---	2024-12-19	Yafang Shao		New
[v2,4/5] security: Remove get_task_comm() and print task comm directly	Remove get_task_comm() and print task comm directly	1 1 -	---	2024-12-19	Yafang Shao		New
[v2,3/5] net: Remove get_task_comm() and print task comm directly	Remove get_task_comm() and print task comm directly	- - -	---	2024-12-19	Yafang Shao		New
[v2,2/5] arch: Remove get_task_comm() and print task comm directly	Remove get_task_comm() and print task comm directly	- - -	---	2024-12-19	Yafang Shao		New
[v2,1/5] kernel: Remove get_task_comm() and print task comm directly	Remove get_task_comm() and print task comm directly	- - -	---	2024-12-19	Yafang Shao		New
lsm: integrity: Allow enable/disable ima and evm with lsm= cmdline	lsm: integrity: Allow enable/disable ima and evm with lsm= cmdline	- - -	---	2024-12-18	Song Liu	pcmoore	New
[6/6] Audit: Add record for multiple object contexts	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler	pcmoore	New
[5/6] Audit: multiple subject lsm values for netlabel	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler	pcmoore	New
[4/6] Audit: Add record for multiple task security contexts	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler	pcmoore	New
[3/6] LSM: security_lsmblob_to_secctx module selection	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler	pcmoore	New
[2/6] Audit: Allow multiple records in an audit_buffer	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler	pcmoore	New
[1/6] Audit: Create audit_stamp structure	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler	pcmoore	New
[v2] lsm: check size of writes	[v2] lsm: check size of writes	- 1 -	---	2024-12-17	Leo Stone	pcmoore	Under Review
capability: Remove unused has_capability	capability: Remove unused has_capability	- 1 -	---	2024-12-15	Dr. David Alan Gilbert	pcmoore	Under Review
[lsm/dev] net: corrections for security_secid_to_secctx returns	[lsm/dev] net: corrections for security_secid_to_secctx returns	- - -	---	2024-12-11	Casey Schaufler	pcmoore	Under Review
lsm: add reserved flag in lsm_prop struct	lsm: add reserved flag in lsm_prop struct	- - -	---	2024-12-06	李豪杰	pcmoore	Under Review
[1/2] lsm: constify function parameters	[1/2] lsm: constify function parameters	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[2/2] lsm: rename variable to avoid shadowing	[1/2] lsm: constify function parameters	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[01/11] coccinelle: Add script to reorder capable() calls	[01/11] coccinelle: Add script to reorder capable() calls	- 1 -	---	2024-11-25	Christian Göttsche	pcmoore	New
[11/11] infiniband: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[10/11] skbuff: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[09/11] fs: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- 1 -	---	2024-11-25	Christian Göttsche	pcmoore	New
[08/11] gfs2: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[07/11] ipv4: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[06/11] ubifs: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	1 - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[05/11] genwqe: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[04/11] hugetlbfs: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[03/11] ext4: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[02/11] quota: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[v21,6/6] samples/check-exec: Add an enlighten "inc" interpreter and 28 tests	Script execution control (was O_MAYEXEC)	- - -	---	2024-11-12	Mickaël Salaün	pcmoore	New
[v21,5/6] samples/check-exec: Add set-exec	Script execution control (was O_MAYEXEC)	- - -	---	2024-11-12	Mickaël Salaün	pcmoore	New
[v21,4/6] selftests/landlock: Add tests for execveat + AT_EXECVE_CHECK	Script execution control (was O_MAYEXEC)	- - -	---	2024-11-12	Mickaël Salaün	pcmoore	New
[v21,3/6] selftests/exec: Add 32 tests for AT_EXECVE_CHECK and exec securebits	Script execution control (was O_MAYEXEC)	- - -	---	2024-11-12	Mickaël Salaün	pcmoore	New
[v21,2/6] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits	Script execution control (was O_MAYEXEC)	- 1 -	---	2024-11-12	Mickaël Salaün	pcmoore	New
[v21,1/6] exec: Add a new AT_EXECVE_CHECK flag to execveat(2)	Script execution control (was O_MAYEXEC)	1 1 -	---	2024-11-12	Mickaël Salaün	pcmoore	New
[next] security: remove redundant assignment to variable rc	[next] security: remove redundant assignment to variable rc	- 1 -	---	2024-11-12	Colin Ian King	pcmoore	New
selinux,xfrm: fix dangling refcount on deferred skb free	selinux,xfrm: fix dangling refcount on deferred skb free	- - -	---	2024-11-06	Ondrej Mosnacek	pcmoore	Under Review
[v2] mm: Split critical region in remap_file_pages() and invoke LSMs in between	[v2] mm: Split critical region in remap_file_pages() and invoke LSMs in between	- 5 2	---	2024-10-18	Roberto Sassu	pcmoore	Under Review
[RFC,v3,13/13] clavis: Kunit support	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,12/13] clavis: Add function redirection for Kunit support	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,11/13] clavis: Prevent boot param change during kexec	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,10/13] efi: Make clavis boot param persist across kexec	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,09/13] clavis: Allow user to define acl at build time	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,08/13] clavis: Introduce new LSM called clavis	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,07/13] keys: Add ability to track intended usage of the public key	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,06/13] clavis: Populate clavis keyring acl with kernel module signature	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,05/13] clavis: Introduce a new key type called clavis_key_acl	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,04/13] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE)	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,03/13] clavis: Introduce a new system keyring called clavis	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,02/13] certs: Introduce ability to link to a system key	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
[RFC,v3,01/13] certs: Remove CONFIG_INTEGRITY_PLATFORM_KEYRING check	Clavis LSM	- - -	---	2024-10-17	Eric Snowberg	pcmoore	New
ima: Suspend PCR extends and log appends when rebooting	ima: Suspend PCR extends and log appends when rebooting	- - -	---	2024-10-11	Stefan Berger	pcmoore	New
[RFC,v4] mm: move the check of READ_IMPLIES_EXEC out of do_mmap()	[RFC,v4] mm: move the check of READ_IMPLIES_EXEC out of do_mmap()	- - -	---	2024-09-28	Shu Han		Under Review
mm: move security_file_mmap() back into do_mmap()	mm: move security_file_mmap() back into do_mmap()	- - -	---	2024-09-25	Shu Han		Under Review
mm: move the check of READ_IMPLIES_EXEC out of do_mmap()	mm: move the check of READ_IMPLIES_EXEC out of do_mmap()	- - -	---	2024-09-25	Shu Han		Under Review
[v4,14/14] Activate the configuration and build of the TSEM LSM.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New
[v4,13/14] Implement infrastructure for loadable security models.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New
[v4,12/14] Implement configuration and methods for default model.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New
[v4,11/14] Implement the internal Trusted Modeling Agent.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New
[v4,10/14] Implement security event mapping.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New
[v4,09/14] Add event processing implementation.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New
[v4,08/14] Add security event description export facility.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New
[v4,07/14] Add namespace implementation.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New
[v4,06/14] Implement TSEM control plane.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New
[v4,05/14] Add root domain trust implementation.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New
[v4,04/14] Add primary TSEM implementation file.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New
[v4,03/14] TSEM global declarations.	Implement Trusted Security Event Modeling.	- - -	---	2024-08-26	Dr. Greg	pcmoore	New

« 1 2 »