Security modules development

Show patches with: State = Action Required | 12149 patches

« 1 2 ... 13 14 15 … 121 122 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	State
[5.10,3/3] binder: use cred instead of task for getsecid	[5.10,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[5.10,2/3] binder: use cred instead of task for selinux checks	[5.10,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[5.10,1/3] binder: use euid from cred instead of using task	[5.10,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[5.4,3/3] binder: use cred instead of task for getsecid	[5.4,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[5.4,2/3] binder: use cred instead of task for selinux checks	[5.4,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[5.4,1/3] binder: use euid from cred instead of using task	[5.4,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[4.19,2/2] binder: use cred instead of task for selinux checks	[4.19,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[4.19,1/2] binder: use euid from cred instead of using task	[4.19,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[4.14,2/2] binder: use cred instead of task for selinux checks	[4.14,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[4.14,1/2] binder: use euid from cred instead of using task	[4.14,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[4.9,2/2] binder: use cred instead of task for selinux checks	[4.9,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[4.9,1/2] binder: use euid from cred instead of using task	[4.9,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[4.4,2/2] binder: use cred instead of task for selinux checks	[4.4,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[4.4,1/2] binder: use euid from cred instead of using task	[4.4,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	New
[v3,1/1] fuse: Send security context of inode on file creation	fuse: Send file/inode security context during creation	- - -	---	2021-11-10	Vivek Goyal	New
[GIT,PULL] apparmor changes for 5.16	[GIT,PULL] apparmor changes for 5.16	- - -	---	2021-11-10	John Johansen	New
[v16,3/3] selftest/interpreter: Add tests for trusted_for(2) policies	Add trusted_for(2) (was O_MAYEXEC)	- 2 -	---	2021-11-10	Mickaël Salaün	New
[v16,2/3] arch: Wire up trusted_for(2)	Add trusted_for(2) (was O_MAYEXEC)	1 2 -	---	2021-11-10	Mickaël Salaün	New
[v16,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl	Add trusted_for(2) (was O_MAYEXEC)	1 - -	---	2021-11-10	Mickaël Salaün	New
[2/2] module: Move duplicate mod_check_sig users code to mod_parse_sig	[1/2] module: Use key_being_used_for for log messages in verify_appended_signature	- - -	---	2021-11-05	Michal Suchanek	New
[1/2] module: Use key_being_used_for for log messages in verify_appended_signature	[1/2] module: Use key_being_used_for for log messages in verify_appended_signature	- - -	---	2021-11-05	Michal Suchanek	New
[RFC] integrity: disassociate ima_filter_rule from security_audit_rule	[RFC] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-04	Casey Schaufler	New
apparmor: remove duplicated 'Returns:' comments	apparmor: remove duplicated 'Returns:' comments	- - -	---	2021-11-03	Austin Kim	New
smack: clean up smack_enabled to be more readable	smack: clean up smack_enabled to be more readable	- - -	---	2021-11-03	Austin Kim	New
landlock: Initialize kernel stack variables properly	landlock: Initialize kernel stack variables properly	- - -	---	2021-11-03	Austin Kim	New
[PATCHv2,net,4/4] security: implement sctp_assoc_established hook in selinux	security: fixups for the security hooks in sctp	- 1 1	---	2021-11-02	Xin Long	New
[PATCHv2,net,3/4] security: add sctp_assoc_established hook	security: fixups for the security hooks in sctp	- 1 1	---	2021-11-02	Xin Long	New
[PATCHv2,net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce	security: fixups for the security hooks in sctp	- 1 1	---	2021-11-02	Xin Long	New
[PATCHv2,net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone	security: fixups for the security hooks in sctp	- 1 1	---	2021-11-02	Xin Long	New
[GIT,PULL] SELinux patches for v5.16	[GIT,PULL] SELinux patches for v5.16	- - -	---	2021-11-01	Paul Moore	New
[GIT,PULL] Smack patches for v5.16	[GIT,PULL] Smack patches for v5.16	- - -	---	2021-11-01	Casey Schaufler	New
[RESEND] KEYS: trusted: Fix trusted key backends when building as module	[RESEND] KEYS: trusted: Fix trusted key backends when building as module	- - 1	---	2021-11-01	Andreas Rammhold	New
[GIT,PULL] hardening updates for v5.16-rc1	[GIT,PULL] hardening updates for v5.16-rc1	- - -	---	2021-11-01	Kees Cook	New
evm: mark evm_fixmode as __ro_after_init	evm: mark evm_fixmode as __ro_after_init	- - -	---	2021-10-28	Austin Kim	New
ima/evm: mark evm_fixmode as __ro_after_init	ima/evm: mark evm_fixmode as __ro_after_init	- 1 -	---	2021-10-26	Austin Kim	New
[v3,2/2] tpm: use SM3 instead of SM3_256	use SM3 instead of SM3_256	- - -	---	2021-10-26	tianjia.zhang	New
[v3,1/2] crypto: use SM3 instead of SM3_256	use SM3 instead of SM3_256	- - -	---	2021-10-26	tianjia.zhang	New
[net,4/4] security: implement sctp_assoc_established hook in selinux	security: fixups for the security hooks in sctp	- - -	---	2021-10-22	Xin Long	New
[net,3/4] security: add sctp_assoc_established hook	security: fixups for the security hooks in sctp	- - -	---	2021-10-22	Xin Long	New
[net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce	security: fixups for the security hooks in sctp	- - -	---	2021-10-22	Xin Long	New
[net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone	security: fixups for the security hooks in sctp	- - -	---	2021-10-22	Xin Long	New
sctp: initialize endpoint LSM labels also on the client side	sctp: initialize endpoint LSM labels also on the client side	- - -	---	2021-10-21	Ondrej Mosnacek	New
[2/2] gcc-plugins: Remove cyc_complexity	gcc-plugins: Explicitly document purpose and deprecation schedule	- 2 -	---	2021-10-20	Kees Cook	New
[1/2] gcc-plugins: Explicitly document purpose and deprecation schedule	gcc-plugins: Explicitly document purpose and deprecation schedule	- 2 -	---	2021-10-20	Kees Cook	New
[v4,3/3] virt: Add efi_secret module to expose confidential computing secrets	Allow guest access to EFI confidential computing secret area	- - -	---	2021-10-20	Dov Murik	New
[v4,2/3] efi: Reserve confidential computing secret area	Allow guest access to EFI confidential computing secret area	- - -	---	2021-10-20	Dov Murik	New
[v4,1/3] efi/libstub: Copy confidential computing secret area	Allow guest access to EFI confidential computing secret area	- - -	---	2021-10-20	Dov Murik	New
smackfs: use __GFP_NOFAIL for smk_cipso_doi()	smackfs: use __GFP_NOFAIL for smk_cipso_doi()	- - -	---	2021-10-19	Tetsuo Handa	New
smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi	smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi	- - -	---	2021-10-19	Tetsuo Handa	New
[v2,2/2] tpm: use SM3 instead of SM3_256	use SM3 instead of SM3_256	- - -	---	2021-10-19	tianjia.zhang	New
[v2,1/2] crypto: use SM3 instead of SM3_256	use SM3 instead of SM3_256	- - -	---	2021-10-19	tianjia.zhang	New
[v3,3/3] virt: Add efi_secret module to expose confidential computing secrets	Allow guest access to EFI confidential computing secret area	- - -	---	2021-10-14	Dov Murik	New
[v3,2/3] efi: Reserve confidential computing secret area	Allow guest access to EFI confidential computing secret area	- - -	---	2021-10-14	Dov Murik	New
[v3,1/3] efi/libstub: Copy confidential computing secret area	Allow guest access to EFI confidential computing secret area	- - -	---	2021-10-14	Dov Murik	New
[v1,3/3] security: define a trusted_for hook	[v1,1/3] ima: define ima_trusted_for hook	- - -	---	2021-10-14	Mimi Zohar	New
[v1,2/3] fs: extend the trusted_for syscall to call IMA	[v1,1/3] ima: define ima_trusted_for hook	- - -	---	2021-10-14	Mimi Zohar	New
[v1,1/3] ima: define ima_trusted_for hook	[v1,1/3] ima: define ima_trusted_for hook	- - -	---	2021-10-14	Mimi Zohar	New
[RFC,v7,16/16] documentation: add ipe documentation	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,15/16] ipe: kunit tests	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,14/16] scripts: add boot policy generation program	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,13/16] ipe: enable support for fs-verity as a trust provider	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,12/16] fsverity\|security: add security hooks to fsverity digest and signature	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,11/16] ipe: add support for dm-verity as a trust provider	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,10/16] fs\|dm-verity: add block_dev LSM blob and submit dm-verity data	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,09/16] ipe: introduce 'boot_verified' as a trust provider	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,08/16] ipe: add permissive toggle	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,07/16] ipe: add auditing support	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,06/16] uapi\|audit: add trust audit message definitions	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,05/16] ipe: add LSM hooks on execution and kernel read	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,04/16] ipe: add userspace interface	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,03/16] ipe: add evaluation loop	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,02/16] ipe: add policy parser	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,01/16] security: add ipe lsm & initial context creation	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
LSM: Avoid warnings about potentially unused hook variables	LSM: Avoid warnings about potentially unused hook variables	2 - -	---	2021-10-13	Kees Cook	New
[2/2] fs: extend the trusted_for syscall to call IMA	[1/2] ima: define ima_trusted_for hook	- - -	---	2021-10-13	Mimi Zohar	New
[1/2] ima: define ima_trusted_for hook	[1/2] ima: define ima_trusted_for hook	- - -	---	2021-10-13	Mimi Zohar	New
[v15,3/3] selftest/interpreter: Add tests for trusted_for(2) policies	Add trusted_for(2) (was O_MAYEXEC)	- 2 -	---	2021-10-12	Mickaël Salaün	New
[v15,2/3] arch: Wire up trusted_for(2)	Add trusted_for(2) (was O_MAYEXEC)	1 2 -	---	2021-10-12	Mickaël Salaün	New
[v15,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl	Add trusted_for(2) (was O_MAYEXEC)	1 - -	---	2021-10-12	Mickaël Salaün	New
[v2,2/2] fuse: Send security context of inode on file creation	fuse: Send file/inode security context during creation	- - -	---	2021-10-12	Vivek Goyal	New
[v2,1/2] fuse: Add a flag FUSE_SECURITY_CTX	fuse: Send file/inode security context during creation	- - -	---	2021-10-12	Vivek Goyal	New
[v5,3/3] binder: use cred instead of task for getsecid	binder: use cred instead of task for security context	- - -	---	2021-10-12	Todd Kjos	New
[v5,2/3] binder: use cred instead of task for selinux checks	binder: use cred instead of task for security context	- - -	---	2021-10-12	Todd Kjos	New
[v5,1/3] binder: use euid from cred instead of using task	binder: use cred instead of task for security context	- - -	---	2021-10-12	Todd Kjos	New
[v2] security: Return xattr name from security_dentry_init_security()	[v2] security: Return xattr name from security_dentry_init_security()	1 2 -	---	2021-10-12	Vivek Goyal	New
LSM: general protection fault in legacy_parse_param	LSM: general protection fault in legacy_parse_param	2 - -	---	2021-10-11	Casey Schaufler	New
[apparmor] apparmor: remove unneeded one-line hook wrappers	[apparmor] apparmor: remove unneeded one-line hook wrappers	- - -	---	2021-10-11	Florian Westphal	New
[smack] smack: remove duplicated hook function	[smack] smack: remove duplicated hook function	- - -	---	2021-10-11	Florian Westphal	New
security/landlock: use square brackets around "landlock-ruleset"	security/landlock: use square brackets around "landlock-ruleset"	- - -	---	2021-10-11	Christian Brauner	New
[v4,5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	- 1 2	---	2021-10-11	Ahmad Fatoum	New
[v4,4/5] crypto: caam - add in-kernel interface for blob generator	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	- 2 1	---	2021-10-11	Ahmad Fatoum	New
[v4,3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	1 1 1	---	2021-10-11	Ahmad Fatoum	New
[v4,2/5] KEYS: trusted: allow users to use kernel RNG for key material	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	1 2 1	---	2021-10-11	Ahmad Fatoum	New
[v4,1/5] KEYS: trusted: allow use of TEE as backend without TCG_TPM support	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	- 2 2	---	2021-10-11	Ahmad Fatoum	New
[2/2] tpm: use SM3 instead of SM3_256	tpm: use SM3 instead of SM3_256	- - -	---	2021-10-09	tianjia.zhang	New
[1/2] crypto: use SM3 instead of SM3_256	tpm: use SM3 instead of SM3_256	- - -	---	2021-10-09	tianjia.zhang	New
ima: fix deadlock when traversing "ima_default_rules".	ima: fix deadlock when traversing "ima_default_rules".	- 1 -	---	2021-10-09	Li Qiong	New
[-next] integrity: return early if audit_log_start return NULL	[-next] integrity: return early if audit_log_start return NULL	1 - -	---	2021-10-09	cuigaosheng	New
[v14,3/3] selftest/interpreter: Add tests for trusted_for(2) policies	Add trusted_for(2) (was O_MAYEXEC)	- 2 -	---	2021-10-08	Mickaël Salaün	New
[v14,2/3] arch: Wire up trusted_for(2)	Add trusted_for(2) (was O_MAYEXEC)	1 2 -	---	2021-10-08	Mickaël Salaün	New

« 1 2 ... 13 14 15 … 121 122 »