Show patches with: State = Action Required       |   12047 patches
« 1 2 3 4120 121 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v22,8/8] ima: instantiate the bprm_creds_for_exec() hook Script execution control (was O_MAYEXEC) - 1 - --- 2024-12-05 Mickaël Salaün New
[v22,7/8] samples/check-exec: Add an enlighten "inc" interpreter and 28 tests Script execution control (was O_MAYEXEC) - - - --- 2024-12-05 Mickaël Salaün New
[v22,6/8] selftests: ktap_helpers: Fix uninitialized variable Script execution control (was O_MAYEXEC) - - - --- 2024-12-05 Mickaël Salaün New
[v22,5/8] samples/check-exec: Add set-exec Script execution control (was O_MAYEXEC) - - - --- 2024-12-05 Mickaël Salaün New
[v22,4/8] selftests/landlock: Add tests for execveat + AT_EXECVE_CHECK Script execution control (was O_MAYEXEC) - - - --- 2024-12-05 Mickaël Salaün New
[v22,3/8] selftests/exec: Add 32 tests for AT_EXECVE_CHECK and exec securebits Script execution control (was O_MAYEXEC) - - - --- 2024-12-05 Mickaël Salaün New
[v22,2/8] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits Script execution control (was O_MAYEXEC) - 1 - --- 2024-12-05 Mickaël Salaün New
[v22,1/8] exec: Add a new AT_EXECVE_CHECK flag to execveat(2) Script execution control (was O_MAYEXEC) 1 1 - --- 2024-12-05 Mickaël Salaün New
[v2] ima: instantiate the bprm_creds_for_exec() hook [v2] ima: instantiate the bprm_creds_for_exec() hook - - - --- 2024-12-04 Mimi Zohar New
[v9] security: add trace event for cap_capable [v9] security: add trace event for cap_capable - - - --- 2024-12-04 Jordan Rome New
[v2] ima: instantiate the bprm_creds_for_exec() hook [v2] ima: instantiate the bprm_creds_for_exec() hook - - 1 --- 2024-12-03 Mimi Zohar New
[v8] security: add trace event for cap_capable [v8] security: add trace event for cap_capable - 2 - --- 2024-11-28 Jordan Rome New
[v7] security: add trace event for cap_capable [v7] security: add trace event for cap_capable - - - --- 2024-11-28 Jordan Rome New
[v6] security: add trace event for cap_capable [v6] security: add trace event for cap_capable - - - --- 2024-11-28 Jordan Rome New
[v2,7/7] ima: Reset IMA_NONACTION_RULE_FLAGS after post_setattr ima: Remove unnecessary inode locks - - - --- 2024-11-28 Roberto Sassu New
[v2,6/7] ima: Discard files opened with O_PATH ima: Remove unnecessary inode locks - - - --- 2024-11-28 Roberto Sassu New
[v2,5/7] ima: Set security.ima on file close when ima_appraise=fix ima: Remove unnecessary inode locks - - - --- 2024-11-28 Roberto Sassu New
[v2,4/7] ima: Mark concurrent accesses to the iint pointer in the inode security blob ima: Remove unnecessary inode locks - - - --- 2024-11-28 Roberto Sassu New
[v2,3/7] ima: Ensure lock is held when setting iint pointer in inode security blob ima: Remove unnecessary inode locks - - - --- 2024-11-28 Roberto Sassu New
[v2,2/7] ima: Remove inode lock ima: Remove unnecessary inode locks - 1 - --- 2024-11-28 Roberto Sassu New
[v2,1/7] fs: ima: Remove S_IMA and IS_IMA() ima: Remove unnecessary inode locks 1 1 - --- 2024-11-28 Roberto Sassu New
[v2] samples/landlock: Fix possible NULL dereference in parse_path() [v2] samples/landlock: Fix possible NULL dereference in parse_path() - - - --- 2024-11-28 Gax-c New
ima: instantiate the bprm_creds_for_exec() hook ima: instantiate the bprm_creds_for_exec() hook - - - --- 2024-11-27 Mimi Zohar New
[GIT,PULL] AppArmor updates for 6.13 [GIT,PULL] AppArmor updates for 6.13 - - - --- 2024-11-27 John Johansen New
[v1] selftests: ktap_helpers: Fix uninitialized variable [v1] selftests: ktap_helpers: Fix uninitialized variable - - - --- 2024-11-27 Mickaël Salaün New
[RFC] ima: instantiate the bprm_creds_for_exec() hook [RFC] ima: instantiate the bprm_creds_for_exec() hook - - - --- 2024-11-27 Mimi Zohar New
[RFC,v4] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() [RFC,v4] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-28 Shu Han Under Review
mm: move security_file_mmap() back into do_mmap() mm: move security_file_mmap() back into do_mmap() - - - --- 2024-09-25 Shu Han Under Review
mm: move the check of READ_IMPLIES_EXEC out of do_mmap() mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-25 Shu Han Under Review
[v10,6/7] doc: trusted-encrypted: describe new CAAM trust source KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 - --- 2022-05-13 Ahmad Fatoum New
[v10,5/7] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 3 5 --- 2022-05-13 Ahmad Fatoum New
[v10,4/7] crypto: caam - add in-kernel interface for blob generator KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 5 --- 2022-05-13 Ahmad Fatoum New
[v10,3/7] crypto: caam - determine whether CAAM supports blob encap/decap KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 1 1 --- 2022-05-13 Ahmad Fatoum New
[v10,2/7] KEYS: trusted: allow use of kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 2 3 3 --- 2022-05-13 Ahmad Fatoum New
[v10,1/7] KEYS: trusted: allow use of TEE as backend without TCG_TPM support KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 3 5 --- 2022-05-13 Ahmad Fatoum New
[v2] landlock: Explain how to support Landlock [v2] landlock: Explain how to support Landlock - 1 - --- 2022-05-13 Mickaël Salaün New
[v4] x86/kexec: Carry forward IMA measurement log on kexec [v4] x86/kexec: Carry forward IMA measurement log on kexec - 1 - --- 2022-05-12 Jonathan McDowell New
[v1] landlock: Explain how to support Landlock [v1] landlock: Explain how to support Landlock - - - --- 2022-05-12 Mickaël Salaün New
[-next] apparmor: Fix aa_str_perms() kernel-doc comment [-next] apparmor: Fix aa_str_perms() kernel-doc comment 1 - - --- 2022-05-12 Yang Li New
[v8,4/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification Untitled series #640875 2 1 - --- 2022-05-12 Coiby Xu New
[v8,3/4] arm64: kexec_file: use more system keyrings to verify kernel image signature Untitled series #640875 2 - - --- 2022-05-12 Coiby Xu New
[v8,2/4] kexec, KEYS: make the code in bzImage64_verify_sig generic Untitled series #640875 1 1 - --- 2022-05-12 Coiby Xu New
loadpin: stop using bdevname loadpin: stop using bdevname - - - --- 2022-05-12 Christoph Hellwig New
[v7,4/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification Untitled series #640797 1 1 - --- 2022-05-12 Coiby Xu New
[v7,3/4] arm64: kexec_file: use more system keyrings to verify kernel image signature Untitled series #640797 2 - - --- 2022-05-12 Coiby Xu New
[v7,2/4] kexec, KEYS: make the code in bzImage64_verify_sig generic Untitled series #640797 1 1 - --- 2022-05-12 Coiby Xu New
[v3] x86/kexec: Carry forward IMA measurement log on kexec [v3] x86/kexec: Carry forward IMA measurement log on kexec - - - --- 2022-05-11 Jonathan McDowell New
[v2] big_keys: Use struct for internal payload [v2] big_keys: Use struct for internal payload - - - --- 2022-05-10 Kees Cook New
big_keys: Use struct for internal payload big_keys: Use struct for internal payload - - - --- 2022-05-08 Kees Cook New
[v3,12/12] landlock: Add design choices documentation for filesystem access rights Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,11/12] landlock: Document good practices about filesystem policies Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,10/12] landlock: Document LANDLOCK_ACCESS_FS_REFER and ABI versioning Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,09/12] samples/landlock: Add support for file reparenting Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,08/12] selftests/landlock: Add 11 new test suites dedicated to file reparenting Landlock: file linking and renaming support - - - --- 2022-05-06 Mickaël Salaün New
[v3,07/12] landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,06/12] LSM: Remove double path_rename hook calls for RENAME_EXCHANGE Landlock: file linking and renaming support 2 1 - --- 2022-05-06 Mickaël Salaün New
[v3,05/12] landlock: Move filesystem helpers and add a new one Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,04/12] landlock: Fix same-layer rule unions Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,03/12] landlock: Create find_rule() from unmask_layers() Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,02/12] landlock: Reduce the maximum number of layers to 16 Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,01/12] landlock: Define access_mask_t to enforce a consistent access mask size Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v2,10/10] selftests/landlock: Test landlock_create_ruleset(2) argument check ordering Minor Landlock fixes and new tests - - - --- 2022-05-06 Mickaël Salaün New
[v2,09/10] landlock: Change landlock_restrict_self(2) check ordering Minor Landlock fixes and new tests - - - --- 2022-05-06 Mickaël Salaün New
[v2,08/10] landlock: Change landlock_add_rule(2) argument check ordering Minor Landlock fixes and new tests - - - --- 2022-05-06 Mickaël Salaün New
[v2,07/10] selftests/landlock: Add tests for O_PATH Minor Landlock fixes and new tests - - - --- 2022-05-06 Mickaël Salaün New
[v2,06/10] selftests/landlock: Fully test file rename with "remove" access Minor Landlock fixes and new tests - - - --- 2022-05-06 Mickaël Salaün New
[v2,05/10] selftests/landlock: Extend access right tests to directories Minor Landlock fixes and new tests - - - --- 2022-05-06 Mickaël Salaün New
[v2,04/10] selftests/landlock: Add tests for unknown access rights Minor Landlock fixes and new tests - - - --- 2022-05-06 Mickaël Salaün New
[v2,03/10] selftests/landlock: Extend tests for minimal valid attribute size Minor Landlock fixes and new tests - - - --- 2022-05-06 Mickaël Salaün New
[v2,02/10] selftests/landlock: Make tests build with old libc Minor Landlock fixes and new tests - - - --- 2022-05-06 Mickaël Salaün New
[v2,01/10] landlock: Fix landlock_add_rule(2) documentation Minor Landlock fixes and new tests - - - --- 2022-05-06 Mickaël Salaün New
[v1,7/7] samples/landlock: Format with clang-format Landlock: Clean up coding style with clang-format - - - --- 2022-05-06 Mickaël Salaün New
[v1,6/7] samples/landlock: Add clang-format exceptions Landlock: Clean up coding style with clang-format - - - --- 2022-05-06 Mickaël Salaün New
[v1,5/7] selftests/landlock: Format with clang-format Landlock: Clean up coding style with clang-format - - - --- 2022-05-06 Mickaël Salaün New
[v1,4/7] selftests/landlock: Normalize array assignment Landlock: Clean up coding style with clang-format - - - --- 2022-05-06 Mickaël Salaün New
[v1,3/7] selftests/landlock: Add clang-format exceptions Landlock: Clean up coding style with clang-format - - - --- 2022-05-06 Mickaël Salaün New
[v1,2/7] landlock: Format with clang-format Landlock: Clean up coding style with clang-format - - - --- 2022-05-06 Mickaël Salaün New
[v1,1/7] landlock: Add clang-format exceptions Landlock: Clean up coding style with clang-format - - - --- 2022-05-06 Mickaël Salaün New
[v9,7/7] MAINTAINERS: add KEYS-TRUSTED-CAAM KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 1 1 - --- 2022-05-06 Ahmad Fatoum New
[v9,6/7] doc: trusted-encrypted: describe new CAAM trust source KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 - --- 2022-05-06 Ahmad Fatoum New
[v9,5/7] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 3 3 --- 2022-05-06 Ahmad Fatoum New
[v9,4/7] crypto: caam - add in-kernel interface for blob generator KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 3 --- 2022-05-06 Ahmad Fatoum New
[v9,3/7] crypto: caam - determine whether CAAM supports blob encap/decap KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - - - --- 2022-05-06 Ahmad Fatoum New
[v9,2/7] KEYS: trusted: allow use of kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 2 3 1 --- 2022-05-06 Ahmad Fatoum New
[v9,1/7] KEYS: trusted: allow use of TEE as backend without TCG_TPM support KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 3 3 --- 2022-05-06 Ahmad Fatoum New
[3/3] ima: Append line feed to ima/binary_runtime_measurements Append line feed to files in securityfs - - - --- 2022-05-05 Wang Weiyang New
[2/3] evm: Append line feed to /sys/kernel/security/evm Append line feed to files in securityfs - - - --- 2022-05-05 Wang Weiyang New
[1/3] securityfs: Append line feed to /sys/kernel/security/lsm Append line feed to files in securityfs - - - --- 2022-05-05 Wang Weiyang New
[05/10] security: keys: trusted: Verify creation data Encrypted Hibernation - - - --- 2022-05-04 Evan Green New
[04/10] security: keys: trusted: Allow storage of PCR values in creation data Encrypted Hibernation - - - --- 2022-05-04 Evan Green New
[03/10] security: keys: trusted: Parse out individual components of the key blob Encrypted Hibernation - - - --- 2022-05-04 Evan Green New
[v3,3/3] dm: verity-loadpin: Use CONFIG_SECURITY_LOADPIN_VERITY for conditional compilation LoadPin: Enable loading from trusted dm-verity devices - - - --- 2022-05-04 Matthias Kaehlcke New
[v3,2/3] LoadPin: Enable loading from trusted dm-verity devices LoadPin: Enable loading from trusted dm-verity devices - - - --- 2022-05-04 Matthias Kaehlcke New
[v3,1/3] dm: Add verity helpers for LoadPin LoadPin: Enable loading from trusted dm-verity devices - - - --- 2022-05-04 Matthias Kaehlcke New
[32/32] esas2r: Use __mem_to_flex() with struct atto_ioctl Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook New
[31/32] xenbus: Use mem_to_flex_dup() with struct read_buffer Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook New
[30/32] usb: gadget: f_fs: Use mem_to_flex_dup() with struct ffs_buffer Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook New
[29/32] xtensa: Use mem_to_flex_dup() with struct property Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook New
[28/32] selinux: Use mem_to_flex_dup() with xfrm and sidtab Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook New
[27/32] KEYS: Use mem_to_flex_dup() with struct user_key_payload Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook New
« 1 2 3 4120 121 »