Security modules development

Show patches with: State = Action Required | 12086 patches

« 1 2 ... 13 14 15 … 120 121 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	State
[RFC,v7,10/16] fs\|dm-verity: add block_dev LSM blob and submit dm-verity data	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,09/16] ipe: introduce 'boot_verified' as a trust provider	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,08/16] ipe: add permissive toggle	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,07/16] ipe: add auditing support	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,06/16] uapi\|audit: add trust audit message definitions	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,05/16] ipe: add LSM hooks on execution and kernel read	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,04/16] ipe: add userspace interface	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,03/16] ipe: add evaluation loop	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,02/16] ipe: add policy parser	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
[RFC,v7,01/16] security: add ipe lsm & initial context creation	Integrity Policy Enforcement (IPE)	- - -	---	2021-10-13	Deven Bowers	New
LSM: Avoid warnings about potentially unused hook variables	LSM: Avoid warnings about potentially unused hook variables	2 - -	---	2021-10-13	Kees Cook	New
[2/2] fs: extend the trusted_for syscall to call IMA	[1/2] ima: define ima_trusted_for hook	- - -	---	2021-10-13	Mimi Zohar	New
[1/2] ima: define ima_trusted_for hook	[1/2] ima: define ima_trusted_for hook	- - -	---	2021-10-13	Mimi Zohar	New
[v15,3/3] selftest/interpreter: Add tests for trusted_for(2) policies	Add trusted_for(2) (was O_MAYEXEC)	- 2 -	---	2021-10-12	Mickaël Salaün	New
[v15,2/3] arch: Wire up trusted_for(2)	Add trusted_for(2) (was O_MAYEXEC)	1 2 -	---	2021-10-12	Mickaël Salaün	New
[v15,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl	Add trusted_for(2) (was O_MAYEXEC)	1 - -	---	2021-10-12	Mickaël Salaün	New
[v2,2/2] fuse: Send security context of inode on file creation	fuse: Send file/inode security context during creation	- - -	---	2021-10-12	Vivek Goyal	New
[v2,1/2] fuse: Add a flag FUSE_SECURITY_CTX	fuse: Send file/inode security context during creation	- - -	---	2021-10-12	Vivek Goyal	New
[v5,3/3] binder: use cred instead of task for getsecid	binder: use cred instead of task for security context	- - -	---	2021-10-12	Todd Kjos	New
[v5,2/3] binder: use cred instead of task for selinux checks	binder: use cred instead of task for security context	- - -	---	2021-10-12	Todd Kjos	New
[v5,1/3] binder: use euid from cred instead of using task	binder: use cred instead of task for security context	- - -	---	2021-10-12	Todd Kjos	New
[v2] security: Return xattr name from security_dentry_init_security()	[v2] security: Return xattr name from security_dentry_init_security()	1 2 -	---	2021-10-12	Vivek Goyal	New
LSM: general protection fault in legacy_parse_param	LSM: general protection fault in legacy_parse_param	2 - -	---	2021-10-11	Casey Schaufler	New
[apparmor] apparmor: remove unneeded one-line hook wrappers	[apparmor] apparmor: remove unneeded one-line hook wrappers	- - -	---	2021-10-11	Florian Westphal	New
[smack] smack: remove duplicated hook function	[smack] smack: remove duplicated hook function	- - -	---	2021-10-11	Florian Westphal	New
security/landlock: use square brackets around "landlock-ruleset"	security/landlock: use square brackets around "landlock-ruleset"	- - -	---	2021-10-11	Christian Brauner	New
[v4,5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	- 1 2	---	2021-10-11	Ahmad Fatoum	New
[v4,4/5] crypto: caam - add in-kernel interface for blob generator	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	- 2 1	---	2021-10-11	Ahmad Fatoum	New
[v4,3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	1 1 1	---	2021-10-11	Ahmad Fatoum	New
[v4,2/5] KEYS: trusted: allow users to use kernel RNG for key material	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	1 2 1	---	2021-10-11	Ahmad Fatoum	New
[v4,1/5] KEYS: trusted: allow use of TEE as backend without TCG_TPM support	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	- 2 2	---	2021-10-11	Ahmad Fatoum	New
[2/2] tpm: use SM3 instead of SM3_256	tpm: use SM3 instead of SM3_256	- - -	---	2021-10-09	tianjia.zhang	New
[1/2] crypto: use SM3 instead of SM3_256	tpm: use SM3 instead of SM3_256	- - -	---	2021-10-09	tianjia.zhang	New
ima: fix deadlock when traversing "ima_default_rules".	ima: fix deadlock when traversing "ima_default_rules".	- 1 -	---	2021-10-09	Li Qiong	New
[-next] integrity: return early if audit_log_start return NULL	[-next] integrity: return early if audit_log_start return NULL	1 - -	---	2021-10-09	Gaosheng Cui	New
[v14,3/3] selftest/interpreter: Add tests for trusted_for(2) policies	Add trusted_for(2) (was O_MAYEXEC)	- 2 -	---	2021-10-08	Mickaël Salaün	New
[v14,2/3] arch: Wire up trusted_for(2)	Add trusted_for(2) (was O_MAYEXEC)	1 2 -	---	2021-10-08	Mickaël Salaün	New
[v14,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl	Add trusted_for(2) (was O_MAYEXEC)	2 - -	---	2021-10-08	Mickaël Salaün	New
[v13,3/3] selftest/interpreter: Add tests for trusted_for(2) policies	Add trusted_for(2) (was O_MAYEXEC)	- 1 -	---	2021-10-07	Mickaël Salaün	New
[v13,2/3] arch: Wire up trusted_for(2)	Add trusted_for(2) (was O_MAYEXEC)	1 2 -	---	2021-10-07	Mickaël Salaün	New
[v13,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl	Add trusted_for(2) (was O_MAYEXEC)	1 - -	---	2021-10-07	Mickaël Salaün	New
[v2,4/4] virt: Add sev_secret module to expose confidential computing secrets	Allow access to confidential computing secret area in SEV guests	- - -	---	2021-10-07	Dov Murik	New
[v2,3/4] efi: Reserve confidential computing secret area	Allow access to confidential computing secret area in SEV guests	- - -	---	2021-10-07	Dov Murik	New
[v2,2/4] efi/libstub: Copy confidential computing secret area	Allow access to confidential computing secret area in SEV guests	- - -	---	2021-10-07	Dov Murik	New
[v2,1/4] x86: Export clean_cache_range()	Allow access to confidential computing secret area in SEV guests	- - -	---	2021-10-07	Dov Murik	New
[v4,3/3] binder: use euid from cred instead of using task	binder: use cred instead of task for security context	- - -	---	2021-10-07	Todd Kjos	New
[v4,2/3] binder: use cred instead of task for getsecid	binder: use cred instead of task for security context	- - -	---	2021-10-07	Todd Kjos	New
[v4,1/3] binder: use cred instead of task for selinux checks	binder: use cred instead of task for security context	1 - -	---	2021-10-07	Todd Kjos	New
[v3,3/3] binder: use euid from cred instead of using task	binder: use cred instead of task for security context	- - -	---	2021-10-06	Todd Kjos	New
[v3,2/3] binder: use cred instead of task for getsecid	binder: use cred instead of task for security context	- - -	---	2021-10-06	Todd Kjos	New
[v3,1/3] binder: use cred instead of task for selinux checks	binder: use cred instead of task for security context	1 - -	---	2021-10-06	Todd Kjos	New
[v3] integrity: support including firmware ".platform" keys at build time	[v3] integrity: support including firmware ".platform" keys at build time	- - -	---	2021-10-04	Nayna Jain	New
[v2] binder: use cred instead of task for selinux checks	[v2] binder: use cred instead of task for selinux checks	1 - -	---	2021-10-01	Todd Kjos	New
binder: use cred instead of task for selinux checks	binder: use cred instead of task for selinux checks	- - -	---	2021-10-01	Todd Kjos	New
security: Return xattr name from security_dentry_init_security()	security: Return xattr name from security_dentry_init_security()	- 1 -	---	2021-09-30	Vivek Goyal	New
[RFC,7/7] ima: Add support for appraisal with digest lists	ima: Measure and appraise files with DIGLIM	- - -	---	2021-09-30	Roberto Sassu	New
[RFC,6/7] ima: Skip measurement of files found in DIGLIM hash table	ima: Measure and appraise files with DIGLIM	- - -	---	2021-09-30	Roberto Sassu	New
[RFC,5/7] ima: Query metadata digest and retrieve info from its digest lists	ima: Measure and appraise files with DIGLIM	- - -	---	2021-09-30	Roberto Sassu	New
[RFC,4/7] ima: Query file digest and retrieve info from its digest lists	ima: Measure and appraise files with DIGLIM	- - -	---	2021-09-30	Roberto Sassu	New
[RFC,3/7] ima: Introduce diglim and appraise_diglim policies	ima: Measure and appraise files with DIGLIM	- - -	---	2021-09-30	Roberto Sassu	New
[RFC,2/7] ima: Introduce new policy keyword use_diglim	ima: Measure and appraise files with DIGLIM	- - -	---	2021-09-30	Roberto Sassu	New
[RFC,1/7] integrity: Change type of IMA rule-related flags to u64	ima: Measure and appraise files with DIGLIM	- - -	---	2021-09-30	Roberto Sassu	New
[next] apparmor: Use struct_size() helper in kzalloc()	[next] apparmor: Use struct_size() helper in kzalloc()	1 - -	---	2021-09-29	Gustavo A. R. Silva	New
lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()	lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()	- 2 -	---	2021-09-29	Paul Moore	New
[RESEND] apparmor: avoid -Wempty-body warning	[RESEND] apparmor: avoid -Wempty-body warning	1 - -	---	2021-09-27	Arnd Bergmann	New
[2/2] fuse: Send security context of inode on file creation	fuse: Send file/inode security context during creation	- - -	---	2021-09-24	Vivek Goyal	New
[1/2] fuse: Add a flag FUSE_SECURITY_CTX	fuse: Send file/inode security context during creation	- - -	---	2021-09-24	Vivek Goyal	New
[v29,28/28] AppArmor: Remove the exclusive flag	LSM: Module stacking for AppArmor	2 1 -	---	2021-09-24	Casey Schaufler	New
[v29,27/28] LSM: Add /proc attr entry for full LSM context	LSM: Module stacking for AppArmor	- 1 -	---	2021-09-24	Casey Schaufler	New
[v29,26/28] Audit: Add record for multiple object security contexts	LSM: Module stacking for AppArmor	- - -	---	2021-09-24	Casey Schaufler	New
[v29,25/28] Audit: Add record for multiple task security contexts	LSM: Module stacking for AppArmor	- - -	---	2021-09-24	Casey Schaufler	New
[v29,24/28] Audit: Add framework for auxiliary records	LSM: Module stacking for AppArmor	- - -	---	2021-09-24	Casey Schaufler	New
[v29,23/28] Audit: Create audit_stamp structure	LSM: Module stacking for AppArmor	- - -	---	2021-09-24	Casey Schaufler	New
[v29,22/28] Audit: Keep multiple LSM data in audit_names	LSM: Module stacking for AppArmor	- - -	---	2021-09-24	Casey Schaufler	New
[v29,21/28] LSM: Extend security_secid_to_secctx to include module selection	LSM: Module stacking for AppArmor	- - -	---	2021-09-24	Casey Schaufler	New
[v29,20/28] LSM: Verify LSM display sanity in binder	LSM: Module stacking for AppArmor	2 2 -	---	2021-09-24	Casey Schaufler	New
[v29,19/28] NET: Store LSM netlabel data in a lsmblob	LSM: Module stacking for AppArmor	2 2 -	---	2021-09-24	Casey Schaufler	New
[v29,18/28] LSM: security_secid_to_secctx in netlink netfilter	LSM: Module stacking for AppArmor	3 2 -	---	2021-09-24	Casey Schaufler	New
[v29,17/28] LSM: Use lsmcontext in security_inode_getsecctx	LSM: Module stacking for AppArmor	3 2 -	---	2021-09-24	Casey Schaufler	New
[v29,16/28] LSM: Use lsmcontext in security_secid_to_secctx	LSM: Module stacking for AppArmor	2 1 -	---	2021-09-24	Casey Schaufler	New
[v29,15/28] LSM: Ensure the correct LSM context releaser	LSM: Module stacking for AppArmor	3 2 -	---	2021-09-24	Casey Schaufler	New
[v29,14/28] LSM: Specify which LSM to display	LSM: Module stacking for AppArmor	- - -	---	2021-09-24	Casey Schaufler	New
[v29,13/28] IMA: Change internal interfaces to use lsmblobs	LSM: Module stacking for AppArmor	1 2 -	---	2021-09-24	Casey Schaufler	New
[v29,12/28] LSM: Use lsmblob in security_cred_getsecid	LSM: Module stacking for AppArmor	2 2 -	---	2021-09-24	Casey Schaufler	New
[v29,11/28] LSM: Use lsmblob in security_inode_getsecid	LSM: Module stacking for AppArmor	2 2 -	---	2021-09-24	Casey Schaufler	New
[v29,10/28] LSM: Use lsmblob in security_task_getsecid	LSM: Module stacking for AppArmor	2 2 -	---	2021-09-24	Casey Schaufler	New
[v29,09/28] LSM: Use lsmblob in security_ipc_getsecid	LSM: Module stacking for AppArmor	2 2 -	---	2021-09-24	Casey Schaufler	New
[v29,08/28] LSM: Use lsmblob in security_secid_to_secctx	LSM: Module stacking for AppArmor	1 1 -	---	2021-09-24	Casey Schaufler	New
[v29,07/28] LSM: Use lsmblob in security_secctx_to_secid	LSM: Module stacking for AppArmor	1 1 -	---	2021-09-24	Casey Schaufler	New
[v29,06/28] LSM: Use lsmblob in security_kernel_act_as	LSM: Module stacking for AppArmor	2 2 -	---	2021-09-24	Casey Schaufler	New
[v29,05/28] LSM: Use lsmblob in security_audit_rule_match	LSM: Module stacking for AppArmor	2 2 -	---	2021-09-24	Casey Schaufler	New
[v29,04/28] IMA: avoid label collisions with stacked LSMs	LSM: Module stacking for AppArmor	- 1 -	---	2021-09-24	Casey Schaufler	New
[v29,03/28] LSM: provide lsm name and id slot mappings	LSM: Module stacking for AppArmor	1 1 -	---	2021-09-24	Casey Schaufler	New
[v29,02/28] LSM: Add the lsmblob data structure.	LSM: Module stacking for AppArmor	3 - -	---	2021-09-24	Casey Schaufler	New
[v29,01/28] LSM: Infrastructure management of the sock security	LSM: Module stacking for AppArmor	2 2 -	---	2021-09-24	Casey Schaufler	New
[GIT,PULL] SELinux/Smack fixes for v5.15 (#2)	[GIT,PULL] SELinux/Smack fixes for v5.15 (#2)	- - -	---	2021-09-23	Paul Moore	New
[v2] smack: Guard smack_ipv6_lock definition within a SMACK_IPV6_PORT_LABELING block	[v2] smack: Guard smack_ipv6_lock definition within a SMACK_IPV6_PORT_LABELING block	- - -	---	2021-09-23	Sebastian Andrzej Siewior	New
selinux,smack: fix subjective/objective credential use mixups	selinux,smack: fix subjective/objective credential use mixups	2 - -	---	2021-09-23	Paul Moore	New
mm: Remove HARDENED_USERCOPY_FALLBACK	mm: Remove HARDENED_USERCOPY_FALLBACK	2 1 -	---	2021-09-21	Stephen Kitt	New
NET: IPV4: fix error "do not initialise globals to 0"	NET: IPV4: fix error "do not initialise globals to 0"	- - -	---	2021-09-18	wangzhitong	New

« 1 2 ... 13 14 15 … 120 121 »