Show patches with: none      |   16609 patches
« 1 2 3 4166 167 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,v3,13/13] clavis: Kunit support Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,12/13] clavis: Add function redirection for Kunit support Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,11/13] clavis: Prevent boot param change during kexec Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,10/13] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,09/13] clavis: Allow user to define acl at build time Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,08/13] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,07/13] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,06/13] clavis: Populate clavis keyring acl with kernel module signature Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,05/13] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,04/13] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,03/13] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,02/13] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,01/13] certs: Remove CONFIG_INTEGRITY_PLATFORM_KEYRING check Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v2,8/8] selftests/landlock: Test that SCTP actions are not restricted Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,7/8] landlock: Add note about errors consistency in documentation Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,6/8] selftests/landlock: Test consistency of errors for TCP actions Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,5/8] selftests/landlock: Test that MPTCP actions are not restricted Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,4/8] selftests/landlock: Test TCP accesses with protocol=IPPROTO_TCP Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,3/8] landlock: Fix inconsistency of errors for TCP actions Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,2/8] landlock: Make network stack layer checks explicit for each TCP action Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,1/8] landlock: Fix non-TCP sockets restriction Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
Landlock: fix grammar issues in docs Landlock: fix grammar issues in docs - - - --- 2024-10-15 Daniel Burgener Handled Elsewhere
[v2,6/6] LSM: Use lsm_context in security_inode_notifysecctx LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-14 Casey Schaufler pcmoore New
[v2,5/6] LSM: secctx provider check on release LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-14 Casey Schaufler pcmoore New
[v2,4/6] LSM: lsm_context in security_dentry_init_security LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-14 Casey Schaufler pcmoore New
[v2,3/6] LSM: Use lsm_context in security_inode_getsecctx LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-14 Casey Schaufler pcmoore New
[v2,2/6] LSM: Replace context+len with lsm_context LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-14 Casey Schaufler pcmoore New
[v2,1/6] LSM: Ensure the correct LSM context releaser LSM: Replace secctx/len pairs with lsm_context - 1 - --- 2024-10-14 Casey Schaufler pcmoore New
[v2,3/3] landlock: Optimize scope enforcement Refactor Landlock access mask management - - - --- 2024-10-14 Mickaël Salaün Handled Elsewhere
[v2,2/3] landlock: Refactor network access mask management Refactor Landlock access mask management - - - --- 2024-10-14 Mickaël Salaün Handled Elsewhere
[v2,1/3] landlock: Refactor filesystem access mask management Refactor Landlock access mask management - - - --- 2024-10-14 Mickaël Salaün Handled Elsewhere
[v2] fsnotify, lsm: Decouple fsnotify from lsm [v2] fsnotify, lsm: Decouple fsnotify from lsm 1 - - --- 2024-10-13 Song Liu New
tomoyo: use u64 for handling numeric values tomoyo: use u64 for handling numeric values - - - --- 2024-10-12 Tetsuo Handa New
fsnotify, lsm: Separate fsnotify_open_perm() and security_file_open() fsnotify, lsm: Separate fsnotify_open_perm() and security_file_open() 1 - - --- 2024-10-11 Song Liu pcmoore Under Review
[v20,6/6] samples/check-exec: Add an enlighten "inc" interpreter and 28 tests Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün New
[v20,5/6] samples/check-exec: Add set-exec Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün New
[v20,4/6] selftests/landlock: Add tests for execveat + AT_CHECK Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün New
[v20,3/6] selftests/exec: Add 32 tests for AT_CHECK and exec securebits Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün New
[v20,2/6] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits Script execution control (was O_MAYEXEC) - 1 - --- 2024-10-11 Mickaël Salaün New
[v20,1/6] exec: Add a new AT_CHECK flag to execveat(2) Script execution control (was O_MAYEXEC) - 1 - --- 2024-10-11 Mickaël Salaün New
ima: Suspend PCR extends and log appends when rebooting ima: Suspend PCR extends and log appends when rebooting - - - --- 2024-10-11 Stefan Berger New
apparmor: test: Fix memory leak for aa_unpack_strdup() apparmor: test: Fix memory leak for aa_unpack_strdup() - - - --- 2024-10-11 Jinjie Ruan New
[v1] ipe: add 'anonymous_memory' property for policy decisions [v1] ipe: add 'anonymous_memory' property for policy decisions - - - --- 2024-10-10 Fan Wu New
[RFC,v1,7/7] tomoyo: Fix inode numbers in logs [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS - - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,6/7] smack: Fix inode numbers in logs [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS 1 - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,5/7] ipe: Fix inode numbers in audit records [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS 1 - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,4/7] integrity: Fix inode numbers in audit records [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS - - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,3/7] selinux: Fix inode numbers in error messages [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS 1 - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,2/7] audit: Fix inode numbers [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS 1 - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS - 1 - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[v3,-next,15/15] sysctl: remove unneeded include sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,14/15] sh: vdso: move the sysctl to arch/sh/kernel/vsyscall/vsyscall.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,13/15] x86: vdso: move the sysctl to arch/x86/entry/vdso/vdso32-setup.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,12/15] fs: dcache: move the sysctl to fs/dcache.c sysctl: move sysctls from vm_table into its own files - 3 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,11/15] sunrpc: use vfs_pressure_ratio() helper sysctl: move sysctls from vm_table into its own files 2 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,10/15] fs: drop_caches: move sysctl to fs/drop_caches.c sysctl: move sysctls from vm_table into its own files - 3 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,09/15] fs: fs-writeback: move sysctl to fs/fs-writeback.c sysctl: move sysctls from vm_table into its own files - 2 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,08/15] mm: nommu: move sysctl to mm/nommu.c sysctl: move sysctls from vm_table into its own files - - - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,07/15] security: min_addr: move sysctl to security/min_addr.c sysctl: move sysctls from vm_table into its own files 1 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,06/15] mm: mmap: move sysctl to mm/mmap.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,05/15] mm: util: move sysctls to mm/util.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,04/15] mm: vmscan: move vmscan sysctls to mm/vmscan.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,03/15] mm: swap: move sysctl to mm/swap.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,02/15] mm: filemap: move sysctl to mm/filemap.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,01/15] mm: vmstat: move sysctls to mm/vmstat.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v4,13/13] LSM: Remove lsm_prop scaffolding LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,12/13] Use lsm_prop for audit data LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,11/13] Audit: Change context data from secid to lsm_prop LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,10/13] LSM: Create new security_cred_getlsmprop LSM hook LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,09/13] Audit: use an lsm_prop in audit_names LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,08/13] LSM: Use lsm_prop in security_inode_getsecid LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,07/13] LSM: Use lsm_prop in security_current_getsecid LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,06/13] Audit: Update shutdown LSM data LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,05/13] LSM: Use lsm_prop in security_ipc_getsecid LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,04/13] Audit: maintain an lsm_prop in audit_context LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,03/13] LSM: Add lsmprop_to_secctx hook LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,02/13] LSM: Use lsm_prop in security_audit_rule_match LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,01/13] LSM: Add the lsm_prop data structure. LSM: Move away from secids 1 - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
ima: Fix OOB read when violation occurs with ima template. ima: Fix OOB read when violation occurs with ima template. - - - --- 2024-10-09 David Fernandez Gonzalez New
[3/3] ima: Mark concurrent accesses to the iint pointer in the inode security blob [1/3] ima: Remove inode lock - - - --- 2024-10-08 Roberto Sassu pcmoore Handled Elsewhere
[2/3] ima: Ensure lock is held when setting iint pointer in inode security blob [1/3] ima: Remove inode lock - - - --- 2024-10-08 Roberto Sassu pcmoore Handled Elsewhere
[1/3] ima: Remove inode lock [1/3] ima: Remove inode lock - 1 - --- 2024-10-08 Roberto Sassu pcmoore Handled Elsewhere
[v2] security/keys: fix slab-out-of-bounds in key_task_permission [v2] security/keys: fix slab-out-of-bounds in key_task_permission - 1 - --- 2024-10-08 Chen Ridong New
[v9,7/7] drm: Replace strcpy() with strscpy() Improve the copy of task comm 1 1 - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,6/7] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul} Improve the copy of task comm - - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,5/7] mm/util: Fix possible race condition in kstrdup() Improve the copy of task comm - - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,4/7] bpftool: Ensure task comm is always NUL-terminated Improve the copy of task comm - 1 - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,3/7] security: Replace memcpy() with get_task_comm() Improve the copy of task comm 1 - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,2/7] auditsc: Replace memcpy() with strscpy() Improve the copy of task comm 1 1 - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,1/7] Get rid of __get_task_comm() Improve the copy of task comm - - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[GIT,PULL] lsm/lsm-pr-20241004 [GIT,PULL] lsm/lsm-pr-20241004 - - - --- 2024-10-04 Paul Moore pcmoore Accepted
[v1] landlock: Improve documentation of previous limitations [v1] landlock: Improve documentation of previous limitations - 1 - --- 2024-10-04 Mickaël Salaün Handled Elsewhere
tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support 1 - - --- 2024-10-03 Paul Moore pcmoore Accepted
[RFC,v1,2/2] selftests/landlock: Test non-TCP INET connection-based protocols Fix non-TCP sockets restriction - 1 - --- 2024-10-03 Mikhail Ivanov Handled Elsewhere
[RFC,v1,1/2] landlock: Fix non-TCP sockets restriction Fix non-TCP sockets restriction - 1 - --- 2024-10-03 Mikhail Ivanov Handled Elsewhere
[v2,3/3] samples/landlock: Clarify option parsing behaviour samples/landlock: Fix port parsing behaviour - - - --- 2024-10-03 Matthieu Buffet Handled Elsewhere
[v2,2/3] samples/landlock: Refactor --help message in function samples/landlock: Fix port parsing behaviour - - - --- 2024-10-03 Matthieu Buffet Handled Elsewhere
[v2,1/3] samples/landlock: Fix port parsing in sandboxer samples/landlock: Fix port parsing behaviour - - - --- 2024-10-03 Matthieu Buffet Handled Elsewhere
[v5] rust: add PidNamespace [v5] rust: add PidNamespace - 1 - --- 2024-10-02 Christian Brauner Handled Elsewhere
[v4] rust: add PidNamespace [v4] rust: add PidNamespace - - - --- 2024-10-02 Christian Brauner Handled Elsewhere
« 1 2 3 4166 167 »