Show patches with: State = Action Required       |   11041 patches
« 1 2 3 4110 111 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[4.14,2/2] binder: use cred instead of task for selinux checks [4.14,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos New
[4.14,1/2] binder: use euid from cred instead of using task [4.14,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos New
[4.9,2/2] binder: use cred instead of task for selinux checks [4.9,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos New
[4.9,1/2] binder: use euid from cred instead of using task [4.9,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos New
[4.4,2/2] binder: use cred instead of task for selinux checks [4.4,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos New
[4.4,1/2] binder: use euid from cred instead of using task [4.4,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos New
[v3,1/1] fuse: Send security context of inode on file creation fuse: Send file/inode security context during creation - - - --- 2021-11-10 Vivek Goyal New
[GIT,PULL] apparmor changes for 5.16 [GIT,PULL] apparmor changes for 5.16 - - - --- 2021-11-10 John Johansen New
[v16,3/3] selftest/interpreter: Add tests for trusted_for(2) policies Add trusted_for(2) (was O_MAYEXEC) - 2 - --- 2021-11-10 Mickaël Salaün New
[v16,2/3] arch: Wire up trusted_for(2) Add trusted_for(2) (was O_MAYEXEC) 1 2 - --- 2021-11-10 Mickaël Salaün New
[v16,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl Add trusted_for(2) (was O_MAYEXEC) 1 - - --- 2021-11-10 Mickaël Salaün New
[2/2] module: Move duplicate mod_check_sig users code to mod_parse_sig [1/2] module: Use key_being_used_for for log messages in verify_appended_signature - - - --- 2021-11-05 Michal Suchánek New
[1/2] module: Use key_being_used_for for log messages in verify_appended_signature [1/2] module: Use key_being_used_for for log messages in verify_appended_signature - - - --- 2021-11-05 Michal Suchánek New
[RFC] integrity: disassociate ima_filter_rule from security_audit_rule [RFC] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-04 Casey Schaufler New
apparmor: remove duplicated 'Returns:' comments apparmor: remove duplicated 'Returns:' comments - - - --- 2021-11-03 Austin Kim New
smack: clean up smack_enabled to be more readable smack: clean up smack_enabled to be more readable - - - --- 2021-11-03 Austin Kim New
landlock: Initialize kernel stack variables properly landlock: Initialize kernel stack variables properly - - - --- 2021-11-03 Austin Kim New
[PATCHv2,net,4/4] security: implement sctp_assoc_established hook in selinux security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long New
[PATCHv2,net,3/4] security: add sctp_assoc_established hook security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long New
[PATCHv2,net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long New
[PATCHv2,net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long New
[GIT,PULL] SELinux patches for v5.16 [GIT,PULL] SELinux patches for v5.16 - - - --- 2021-11-01 Paul Moore New
[GIT,PULL] Smack patches for v5.16 [GIT,PULL] Smack patches for v5.16 - - - --- 2021-11-01 Casey Schaufler New
[RESEND] KEYS: trusted: Fix trusted key backends when building as module [RESEND] KEYS: trusted: Fix trusted key backends when building as module - - 1 --- 2021-11-01 Andreas Rammhold New
[GIT,PULL] hardening updates for v5.16-rc1 [GIT,PULL] hardening updates for v5.16-rc1 - - - --- 2021-11-01 Kees Cook New
evm: mark evm_fixmode as __ro_after_init evm: mark evm_fixmode as __ro_after_init - - - --- 2021-10-28 Austin Kim New
ima/evm: mark evm_fixmode as __ro_after_init ima/evm: mark evm_fixmode as __ro_after_init - 1 - --- 2021-10-26 Austin Kim New
[v3,2/2] tpm: use SM3 instead of SM3_256 use SM3 instead of SM3_256 - - - --- 2021-10-26 Tianjia Zhang New
[v3,1/2] crypto: use SM3 instead of SM3_256 use SM3 instead of SM3_256 - - - --- 2021-10-26 Tianjia Zhang New
[net,4/4] security: implement sctp_assoc_established hook in selinux security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
[net,3/4] security: add sctp_assoc_established hook security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
[net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
[net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
sctp: initialize endpoint LSM labels also on the client side sctp: initialize endpoint LSM labels also on the client side - - - --- 2021-10-21 Ondrej Mosnacek New
[2/2] gcc-plugins: Remove cyc_complexity gcc-plugins: Explicitly document purpose and deprecation schedule - 2 - --- 2021-10-20 Kees Cook New
[1/2] gcc-plugins: Explicitly document purpose and deprecation schedule gcc-plugins: Explicitly document purpose and deprecation schedule - 2 - --- 2021-10-20 Kees Cook New
[v4,3/3] virt: Add efi_secret module to expose confidential computing secrets Allow guest access to EFI confidential computing secret area - - - --- 2021-10-20 Dov Murik New
[v4,2/3] efi: Reserve confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-20 Dov Murik New
[v4,1/3] efi/libstub: Copy confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-20 Dov Murik New
smackfs: use __GFP_NOFAIL for smk_cipso_doi() smackfs: use __GFP_NOFAIL for smk_cipso_doi() - - - --- 2021-10-19 Tetsuo Handa New
smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi - - - --- 2021-10-19 Tetsuo Handa New
[v2,2/2] tpm: use SM3 instead of SM3_256 use SM3 instead of SM3_256 - - - --- 2021-10-19 Tianjia Zhang New
[v2,1/2] crypto: use SM3 instead of SM3_256 use SM3 instead of SM3_256 - - - --- 2021-10-19 Tianjia Zhang New
[v3,3/3] virt: Add efi_secret module to expose confidential computing secrets Allow guest access to EFI confidential computing secret area - - - --- 2021-10-14 Dov Murik New
[v3,2/3] efi: Reserve confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-14 Dov Murik New
[v3,1/3] efi/libstub: Copy confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-14 Dov Murik New
[v1,3/3] security: define a trusted_for hook [v1,1/3] ima: define ima_trusted_for hook - - - --- 2021-10-14 Mimi Zohar New
[v1,2/3] fs: extend the trusted_for syscall to call IMA [v1,1/3] ima: define ima_trusted_for hook - - - --- 2021-10-14 Mimi Zohar New
[v1,1/3] ima: define ima_trusted_for hook [v1,1/3] ima: define ima_trusted_for hook - - - --- 2021-10-14 Mimi Zohar New
[RFC,v7,16/16] documentation: add ipe documentation Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,15/16] ipe: kunit tests Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,14/16] scripts: add boot policy generation program Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,13/16] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,12/16] fsverity|security: add security hooks to fsverity digest and signature Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,11/16] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,10/16] fs|dm-verity: add block_dev LSM blob and submit dm-verity data Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,09/16] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,08/16] ipe: add permissive toggle Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,07/16] ipe: add auditing support Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,06/16] uapi|audit: add trust audit message definitions Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,05/16] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,04/16] ipe: add userspace interface Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,03/16] ipe: add evaluation loop Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,02/16] ipe: add policy parser Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,01/16] security: add ipe lsm & initial context creation Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
LSM: Avoid warnings about potentially unused hook variables LSM: Avoid warnings about potentially unused hook variables 2 - - --- 2021-10-13 Kees Cook New
[2/2] fs: extend the trusted_for syscall to call IMA [1/2] ima: define ima_trusted_for hook - - - --- 2021-10-13 Mimi Zohar New
[1/2] ima: define ima_trusted_for hook [1/2] ima: define ima_trusted_for hook - - - --- 2021-10-13 Mimi Zohar New
[v15,3/3] selftest/interpreter: Add tests for trusted_for(2) policies Add trusted_for(2) (was O_MAYEXEC) - 2 - --- 2021-10-12 Mickaël Salaün New
[v15,2/3] arch: Wire up trusted_for(2) Add trusted_for(2) (was O_MAYEXEC) 1 2 - --- 2021-10-12 Mickaël Salaün New
[v15,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl Add trusted_for(2) (was O_MAYEXEC) 1 - - --- 2021-10-12 Mickaël Salaün New
[v2,2/2] fuse: Send security context of inode on file creation fuse: Send file/inode security context during creation - - - --- 2021-10-12 Vivek Goyal New
[v2,1/2] fuse: Add a flag FUSE_SECURITY_CTX fuse: Send file/inode security context during creation - - - --- 2021-10-12 Vivek Goyal New
[v5,3/3] binder: use cred instead of task for getsecid binder: use cred instead of task for security context - - - --- 2021-10-12 Todd Kjos New
[v5,2/3] binder: use cred instead of task for selinux checks binder: use cred instead of task for security context - - - --- 2021-10-12 Todd Kjos New
[v5,1/3] binder: use euid from cred instead of using task binder: use cred instead of task for security context - - - --- 2021-10-12 Todd Kjos New
[v2] security: Return xattr name from security_dentry_init_security() [v2] security: Return xattr name from security_dentry_init_security() 1 2 - --- 2021-10-12 Vivek Goyal New
LSM: general protection fault in legacy_parse_param LSM: general protection fault in legacy_parse_param 1 - - --- 2021-10-11 Casey Schaufler New
[apparmor] apparmor: remove unneeded one-line hook wrappers [apparmor] apparmor: remove unneeded one-line hook wrappers - - - --- 2021-10-11 Florian Westphal New
[smack] smack: remove duplicated hook function [smack] smack: remove duplicated hook function - - - --- 2021-10-11 Florian Westphal New
security/landlock: use square brackets around "landlock-ruleset" security/landlock: use square brackets around "landlock-ruleset" - - - --- 2021-10-11 Christian Brauner New
[v4,5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 1 1 --- 2021-10-11 Ahmad Fatoum New
[v4,4/5] crypto: caam - add in-kernel interface for blob generator KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 1 1 --- 2021-10-11 Ahmad Fatoum New
[v4,3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 1 1 1 --- 2021-10-11 Ahmad Fatoum New
[v4,2/5] KEYS: trusted: allow users to use kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 1 1 1 --- 2021-10-11 Ahmad Fatoum New
[v4,1/5] KEYS: trusted: allow use of TEE as backend without TCG_TPM support KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 2 --- 2021-10-11 Ahmad Fatoum New
[2/2] tpm: use SM3 instead of SM3_256 tpm: use SM3 instead of SM3_256 - - - --- 2021-10-09 Tianjia Zhang New
[1/2] crypto: use SM3 instead of SM3_256 tpm: use SM3 instead of SM3_256 - - - --- 2021-10-09 Tianjia Zhang New
ima: fix deadlock when traversing "ima_default_rules". ima: fix deadlock when traversing "ima_default_rules". - 1 - --- 2021-10-09 liqiong New
[-next] integrity: return early if audit_log_start return NULL [-next] integrity: return early if audit_log_start return NULL 1 - - --- 2021-10-09 cuigaosheng New
[v14,3/3] selftest/interpreter: Add tests for trusted_for(2) policies Add trusted_for(2) (was O_MAYEXEC) - 2 - --- 2021-10-08 Mickaël Salaün New
[v14,2/3] arch: Wire up trusted_for(2) Add trusted_for(2) (was O_MAYEXEC) 1 2 - --- 2021-10-08 Mickaël Salaün New
[v14,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl Add trusted_for(2) (was O_MAYEXEC) 2 - - --- 2021-10-08 Mickaël Salaün New
[v13,3/3] selftest/interpreter: Add tests for trusted_for(2) policies Add trusted_for(2) (was O_MAYEXEC) - 1 - --- 2021-10-07 Mickaël Salaün New
[v13,2/3] arch: Wire up trusted_for(2) Add trusted_for(2) (was O_MAYEXEC) 1 2 - --- 2021-10-07 Mickaël Salaün New
[v13,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl Add trusted_for(2) (was O_MAYEXEC) 1 - - --- 2021-10-07 Mickaël Salaün New
[v2,4/4] virt: Add sev_secret module to expose confidential computing secrets Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
[v2,3/4] efi: Reserve confidential computing secret area Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
[v2,2/4] efi/libstub: Copy confidential computing secret area Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
[v2,1/4] x86: Export clean_cache_range() Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
« 1 2 3 4110 111 »