Show patches with: Archived = No       |   4908 patches
« 1 2 ... 12 13 1449 50 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v3,16/68] selftests/fchmodat2: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - 2 - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,15/68] selftests/exec: Drop duplicate -D_GNU_SOURCE Define _GNU_SOURCE for sources using - - - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,14/68] selftests/drivers: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - 2 - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,13/68] selftests/damon: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - 1 - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,12/68] selftests/core: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - 2 - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,11/68] selftests/clone3: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - 2 - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,10/68] selftests/cgroup: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - - - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,09/68] selftests/capabilities: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - 2 - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,08/68] selftests/cachestat: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - 2 - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,07/68] selftests/breakpoints: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - - - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,06/68] selftests/bpf: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - - - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,05/68] selftests/arm64: Drop duplicate -D_GNU_SOURCE Define _GNU_SOURCE for sources using - - - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,04/68] selftests/arm64: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - - - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,03/68] selftests: Compile with -D_GNU_SOURCE when including lib.mk Define _GNU_SOURCE for sources using - - - --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,02/68] selftests/sgx: Include KHDR_INCLUDES in Makefile Define _GNU_SOURCE for sources using 1 3 1 --- 2024-05-09 Edward Liaw Handled Elsewhere
[v3,01/68] selftests: Compile kselftest headers with -D_GNU_SOURCE Define _GNU_SOURCE for sources using - 3 - --- 2024-05-09 Edward Liaw Handled Elsewhere
[net,v4] netlabel: fix RCU annotation for IPv4 options on socket creation [net,v4] netlabel: fix RCU annotation for IPv4 options on socket creation 1 - - --- 2024-05-09 Davide Caratti pcmoore Changes Requested
[bpf-next,v10,5/5] bpf: Only enable BPF LSM hooks when an LSM program is attached Reduce overhead of LSMs with static calls - - - --- 2024-05-07 KP Singh pcmoore Superseded
[bpf-next,v10,4/5] security: Update non standard hooks to use static calls Reduce overhead of LSMs with static calls - - - --- 2024-05-07 KP Singh pcmoore Superseded
[bpf-next,v10,3/5] security: Replace indirect LSM hook calls with static calls Reduce overhead of LSMs with static calls 2 2 - --- 2024-05-07 KP Singh pcmoore Superseded
[bpf-next,v10,2/5] security: Count the LSMs enabled at compile time Reduce overhead of LSMs with static calls 2 1 - --- 2024-05-07 KP Singh pcmoore Superseded
[bpf-next,v10,1/5] kernel: Add helper macros for loop unrolling Reduce overhead of LSMs with static calls 2 2 - --- 2024-05-07 KP Singh pcmoore Superseded
[v2,5/5] selftests: Drop duplicate -D_GNU_SOURCE Define _GNU_SOURCE for sources using - 2 - --- 2024-05-07 Edward Liaw Handled Elsewhere
[v2,4/5] selftests: Drop define _GNU_SOURCE Define _GNU_SOURCE for sources using - 2 - --- 2024-05-07 Edward Liaw Handled Elsewhere
[v2,3/5] selftests: Include KHDR_INCLUDES in Makefile Define _GNU_SOURCE for sources using - 2 - --- 2024-05-07 Edward Liaw Handled Elsewhere
[v2,2/5] selftests/sgx: Include KHDR_INCLUDES in Makefile Define _GNU_SOURCE for sources using 1 3 1 --- 2024-05-07 Edward Liaw Handled Elsewhere
[v2,1/5] selftests: Compile kselftest headers with -D_GNU_SOURCE Define _GNU_SOURCE for sources using - 3 - --- 2024-05-07 Edward Liaw Handled Elsewhere
apparmor: fix possible NULL pointer dereference apparmor: fix possible NULL pointer dereference 1 - - --- 2024-05-07 Leesoo Ahn Handled Elsewhere
MAINTAINERS: repair file entry in SECURITY SUBSYSTEM MAINTAINERS: repair file entry in SECURITY SUBSYSTEM - - - --- 2024-05-07 Lukas Bulwahn pcmoore Accepted
[v3] ima: Avoid blocking in RCU read-side critical section [v3] ima: Avoid blocking in RCU read-side critical section 1 2 - --- 2024-05-07 Guozihua (Scott) pcmoore Accepted
[net,v3] netlabel: fix RCU annotation for IPv4 options on socket creation [net,v3] netlabel: fix RCU annotation for IPv4 options on socket creation 1 - - --- 2024-05-06 Davide Caratti pcmoore Changes Requested
apparmor: fix apparmor_socket_post_create() kernel-doc apparmor: fix apparmor_socket_post_create() kernel-doc - - - --- 2024-05-05 Jeff Johnson Handled Elsewhere
[v18,21/21] MAINTAINERS: ipe: add ipe maintainer information Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,20/21] Documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,19/21] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,18/21] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,17/21] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,16/21] fsverity: expose verified fsverity built-in signatures to LSMs Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,15/21] security: add security_inode_setintegrity() hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,14/21] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,13/21] dm verity: expose root hash digest and signature data to LSMs Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,12/21] dm: add finalize hook to target_type Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,11/21] block,lsm: add LSM blob and new LSM hooks for block device Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,10/21] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,09/21] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,08/21] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,07/21] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,06/21] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,05/21] initramfs|security: Add a security hook to do_populate_rootfs() Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,04/21] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,03/21] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,02/21] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[v18,01/21] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-05-03 Fan Wu pcmoore Superseded
[RFC,v3,5/5] virt: Add Heki KUnit tests Hypervisor-Enforced Kernel Integrity - CR pinning - - - --- 2024-05-03 Mickaël Salaün Handled Elsewhere
[RFC,v3,4/5] heki: Lock guest control registers at the end of guest kernel init Hypervisor-Enforced Kernel Integrity - CR pinning - - - --- 2024-05-03 Mickaël Salaün Handled Elsewhere
[RFC,v3,3/5] KVM: x86: Add notifications for Heki policy configuration and violation Hypervisor-Enforced Kernel Integrity - CR pinning - - - --- 2024-05-03 Mickaël Salaün Handled Elsewhere
[RFC,v3,2/5] KVM: x86: Add new hypercall to lock control registers Hypervisor-Enforced Kernel Integrity - CR pinning - - - --- 2024-05-03 Mickaël Salaün Handled Elsewhere
[RFC,v3,1/5] virt: Introduce Hypervisor Enforced Kernel Integrity (Heki) Hypervisor-Enforced Kernel Integrity - CR pinning - - - --- 2024-05-03 Mickaël Salaün Handled Elsewhere
[v3] nfsd: set security label during create operations [v3] nfsd: set security label during create operations - 2 - --- 2024-05-03 Stephen Smalley Handled Elsewhere
[RFC] lsm: fixup the inode xattr capability handling [RFC] lsm: fixup the inode xattr capability handling - - - --- 2024-05-03 Paul Moore pcmoore Accepted
[v2] nfsd: set security label during create operations [v2] nfsd: set security label during create operations - 1 - --- 2024-05-02 Stephen Smalley Handled Elsewhere
[RFC] nfsd: set security label during create operations [RFC] nfsd: set security label during create operations - - - --- 2024-05-02 Stephen Smalley Handled Elsewhere
MAINTAINERS: update the LSM file list MAINTAINERS: update the LSM file list - - - --- 2024-05-01 Paul Moore pcmoore Accepted
[v3,2/2] fs/xattr: add *at family syscalls Untitled series #848336 - 1 - --- 2024-04-26 Christian Göttsche Handled Elsewhere
MAINTAINER: Add Günther Noack as Landlock reviewer MAINTAINER: Add Günther Noack as Landlock reviewer 1 - - --- 2024-04-25 Mickaël Salaün Handled Elsewhere
[net,v2] netlabel: fix RCU annotation for IPv4 options on socket creation [net,v2] netlabel: fix RCU annotation for IPv4 options on socket creation - - - --- 2024-04-24 Davide Caratti pcmoore Changes Requested
[v3,11/11] sysctl: treewide: constify the ctl_table argument of handlers sysctl: treewide: constify ctl_table argument of sysctl handlers 1 - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,10/11] sysctl: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,09/11] ipvs: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,08/11] ipv6/ndisc: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,07/11] ipv6/addrconf: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,06/11] ipv4/sysctl: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,05/11] neighbour: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,04/11] utsname: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,03/11] hugetlb: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,02/11] cgroup: bpf: constify ctl_table arguments and fields sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,01/11] stackleak: don't modify ctl_table argument sysctl: treewide: constify ctl_table argument of sysctl handlers 1 - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v2] tty: n_gsm: restrict tty devices to attach [v2] tty: n_gsm: restrict tty devices to attach - - - --- 2024-04-20 Tetsuo Handa Handled Elsewhere
[v15,11/11] fs/ioctl: Add a comment to keep the logic in sync with LSM policies Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,10/11] MAINTAINERS: Notify Landlock maintainers about changes to fs/ioctl.c Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,09/11] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,08/11] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,07/11] selftests/landlock: Exhaustive test for the IOCTL allow-list Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,06/11] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,05/11] selftests/landlock: Test IOCTLs on named pipes Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,04/11] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,03/11] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,02/11] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,01/11] landlock: Add IOCTL access right for character and block devices Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[2/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options - - - --- 2024-04-16 Ondrej Mosnacek pcmoore Superseded
[1/2] cipso: fix total option length computation cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options - - - --- 2024-04-16 Ondrej Mosnacek pcmoore Superseded
[RFC,v2,9/9] ima: Register to the digest_cache LSM notifier and process events ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore Handled Elsewhere
[RFC,v2,8/9] ima: Use digest caches for appraisal ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore Handled Elsewhere
[RFC,v2,7/9] ima: Use digest caches for measurement ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore Handled Elsewhere
[RFC,v2,6/9] ima: Store allowed usage in digest cache based on integrity metadata flags ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore Handled Elsewhere
[RFC,v2,5/9] ima: Modify existing boot-time built-in policies with digest cache policies ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore Handled Elsewhere
[RFC,v2,4/9] ima: Add digest_cache_measure/appraise boot-time built-in policies ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore Handled Elsewhere
[RFC,v2,3/9] ima: Add digest_cache policy keyword ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore Handled Elsewhere
[RFC,v2,2/9] ima: Nest iint mutex for DIGEST_LIST_CHECK hook ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore Handled Elsewhere
[RFC,v2,1/9] ima: Introduce hook DIGEST_LIST_CHECK ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore Handled Elsewhere
« 1 2 ... 12 13 1449 50 »