Show patches with: Archived = No       |   4908 patches
« 1 2 ... 16 17 1849 50 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,v14,14/19] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,13/19] dm verity: consume root hash digest and signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,12/19] dm: add finalize hook to target_type Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,11/19] block|security: add LSM blob to block_device Integrity Policy Enforcement LSM (IPE) - 1 - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,10/19] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,09/19] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,08/19] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,07/19] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,06/19] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,05/19] initramfs|security: Add a security hook to do_populate_rootfs() Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,04/19] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,03/19] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,02/19] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,01/19] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
selftests/harness: Fix TEST_F()'s vfork handling selftests/harness: Fix TEST_F()'s vfork handling - 1 2 --- 2024-03-05 Mickaël Salaün Handled Elsewhere
[v1,2/2] selftests/harness: Merge TEST_F_FORK() into TEST_F() [v1,1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() - - - --- 2024-03-05 Mickaël Salaün Handled Elsewhere
[v1,1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() [v1,1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() - - - --- 2024-03-05 Mickaël Salaün Handled Elsewhere
xattr: restrict vfs_getxattr_alloc() allocation size xattr: restrict vfs_getxattr_alloc() allocation size 1 3 - --- 2024-03-05 Christian Brauner Handled Elsewhere
[next] integrity: Avoid -Wflex-array-member-not-at-end warnings [next] integrity: Avoid -Wflex-array-member-not-at-end warnings - - - --- 2024-03-04 Gustavo A. R. Silva Handled Elsewhere
[next] apparmor: remove useless static inline function is_deleted [next] apparmor: remove useless static inline function is_deleted 1 - - --- 2024-03-04 Colin Ian King Handled Elsewhere
[v2] proc: allow restricting /proc/pid/mem writes [v2] proc: allow restricting /proc/pid/mem writes - - - --- 2024-03-01 Adrian Ratiu Handled Elsewhere
[v2,7/7] kunit: Add tests for fault Handle faults in KUnit tests - 1 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,6/7] kunit: Print last test location on fault Handle faults in KUnit tests - 1 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Handle faults in KUnit tests - 2 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,4/7] kunit: Handle test faults Handle faults in KUnit tests - 2 1 --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,3/7] kunit: Fix timeout message Handle faults in KUnit tests - 3 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,2/7] kunit: Fix kthread reference Handle faults in KUnit tests - 3 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,1/7] kunit: Handle thread creation error Handle faults in KUnit tests - 3 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[for,6.8] tomoyo: fix UAF write bug in tomoyo_write_control() [for,6.8] tomoyo: fix UAF write bug in tomoyo_write_control() - - - --- 2024-03-01 Tetsuo Handa Handled Elsewhere
[GIT,PULL] Landlock fixes for v6.8-rc7 [GIT,PULL] Landlock fixes for v6.8-rc7 - - - --- 2024-02-29 Mickaël Salaün Handled Elsewhere
[v1,8/8] kunit: Add tests for faults Run KUnit tests late and handle faults - - - --- 2024-02-29 Mickaël Salaün Handled Elsewhere
[v1,7/8] kunit: Print last test location on fault Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün Handled Elsewhere
[v1,6/8] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün Handled Elsewhere
[v1,5/8] kunit: Handle test faults Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün Handled Elsewhere
[v1,4/8] kunit: Fix timeout message Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün Handled Elsewhere
[v1,3/8] kunit: Fix kthread reference Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün Handled Elsewhere
[v1,2/8] kunit: Handle thread creation error Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün Handled Elsewhere
[v1,1/8] kunit: Run tests when the kernel is fully setup Run KUnit tests late and handle faults - - - --- 2024-02-29 Mickaël Salaün Handled Elsewhere
[v4,12/12] selftests: ip_local_port_range: use XFAIL instead of SKIP selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[v4,11/12] selftests: kselftest_harness: support using xfail selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[v4,10/12] selftests: kselftest_harness: let PASS / FAIL provide diagnostic selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[v4,09/12] selftests: kselftest_harness: separate diagnostic message with # in ksft_test_result_cod… selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[v4,08/12] selftests: kselftest_harness: print test name for SKIP selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[v4,07/12] selftests: kselftest: add ksft_test_result_code(), handling all exit codes selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[v4,06/12] selftests: kselftest_harness: use exit code to store skip selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[v4,05/12] selftests: kselftest_harness: save full exit code in metadata selftests: kselftest_harness: support using xfail - - - --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[v4,04/12] selftests: kselftest_harness: generate test name once selftests: kselftest_harness: support using xfail 1 - - --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[v4,03/12] selftests: kselftest_harness: use KSFT_* exit codes selftests: kselftest_harness: support using xfail 1 - 1 --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[v4,02/12] selftests/harness: Merge TEST_F_FORK() into TEST_F() selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[v4,01/12] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() selftests: kselftest_harness: support using xfail - - - --- 2024-02-29 Jakub Kicinski Handled Elsewhere
[RFC,v13,20/20] documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,19/20] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,18/20] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,17/20] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,16/20] fsverity: consume builtin signature via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,15/20] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,14/20] dm verity: consume root hash digest and signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,13/20] dm: add finalize hook to target_type Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,12/20] dm verity: set DM_TARGET_SINGLETON feature flag Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,11/20] block|security: add LSM blob to block_device Integrity Policy Enforcement LSM (IPE) - 1 - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,10/20] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,09/20] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,08/20] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,07/20] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,06/20] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,05/20] initramfs|security: Add a security hook to do_populate_rootfs() Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,04/20] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,03/20] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,02/20] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[RFC,v13,01/20] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu pcmoore Superseded
[GIT,PULL] lsm/lsm-pr-20240227 [GIT,PULL] lsm/lsm-pr-20240227 - - - --- 2024-02-27 Paul Moore pcmoore Accepted
[v2,2/2] landlock: Warn once if a Landlock action is requested while disabled [v2,1/2] landlock: Extend documentation for kernel support - 2 - --- 2024-02-27 Mickaël Salaün Handled Elsewhere
[v2,1/2] landlock: Extend documentation for kernel support [v2,1/2] landlock: Extend documentation for kernel support - 2 - --- 2024-02-27 Mickaël Salaün Handled Elsewhere
[net-next] netlabel: remove impossible return value in netlbl_bitmap_walk [net-next] netlabel: remove impossible return value in netlbl_bitmap_walk 1 1 - --- 2024-02-27 shaozhengchao pcmoore Handled Elsewhere
[2/2] selftests/harness: Merge TEST_F_FORK() into TEST_F() [1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() - 1 - --- 2024-02-26 Mickaël Salaün Handled Elsewhere
[1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() [1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() - - - --- 2024-02-26 Mickaël Salaün Handled Elsewhere
[2/2] AppArmor: Fix lsm_get_self_attr() [1/2] SELinux: Fix lsm_get_self_attr() - 1 - --- 2024-02-23 Mickaël Salaün pcmoore Accepted
[1/2] SELinux: Fix lsm_get_self_attr() [1/2] SELinux: Fix lsm_get_self_attr() - - - --- 2024-02-23 Mickaël Salaün pcmoore Accepted
[v3,10/10] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,09/10] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED evm: Support signatures on stacked filesystem 1 - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,08/10] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509 evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,07/10] ima: re-evaluate file integrity on file metadata change evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,06/10] evm: Store and detect metadata inode attributes changes evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,05/10] ima: Move file-change detection variables into new structure evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,04/10] evm: Use the metadata inode to calculate metadata hash evm: Support signatures on stacked filesystem 1 - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,02/10] security: allow finer granularity in permitting copy-up of security xattrs evm: Support signatures on stacked filesystem 1 - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,01/10] ima: Rename backing_inode to real_inode evm: Support signatures on stacked filesystem 1 - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[RFC,5/5] apparmor: parse profiles in sandbox mode PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,4/5] sbm: fix up calls to dynamic memory allocators PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,3/5] sbm: x86: infrastructure to fix up sandbox faults PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,2/5] sbm: enhance buffer mapping API PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,1/5] sbm: x86: fix SBM error entry path PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[v2,25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr() fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,24/25] commoncap: use vfs fscaps interfaces fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,23/25] commoncap: remove cap_inode_getsecurity() fs: use type-safe uid representation for filesystem capabilities 1 - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,22/25] fs: use vfs interfaces for capabilities xattrs fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,21/25] ovl: use vfs_{get,set}_fscaps() for copy-up fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,20/25] ovl: add fscaps handlers fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,19/25] fs: add vfs_remove_fscaps() fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
« 1 2 ... 16 17 1849 50 »