Show patches with: Archived = No       |   4907 patches
« 1 2 3 449 50 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v21,4/6] selftests/landlock: Add tests for execveat + AT_EXECVE_CHECK Script execution control (was O_MAYEXEC) - - - --- 2024-11-12 Mickaël Salaün New
[v21,3/6] selftests/exec: Add 32 tests for AT_EXECVE_CHECK and exec securebits Script execution control (was O_MAYEXEC) - - - --- 2024-11-12 Mickaël Salaün New
[v21,2/6] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits Script execution control (was O_MAYEXEC) - 1 - --- 2024-11-12 Mickaël Salaün New
[v21,1/6] exec: Add a new AT_EXECVE_CHECK flag to execveat(2) Script execution control (was O_MAYEXEC) - 1 - --- 2024-11-12 Mickaël Salaün New
selftests: lsm: Refactor `flags_overset_lsm_set_self_attr` test selftests: lsm: Refactor `flags_overset_lsm_set_self_attr` test - 2 - --- 2024-11-12 Amit New
[v2] ima: Suspend PCR extends and log appends when rebooting [v2] ima: Suspend PCR extends and log appends when rebooting - 1 - --- 2024-11-12 Stefan Berger New
[RFC] selinux: Fix SCTP error inconsistency in selinux_socket_bind() [RFC] selinux: Fix SCTP error inconsistency in selinux_socket_bind() - - - --- 2024-11-12 Mikhail Ivanov New
[next] security: remove redundant assignment to variable rc [next] security: remove redundant assignment to variable rc - 1 - --- 2024-11-12 Colin Ian King New
[v2,bpf-next,4/4] selftest/bpf: Test inode local storage recursion prevention Make inode storage available to tracing prog - - - --- 2024-11-12 Song Liu New
[v2,bpf-next,3/4] bpf: Add recursion prevention logic for inode storage Make inode storage available to tracing prog - - - --- 2024-11-12 Song Liu New
[v2,bpf-next,2/4] bpf: Make bpf inode storage available to tracing program Make inode storage available to tracing prog - - - --- 2024-11-12 Song Liu New
[v2,bpf-next,1/4] bpf: lsm: Remove hook to bpf_task_storage_free Make inode storage available to tracing prog - - - --- 2024-11-12 Song Liu New
[bpf-next,4/4] selftest/bpf: Test inode local storage recursion prevention Untitled series #908730 - - - --- 2024-11-12 Song Liu New
[bpf-next,4/4] selftest/bpf: Add test for inode local storage recursion Make inode storage available to tracing prog - - - --- 2024-11-12 Song Liu New
[bpf-next,3/4] bpf: Add recursion prevention logic for inode storage Untitled series #908729 - - - --- 2024-11-12 Song Liu New
[bpf-next,3/4] bpf: Add recursion avoid logic for inode storage Make inode storage available to tracing prog - - - --- 2024-11-12 Song Liu New
[bpf-next,2/4] bpf: Make bpf inode storage available to tracing program Make inode storage available to tracing prog - - - --- 2024-11-12 Song Liu New
[bpf-next,1/4] bpf: lsm: Remove hook to bpf_task_storage_free Make inode storage available to tracing prog - - - --- 2024-11-12 Song Liu New
apparmor: Add empty statement between label and declaration in profile_transition(() apparmor: Add empty statement between label and declaration in profile_transition(() - - - --- 2024-11-11 Nathan Chancellor New
[GIT,PULL] Landlock fix for v6.12-rc7 #2 [GIT,PULL] Landlock fix for v6.12-rc7 #2 - - - --- 2024-11-10 Mickaël Salaün New
[GIT,PULL] Landlock fix for v6.12-rc7 [GIT,PULL] Landlock fix for v6.12-rc7 - - - --- 2024-11-09 Mickaël Salaün New
[v4,3/3] landlock: Optimize scope enforcement Refactor Landlock access mask management - 1 - --- 2024-11-09 Mickaël Salaün New
[v4,2/3] landlock: Refactor network access mask management Refactor Landlock access mask management - 1 - --- 2024-11-09 Mickaël Salaün New
[v4,1/3] landlock: Refactor filesystem access mask management Refactor Landlock access mask management - 1 - --- 2024-11-09 Mickaël Salaün New
[RESEND] apparmor: Remove unnecessary NULL check before kvfree() [RESEND] apparmor: Remove unnecessary NULL check before kvfree() 1 - - --- 2024-11-07 Thorsten Blum New
tpm: Remove the documentation from tpm2-sessions.c tpm: Remove the documentation from tpm2-sessions.c - - - --- 2024-11-07 Jarkko Sakkinen New
selinux,xfrm: fix dangling refcount on deferred skb free selinux,xfrm: fix dangling refcount on deferred skb free - - - --- 2024-11-06 Ondrej Mosnacek New
[RFT,16/16] perf tools: Remove dependency on libaudit perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,15/16] perf tools: s390: Use generic syscall table scripts perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,14/16] perf tools: powerpc: Use generic syscall table scripts perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,13/16] perf tools: mips: Use generic syscall scripts perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,12/16] perf tools: loongarch: Use syscall table perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,11/16] perf tools: arm64: Use syscall table perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,10/16] perf tools: parisc: Support syscall header perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,09/16] perf tools: alpha: Support syscall header perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,08/16] perf tools: x86: Use generic syscall scripts perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,07/16] perf tools: xtensa: Support syscall header perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,06/16] perf tools: sparc: Support syscall headers perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,05/16] perf tools: sh: Support syscall headers perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,04/16] perf tools: arm: Support syscall headers perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,03/16] perf tools: csky: Support generic syscall headers perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,02/16] perf tools: arc: Support generic syscall headers perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
[RFT,01/16] perf tools: Create generic syscall table support perf tools: Use generic syscall scripts for all archs - - - --- 2024-11-04 Charlie Jenkins New
ima: kexec: Add RCU read lock protection for ima_measurements list traversal ima: kexec: Add RCU read lock protection for ima_measurements list traversal - - - --- 2024-11-04 Breno Leitao New
[lsm/dev-staging] selinux: Fix pointer use in selinux_dentry_init_security [lsm/dev-staging] selinux: Fix pointer use in selinux_dentry_init_security - - - --- 2024-11-02 Casey Schaufler pcmoore Under Review
[lsm/dev] netfilter: Use correct length value in ctnetlink_secctx_size [lsm/dev] netfilter: Use correct length value in ctnetlink_secctx_size - - - --- 2024-11-01 Casey Schaufler pcmoore Under Review
rust: security: add abstraction for secctx rust: security: add abstraction for secctx - 5 - --- 2024-11-01 Alice Ryhl New
smack: fix the smack_lsmprop_to_secctx() kdoc smack: fix the smack_lsmprop_to_secctx() kdoc - 1 - --- 2024-11-01 Paul Moore pcmoore Under Review
rust: lsm: replace context+len with lsm_context rust: lsm: replace context+len with lsm_context 1 - - --- 2024-11-01 Alice Ryhl pcmoore Under Review
[next] scripts: ipe: polgen: remove redundant close and error exit path [next] scripts: ipe: polgen: remove redundant close and error exit path 1 - - --- 2024-10-31 Colin Ian King Handled Elsewhere
[v4] security: add trace event for cap_capable [v4] security: add trace event for cap_capable - 1 - --- 2024-10-30 Jordan Rome Handled Elsewhere
KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation - 2 - --- 2024-10-29 David Gstir Handled Elsewhere
[v3] security: add trace event for cap_capable [v3] security: add trace event for cap_capable 1 1 - --- 2024-10-29 Jordan Rome Handled Elsewhere
[net-next,v2] netlabel: document doi_remove field of struct netlbl_calipso_ops [net-next,v2] netlabel: document doi_remove field of struct netlbl_calipso_ops 1 - - --- 2024-10-28 George Guo Handled Elsewhere
[v8,3/3] tpm: Lazily flush the auth session Lazy flush for the auth session - 1 2 --- 2024-10-28 Jarkko Sakkinen Handled Elsewhere
[v8,2/3] tpm: Rollback tpm2_load_null() Lazy flush for the auth session - 1 - --- 2024-10-28 Jarkko Sakkinen Handled Elsewhere
[v8,1/3] tpm: Return tpm2_sessions_init() when null key creation fails Lazy flush for the auth session - 1 - --- 2024-10-28 Jarkko Sakkinen Handled Elsewhere
[v2] security: add trace event for cap_capable [v2] security: add trace event for cap_capable 1 1 - --- 2024-10-25 Jordan Rome Handled Elsewhere
[1/1] netlabel: Add missing comment to struct field [1/1] netlabel: Add missing comment to struct field - - - --- 2024-10-25 George Guo Handled Elsewhere
[1/1] add comment for doi_remove in struct netlbl_lsm_secattr [1/1] add comment for doi_remove in struct netlbl_lsm_secattr - - - --- 2024-10-25 George Guo Handled Elsewhere
[1/1] add comment for doi_remove in struct netlbl_lsm_secattr [1/1] add comment for doi_remove in struct netlbl_lsm_secattr - - - --- 2024-10-25 George Guo Handled Elsewhere
[v1] security: add trace event for cap_capable [v1] security: add trace event for cap_capable - - - --- 2024-10-24 Jordan Rome pcmoore Superseded
[v3,5/5] LSM: secctx provider check on release LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-23 Casey Schaufler pcmoore Accepted
[v3,4/5] LSM: lsm_context in security_dentry_init_security LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-23 Casey Schaufler pcmoore Accepted
[v3,3/5] LSM: Use lsm_context in security_inode_getsecctx LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-23 Casey Schaufler pcmoore Accepted
[v3,2/5] LSM: Replace context+len with lsm_context LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-23 Casey Schaufler pcmoore Accepted
[v3,1/5] LSM: Ensure the correct LSM context releaser LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-23 Casey Schaufler pcmoore Accepted
[RFC,v2,14/14] landlock: Control log events with LANDLOCK_RESTRICT_SELF_LOGLESS Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,13/14] landlock: Log scoped denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,12/14] landlock: Log TCP bind and connect denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,11/14] landlock: Log truncate and ioctl denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,10/14] landlock: Log file-related denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,09/14] landlock: Log mount-related denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,08/14] landlock: Log domain properties and release Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,07/14] landlock: Log ptrace denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,06/14] landlock: Move domain hierarchy management Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,05/14] landlock: Move access types Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,04/14] landlock: Add unique ID generator Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,03/14] landlock: Factor out check_access_path() Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,02/14] lsm: Add audit_log_lsm_data() helper Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore Accepted
[RFC,v2,01/14] lsm: Only build lsm_audit.c if CONFIG_AUDIT is set Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore Accepted
[v3,3/3] landlock: Optimize scope enforcement Refactor Landlock access mask management - - - --- 2024-10-22 Mickaël Salaün Handled Elsewhere
[v3,2/3] landlock: Refactor network access mask management Refactor Landlock access mask management - - - --- 2024-10-22 Mickaël Salaün Handled Elsewhere
[v3,1/3] landlock: Refactor filesystem access mask management Refactor Landlock access mask management - - - --- 2024-10-22 Mickaël Salaün Handled Elsewhere
[v3,3/3] samples/landlock: Clarify option parsing behaviour samples/landlock: Fix port parsing in sandboxer - - - --- 2024-10-19 Matthieu Buffet Handled Elsewhere
[v3,2/3] samples/landlock: Refactor help message samples/landlock: Fix port parsing in sandboxer - - - --- 2024-10-19 Matthieu Buffet Handled Elsewhere
[v3,1/3] samples/landlock: Fix port parsing in sandboxer samples/landlock: Fix port parsing in sandboxer - - - --- 2024-10-19 Matthieu Buffet Handled Elsewhere
[RESEND] apparmor: Remove unnecessary NULL check before kvfree() [RESEND] apparmor: Remove unnecessary NULL check before kvfree() - - - --- 2024-10-18 Thorsten Blum Handled Elsewhere
[GIT,PULL] IPE fixes for 6.12-rc4 [GIT,PULL] IPE fixes for 6.12-rc4 - - - --- 2024-10-18 Fan Wu Handled Elsewhere
[v2] mm: Split critical region in remap_file_pages() and invoke LSMs in between [v2] mm: Split critical region in remap_file_pages() and invoke LSMs in between - 5 2 --- 2024-10-18 Roberto Sassu pcmoore Under Review
[RFC] mm: Split locks in remap_file_pages() [RFC] mm: Split locks in remap_file_pages() - 3 - --- 2024-10-18 Roberto Sassu Superseded
[RFC,v3,13/13] clavis: Kunit support Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,12/13] clavis: Add function redirection for Kunit support Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,11/13] clavis: Prevent boot param change during kexec Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,10/13] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,09/13] clavis: Allow user to define acl at build time Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,08/13] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,07/13] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,06/13] clavis: Populate clavis keyring acl with kernel module signature Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,05/13] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
« 1 2 3 449 50 »