Security modules development

Show patches with: Archived = No | 5089 patches

« 1 2 3 4 … 50 51 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
tomoyo: don't emit warning in tomoyo_write_control()	tomoyo: don't emit warning in tomoyo_write_control()	- - -	---	2024-12-16	Tetsuo Handa		Handled Elsewhere
tomoyo: prevent bad buffer size in tracing_cpumask_write	tomoyo: prevent bad buffer size in tracing_cpumask_write	- - 1	---	2024-12-16	Lizhi Xu		Handled Elsewhere
lsm: check size of writes	lsm: check size of writes	- - -	---	2024-12-16	Leo Stone	pcmoore	Superseded
tomoyo: Reject excessively long lines	tomoyo: Reject excessively long lines	- - -	---	2024-12-16	Leo Stone		Handled Elsewhere
capability: Remove unused has_capability	capability: Remove unused has_capability	- 1 -	---	2024-12-15	Dr. David Alan Gilbert	pcmoore	Under Review
[v2,6/6] doc: Add landlock UDP support	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[v2,5/6] samples/landlock: Add sandboxer UDP access control	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[v2,4/6] selftests/landlock: Add ACCESS_NET_SENDTO_UDP	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[v2,3/6] landlock: Add UDP sendmsg access control	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[v2,2/6] selftests/landlock: Adapt existing bind/connect for UDP	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[v2,1/6] landlock: Add UDP bind+connect access control	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[7/7] fs: Use %pTN to print task name	vsprintf: Add %pTN to print Task Name	- - -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[6/7] drivers: Repace get_task_comm() with %pTN	vsprintf: Add %pTN to print Task Name	- 2 -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[5/7] security: Replace get_task_comm() with %pTN	vsprintf: Add %pTN to print Task Name	1 1 -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[4/7] net: Replace get_task_comm() with %pTN	vsprintf: Add %pTN to print Task Name	- - -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[3/7] arch: Replace get_task_comm() with %pTN	vsprintf: Add %pTN to print Task Name	- - -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[2/7] kernel: Replace get_task_comm() with %pTN	vsprintf: Add %pTN to print Task Name	- - -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[1/7] vsprintf: Add %pTN to print task name	vsprintf: Add %pTN to print Task Name	- - -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,16/16] perf tools: Remove dependency on libaudit	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,15/16] perf tools: s390: Use generic syscall table scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,14/16] perf tools: powerpc: Use generic syscall table scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,13/16] perf tools: mips: Use generic syscall scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,12/16] perf tools: loongarch: Use syscall table	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,11/16] perf tools: arm64: Use syscall table	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,10/16] perf tools: parisc: Support syscall header	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,09/16] perf tools: alpha: Support syscall header	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,08/16] perf tools: x86: Use generic syscall scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,07/16] perf tools: xtensa: Support syscall header	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,06/16] perf tools: sparc: Support syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,05/16] perf tools: sh: Support syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,04/16] perf tools: arm: Support syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,03/16] perf tools: csky: Support generic syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,02/16] perf tools: arc: Support generic syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,01/16] perf tools: Create generic syscall table support	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v23,8/8] ima: instantiate the bprm_creds_for_exec() hook	Script execution control (was O_MAYEXEC)	- 1 1	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,7/8] samples/check-exec: Add an enlighten "inc" interpreter and 28 tests	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,6/8] selftests: ktap_helpers: Fix uninitialized variable	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,5/8] samples/check-exec: Add set-exec	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,4/8] selftests/landlock: Add tests for execveat + AT_EXECVE_CHECK	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,3/8] selftests/exec: Add 32 tests for AT_EXECVE_CHECK and exec securebits	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,2/8] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits	Script execution control (was O_MAYEXEC)	- 2 1	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,1/8] exec: Add a new AT_EXECVE_CHECK flag to execveat(2)	Script execution control (was O_MAYEXEC)	1 2 1	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
selinux: Read sk->sk_family once in selinux_socket_bind()	selinux: Read sk->sk_family once in selinux_socket_bind()	- - -	---	2024-12-12	Mikhail Ivanov	pcmoore	Handled Elsewhere
[bpf-next] bpf: lsm: Remove hook to bpf_task_storage_free	[bpf-next] bpf: lsm: Remove hook to bpf_task_storage_free	1 - -	---	2024-12-12	Song Liu		Handled Elsewhere
[lsm/dev] net: corrections for security_secid_to_secctx returns	[lsm/dev] net: corrections for security_secid_to_secctx returns	- - -	---	2024-12-11	Casey Schaufler	pcmoore	Under Review
[v3,bpf-next,6/6] selftests/bpf: Add __failure tests for set/remove xattr kfuncs	Enable writing xattr from BPF programs	- - -	---	2024-12-10	Song Liu		Handled Elsewhere
[v3,bpf-next,5/6] selftests/bpf: Test kfuncs that set and remove xattr from BPF programs	Enable writing xattr from BPF programs	- - -	---	2024-12-10	Song Liu		Handled Elsewhere
[v3,bpf-next,4/6] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs	Enable writing xattr from BPF programs	- - -	---	2024-12-10	Song Liu		Handled Elsewhere
[v3,bpf-next,3/6] bpf: lsm: Add two more sleepable hooks	Enable writing xattr from BPF programs	- - -	---	2024-12-10	Song Liu		Handled Elsewhere
[v3,bpf-next,2/6] selftests/bpf: Extend test fs_kfuncs to cover security.bpf. xattr names	Enable writing xattr from BPF programs	- - -	---	2024-12-10	Song Liu		Handled Elsewhere
[v3,bpf-next,1/6] fs/xattr: bpf: Introduce security.bpf. xattr name prefix	Enable writing xattr from BPF programs	1 - -	---	2024-12-10	Song Liu		Handled Elsewhere
[RESEND] apparmor: Use str_yes_no() helper function	[RESEND] apparmor: Use str_yes_no() helper function	- - -	---	2024-12-09	Thorsten Blum		Handled Elsewhere
[lsm/dev] Binder: Initialize lsm_context structure	[lsm/dev] Binder: Initialize lsm_context structure	- - -	---	2024-12-06	Casey Schaufler	pcmoore	Accepted
lsm: add reserved flag in lsm_prop struct	lsm: add reserved flag in lsm_prop struct	- - -	---	2024-12-06	李豪杰	pcmoore	Under Review
[v22,8/8] ima: instantiate the bprm_creds_for_exec() hook	Script execution control (was O_MAYEXEC)	- 1 -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,7/8] samples/check-exec: Add an enlighten "inc" interpreter and 28 tests	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,6/8] selftests: ktap_helpers: Fix uninitialized variable	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,5/8] samples/check-exec: Add set-exec	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,4/8] selftests/landlock: Add tests for execveat + AT_EXECVE_CHECK	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,3/8] selftests/exec: Add 32 tests for AT_EXECVE_CHECK and exec securebits	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,2/8] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits	Script execution control (was O_MAYEXEC)	- 2 1	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,1/8] exec: Add a new AT_EXECVE_CHECK flag to execveat(2)	Script execution control (was O_MAYEXEC)	1 2 1	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v2] ima: instantiate the bprm_creds_for_exec() hook	[v2] ima: instantiate the bprm_creds_for_exec() hook	- - -	---	2024-12-04	Mimi Zohar		Handled Elsewhere
[v9] security: add trace event for cap_capable	[v9] security: add trace event for cap_capable	- - -	---	2024-12-04	Jordan Rome		Handled Elsewhere
[v2] ima: instantiate the bprm_creds_for_exec() hook	[v2] ima: instantiate the bprm_creds_for_exec() hook	- - 1	---	2024-12-03	Mimi Zohar		Handled Elsewhere
[GIT,PULL] lsm/lsm-pr-20241129	[GIT,PULL] lsm/lsm-pr-20241129	- - -	---	2024-11-30	Paul Moore	pcmoore	Accepted
[v8] security: add trace event for cap_capable	[v8] security: add trace event for cap_capable	- 2 -	---	2024-11-28	Jordan Rome		Handled Elsewhere
[v7] security: add trace event for cap_capable	[v7] security: add trace event for cap_capable	- - -	---	2024-11-28	Jordan Rome		Handled Elsewhere
[v6] security: add trace event for cap_capable	[v6] security: add trace event for cap_capable	- - -	---	2024-11-28	Jordan Rome		Handled Elsewhere
[v2,7/7] ima: Reset IMA_NONACTION_RULE_FLAGS after post_setattr	ima: Remove unnecessary inode locks	- - -	---	2024-11-28	Roberto Sassu		Handled Elsewhere
[v2,6/7] ima: Discard files opened with O_PATH	ima: Remove unnecessary inode locks	- - -	---	2024-11-28	Roberto Sassu		Handled Elsewhere
[v2,5/7] ima: Set security.ima on file close when ima_appraise=fix	ima: Remove unnecessary inode locks	- - -	---	2024-11-28	Roberto Sassu		Handled Elsewhere
[v2,4/7] ima: Mark concurrent accesses to the iint pointer in the inode security blob	ima: Remove unnecessary inode locks	- - -	---	2024-11-28	Roberto Sassu		Handled Elsewhere
[v2,3/7] ima: Ensure lock is held when setting iint pointer in inode security blob	ima: Remove unnecessary inode locks	- - -	---	2024-11-28	Roberto Sassu		Handled Elsewhere
[v2,2/7] ima: Remove inode lock	ima: Remove unnecessary inode locks	- 1 -	---	2024-11-28	Roberto Sassu		Handled Elsewhere
[v2,1/7] fs: ima: Remove S_IMA and IS_IMA()	ima: Remove unnecessary inode locks	1 1 -	---	2024-11-28	Roberto Sassu		Handled Elsewhere
[v2] samples/landlock: Fix possible NULL dereference in parse_path()	[v2] samples/landlock: Fix possible NULL dereference in parse_path()	- - -	---	2024-11-28	Gax-c		Handled Elsewhere
ima: instantiate the bprm_creds_for_exec() hook	ima: instantiate the bprm_creds_for_exec() hook	- - -	---	2024-11-27	Mimi Zohar		Handled Elsewhere
[GIT,PULL] AppArmor updates for 6.13	[GIT,PULL] AppArmor updates for 6.13	- - -	---	2024-11-27	John Johansen		Handled Elsewhere
[v1] selftests: ktap_helpers: Fix uninitialized variable	[v1] selftests: ktap_helpers: Fix uninitialized variable	- - -	---	2024-11-27	Mickaël Salaün		Handled Elsewhere
[RFC] ima: instantiate the bprm_creds_for_exec() hook	[RFC] ima: instantiate the bprm_creds_for_exec() hook	- - -	---	2024-11-27	Mimi Zohar		Superseded
samples/landlock: Fix possible NULL dereference in parse_path()	samples/landlock: Fix possible NULL dereference in parse_path()	- - -	---	2024-11-26	Gax-c		Handled Elsewhere
IMA,LSM: Uncover hidden variable in ima_match_rules()	IMA,LSM: Uncover hidden variable in ima_match_rules()	- 1 -	---	2024-11-26	Casey Schaufler	pcmoore	Accepted
[1/2] lsm: constify function parameters	[1/2] lsm: constify function parameters	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[2/2] lsm: rename variable to avoid shadowing	[1/2] lsm: constify function parameters	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
trace: constify string literal data member	trace: constify string literal data member	- - -	---	2024-11-25	Christian Göttsche		Handled Elsewhere
[01/11] coccinelle: Add script to reorder capable() calls	[01/11] coccinelle: Add script to reorder capable() calls	- 1 -	---	2024-11-25	Christian Göttsche	pcmoore	New
[11/11] infiniband: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[10/11] skbuff: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[09/11] fs: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- 1 -	---	2024-11-25	Christian Göttsche	pcmoore	New
[08/11] gfs2: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[07/11] ipv4: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[06/11] ubifs: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	1 - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[05/11] genwqe: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[04/11] hugetlbfs: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[03/11] ext4: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[02/11] quota: reorder capability check last	[01/11] coccinelle: Add script to reorder capable() calls	- - -	---	2024-11-25	Christian Göttsche	pcmoore	New
[v3,fanotify,2/2] samples/fanotify: Add a sample fanotify fiter	Fanotify in kernel filter	- - -	---	2024-11-22	Song Liu		Handled Elsewhere
[v3,fanotify,1/2] fanotify: Introduce fanotify filter	Fanotify in kernel filter	- - -	---	2024-11-22	Song Liu		Handled Elsewhere
[v3,23/23] selftests/landlock: Add audit tests for ptrace	Landlock audit support	- - -	---	2024-11-22	Mickaël Salaün	pcmoore	Handled Elsewhere

« 1 2 3 4 … 50 51 »