Security modules development

Show patches with: Archived = No | 5121 patches

« 1 2 3 4 … 51 52 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[RFC,2/2] evm: Add kernel parameter to disable EVM	ima: evm: Add kernel cmdline options to disable IMA/EVM	- - -	---	2024-12-17	Song Liu	pcmoore	Rejected
[RFC,1/2] ima: Add kernel parameter to disable IMA	ima: evm: Add kernel cmdline options to disable IMA/EVM	- - -	---	2024-12-17	Song Liu	pcmoore	Rejected
[v2] lsm: check size of writes	[v2] lsm: check size of writes	- 1 -	---	2024-12-17	Leo Stone	pcmoore	Under Review
tomoyo: use realpath if symlink's pathname refers to procfs	tomoyo: use realpath if symlink's pathname refers to procfs	- - -	---	2024-12-17	Tetsuo Handa		Handled Elsewhere
[2/2] docs/zh_CN: Add security lsm Chinese translation	Add security index Chinese translation and add security lsm Chinese translation	- - -	---	2024-12-17	Yuehui Zhao	pcmoore	Handled Elsewhere
[1/2] docs/zh_CN: Add security index Chinese translation	Add security index Chinese translation and add security lsm Chinese translation	- 1 -	---	2024-12-17	Yuehui Zhao	pcmoore	Handled Elsewhere
[v4,bpf-next,6/6] selftests/bpf: Add __failure tests for set/remove xattr kfuncs	Enable writing xattr from BPF programs	- - -	---	2024-12-17	Song Liu		Handled Elsewhere
[v4,bpf-next,5/6] selftests/bpf: Test kfuncs that set and remove xattr from BPF programs	Enable writing xattr from BPF programs	- - -	---	2024-12-17	Song Liu		Handled Elsewhere
[v4,bpf-next,4/6] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs	Enable writing xattr from BPF programs	- - -	---	2024-12-17	Song Liu		Handled Elsewhere
[v4,bpf-next,3/6] bpf: lsm: Add two more sleepable hooks	Enable writing xattr from BPF programs	- - -	---	2024-12-17	Song Liu		Handled Elsewhere
[v4,bpf-next,2/6] selftests/bpf: Extend test fs_kfuncs to cover security.bpf. xattr names	Enable writing xattr from BPF programs	- - -	---	2024-12-17	Song Liu		Handled Elsewhere
[v4,bpf-next,1/6] fs/xattr: bpf: Introduce security.bpf. xattr name prefix	Enable writing xattr from BPF programs	1 1 -	---	2024-12-17	Song Liu		Handled Elsewhere
[v3,16/16] perf tools: Remove dependency on libaudit	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,15/16] perf tools: s390: Use generic syscall table scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,14/16] perf tools: powerpc: Use generic syscall table scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,13/16] perf tools: mips: Use generic syscall scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,12/16] perf tools: loongarch: Use syscall table	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,11/16] perf tools: arm64: Use syscall table	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,10/16] perf tools: parisc: Support syscall header	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,09/16] perf tools: alpha: Support syscall header	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,08/16] perf tools: x86: Use generic syscall scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,07/16] perf tools: xtensa: Support syscall header	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,06/16] perf tools: sparc: Support syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,05/16] perf tools: sh: Support syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,04/16] perf tools: arm: Support syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,03/16] perf tools: csky: Support generic syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,02/16] perf tools: arc: Support generic syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
[v3,01/16] perf tools: Create generic syscall table support	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-17	Charlie Jenkins		Handled Elsewhere
net: Convert proto_ops::getname to sockaddr_storage	net: Convert proto_ops::getname to sockaddr_storage	1 1 -	---	2024-12-17	Kees Cook		Handled Elsewhere
[RFC] lsm: fs: Use i_callback to free i_security in RCU callback	[RFC] lsm: fs: Use i_callback to free i_security in RCU callback	- - -	---	2024-12-16	Song Liu	pcmoore	Rejected
[2/2] tools: perf: tests: Fix code reading for riscv	perf: tests: Fix object code reading test for riscv	- - -	---	2024-12-16	Charlie Jenkins		Handled Elsewhere
[1/2] kbuild: Check version of objdump	perf: tests: Fix object code reading test for riscv	- - -	---	2024-12-16	Charlie Jenkins		Handled Elsewhere
tomoyo: don't emit warning in tomoyo_write_control()	tomoyo: don't emit warning in tomoyo_write_control()	- - -	---	2024-12-16	Tetsuo Handa		Handled Elsewhere
tomoyo: prevent bad buffer size in tracing_cpumask_write	tomoyo: prevent bad buffer size in tracing_cpumask_write	- - 1	---	2024-12-16	Lizhi Xu		Handled Elsewhere
lsm: check size of writes	lsm: check size of writes	- - -	---	2024-12-16	Leo Stone	pcmoore	Superseded
tomoyo: Reject excessively long lines	tomoyo: Reject excessively long lines	- - -	---	2024-12-16	Leo Stone		Handled Elsewhere
capability: Remove unused has_capability	capability: Remove unused has_capability	- 1 -	---	2024-12-15	Dr. David Alan Gilbert	pcmoore	Under Review
[v2,6/6] doc: Add landlock UDP support	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[v2,5/6] samples/landlock: Add sandboxer UDP access control	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[v2,4/6] selftests/landlock: Add ACCESS_NET_SENDTO_UDP	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[v2,3/6] landlock: Add UDP sendmsg access control	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[v2,2/6] selftests/landlock: Adapt existing bind/connect for UDP	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[v2,1/6] landlock: Add UDP bind+connect access control	landlock: Add UDP access control support	- - -	---	2024-12-14	Matthieu Buffet		Handled Elsewhere
[7/7] fs: Use %pTN to print task name	vsprintf: Add %pTN to print Task Name	- - -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[6/7] drivers: Repace get_task_comm() with %pTN	vsprintf: Add %pTN to print Task Name	- 2 -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[5/7] security: Replace get_task_comm() with %pTN	vsprintf: Add %pTN to print Task Name	1 1 -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[4/7] net: Replace get_task_comm() with %pTN	vsprintf: Add %pTN to print Task Name	- - -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[3/7] arch: Replace get_task_comm() with %pTN	vsprintf: Add %pTN to print Task Name	- - -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[2/7] kernel: Replace get_task_comm() with %pTN	vsprintf: Add %pTN to print Task Name	- - -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[1/7] vsprintf: Add %pTN to print task name	vsprintf: Add %pTN to print Task Name	- - -	---	2024-12-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,16/16] perf tools: Remove dependency on libaudit	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,15/16] perf tools: s390: Use generic syscall table scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,14/16] perf tools: powerpc: Use generic syscall table scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,13/16] perf tools: mips: Use generic syscall scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,12/16] perf tools: loongarch: Use syscall table	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,11/16] perf tools: arm64: Use syscall table	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,10/16] perf tools: parisc: Support syscall header	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,09/16] perf tools: alpha: Support syscall header	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,08/16] perf tools: x86: Use generic syscall scripts	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,07/16] perf tools: xtensa: Support syscall header	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,06/16] perf tools: sparc: Support syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,05/16] perf tools: sh: Support syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,04/16] perf tools: arm: Support syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,03/16] perf tools: csky: Support generic syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,02/16] perf tools: arc: Support generic syscall headers	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v2,01/16] perf tools: Create generic syscall table support	perf tools: Use generic syscall scripts for all archs	- - -	---	2024-12-13	Charlie Jenkins		Handled Elsewhere
[v23,8/8] ima: instantiate the bprm_creds_for_exec() hook	Script execution control (was O_MAYEXEC)	- 1 1	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,7/8] samples/check-exec: Add an enlighten "inc" interpreter and 28 tests	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,6/8] selftests: ktap_helpers: Fix uninitialized variable	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,5/8] samples/check-exec: Add set-exec	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,4/8] selftests/landlock: Add tests for execveat + AT_EXECVE_CHECK	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,3/8] selftests/exec: Add 32 tests for AT_EXECVE_CHECK and exec securebits	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,2/8] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits	Script execution control (was O_MAYEXEC)	- 2 1	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
[v23,1/8] exec: Add a new AT_EXECVE_CHECK flag to execveat(2)	Script execution control (was O_MAYEXEC)	1 2 1	---	2024-12-12	Mickaël Salaün	pcmoore	Handled Elsewhere
selinux: Read sk->sk_family once in selinux_socket_bind()	selinux: Read sk->sk_family once in selinux_socket_bind()	- - -	---	2024-12-12	Mikhail Ivanov	pcmoore	Handled Elsewhere
[bpf-next] bpf: lsm: Remove hook to bpf_task_storage_free	[bpf-next] bpf: lsm: Remove hook to bpf_task_storage_free	1 - -	---	2024-12-12	Song Liu		Handled Elsewhere
[lsm/dev] net: corrections for security_secid_to_secctx returns	[lsm/dev] net: corrections for security_secid_to_secctx returns	- - -	---	2024-12-11	Casey Schaufler	pcmoore	Under Review
[v3,bpf-next,6/6] selftests/bpf: Add __failure tests for set/remove xattr kfuncs	Enable writing xattr from BPF programs	- - -	---	2024-12-10	Song Liu		Handled Elsewhere
[v3,bpf-next,5/6] selftests/bpf: Test kfuncs that set and remove xattr from BPF programs	Enable writing xattr from BPF programs	- - -	---	2024-12-10	Song Liu		Handled Elsewhere
[v3,bpf-next,4/6] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs	Enable writing xattr from BPF programs	- - -	---	2024-12-10	Song Liu		Handled Elsewhere
[v3,bpf-next,3/6] bpf: lsm: Add two more sleepable hooks	Enable writing xattr from BPF programs	- - -	---	2024-12-10	Song Liu		Handled Elsewhere
[v3,bpf-next,2/6] selftests/bpf: Extend test fs_kfuncs to cover security.bpf. xattr names	Enable writing xattr from BPF programs	- - -	---	2024-12-10	Song Liu		Handled Elsewhere
[v3,bpf-next,1/6] fs/xattr: bpf: Introduce security.bpf. xattr name prefix	Enable writing xattr from BPF programs	1 - -	---	2024-12-10	Song Liu		Handled Elsewhere
[RESEND] apparmor: Use str_yes_no() helper function	[RESEND] apparmor: Use str_yes_no() helper function	- - -	---	2024-12-09	Thorsten Blum		Handled Elsewhere
[lsm/dev] Binder: Initialize lsm_context structure	[lsm/dev] Binder: Initialize lsm_context structure	- - -	---	2024-12-06	Casey Schaufler	pcmoore	Accepted
lsm: add reserved flag in lsm_prop struct	lsm: add reserved flag in lsm_prop struct	- - -	---	2024-12-06	李豪杰	pcmoore	Under Review
[v22,8/8] ima: instantiate the bprm_creds_for_exec() hook	Script execution control (was O_MAYEXEC)	- 1 -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,7/8] samples/check-exec: Add an enlighten "inc" interpreter and 28 tests	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,6/8] selftests: ktap_helpers: Fix uninitialized variable	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,5/8] samples/check-exec: Add set-exec	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,4/8] selftests/landlock: Add tests for execveat + AT_EXECVE_CHECK	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,3/8] selftests/exec: Add 32 tests for AT_EXECVE_CHECK and exec securebits	Script execution control (was O_MAYEXEC)	- - -	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,2/8] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits	Script execution control (was O_MAYEXEC)	- 2 1	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v22,1/8] exec: Add a new AT_EXECVE_CHECK flag to execveat(2)	Script execution control (was O_MAYEXEC)	1 2 1	---	2024-12-05	Mickaël Salaün		Handled Elsewhere
[v2] ima: instantiate the bprm_creds_for_exec() hook	[v2] ima: instantiate the bprm_creds_for_exec() hook	- - -	---	2024-12-04	Mimi Zohar		Handled Elsewhere
[v9] security: add trace event for cap_capable	[v9] security: add trace event for cap_capable	- - -	---	2024-12-04	Jordan Rome		Handled Elsewhere
[v2] ima: instantiate the bprm_creds_for_exec() hook	[v2] ima: instantiate the bprm_creds_for_exec() hook	- - 1	---	2024-12-03	Mimi Zohar		Handled Elsewhere
[GIT,PULL] lsm/lsm-pr-20241129	[GIT,PULL] lsm/lsm-pr-20241129	- - -	---	2024-11-30	Paul Moore	pcmoore	Accepted
[v8] security: add trace event for cap_capable	[v8] security: add trace event for cap_capable	- 2 -	---	2024-11-28	Jordan Rome		Handled Elsewhere
[v7] security: add trace event for cap_capable	[v7] security: add trace event for cap_capable	- - -	---	2024-11-28	Jordan Rome		Handled Elsewhere

« 1 2 3 4 … 51 52 »