Show patches with: Archived = No       |   4912 patches
« 1 2 ... 24 25 2649 50 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v9,bpf-next,01/17] bpf: align CAP_NET_ADMIN checks with bpf_capable() approach BPF token and BPF FS-based delegation 1 - - --- 2023-11-03 Andrii Nakryiko pcmoore Handled Elsewhere
[v4,7/7] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2023-11-03 Günther Noack Handled Elsewhere
[v4,6/7] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL Landlock: IOCTL support - - - --- 2023-11-03 Günther Noack Handled Elsewhere
[v4,5/7] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2023-11-03 Günther Noack Handled Elsewhere
[v4,4/7] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2023-11-03 Günther Noack Handled Elsewhere
[v4,3/7] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2023-11-03 Günther Noack Handled Elsewhere
[v4,2/7] landlock: Add IOCTL access right Landlock: IOCTL support - - - --- 2023-11-03 Günther Noack Handled Elsewhere
[v4,1/7] landlock: Optimize the number of calls to get_access_mask slightly Landlock: IOCTL support - - - --- 2023-11-03 Günther Noack Handled Elsewhere
[GIT,PULL] AppArmor updates for 6.7 [GIT,PULL] AppArmor updates for 6.7 - - - --- 2023-11-03 John Johansen Handled Elsewhere
[2/2] ima: Remove EXPERIMENTAL from IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY ima: IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY cleanup 1 1 - --- 2023-11-02 Eric Snowberg Handled Elsewhere
[1/2] ima: Add machine keyring reference to IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY ima: IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY cleanup - - - --- 2023-11-02 Eric Snowberg Handled Elsewhere
[GIT,PULL] Landlock updates for v6.7 [GIT,PULL] Landlock updates for v6.7 - - - --- 2023-11-02 Mickaël Salaün Handled Elsewhere
lsm: convert security_setselfattr() to use memdup_user() lsm: convert security_setselfattr() to use memdup_user() 1 - - --- 2023-11-02 Paul Moore pcmoore Accepted
lsm: align based on pointer length in lsm_fill_user_ctx() lsm: align based on pointer length in lsm_fill_user_ctx() 1 - - --- 2023-11-02 Paul Moore pcmoore Accepted
[v7,5/5] security: Add CONFIG_SECURITY_HOOK_LIKELY Reduce overhead of LSMs with static calls 1 1 - --- 2023-11-02 KP Singh pcmoore Superseded
[v7,4/5] bpf: Only enable BPF LSM hooks when an LSM program is attached Reduce overhead of LSMs with static calls 2 2 - --- 2023-11-02 KP Singh pcmoore Superseded
[v7,3/5] security: Replace indirect LSM hook calls with static calls Reduce overhead of LSMs with static calls 1 2 - --- 2023-11-02 KP Singh pcmoore Superseded
[v7,2/5] security: Count the LSMs enabled at compile time Reduce overhead of LSMs with static calls 1 1 - --- 2023-11-02 KP Singh pcmoore Superseded
[v7,1/5] kernel: Add helper macros for loop unrolling Reduce overhead of LSMs with static calls 1 2 - --- 2023-11-02 KP Singh pcmoore Superseded
[2/2] lsm: fix default return value for inode_getsecctx lsm: fix default return values for some hooks - - - --- 2023-10-31 Ondrej Mosnacek pcmoore Accepted
[1/2] lsm: fix default return value for vm_enough_memory lsm: fix default return values for some hooks - - - --- 2023-10-31 Ondrej Mosnacek pcmoore Accepted
[GIT,PULL] lsm/lsm-pr-20231030 [GIT,PULL] lsm/lsm-pr-20231030 - - - --- 2023-10-31 Paul Moore pcmoore Accepted
[GIT,PULL] selinux/selinux-pr-20231030 [GIT,PULL] selinux/selinux-pr-20231030 - - - --- 2023-10-31 Paul Moore Handled Elsewhere
[v4,23/23] integrity: Switch from rbtree to LSM-managed blob for integrity_iint_cache security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,22/23] integrity: Move integrity functions to the LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,21/23] evm: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,20/23] ima: Move IMA-Appraisal to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 2 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,19/23] ima: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 1 - - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,18/23] security: Introduce key_post_create_or_update hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,17/23] security: Introduce inode_post_remove_acl hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,16/23] security: Introduce inode_post_set_acl hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,15/23] security: Introduce inode_post_create_tmpfile hook security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,14/23] security: Introduce path_post_mknod hook security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,13/23] security: Introduce file_pre_free_security hook security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,12/23] security: Introduce file_post_open hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,11/23] security: Introduce inode_post_removexattr hook security: Move IMA and EVM to the LSM infrastructure - 2 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,10/23] security: Introduce inode_post_setattr hook security: Move IMA and EVM to the LSM infrastructure - 2 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,09/23] security: Align inode_setattr hook definition with EVM security: Move IMA and EVM to the LSM infrastructure 1 2 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,08/23] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 2 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,07/23] evm: Align evm_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 2 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,06/23] evm: Align evm_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,05/23] ima: Align ima_post_read_file() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,04/23] ima: Align ima_inode_removexattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,03/23] ima: Align ima_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 2 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,02/23] ima: Align ima_file_mprotect() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
[v4,01/23] ima: Align ima_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-10-27 Roberto Sassu pcmoore Superseded
security: Don't yet account for IMA in LSM_CONFIG_COUNT calculation security: Don't yet account for IMA in LSM_CONFIG_COUNT calculation - - - --- 2023-10-26 Roberto Sassu pcmoore Accepted
[v14,12/12] landlock: Document network support Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v14,11/12] samples/landlock: Support TCP restrictions Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v14,10/12] selftests/landlock: Add network tests Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v14,09/12] selftests/landlock: Share enforce_ruleset() Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v14,08/12] landlock: Add network rules and TCP hooks support Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v14,07/12] landlock: Refactor landlock_add_rule() syscall Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v14,06/12] landlock: Refactor layer helpers Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v14,05/12] landlock: Move and rename layer helpers Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v14,04/12] landlock: Refactor merge/inherit_ruleset functions Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v14,03/12] landlock: Refactor landlock_find_rule/insert_rule Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v14,02/12] landlock: Allow FS topology changes for domains without such rule type Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v14,01/12] landlock: Make ruleset's access masks more generic Network support for Landlock - - - --- 2023-10-26 Konstantin Meskhidze (A) Handled Elsewhere
[v4,6/6] wire up syscalls for statmount/listmount querying mount attributes - - - --- 2023-10-25 Miklos Szeredi pcmoore Changes Requested
[v4,5/6] add listmount(2) syscall querying mount attributes - - - --- 2023-10-25 Miklos Szeredi pcmoore Changes Requested
[v4,4/6] add statmount(2) syscall querying mount attributes - - - --- 2023-10-25 Miklos Szeredi pcmoore Changes Requested
[v4,3/6] namespace: extract show_path() helper querying mount attributes - - - --- 2023-10-25 Miklos Szeredi pcmoore Changes Requested
[v4,2/6] mounts: keep list of mounts in an rbtree querying mount attributes - - - --- 2023-10-25 Miklos Szeredi pcmoore Changes Requested
[v4,1/6] add unique mount ID querying mount attributes - - - --- 2023-10-25 Miklos Szeredi pcmoore Changes Requested
[RFC,3/3] lsm: consolidate buffer size handling into lsm_fill_user_ctx() LSM syscall tweaks - - - --- 2023-10-24 Paul Moore pcmoore Accepted
[RFC,2/3] lsm: correct error codes in security_getselfattr() LSM syscall tweaks 1 1 - --- 2023-10-24 Paul Moore pcmoore Accepted
[RFC,1/3] lsm: cleanup the size counters in security_getselfattr() LSM syscall tweaks 1 1 - --- 2023-10-24 Paul Moore pcmoore Accepted
[v4,5/5] docs: trusted-encrypted: add DCP as new trust source DCP as trusted keys backend - - - --- 2023-10-24 David Gstir Handled Elsewhere
[v4,4/5] docs: document DCP-backed trusted keys kernel params DCP as trusted keys backend - - - --- 2023-10-24 David Gstir Handled Elsewhere
[v4,3/5] MAINTAINERS: add entry for DCP-based trusted keys DCP as trusted keys backend - - - --- 2023-10-24 David Gstir Handled Elsewhere
[v4,2/5] KEYS: trusted: Introduce NXP DCP-backed trusted keys DCP as trusted keys backend - - - --- 2023-10-24 David Gstir Handled Elsewhere
[v4,1/5] crypto: mxs-dcp: Add support for hardware-bound keys DCP as trusted keys backend 1 - - --- 2023-10-24 David Gstir Handled Elsewhere
[v3,6/6] KEYS: trusted: tpm2: Use struct tpm_buf for sized buffers Untitled series #795872 - - - --- 2023-10-24 Jarkko Sakkinen Handled Elsewhere
[v3,4/6] tpm: Support TPM2 sized buffers (TPM2B) Untitled series #795872 - - - --- 2023-10-24 Jarkko Sakkinen Handled Elsewhere
[v3,3/6] tpm: Detach tpm_buf_reset() from tpm_buf_init() Untitled series #795872 - 1 - --- 2023-10-24 Jarkko Sakkinen Handled Elsewhere
[v3,2/6] tpm: Store TPM buffer length Untitled series #795872 - 1 - --- 2023-10-24 Jarkko Sakkinen Handled Elsewhere
[-next,2/2] apparmor: Fix some kernel-doc comments [-next,1/2] apparmor: Fix one kernel-doc comment - - - --- 2023-10-23 Yang Li Handled Elsewhere
[-next,1/2] apparmor: Fix one kernel-doc comment [-next,1/2] apparmor: Fix one kernel-doc comment - - - --- 2023-10-23 Yang Li Handled Elsewhere
[-next] apparmor: Fix some kernel-doc comments [-next] apparmor: Fix some kernel-doc comments - - - --- 2023-10-23 Yang Li Handled Elsewhere
apparmor: switch SECURITY_APPARMOR_HASH from sha1 to sha256 apparmor: switch SECURITY_APPARMOR_HASH from sha1 to sha256 1 - - --- 2023-10-22 Dimitri John Ledkov Handled Elsewhere
[v4,4/4] vduse: Add LSM hooks to check Virtio device type vduse: add support for networking devices - - - --- 2023-10-20 Maxime Coquelin pcmoore Changes Requested
[v4,3/4] vduse: Temporarily disable control queue features vduse: add support for networking devices - - - --- 2023-10-20 Maxime Coquelin pcmoore Changes Requested
[v4,2/4] vduse: enable Virtio-net device type vduse: add support for networking devices 1 1 - --- 2023-10-20 Maxime Coquelin pcmoore Changes Requested
[v4,1/4] vduse: validate block features only with block devices vduse: add support for networking devices 1 1 - --- 2023-10-20 Maxime Coquelin pcmoore Changes Requested
apparmor: mark new functions static apparmor: mark new functions static 1 - - --- 2023-10-20 Arnd Bergmann Handled Elsewhere
lsm: drop LSM_ID_IMA lsm: drop LSM_ID_IMA - 1 - --- 2023-10-18 Paul Moore pcmoore Accepted
capabilities: add a option PR_SET_CAPS for sys_prctl capabilities: add a option PR_SET_CAPS for sys_prctl - - - --- 2023-10-18 yunhui cui pcmoore Rejected
landlock: fix typo in landlock_append_net_rule() stub function landlock: fix typo in landlock_append_net_rule() stub function - - - --- 2023-10-17 Arnd Bergmann Handled Elsewhere
[v8,bpf-next,18/18] bpf,selinux: allocate bpf_security_struct per BPF token BPF token and BPF FS-based delegation - - - --- 2023-10-16 Andrii Nakryiko pcmoore Superseded
[v8,bpf-next,17/18] selftests/bpf: add BPF token-enabled tests BPF token and BPF FS-based delegation - - - --- 2023-10-16 Andrii Nakryiko pcmoore Superseded
[v8,bpf-next,16/18] libbpf: add BPF token support to bpf_prog_load() API BPF token and BPF FS-based delegation - - - --- 2023-10-16 Andrii Nakryiko pcmoore Superseded
[v8,bpf-next,15/18] libbpf: add BPF token support to bpf_btf_load() API BPF token and BPF FS-based delegation - - - --- 2023-10-16 Andrii Nakryiko pcmoore Superseded
[v8,bpf-next,14/18] libbpf: add BPF token support to bpf_map_create() API BPF token and BPF FS-based delegation - - - --- 2023-10-16 Andrii Nakryiko pcmoore Superseded
[v8,bpf-next,13/18] selftests/bpf: fix test_maps' use of bpf_map_create_opts BPF token and BPF FS-based delegation - - - --- 2023-10-16 Andrii Nakryiko pcmoore Superseded
[v8,bpf-next,12/18] libbpf: add bpf_token_create() API BPF token and BPF FS-based delegation - - - --- 2023-10-16 Andrii Nakryiko pcmoore Superseded
[v8,bpf-next,11/18] bpf,lsm: add BPF token LSM hooks BPF token and BPF FS-based delegation - - - --- 2023-10-16 Andrii Nakryiko pcmoore Superseded
[v8,bpf-next,10/18] bpf,lsm: refactor bpf_map_alloc/bpf_map_free LSM hooks BPF token and BPF FS-based delegation - - - --- 2023-10-16 Andrii Nakryiko pcmoore Superseded
[v8,bpf-next,09/18] bpf,lsm: refactor bpf_prog_alloc/bpf_prog_free LSM hooks BPF token and BPF FS-based delegation - - - --- 2023-10-16 Andrii Nakryiko pcmoore Superseded
[v8,bpf-next,08/18] bpf: consistenly use BPF token throughout BPF verifier logic BPF token and BPF FS-based delegation - - - --- 2023-10-16 Andrii Nakryiko pcmoore Superseded
« 1 2 ... 24 25 2649 50 »