Show patches with: Archived = No       |   4922 patches
« 1 2 ... 36 37 3849 50 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[04/22] lsm: move the inode hook comments to security/security.c Move LSM hook comments into security/security.c - - - --- 2023-02-17 Paul Moore pcmoore Accepted
[03/22] lsm: move the filesystem hook comments to security/security.c Move LSM hook comments into security/security.c - - - --- 2023-02-17 Paul Moore pcmoore Accepted
[02/22] lsm: move the fs_context hook comments to security/security.c Move LSM hook comments into security/security.c - - - --- 2023-02-17 Paul Moore pcmoore Accepted
[01/22] lsm: move the program execution hook comments to security/security.c Move LSM hook comments into security/security.c - - - --- 2023-02-17 Paul Moore pcmoore Accepted
[v3] apparmor: global buffers spin lock may get contended [v3] apparmor: global buffers spin lock may get contended - - - --- 2023-02-17 John Johansen Handled Elsewhere
[1/1] apparmor: cache buffers on percpu list if there is lock contention Cover letter - - - --- 2023-02-16 Anil Altinay Handled Elsewhere
[v3] landlock: Clarify documentation for the LANDLOCK_ACCESS_FS_REFER right [v3] landlock: Clarify documentation for the LANDLOCK_ACCESS_FS_REFER right - - - --- 2023-02-16 Günther Noack Handled Elsewhere
[4.19,v2,5/5] ima: Handle -ESTALE returned by ima_filter_rule_match() Backport handling -ESTALE policy update failure to 4.19 - 1 - --- 2023-02-16 Guozihua (Scott) Handled Elsewhere
[4.19,v2,4/5] ima: Evaluate error in init_ima() Backport handling -ESTALE policy update failure to 4.19 - 1 - --- 2023-02-16 Guozihua (Scott) Handled Elsewhere
[4.19,v2,3/5] ima: use the lsm policy update notifier Backport handling -ESTALE policy update failure to 4.19 - - - --- 2023-02-16 Guozihua (Scott) Handled Elsewhere
[4.19,v2,2/5] LSM: switch to blocking policy update notifiers Backport handling -ESTALE policy update failure to 4.19 2 - - --- 2023-02-16 Guozihua (Scott) Handled Elsewhere
[4.19,v2,1/5] IB/core: Don't register each MAD agent for LSM notifier Backport handling -ESTALE policy update failure to 4.19 1 1 - --- 2023-02-16 Guozihua (Scott) Handled Elsewhere
[GIT,PULL] apparmor fix for v6.2 [GIT,PULL] apparmor fix for v6.2 - - - --- 2023-02-15 John Johansen Handled Elsewhere
kernel/sys.c: fix and improve control flow in __sys_setres[ug]id() kernel/sys.c: fix and improve control flow in __sys_setres[ug]id() - - - --- 2023-02-15 Ondrej Mosnacek Superseded
[v2] landlock: Clarify documentation for the LANDLOCK_ACCESS_FS_REFER right [v2] landlock: Clarify documentation for the LANDLOCK_ACCESS_FS_REFER right - - - --- 2023-02-13 Günther Noack Handled Elsewhere
MAINTAINERS: Update Landlock repository MAINTAINERS: Update Landlock repository - 1 - --- 2023-02-09 Mickaël Salaün Handled Elsewhere
[17/24] Documentation: security: correct spelling Documentation: correct lots of spelling errors (series 1) 2 1 - --- 2023-02-09 Randy Dunlap Handled Elsewhere
[v4,6/6] integrity: machine keyring CA configuration Add CA enforcement keyring restrictions - - - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v4,5/6] KEYS: CA link restriction Add CA enforcement keyring restrictions - 1 - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v4,4/6] KEYS: X.509: Parse Key Usage Add CA enforcement keyring restrictions - 1 - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v4,3/6] KEYS: X.509: Parse Basic Constraints for CA Add CA enforcement keyring restrictions - 2 - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v4,2/6] KEYS: Add missing function documentation Add CA enforcement keyring restrictions - 3 - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v4,1/6] KEYS: Create static version of public_key_verify_signature Add CA enforcement keyring restrictions - 2 - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v15,26/26] ima: Enable IMA namespaces ima: Namespace IMA with audit support in IMA-ns - - - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,25/26] ima: Restrict informational audit messages to init_ima_ns ima: Namespace IMA with audit support in IMA-ns - - - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,24/26] ima: Limit number of policy rules in non-init_ima_ns ima: Namespace IMA with audit support in IMA-ns - - - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,23/26] ima: Show owning user namespace's uid and gid when displaying policy ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,22/26] ima: Introduce securityfs file to activate an IMA namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,21/26] ima: Setup securityfs for IMA namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,20/26] ima: Remove unused iints from the integrity_iint_cache ima: Namespace IMA with audit support in IMA-ns - - - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,19/26] ima: Namespace audit status flags ima: Namespace IMA with audit support in IMA-ns - - - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,18/26] integrity: Add optional callback function to integrity_inode_free() ima: Namespace IMA with audit support in IMA-ns - - - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,17/26] integrity/ima: Define ns_status for storing namespaced iint data ima: Namespace IMA with audit support in IMA-ns - - - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,16/26] ima: Add functions for creating and freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,14/26] ima: Implement hierarchical processing of file accesses ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,13/26] userns: Add pointer to ima_namespace to user_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable() ima: Namespace IMA with audit support in IMA-ns - - - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,10/26] ima: Switch to lazy lsm policy updates for better performance ima: Namespace IMA with audit support in IMA-ns 1 - - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,09/26] ima: Move ima_lsm_policy_notifier into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,08/26] ima: Move IMA securityfs files into ima_namespace or onto stack ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,06/26] ima: Move measurement list related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,05/26] ima: Move ima_htable into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 2 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,04/26] ima: Move arch_policy_entry into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 2 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,03/26] ima: Define ima_namespace struct and start moving variables into it ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,02/26] securityfs: Extend securityfs with namespacing support ima: Namespace IMA with audit support in IMA-ns 1 - - --- 2023-02-06 Stefan Berger pcmoore RFC
[v15,01/26] securityfs: rework dentry creation ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2023-02-06 Stefan Berger pcmoore RFC
[14/14] Activate the configuration and build of the TSEM LSM. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[13/14] Implement an internal Trusted Modeling Agent. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[12/14] Implement security event mapping. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[11/14] Add event description implementation. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[10/14] Add security event description export facility. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[09/14] Add namespace implementation. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[08/14] Implement TSEM control plane. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[07/14] Add root domain trust implementation. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[06/14] Add primary TSEM implementation file. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[05/14] Add TSEM master header file. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[04/14] Implement CAP_TRUST capability. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[03/14] Add magic number for tsemfs. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[02/14] Add TSEM specific documentation. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[01/14] Update MAINTAINERS file. Implement Trusted Security Event Modeling. - - - --- 2023-02-04 Dr. Greg pcmoore Changes Requested
[ima-evm-utils,v5] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks [ima-evm-utils,v5] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks - - - --- 2023-02-03 Roberto Sassu Handled Elsewhere
landlock: Clarify documentation for the LANDLOCK_ACCESS_FS_REFER right landlock: Clarify documentation for the LANDLOCK_ACCESS_FS_REFER right - - - --- 2023-02-02 Günther Noack Handled Elsewhere
[ima-evm-utils,v4] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks [ima-evm-utils,v4] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks - - - --- 2023-02-02 Roberto Sassu Handled Elsewhere
[ima-evm-utils,v3] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks [ima-evm-utils,v3] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks - - - --- 2023-02-01 Roberto Sassu Handled Elsewhere
[ima-evm-utils,v2] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks [ima-evm-utils,v2] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks - 1 - --- 2023-01-31 Roberto Sassu Handled Elsewhere
[v4,2/2] ima: Introduce MMAP_CHECK_REQPROT hook [v4,1/2] ima: Align ima_file_mmap() parameters with mmap_file LSM hook - - - --- 2023-01-31 Roberto Sassu pcmoore Handled Elsewhere
[v4,1/2] ima: Align ima_file_mmap() parameters with mmap_file LSM hook [v4,1/2] ima: Align ima_file_mmap() parameters with mmap_file LSM hook - 1 - --- 2023-01-31 Roberto Sassu pcmoore Handled Elsewhere
[-next] evm: call dump_security_xattr() in all cases to remove code duplication [-next] evm: call dump_security_xattr() in all cases to remove code duplication - - - --- 2023-01-31 Xiu Jianfeng Handled Elsewhere
[RFC,v9,16/16] documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,15/16] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,14/16] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,13/16] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,12/16] fsverity: consume builtin signature via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,11/16] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,10/16] dm-verity: consume root hash digest and signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,09/16] block|security: add LSM blob to block_device Integrity Policy Enforcement LSM (IPE) - 1 - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,08/16] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,07/16] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,06/16] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,05/16] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,04/16] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,03/16] ipe: add evaluation loop and introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,02/16] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[RFC,v9,01/16] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2023-01-30 Fan Wu pcmoore Changes Requested
[-next] evm: call dump_security_xattr() in all cases to remove code duplication [-next] evm: call dump_security_xattr() in all cases to remove code duplication - - - --- 2023-01-29 Xiu Jianfeng Handled Elsewhere
[25/35] Documentation: security: correct spelling Documentation: correct lots of spelling errors (series 1) - 1 - --- 2023-01-27 Randy Dunlap Handled Elsewhere
[ima-evm-utils] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks [ima-evm-utils] Add tests for MMAP_CHECK and MMAP_CHECK_REQPROT hooks - - - --- 2023-01-26 Roberto Sassu Handled Elsewhere
[v3,2/2] ima: Introduce MMAP_CHECK_REQPROT hook [v3,1/2] ima: Align ima_file_mmap() parameters with mmap_file LSM hook - - - --- 2023-01-26 Roberto Sassu Handled Elsewhere
[v3,1/2] ima: Align ima_file_mmap() parameters with mmap_file LSM hook [v3,1/2] ima: Align ima_file_mmap() parameters with mmap_file LSM hook - 1 - --- 2023-01-26 Roberto Sassu Handled Elsewhere
[v3,2/2] vfs: avoid duplicating creds in faccessat if possible [v3,1/2] capability: add cap_isidentical - - - --- 2023-01-25 Mateusz Guzik Handled Elsewhere
[v3,1/2] capability: add cap_isidentical [v3,1/2] capability: add cap_isidentical - 1 - --- 2023-01-25 Mateusz Guzik Handled Elsewhere
smackfs: Added check catlen smackfs: Added check catlen - - - --- 2023-01-24 Denis Arefev Handled Elsewhere
[v2,4/4] security: binder: Add binder object flags to selinux_binder_transfer_file Track exported dma-buffers with memcg - - - --- 2023-01-23 T.J. Mercier pcmoore Changes Requested
[v2,3/4] binder: Add flags to relinquish ownership of fds Track exported dma-buffers with memcg 1 - - --- 2023-01-23 T.J. Mercier pcmoore Changes Requested
[v2,2/4] dmabuf: Add cgroup charge transfer function Track exported dma-buffers with memcg - - - --- 2023-01-23 T.J. Mercier pcmoore Changes Requested
[v2,1/4] memcg: Track exported dma-buffers Track exported dma-buffers with memcg - - - --- 2023-01-23 T.J. Mercier pcmoore Changes Requested
[RESEND,bpf-next,4/4] bpf: Only enable BPF LSM hooks when an LSM program is attached Reduce overhead of LSMs with static calls - - - --- 2023-01-20 KP Singh pcmoore Changes Requested
« 1 2 ... 36 37 3849 50 »