Security modules development

Show patches with: Archived = No | 4923 patches

« 1 2 ... 37 38 39 … 49 50 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[RESEND,bpf-next,4/4] bpf: Only enable BPF LSM hooks when an LSM program is attached	Reduce overhead of LSMs with static calls	- - -	---	2023-01-20	KP Singh	pcmoore	Changes Requested
[RESEND,bpf-next,3/4] security: Replace indirect LSM hook calls with static calls	Reduce overhead of LSMs with static calls	- - -	---	2023-01-20	KP Singh	pcmoore	Changes Requested
[RESEND,bpf-next,2/4] security: Generate a header with the count of enabled LSMs	Reduce overhead of LSMs with static calls	- - -	---	2023-01-20	KP Singh	pcmoore	Changes Requested
[RESEND,bpf-next,1/4] kernel: Add helper macros for loop unrolling	Reduce overhead of LSMs with static calls	- - -	---	2023-01-20	KP Singh	pcmoore	Changes Requested
[bpf-next,4/4] bpf: Only enable BPF LSM hooks when an LSM program is attached	Reduce overhead of LSMs with static calls	- - -	---	2023-01-19	KP Singh		Superseded
[bpf-next,3/4] security: Replace indirect LSM hook calls with static calls	Reduce overhead of LSMs with static calls	- - -	---	2023-01-19	KP Singh		Superseded
[bpf-next,2/4] security: Generate a header with the count of enabled LSMs	Reduce overhead of LSMs with static calls	- - -	---	2023-01-19	KP Singh		Superseded
[bpf-next,1/4] kernel: Add helper macros for loop unrolling	Reduce overhead of LSMs with static calls	- - -	---	2023-01-19	KP Singh		Superseded
[V2] bpf: security enhancement by limiting the offensive eBPF helpers	[V2] bpf: security enhancement by limiting the offensive eBPF helpers	- - -	---	2023-01-19	Yi He		Handled Elsewhere
[V2] bpf: security enhancement by limiting the offensive eBPF helpers	[V2] bpf: security enhancement by limiting the offensive eBPF helpers	- - -	---	2023-01-18	Yi He		Handled Elsewhere
[v2,2/2] vfs: avoid duplicating creds in faccessat if possible	[v2,1/2] capability: add cap_isidentical	- - -	---	2023-01-16	Mateusz Guzik	pcmoore	Handled Elsewhere
[v2,1/2] capability: add cap_isidentical	[v2,1/2] capability: add cap_isidentical	- 1 -	---	2023-01-16	Mateusz Guzik	pcmoore	Handled Elsewhere
[v9,12/12] landlock: Document Landlock's network support	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[v9,11/12] samples/landlock: Add network demo	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[v9,10/12] selftests/landlock: Add 10 new test suites dedicated to network	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[v9,09/12] selftests/landlock: Share enforce_ruleset()	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[v9,08/12] landlock: Add network rules and TCP hooks support	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[v9,07/12] landlock: Refactor landlock_add_rule() syscall	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[v9,06/12] landlock: Refactor _unmask_layers() and _init_layer_masks()	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[v9,05/12] landlock: Move and rename umask_layers() and init_layer_masks()	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[v9,04/12] landlock: Refactor merge/inherit_ruleset functions	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[v9,03/12] landlock: Refactor landlock_find_rule/insert_rule	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[v9,02/12] landlock: Allow filesystem layout changes for domains without such rule type	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[v9,01/12] landlock: Make ruleset's access masks more generic	Network support for Landlock	- - -	---	2023-01-16	Konstantin Meskhidze (A)		Handled Elsewhere
[2/2] vfs: avoid duplicating creds in faccessat if possible	[1/2] capability: add cap_isidentical	- - -	---	2023-01-14	Mateusz Guzik	pcmoore	Superseded
[1/2] capability: add cap_isidentical	[1/2] capability: add cap_isidentical	- 1 -	---	2023-01-14	Mateusz Guzik	pcmoore	Superseded
apparmor: make aa_set_current_onexec return void	apparmor: make aa_set_current_onexec return void	1 - -	---	2023-01-14	Quanfa Fu		Handled Elsewhere
[v6,1/1] selftests/landlock: skip ptrace_test according to YAMA	selftests/landlock: fix ptrace_test	- - -	---	2023-01-14	Jeff Xu		Handled Elsewhere
selftests/landlock: Improve ptrace_test with Yama	selftests/landlock: Improve ptrace_test with Yama	- - -	---	2023-01-13	Mickaël Salaün		Handled Elsewhere
[v8,1/1] selftests/landlock: skip overlayfs test when not support	selftests/landlock: fix fs_tests when overlayfs	- 1 -	---	2023-01-13	Jeff Xu		Handled Elsewhere
[v5,1/1] selftests/landlock: skip ptrace_test according to YAMA	selftests/landlock: fix ptrace_test	- - -	---	2023-01-13	Jeff Xu		Handled Elsewhere
[rcu,v2,19/20] tomoyo: Remove "select SRCU"	Untitled series #711523	- - -	---	2023-01-13	Paul E. McKenney		Handled Elsewhere
[5.10,550/783] LoadPin: Ignore the "contents" argument of the LSM hooks	Untitled series #711354	1 - 1	---	2023-01-12	Greg Kroah-Hartman		Handled Elsewhere
[v4] kernel/watch_queue: NULL the dangling *pipe, and use it for clear check	[v4] kernel/watch_queue: NULL the dangling *pipe, and use it for clear check	- - -	---	2023-01-11	Siddh Raman Pant		Handled Elsewhere
[RESEND,v6,3/3] certs: don't try to update blacklist keys	certs: Prevent spurious errors on repeated blacklisting	- 1 1	---	2023-01-09	Thomas Weißschuh		Handled Elsewhere
[RESEND,v6,2/3] KEYS: Add new function key_create()	certs: Prevent spurious errors on repeated blacklisting	- - -	---	2023-01-09	Thomas Weißschuh		Handled Elsewhere
[RESEND,v6,1/3] certs: make blacklisted hash available in klog	certs: Prevent spurious errors on repeated blacklisting	- 1 -	---	2023-01-09	Thomas Weißschuh		Handled Elsewhere
[4/4] security: binder: Add transfer_charge SElinux hook	Track exported dma-buffers with memcg	- - -	---	2023-01-09	T.J. Mercier	pcmoore	Changes Requested
[v5,8/8] LSM: selftests for Linux Security Module syscalls	LSM: Three basic syscalls	- - -	---	2023-01-09	Casey Schaufler	pcmoore	Changes Requested
[v5,7/8] LSM: wireup Linux Security Module syscalls	LSM: Three basic syscalls	1 - -	---	2023-01-09	Casey Schaufler	pcmoore	Changes Requested
[v5,6/8] LSM: lsm_set_self_attr syscall for LSM self attributes	LSM: Three basic syscalls	- - -	---	2023-01-09	Casey Schaufler	pcmoore	Changes Requested
[v5,5/8] LSM: Create lsm_module_list system call	LSM: Three basic syscalls	- - -	---	2023-01-09	Casey Schaufler	pcmoore	Changes Requested
[v5,4/8] LSM: lsm_get_self_attr syscall for LSM self attributes	LSM: Three basic syscalls	- - -	---	2023-01-09	Casey Schaufler	pcmoore	Changes Requested
[v5,3/8] proc: Use lsmids instead of lsm names for attrs	LSM: Three basic syscalls	- - -	---	2023-01-09	Casey Schaufler	pcmoore	Changes Requested
[v5,2/8] LSM: Maintain a table of LSM attribute data	LSM: Three basic syscalls	- - -	---	2023-01-09	Casey Schaufler	pcmoore	Changes Requested
[v5,1/8] LSM: Identify modules by more than name	LSM: Three basic syscalls	- - -	---	2023-01-09	Casey Schaufler	pcmoore	Changes Requested
tomoyo: remove a temporary output file	tomoyo: remove a temporary output file	- - -	---	2023-01-09	Masahiro Yamada		Handled Elsewhere
[v3,2/2] kernel/watch_queue: NULL the dangling *pipe, and use it for clear check	watch_queue: Clean up some code	- - -	---	2023-01-08	Siddh Raman Pant		Handled Elsewhere
[v3,1/2] include/linux/watch_queue: Improve documentation	watch_queue: Clean up some code	- - -	---	2023-01-08	Siddh Raman Pant		Handled Elsewhere
[3/3] tomoyo: Omit use of bin2c	[1/3] tomoyo: fix broken dependency on *.conf.default	- - -	---	2023-01-07	Masahiro Yamada		Handled Elsewhere
[2/3] tomoyo: avoid unneeded creation of builtin-policy.h	[1/3] tomoyo: fix broken dependency on *.conf.default	- - -	---	2023-01-07	Masahiro Yamada		Handled Elsewhere
[1/3] tomoyo: fix broken dependency on *.conf.default	[1/3] tomoyo: fix broken dependency on *.conf.default	- - -	---	2023-01-07	Masahiro Yamada		Handled Elsewhere
[v4,1/1] selftests/landlock: skip ptrace_test according to YAMA	selftests/landlock: Fix selftest ptrace_test	- - -	---	2023-01-03	Jeff Xu		Handled Elsewhere
KEYS: trusted: tpm2: use correct function name in kernel-doc	KEYS: trusted: tpm2: use correct function name in kernel-doc	- 1 -	---	2023-01-02	Randy Dunlap		Handled Elsewhere
ima: fix ima_delete_rules() kernel-doc warning	ima: fix ima_delete_rules() kernel-doc warning	- 1 -	---	2023-01-02	Randy Dunlap		Handled Elsewhere
apparmor: fix kernel-doc complaints	apparmor: fix kernel-doc complaints	1 - -	---	2023-01-02	Randy Dunlap		Handled Elsewhere
[v4,8/8] LSM: selftests for Linux Security Module syscalls	LSM: Three basic syscalls	- - -	---	2022-12-29	Casey Schaufler	pcmoore	Superseded
[v4,7/8] LSM: wireup Linux Security Module syscalls	LSM: Three basic syscalls	- - -	---	2022-12-29	Casey Schaufler	pcmoore	Superseded
[v4,6/8] LSM: lsm_set_self_attr syscall for LSM self attributes	LSM: Three basic syscalls	- - -	---	2022-12-29	Casey Schaufler	pcmoore	Superseded
[v4,5/8] LSM: Create lsm_module_list system call	LSM: Three basic syscalls	- - -	---	2022-12-29	Casey Schaufler	pcmoore	Superseded
[v4,4/8] LSM: lsm_get_self_attr syscall for LSM self attributes	LSM: Three basic syscalls	- - -	---	2022-12-29	Casey Schaufler	pcmoore	Superseded
[v4,3/8] proc: Use lsmids instead of lsm names for attrs	LSM: Three basic syscalls	- - -	---	2022-12-29	Casey Schaufler	pcmoore	Superseded
[v4,2/8] LSM: Maintain a table of LSM attribute data	LSM: Three basic syscalls	- - -	---	2022-12-29	Casey Schaufler	pcmoore	Superseded
[v4,1/8] LSM: Identify modules by more than name	LSM: Three basic syscalls	- - -	---	2022-12-29	Casey Schaufler	pcmoore	Superseded
[v7,1/1] selftests/landlock: skip overlayfs test when kernel not support it	selftests/landlock: fix test when overlayfs is	- 1 -	---	2022-12-29	Jeff Xu		Handled Elsewhere
[v6,1/1] selftests/landlock: skip overlayfs test when kernel not support it	selftests/landlock: fix test when overlayfs is	- - -	---	2022-12-29	Jeff Xu		Handled Elsewhere
[6.1,1079/1146] LoadPin: Ignore the "contents" argument of the LSM hooks	Untitled series #707379	1 - 1	---	2022-12-28	Greg Kroah-Hartman		Handled Elsewhere
[5.15,697/731] LoadPin: Ignore the "contents" argument of the LSM hooks	Untitled series #707359	1 - 1	---	2022-12-28	Greg Kroah-Hartman		Handled Elsewhere
[6.0,1012/1073] LoadPin: Ignore the "contents" argument of the LSM hooks	Untitled series #707375	1 - 1	---	2022-12-28	Greg Kroah-Hartman		Handled Elsewhere
[-next] evm: Use __vfs_setxattr() to update security.evm	[-next] evm: Use __vfs_setxattr() to update security.evm	- - -	---	2022-12-28	Xiu Jianfeng		Handled Elsewhere
[v5,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	- 1 1	---	2022-12-27	Roberto Sassu		Handled Elsewhere
[v5,1/2] lib/mpi: Fix buffer overrun when SG is too long	KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	- 1 -	---	2022-12-27	Roberto Sassu		Handled Elsewhere
[v3,1/1] selftests/landlock: skip ptrace_test according to YAMA	selftests/landlock: Fix selftest ptrace_test run fail	- - -	---	2022-12-27	Jeff Xu		Handled Elsewhere
[v4,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	[v4,1/2] lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-27	Roberto Sassu		Handled Elsewhere
[v4,1/2] lib/mpi: Fix buffer overrun when SG is too long	[v4,1/2] lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-27	Roberto Sassu		Handled Elsewhere
[-next] evm: Support small xattr in dump_security_xattr()	[-next] evm: Support small xattr in dump_security_xattr()	- - -	---	2022-12-26	Xiu Jianfeng		Handled Elsewhere
[GIT,PULL] kernel hardening fixes for v6.2-rc1	[GIT,PULL] kernel hardening fixes for v6.2-rc1	- - -	---	2022-12-23	Kees Cook		Handled Elsewhere
[GIT,PULL] kernel hardening fixes for v6.1-rc1	[GIT,PULL] kernel hardening fixes for v6.1-rc1	- - -	---	2022-12-23	Kees Cook		Handled Elsewhere
[v2] mm: new primitive kvmemdup()	[v2] mm: new primitive kvmemdup()	- - -	---	2022-12-21	Hao Sun		Handled Elsewhere
[v2] security: Restore passing final prot to ima_file_mmap()	[v2] security: Restore passing final prot to ima_file_mmap()	- - -	---	2022-12-21	Roberto Sassu	pcmoore	Handled Elsewhere
security: Restore passing final prot to ima_file_mmap()	security: Restore passing final prot to ima_file_mmap()	- - -	---	2022-12-21	Roberto Sassu		Superseded
[v3,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	[v3,1/2] lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-21	Roberto Sassu		Handled Elsewhere
[v3,1/2] lib/mpi: Fix buffer overrun when SG is too long	[v3,1/2] lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-21	Roberto Sassu		Handled Elsewhere
[v2] lib/mpi: Fix buffer overrun when SG is too long	[v2] lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-21	Herbert Xu		Handled Elsewhere
lib/mpi: Fix buffer overrun when SG is too long	lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-20	Herbert Xu		Handled Elsewhere
[RESEND,2/2] selinux: provide matching audit timestamp in the AVC trace event	Provide matching audit timestamp in the SELinux AVC trace event	- - -	---	2022-12-19	Ondrej Mosnacek		Handled Elsewhere
[RESEND,1/2] audit: introduce a struct to represent an audit timestamp	Provide matching audit timestamp in the SELinux AVC trace event	- - -	---	2022-12-19	Ondrej Mosnacek		Handled Elsewhere
[1/2] audit: introduce a struct to represent an audit timestamp	Provide matching audit timestamp in the SELinux AVC trace event	- - -	---	2022-12-19	Ondrej Mosnacek	pcmoore	Handled Elsewhere
[v2,2/2] selinux: Implement mptcp_add_subflow hook	lsm: introduce and use security_mptcp_add_subflow()	- - -	---	2022-12-19	Paolo Abeni	pcmoore	Changes Requested
[v2,1/2] security, lsm: Introduce security_mptcp_add_subflow()	lsm: introduce and use security_mptcp_add_subflow()	1 - -	---	2022-12-19	Paolo Abeni	pcmoore	Changes Requested
[v8,5/5] selftests/memfd: add tests for MFD_NOEXEC_SEAL MFD_EXEC	mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC	- 1 -	---	2022-12-15	Jeff Xu		Handled Elsewhere
[v8,4/5] mm/memfd: Add write seals when apply SEAL_EXEC to executable memfd	mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC	- 1 -	---	2022-12-15	Jeff Xu		Handled Elsewhere
[v8,3/5] mm/memfd: add MFD_NOEXEC_SEAL and MFD_EXEC	mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC	- 1 -	---	2022-12-15	Jeff Xu		Handled Elsewhere
[v8,2/5] selftests/memfd: add tests for F_SEAL_EXEC	mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC	- 1 -	---	2022-12-15	Jeff Xu		Handled Elsewhere
[v8,1/5] mm/memfd: add F_SEAL_EXEC	mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC	- 1 -	---	2022-12-15	Jeff Xu		Handled Elsewhere
[2/2] selinux: Implement mptcp_add_subflow hook	lsm: introduce and use security_mptcp_add_subflow()	- - -	---	2022-12-14	Paolo Abeni		Superseded
[1/2] security, lsm: Introduce security_mptcp_add_subflow()	lsm: introduce and use security_mptcp_add_subflow()	- - -	---	2022-12-14	Paolo Abeni		Superseded
[GIT,PULL] apparmor changes for v6.2	[GIT,PULL] apparmor changes for v6.2	- - -	---	2022-12-14	John Johansen		Handled Elsewhere
[v3,10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca	Add CA enforcement keyring restrictions	- - -	---	2022-12-14	Eric Snowberg		Handled Elsewhere
[v3,09/10] KEYS: CA link restriction	Add CA enforcement keyring restrictions	- - -	---	2022-12-14	Eric Snowberg		Handled Elsewhere

« 1 2 ... 37 38 39 … 49 50 »