Show patches with: Archived = No       |   4923 patches
« 1 2 ... 37 38 3949 50 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RESEND,bpf-next,4/4] bpf: Only enable BPF LSM hooks when an LSM program is attached Reduce overhead of LSMs with static calls - - - --- 2023-01-20 KP Singh pcmoore Changes Requested
[RESEND,bpf-next,3/4] security: Replace indirect LSM hook calls with static calls Reduce overhead of LSMs with static calls - - - --- 2023-01-20 KP Singh pcmoore Changes Requested
[RESEND,bpf-next,2/4] security: Generate a header with the count of enabled LSMs Reduce overhead of LSMs with static calls - - - --- 2023-01-20 KP Singh pcmoore Changes Requested
[RESEND,bpf-next,1/4] kernel: Add helper macros for loop unrolling Reduce overhead of LSMs with static calls - - - --- 2023-01-20 KP Singh pcmoore Changes Requested
[bpf-next,4/4] bpf: Only enable BPF LSM hooks when an LSM program is attached Reduce overhead of LSMs with static calls - - - --- 2023-01-19 KP Singh Superseded
[bpf-next,3/4] security: Replace indirect LSM hook calls with static calls Reduce overhead of LSMs with static calls - - - --- 2023-01-19 KP Singh Superseded
[bpf-next,2/4] security: Generate a header with the count of enabled LSMs Reduce overhead of LSMs with static calls - - - --- 2023-01-19 KP Singh Superseded
[bpf-next,1/4] kernel: Add helper macros for loop unrolling Reduce overhead of LSMs with static calls - - - --- 2023-01-19 KP Singh Superseded
[V2] bpf: security enhancement by limiting the offensive eBPF helpers [V2] bpf: security enhancement by limiting the offensive eBPF helpers - - - --- 2023-01-19 Yi He Handled Elsewhere
[V2] bpf: security enhancement by limiting the offensive eBPF helpers [V2] bpf: security enhancement by limiting the offensive eBPF helpers - - - --- 2023-01-18 Yi He Handled Elsewhere
[v2,2/2] vfs: avoid duplicating creds in faccessat if possible [v2,1/2] capability: add cap_isidentical - - - --- 2023-01-16 Mateusz Guzik pcmoore Handled Elsewhere
[v2,1/2] capability: add cap_isidentical [v2,1/2] capability: add cap_isidentical - 1 - --- 2023-01-16 Mateusz Guzik pcmoore Handled Elsewhere
[v9,12/12] landlock: Document Landlock's network support Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[v9,11/12] samples/landlock: Add network demo Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[v9,10/12] selftests/landlock: Add 10 new test suites dedicated to network Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[v9,09/12] selftests/landlock: Share enforce_ruleset() Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[v9,08/12] landlock: Add network rules and TCP hooks support Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[v9,07/12] landlock: Refactor landlock_add_rule() syscall Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[v9,06/12] landlock: Refactor _unmask_layers() and _init_layer_masks() Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[v9,05/12] landlock: Move and rename umask_layers() and init_layer_masks() Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[v9,04/12] landlock: Refactor merge/inherit_ruleset functions Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[v9,03/12] landlock: Refactor landlock_find_rule/insert_rule Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[v9,02/12] landlock: Allow filesystem layout changes for domains without such rule type Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[v9,01/12] landlock: Make ruleset's access masks more generic Network support for Landlock - - - --- 2023-01-16 Konstantin Meskhidze (A) Handled Elsewhere
[2/2] vfs: avoid duplicating creds in faccessat if possible [1/2] capability: add cap_isidentical - - - --- 2023-01-14 Mateusz Guzik pcmoore Superseded
[1/2] capability: add cap_isidentical [1/2] capability: add cap_isidentical - 1 - --- 2023-01-14 Mateusz Guzik pcmoore Superseded
apparmor: make aa_set_current_onexec return void apparmor: make aa_set_current_onexec return void 1 - - --- 2023-01-14 Quanfa Fu Handled Elsewhere
[v6,1/1] selftests/landlock: skip ptrace_test according to YAMA selftests/landlock: fix ptrace_test - - - --- 2023-01-14 Jeff Xu Handled Elsewhere
selftests/landlock: Improve ptrace_test with Yama selftests/landlock: Improve ptrace_test with Yama - - - --- 2023-01-13 Mickaël Salaün Handled Elsewhere
[v8,1/1] selftests/landlock: skip overlayfs test when not support selftests/landlock: fix fs_tests when overlayfs - 1 - --- 2023-01-13 Jeff Xu Handled Elsewhere
[v5,1/1] selftests/landlock: skip ptrace_test according to YAMA selftests/landlock: fix ptrace_test - - - --- 2023-01-13 Jeff Xu Handled Elsewhere
[rcu,v2,19/20] tomoyo: Remove "select SRCU" Untitled series #711523 - - - --- 2023-01-13 Paul E. McKenney Handled Elsewhere
[5.10,550/783] LoadPin: Ignore the "contents" argument of the LSM hooks Untitled series #711354 1 - 1 --- 2023-01-12 Greg KH Handled Elsewhere
[v4] kernel/watch_queue: NULL the dangling *pipe, and use it for clear check [v4] kernel/watch_queue: NULL the dangling *pipe, and use it for clear check - - - --- 2023-01-11 Siddh Raman Pant Handled Elsewhere
[RESEND,v6,3/3] certs: don't try to update blacklist keys certs: Prevent spurious errors on repeated blacklisting - 1 1 --- 2023-01-09 Thomas Weißschuh Handled Elsewhere
[RESEND,v6,2/3] KEYS: Add new function key_create() certs: Prevent spurious errors on repeated blacklisting - - - --- 2023-01-09 Thomas Weißschuh Handled Elsewhere
[RESEND,v6,1/3] certs: make blacklisted hash available in klog certs: Prevent spurious errors on repeated blacklisting - 1 - --- 2023-01-09 Thomas Weißschuh Handled Elsewhere
[4/4] security: binder: Add transfer_charge SElinux hook Track exported dma-buffers with memcg - - - --- 2023-01-09 T.J. Mercier pcmoore Changes Requested
[v5,8/8] LSM: selftests for Linux Security Module syscalls LSM: Three basic syscalls - - - --- 2023-01-09 Casey Schaufler pcmoore Changes Requested
[v5,7/8] LSM: wireup Linux Security Module syscalls LSM: Three basic syscalls 1 - - --- 2023-01-09 Casey Schaufler pcmoore Changes Requested
[v5,6/8] LSM: lsm_set_self_attr syscall for LSM self attributes LSM: Three basic syscalls - - - --- 2023-01-09 Casey Schaufler pcmoore Changes Requested
[v5,5/8] LSM: Create lsm_module_list system call LSM: Three basic syscalls - - - --- 2023-01-09 Casey Schaufler pcmoore Changes Requested
[v5,4/8] LSM: lsm_get_self_attr syscall for LSM self attributes LSM: Three basic syscalls - - - --- 2023-01-09 Casey Schaufler pcmoore Changes Requested
[v5,3/8] proc: Use lsmids instead of lsm names for attrs LSM: Three basic syscalls - - - --- 2023-01-09 Casey Schaufler pcmoore Changes Requested
[v5,2/8] LSM: Maintain a table of LSM attribute data LSM: Three basic syscalls - - - --- 2023-01-09 Casey Schaufler pcmoore Changes Requested
[v5,1/8] LSM: Identify modules by more than name LSM: Three basic syscalls - - - --- 2023-01-09 Casey Schaufler pcmoore Changes Requested
tomoyo: remove a temporary output file tomoyo: remove a temporary output file - - - --- 2023-01-09 Masahiro Yamada Handled Elsewhere
[v3,2/2] kernel/watch_queue: NULL the dangling *pipe, and use it for clear check watch_queue: Clean up some code - - - --- 2023-01-08 Siddh Raman Pant Handled Elsewhere
[v3,1/2] include/linux/watch_queue: Improve documentation watch_queue: Clean up some code - - - --- 2023-01-08 Siddh Raman Pant Handled Elsewhere
[3/3] tomoyo: Omit use of bin2c [1/3] tomoyo: fix broken dependency on *.conf.default - - - --- 2023-01-07 Masahiro Yamada Handled Elsewhere
[2/3] tomoyo: avoid unneeded creation of builtin-policy.h [1/3] tomoyo: fix broken dependency on *.conf.default - - - --- 2023-01-07 Masahiro Yamada Handled Elsewhere
[1/3] tomoyo: fix broken dependency on *.conf.default [1/3] tomoyo: fix broken dependency on *.conf.default - - - --- 2023-01-07 Masahiro Yamada Handled Elsewhere
[v4,1/1] selftests/landlock: skip ptrace_test according to YAMA selftests/landlock: Fix selftest ptrace_test - - - --- 2023-01-03 Jeff Xu Handled Elsewhere
KEYS: trusted: tpm2: use correct function name in kernel-doc KEYS: trusted: tpm2: use correct function name in kernel-doc - 1 - --- 2023-01-02 Randy Dunlap Handled Elsewhere
ima: fix ima_delete_rules() kernel-doc warning ima: fix ima_delete_rules() kernel-doc warning - 1 - --- 2023-01-02 Randy Dunlap Handled Elsewhere
apparmor: fix kernel-doc complaints apparmor: fix kernel-doc complaints 1 - - --- 2023-01-02 Randy Dunlap Handled Elsewhere
[v4,8/8] LSM: selftests for Linux Security Module syscalls LSM: Three basic syscalls - - - --- 2022-12-29 Casey Schaufler pcmoore Superseded
[v4,7/8] LSM: wireup Linux Security Module syscalls LSM: Three basic syscalls - - - --- 2022-12-29 Casey Schaufler pcmoore Superseded
[v4,6/8] LSM: lsm_set_self_attr syscall for LSM self attributes LSM: Three basic syscalls - - - --- 2022-12-29 Casey Schaufler pcmoore Superseded
[v4,5/8] LSM: Create lsm_module_list system call LSM: Three basic syscalls - - - --- 2022-12-29 Casey Schaufler pcmoore Superseded
[v4,4/8] LSM: lsm_get_self_attr syscall for LSM self attributes LSM: Three basic syscalls - - - --- 2022-12-29 Casey Schaufler pcmoore Superseded
[v4,3/8] proc: Use lsmids instead of lsm names for attrs LSM: Three basic syscalls - - - --- 2022-12-29 Casey Schaufler pcmoore Superseded
[v4,2/8] LSM: Maintain a table of LSM attribute data LSM: Three basic syscalls - - - --- 2022-12-29 Casey Schaufler pcmoore Superseded
[v4,1/8] LSM: Identify modules by more than name LSM: Three basic syscalls - - - --- 2022-12-29 Casey Schaufler pcmoore Superseded
[v7,1/1] selftests/landlock: skip overlayfs test when kernel not support it selftests/landlock: fix test when overlayfs is - 1 - --- 2022-12-29 Jeff Xu Handled Elsewhere
[v6,1/1] selftests/landlock: skip overlayfs test when kernel not support it selftests/landlock: fix test when overlayfs is - - - --- 2022-12-29 Jeff Xu Handled Elsewhere
[6.1,1079/1146] LoadPin: Ignore the "contents" argument of the LSM hooks Untitled series #707379 1 - 1 --- 2022-12-28 Greg KH Handled Elsewhere
[5.15,697/731] LoadPin: Ignore the "contents" argument of the LSM hooks Untitled series #707359 1 - 1 --- 2022-12-28 Greg KH Handled Elsewhere
[6.0,1012/1073] LoadPin: Ignore the "contents" argument of the LSM hooks Untitled series #707375 1 - 1 --- 2022-12-28 Greg KH Handled Elsewhere
[-next] evm: Use __vfs_setxattr() to update security.evm [-next] evm: Use __vfs_setxattr() to update security.evm - - - --- 2022-12-28 Xiu Jianfeng Handled Elsewhere
[v5,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() - 1 1 --- 2022-12-27 Roberto Sassu Handled Elsewhere
[v5,1/2] lib/mpi: Fix buffer overrun when SG is too long KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() - 1 - --- 2022-12-27 Roberto Sassu Handled Elsewhere
[v3,1/1] selftests/landlock: skip ptrace_test according to YAMA selftests/landlock: Fix selftest ptrace_test run fail - - - --- 2022-12-27 Jeff Xu Handled Elsewhere
[v4,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() [v4,1/2] lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-27 Roberto Sassu Handled Elsewhere
[v4,1/2] lib/mpi: Fix buffer overrun when SG is too long [v4,1/2] lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-27 Roberto Sassu Handled Elsewhere
[-next] evm: Support small xattr in dump_security_xattr() [-next] evm: Support small xattr in dump_security_xattr() - - - --- 2022-12-26 Xiu Jianfeng Handled Elsewhere
[GIT,PULL] kernel hardening fixes for v6.2-rc1 [GIT,PULL] kernel hardening fixes for v6.2-rc1 - - - --- 2022-12-23 Kees Cook Handled Elsewhere
[GIT,PULL] kernel hardening fixes for v6.1-rc1 [GIT,PULL] kernel hardening fixes for v6.1-rc1 - - - --- 2022-12-23 Kees Cook Handled Elsewhere
[v2] mm: new primitive kvmemdup() [v2] mm: new primitive kvmemdup() - - - --- 2022-12-21 Hao Sun Handled Elsewhere
[v2] security: Restore passing final prot to ima_file_mmap() [v2] security: Restore passing final prot to ima_file_mmap() - - - --- 2022-12-21 Roberto Sassu pcmoore Handled Elsewhere
security: Restore passing final prot to ima_file_mmap() security: Restore passing final prot to ima_file_mmap() - - - --- 2022-12-21 Roberto Sassu Superseded
[v3,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() [v3,1/2] lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-21 Roberto Sassu Handled Elsewhere
[v3,1/2] lib/mpi: Fix buffer overrun when SG is too long [v3,1/2] lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-21 Roberto Sassu Handled Elsewhere
[v2] lib/mpi: Fix buffer overrun when SG is too long [v2] lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-21 Herbert Xu Handled Elsewhere
lib/mpi: Fix buffer overrun when SG is too long lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-20 Herbert Xu Handled Elsewhere
[RESEND,2/2] selinux: provide matching audit timestamp in the AVC trace event Provide matching audit timestamp in the SELinux AVC trace event - - - --- 2022-12-19 Ondrej Mosnacek Handled Elsewhere
[RESEND,1/2] audit: introduce a struct to represent an audit timestamp Provide matching audit timestamp in the SELinux AVC trace event - - - --- 2022-12-19 Ondrej Mosnacek Handled Elsewhere
[1/2] audit: introduce a struct to represent an audit timestamp Provide matching audit timestamp in the SELinux AVC trace event - - - --- 2022-12-19 Ondrej Mosnacek pcmoore Handled Elsewhere
[v2,2/2] selinux: Implement mptcp_add_subflow hook lsm: introduce and use security_mptcp_add_subflow() - - - --- 2022-12-19 Paolo Abeni pcmoore Changes Requested
[v2,1/2] security, lsm: Introduce security_mptcp_add_subflow() lsm: introduce and use security_mptcp_add_subflow() 1 - - --- 2022-12-19 Paolo Abeni pcmoore Changes Requested
[v8,5/5] selftests/memfd: add tests for MFD_NOEXEC_SEAL MFD_EXEC mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC - 1 - --- 2022-12-15 Jeff Xu Handled Elsewhere
[v8,4/5] mm/memfd: Add write seals when apply SEAL_EXEC to executable memfd mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC - 1 - --- 2022-12-15 Jeff Xu Handled Elsewhere
[v8,3/5] mm/memfd: add MFD_NOEXEC_SEAL and MFD_EXEC mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC - 1 - --- 2022-12-15 Jeff Xu Handled Elsewhere
[v8,2/5] selftests/memfd: add tests for F_SEAL_EXEC mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC - 1 - --- 2022-12-15 Jeff Xu Handled Elsewhere
[v8,1/5] mm/memfd: add F_SEAL_EXEC mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC - 1 - --- 2022-12-15 Jeff Xu Handled Elsewhere
[2/2] selinux: Implement mptcp_add_subflow hook lsm: introduce and use security_mptcp_add_subflow() - - - --- 2022-12-14 Paolo Abeni Superseded
[1/2] security, lsm: Introduce security_mptcp_add_subflow() lsm: introduce and use security_mptcp_add_subflow() - - - --- 2022-12-14 Paolo Abeni Superseded
[GIT,PULL] apparmor changes for v6.2 [GIT,PULL] apparmor changes for v6.2 - - - --- 2022-12-14 John Johansen Handled Elsewhere
[v3,10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg Handled Elsewhere
[v3,09/10] KEYS: CA link restriction Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg Handled Elsewhere
« 1 2 ... 37 38 3949 50 »