Show patches with: Archived = No       |   4825 patches
« 1 2 ... 45 46 4748 49 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v4,3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook Introduce security_create_user_ns() 1 - - --- 2022-08-01 Frederick Lawler pcmoore Handled Elsewhere
[v4,2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable Introduce security_create_user_ns() 3 - - --- 2022-08-01 Frederick Lawler pcmoore Handled Elsewhere
[v4,1/4] security, lsm: Introduce security_create_user_ns() Introduce security_create_user_ns() - 2 - --- 2022-08-01 Frederick Lawler pcmoore Handled Elsewhere
dm: verity-loadpin: Drop use of dm_table_get_num_targets() dm: verity-loadpin: Drop use of dm_table_get_num_targets() - 1 - --- 2022-07-28 Matthias Kaehlcke Handled Elsewhere
[v3] kernel/watch_queue: Make pipe NULL while clearing watch_queue [v3] kernel/watch_queue: Make pipe NULL while clearing watch_queue - - - --- 2022-07-28 Siddh Raman Pant Handled Elsewhere
[RFC,v2,7/7] ima: Support measurement of kexec initramfs components ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,6/7] HACK: Allow the use of generic decompress with gzip outside __init ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,5/7] lib/cpio: Add a parse-only option that doesn't extract any files ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,4/7] lib/cpio: Allow use outside of initramfs creation ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,3/7] lib/cpio: use non __init filesystem related functions ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,2/7] lib/cpio: Improve error handling ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,1/7] initramfs: Move cpio handling routines into lib/ ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v4,2/2] security/inode.c: Add capabilities file. Add capabilities file to securityfs 1 - - --- 2022-07-25 Francis Laniel pcmoore Rejected
[RFC,v4,1/2] capability: Add cap_string. Add capabilities file to securityfs 1 - - --- 2022-07-25 Francis Laniel pcmoore Rejected
[v2] kernel/watch_queue: Make pipe NULL while clearing watch_queue [v2] kernel/watch_queue: Make pipe NULL while clearing watch_queue - - - --- 2022-07-24 Siddh Raman Pant Handled Elsewhere
kernel/watch_queue: Make pipe NULL while clearing watch_queue kernel/watch_queue: Make pipe NULL while clearing watch_queue - - - --- 2022-07-23 Siddh Raman Pant Handled Elsewhere
keys/keyctl: Use kfree_rcu instead of kfree keys/keyctl: Use kfree_rcu instead of kfree - - - --- 2022-07-23 Siddh Raman Pant Handled Elsewhere
[v3] KEYS: trusted: Fix memory leak in tpm2_key_encode() [v3] KEYS: trusted: Fix memory leak in tpm2_key_encode() - - - --- 2022-07-22 Jianglei Nie Handled Elsewhere
[v3,4/4] selinux: Implement userns_create hook Introduce security_create_user_ns() - - - --- 2022-07-21 Frederick Lawler pcmoore Superseded
[v3,3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook Introduce security_create_user_ns() 1 - - --- 2022-07-21 Frederick Lawler pcmoore Superseded
[v3,2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable Introduce security_create_user_ns() 1 - - --- 2022-07-21 Frederick Lawler pcmoore Superseded
[v3,1/4] security, lsm: Introduce security_create_user_ns() Introduce security_create_user_ns() - 1 - --- 2022-07-21 Frederick Lawler pcmoore Superseded
[v2,1/1] lockdown: Fix kexec lockdown bypass with ima policy lockdown: Fix kexec lockdown bypass with ima policy 1 1 - --- 2022-07-20 Eric Snowberg Handled Elsewhere
apparmor: correct config reference to intended one apparmor: correct config reference to intended one 1 - - --- 2022-07-20 Lukas Bulwahn Handled Elsewhere
lockdown: Fix kexec lockdown bypass with ima policy lockdown: Fix kexec lockdown bypass with ima policy 1 1 - --- 2022-07-19 Eric Snowberg Handled Elsewhere
apparmor: Mark alloc_unconfined() as static apparmor: Mark alloc_unconfined() as static 1 - - --- 2022-07-19 Souptick Joarder Handled Elsewhere
[-next] apparmor: Fix some kernel-doc comments [-next] apparmor: Fix some kernel-doc comments 1 - - --- 2022-07-18 Yang Li Handled Elsewhere
[v2] lsm,io_uring: add LSM hooks for the new uring_cmd file op [v2] lsm,io_uring: add LSM hooks for the new uring_cmd file op 1 - - --- 2022-07-15 Luis Chamberlain pcmoore Superseded
[1/1] keys/keyrings: Fix typo in string [1/1] keys/keyrings: Fix typo in string - - - --- 2022-07-15 XU pengfei Handled Elsewhere
[v10,4/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification Untitled series #659713 1 1 - --- 2022-07-14 Coiby Xu Handled Elsewhere
[v10,3/4] arm64: kexec_file: use more system keyrings to verify kernel image signature Untitled series #659713 2 - - --- 2022-07-14 Coiby Xu Handled Elsewhere
[v10,2/4] kexec, KEYS: make the code in bzImage64_verify_sig generic Untitled series #659713 - 1 - --- 2022-07-14 Coiby Xu Handled Elsewhere
[RESEND,-next] lsm_audit: Clean up redundant NULL pointer check [RESEND,-next] lsm_audit: Clean up redundant NULL pointer check - - - --- 2022-07-14 Xiu Jianfeng pcmoore Accepted
lsm,io_uring: add LSM hooks to for the new uring_cmd file op lsm,io_uring: add LSM hooks to for the new uring_cmd file op - - - --- 2022-07-14 Luis Chamberlain pcmoore Superseded
[v2] ima: force signature verification when CONFIG_KEXEC_SIG is configured [v2] ima: force signature verification when CONFIG_KEXEC_SIG is configured - - - --- 2022-07-13 Coiby Xu Handled Elsewhere
[v2,4/4] landlock: Document Landlock's file truncation support landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v2,3/4] samples/landlock: Extend sample tool to support LANDLOCK_ACCESS_FS_TRUNCATE landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v2,2/4] selftests/landlock: Selftests for file truncation support landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v2,1/4] landlock: Support file truncation landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v7,7/7] selftests/bpf: Add test for bpf_verify_pkcs7_signature() helper bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,6/7] selftests/bpf: Add additional test for bpf_lookup_user_key() bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,5/7] selftests: Add verifier tests for bpf_lookup_user_key() and bpf_key_put() bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,4/7] bpf: Add bpf_verify_pkcs7_signature() helper bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,3/7] bpf: Add bpf_lookup_user_key() and bpf_key_put() helpers bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,2/7] KEYS: Move KEY_LOOKUP_ to include/linux/key.h bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,1/7] bpf: Export bpf_dynptr_get_size() bpf: Add bpf_verify_pkcs7_signature() helper - 1 - --- 2022-07-12 Roberto Sassu Handled Elsewhere
ima: force signature verification when CONFIG_KEXEC_SIG is configured ima: force signature verification when CONFIG_KEXEC_SIG is configured - - - --- 2022-07-12 Coiby Xu Handled Elsewhere
[v2] ima/evm: Fix potential memory leak in ima_init_crypto() [v2] ima/evm: Fix potential memory leak in ima_init_crypto() - - - --- 2022-07-12 Jianglei Nie Handled Elsewhere
ima/evm: Fix potential memory leak in ima_init_crypto() ima/evm: Fix potential memory leak in ima_init_crypto() - - - --- 2022-07-11 Jianglei Nie Handled Elsewhere
MAINTAINERS: update the LSM maintainer info MAINTAINERS: update the LSM maintainer info 3 - - --- 2022-07-08 Paul Moore pcmoore Accepted
[RFC,7/7] ima: Support measurement of kexec initramfs components ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,6/7] HACK: Allow the use of generic decompress with gzip outside __init ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,5/7] lib/cpio: Add a parse-only option that doesn't extract any files ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,4/7] lib/cpio: Allow use outside of initramfs creation ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,3/7] lib/cpio: use non __init filesystem related functions ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,2/7] lib/cpio: Improve error handling ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,1/7] initramfs: Move cpio handling routines into lib/ ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,RESEND] userfaultfd: open userfaultfds with O_RDONLY [RFC,RESEND] userfaultfd: open userfaultfds with O_RDONLY 2 - - --- 2022-07-08 Ondrej Mosnacek pcmoore Accepted
[v2,4/4] selinux: Implement create_user_ns hook Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[v2,3/4] selftests/bpf: Add tests verifying bpf lsm create_user_ns hook Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[v2,2/4] bpf-lsm: Make bpf_lsm_create_user_ns() sleepable Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[v2,1/4] security, lsm: Introduce security_create_user_ns() Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[2/2] landlock: Selftests for truncate(2) support. landlock: truncate(2) support - - - --- 2022-07-07 Günther Noack Handled Elsewhere
[1/2] landlock: Support truncate(2). landlock: truncate(2) support - - - --- 2022-07-07 Günther Noack Handled Elsewhere
[v13,26/26] ima: Enable IMA namespaces ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,25/26] ima: Restrict informational audit messages to init_ima_ns ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,24/26] ima: Limit number of policy rules in non-init_ima_ns ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,23/26] ima: Show owning user namespace's uid and gid when displaying policy ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,22/26] ima: Introduce securityfs file to activate an IMA namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,21/26] ima: Setup securityfs for IMA namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,20/26] ima: Remove unused iints from the integrity_iint_cache ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,19/26] ima: Namespace audit status flags ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,18/26] integrity: Add optional callback function to integrity_inode_free() ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,17/26] integrity/ima: Define ns_status for storing namespaced iint data ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,16/26] ima: Add functions for creating and freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,14/26] ima: Implement hierarchical processing of file accesses ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,13/26] userns: Add pointer to ima_namespace to user_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable() ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,10/26] ima: Switch to lazy lsm policy updates for better performance ima: Namespace IMA with audit support in IMA-ns 1 - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,09/26] ima: Move ima_lsm_policy_notifier into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,08/26] ima: Move IMA securityfs files into ima_namespace or onto stack ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,06/26] ima: Move measurement list related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,05/26] ima: Move ima_htable into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,04/26] ima: Move arch_policy_entry into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,03/26] ima: Define ima_namespace struct and start moving variables into it ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,02/26] securityfs: Extend securityfs with namespacing support ima: Namespace IMA with audit support in IMA-ns 1 - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,01/26] securityfs: rework dentry creation ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v3] apparmor: test: Remove some casts which are no-longer required [v3] apparmor: test: Remove some casts which are no-longer required 1 1 - --- 2022-07-06 David Gow Handled Elsewhere
keys/keyring: Fix typo in string keys/keyring: Fix typo in string - 1 - --- 2022-07-04 Li zeming Handled Elsewhere
keys/keyctl: Fix typo in string keys/keyctl: Fix typo in string - - - --- 2022-07-04 Li zeming Handled Elsewhere
[v9,4/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification Untitled series #656160 1 1 - --- 2022-07-04 Coiby Xu Handled Elsewhere
[v9,3/4] arm64: kexec_file: use more system keyrings to verify kernel image signature Untitled series #656160 2 - - --- 2022-07-04 Coiby Xu Handled Elsewhere
[v9,2/4] kexec, KEYS: make the code in bzImage64_verify_sig generic Untitled series #656160 - 1 - --- 2022-07-04 Coiby Xu Handled Elsewhere
ima/evm: Fix potential memory leak in ima_init_crypto() ima/evm: Fix potential memory leak in ima_init_crypto() - - - --- 2022-07-04 Jianglei Nie Handled Elsewhere
[v7] x86/kexec: Carry forward IMA measurement log on kexec [v7] x86/kexec: Carry forward IMA measurement log on kexec - 2 - --- 2022-06-30 Jonathan McDowell Handled Elsewhere
selftests/landlock: skip ptrace_test when YAMA is enabled selftests/landlock: skip ptrace_test when YAMA is enabled - - 1 --- 2022-06-28 Jeff Xu Handled Elsewhere
[v5,bpf-next,5/5] bpf/selftests: Add a selftest for bpf_getxattr Add bpf_getxattr - - - --- 2022-06-28 KP Singh Handled Elsewhere
« 1 2 ... 45 46 4748 49 »