Show patches with: Archived = No       |   4891 patches
« 1 2 ... 8 9 1048 49 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
selinux,smack: remove the capability checks in the removexattr hooks selinux,smack: remove the capability checks in the removexattr hooks 1 - - --- 2024-07-03 Paul Moore pcmoore Accepted
dm-verity: fix dm_is_verity_target() when dm-verity is builtin dm-verity: fix dm_is_verity_target() when dm-verity is builtin - 1 - --- 2024-07-03 Eric Biggers Handled Elsewhere
[v2,3/3] tpm: Address !chip->auth in tpm_buf_append_hmac_session*() Address !chip->auth - - - --- 2024-07-03 Jarkko Sakkinen Handled Elsewhere
[v2,2/3] tpm: Address !chip->auth in tpm_buf_append_name() Address !chip->auth - - - --- 2024-07-03 Jarkko Sakkinen Handled Elsewhere
[v2,1/3] tpm: Address !chip->auth in tpm2_*_auth_session() Address !chip->auth - - - --- 2024-07-03 Jarkko Sakkinen Handled Elsewhere
[3/3] tpm: Address !chip->auth in tpm_buf_append_hmac_session*() Address !chip->auth - - - --- 2024-07-03 Jarkko Sakkinen Handled Elsewhere
[2/3] tpm: Address !chip->auth in tpm_buf_append_name() Address !chip->auth - - - --- 2024-07-03 Jarkko Sakkinen Handled Elsewhere
[1/3] tpm: Address !chip->auth in tpm2_*_auth_session() Address !chip->auth - - - --- 2024-07-03 Jarkko Sakkinen Handled Elsewhere
[2/2] KEYS: trusted: dcp: fix leak of blob encryption key [1/2] KEYS: trusted: fix DCP blob payload length assignment - - - --- 2024-07-03 David Gstir Handled Elsewhere
[1/2] KEYS: trusted: fix DCP blob payload length assignment [1/2] KEYS: trusted: fix DCP blob payload length assignment - - - --- 2024-07-03 David Gstir Handled Elsewhere
tpm: Limit TCG_TPM2_HMAC to known good drivers tpm: Limit TCG_TPM2_HMAC to known good drivers - - - --- 2024-07-03 Jarkko Sakkinen Handled Elsewhere
tpm: Check non-nullity of chip->auth tpm: Check non-nullity of chip->auth - 1 - --- 2024-07-01 Jarkko Sakkinen Handled Elsewhere
[RFC] integrity: wait for completion of i2c initialization using late_initcall_sync() [RFC] integrity: wait for completion of i2c initialization using late_initcall_sync() - - - --- 2024-07-01 Romain Naour Handled Elsewhere
[v13,5/5] bpf: Only enable BPF LSM hooks when an LSM program is attached Reduce overhead of LSMs with static calls 1 1 - --- 2024-06-29 KP Singh pcmoore Changes Requested
[v13,4/5] security: Update non standard hooks to use static calls Reduce overhead of LSMs with static calls - 2 - --- 2024-06-29 KP Singh pcmoore Changes Requested
[v13,3/5] security: Replace indirect LSM hook calls with static calls Reduce overhead of LSMs with static calls 2 2 - --- 2024-06-29 KP Singh pcmoore Changes Requested
[v13,2/5] security: Count the LSMs enabled at compile time Reduce overhead of LSMs with static calls 2 2 - --- 2024-06-29 KP Singh pcmoore Changes Requested
[v13,1/5] kernel: Add helper macros for loop unrolling Reduce overhead of LSMs with static calls 2 2 - --- 2024-06-29 KP Singh pcmoore Changes Requested
[v4,11/11] drm: Replace strcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-28 Yafang Shao Handled Elsewhere
[v4,10/11] net: Replace strcpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-28 Yafang Shao Handled Elsewhere
[v4,09/11] tracing: Replace strncpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-28 Yafang Shao Handled Elsewhere
[v4,08/11] tsacct: Replace strncpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-28 Yafang Shao Handled Elsewhere
[v4,07/11] mm/kmemleak: Replace strncpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-28 Yafang Shao Handled Elsewhere
[v4,06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul} Improve the copy of task comm - - - --- 2024-06-28 Yafang Shao Handled Elsewhere
[v4,05/11] mm/util: Fix possible race condition in kstrdup() Improve the copy of task comm - - - --- 2024-06-28 Yafang Shao Handled Elsewhere
[v4,04/11] bpftool: Ensure task comm is always NUL-terminated Improve the copy of task comm - 1 - --- 2024-06-28 Yafang Shao Handled Elsewhere
[v4,03/11] security: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-28 Yafang Shao Handled Elsewhere
[v4,02/11] auditsc: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-28 Yafang Shao Handled Elsewhere
[v4,01/11] fs/exec: Drop task_lock() inside __get_task_comm() Improve the copy of task comm - - - --- 2024-06-28 Yafang Shao Handled Elsewhere
[v1] landlock: Abstract unix socket restriction tests [v1] landlock: Abstract unix socket restriction tests - - - --- 2024-06-27 Tahera Fahimi Handled Elsewhere
[v6] landlock: Add abstract unix socket connect restriction [v6] landlock: Add abstract unix socket connect restriction - - - --- 2024-06-27 Tahera Fahimi Handled Elsewhere
[v3,11/11] drm: Replace strcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,10/11] net: Replace strcpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,09/11] tracing: Replace strncpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,08/11] tsacct: Replace strncpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,07/11] mm/kmemleak: Replace strncpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul} Improve the copy of task comm - - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,05/11] mm/util: Fix possible race condition in kstrdup() Improve the copy of task comm - - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,04/11] bpftool: Ensure task comm is always NUL-terminated Improve the copy of task comm - 1 - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,03/11] security: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,02/11] auditsc: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,01/11] fs/exec: Drop task_lock() inside __get_task_comm() Improve the copy of task comm - - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v5] landlock: Add abstract unix socket connect restriction [v5] landlock: Add abstract unix socket connect restriction - - - --- 2024-06-20 Tahera Fahimi Handled Elsewhere
[v2] apparmor: try to avoid refing the label in apparmor_file_open [v2] apparmor: try to avoid refing the label in apparmor_file_open - 1 - --- 2024-06-20 Mateusz Guzik Handled Elsewhere
apparmor: try to avoid refing the label in apparmor_file_open apparmor: try to avoid refing the label in apparmor_file_open - - - --- 2024-06-20 Mateusz Guzik Handled Elsewhere
[v4] landlock: Add abstract unix socket connect restriction [v4] landlock: Add abstract unix socket connect restriction - - - --- 2024-06-19 Tahera Fahimi Handled Elsewhere
bpf: add security_file_post_open() LSM hook to sleepable_lsm_hooks bpf: add security_file_post_open() LSM hook to sleepable_lsm_hooks - - - --- 2024-06-18 Matt Bobrowski pcmoore Handled Elsewhere
[GIT,PULL] lsm/lsm-pr-20240617 [GIT,PULL] lsm/lsm-pr-20240617 - - - --- 2024-06-17 Paul Moore pcmoore Accepted
[v2] smack: unix sockets: fix accept()ed socket label [v2] smack: unix sockets: fix accept()ed socket label - - - --- 2024-06-16 Konstantin Andreev Handled Elsewhere
smack: unix sockets: fix accept()ed socket label smack: unix sockets: fix accept()ed socket label - - - --- 2024-06-16 Konstantin Andreev Handled Elsewhere
[v1] perf trace: Augment enum syscall arguments with BTF [v1] perf trace: Augment enum syscall arguments with BTF - 1 1 --- 2024-06-15 Howard Chu Handled Elsewhere
linux++: delete some forward declarations linux++: delete some forward declarations - - - --- 2024-06-13 Alexey Dobriyan Handled Elsewhere
[v6,2/2] proc: restrict /proc/pid/mem [v6,1/2] proc: pass file instead of inode to proc_mem_open - 2 1 --- 2024-06-13 Adrian Ratiu Handled Elsewhere
[v6,1/2] proc: pass file instead of inode to proc_mem_open [v6,1/2] proc: pass file instead of inode to proc_mem_open - 1 - --- 2024-06-13 Adrian Ratiu Handled Elsewhere
[v4] perf trace: BTF-based enum pretty printing [v4] perf trace: BTF-based enum pretty printing - - - --- 2024-06-13 Howard Chu Handled Elsewhere
[v2,10/10] drm: Replace strcpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao Handled Elsewhere
[v2,09/10] net: Replace strcpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao Handled Elsewhere
[v2,08/10] tracing: Replace strncpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao Handled Elsewhere
[v2,07/10] tsacct: Replace strncpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao Handled Elsewhere
[v2,06/10] mm/kmemleak: Replace strncpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-13 Yafang Shao Handled Elsewhere
[v2,05/10] mm/util: Fix possible race condition in kstrdup() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao Handled Elsewhere
[v2,04/10] bpftool: Ensure task comm is always NUL-terminated Improve the copy of task comm - 1 - --- 2024-06-13 Yafang Shao Handled Elsewhere
[v2,03/10] security: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-13 Yafang Shao Handled Elsewhere
[v2,02/10] auditsc: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-13 Yafang Shao Handled Elsewhere
[v2,01/10] fs/exec: Drop task_lock() inside __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao Handled Elsewhere
[v3] perf trace: BTF-based enum pretty printing [v3] perf trace: BTF-based enum pretty printing - - - --- 2024-06-13 Howard Chu Handled Elsewhere
[v2] perf trace: BTF-based enum pretty printing [v2] perf trace: BTF-based enum pretty printing - - - --- 2024-06-12 Howard Chu Handled Elsewhere
[v1] perf trace: BTF-based enum pretty printing [v1] perf trace: BTF-based enum pretty printing - - - --- 2024-06-10 Howard Chu Handled Elsewhere
landlock: Use bit-fields for storing handled layer access masks landlock: Use bit-fields for storing handled layer access masks - - - --- 2024-06-10 Günther Noack Handled Elsewhere
[v2,4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks Introduce user namespace capabilities - - - --- 2024-06-09 Jonathan Calmels pcmoore Rejected
[v2,3/4] capabilities: Add sysctl to mask off userns caps Introduce user namespace capabilities - - - --- 2024-06-09 Jonathan Calmels pcmoore Changes Requested
[v2,2/4] capabilities: Add securebit to restrict userns caps Introduce user namespace capabilities - - - --- 2024-06-09 Jonathan Calmels pcmoore Changes Requested
[v2,1/4] capabilities: Add user namespace capabilities Introduce user namespace capabilities - 1 - --- 2024-06-09 Jonathan Calmels pcmoore Changes Requested
perf trace: Fix syscall untraceable bug perf trace: Fix syscall untraceable bug - - - --- 2024-06-08 Howard Chu Handled Elsewhere
[v2,2/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options - - - --- 2024-06-07 Ondrej Mosnacek pcmoore Handled Elsewhere
[v2,1/2] cipso: fix total option length computation cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options - - - --- 2024-06-07 Ondrej Mosnacek pcmoore Handled Elsewhere
[v3,2/2] KEYS: encrypted: add missing MODULE_DESCRIPTION() KEYS: add missing MODULE_DESCRIPTION() macros - 1 - --- 2024-06-07 Jeff Johnson Handled Elsewhere
[v3,1/2] KEYS: trusted: add missing MODULE_DESCRIPTION() KEYS: add missing MODULE_DESCRIPTION() macros - 1 - --- 2024-06-07 Jeff Johnson Handled Elsewhere
[v3] landlock: Add abstract unix socket connect restriction [v3] landlock: Add abstract unix socket connect restriction - - - --- 2024-06-06 Tahera Fahimi Handled Elsewhere
[v3] landlock: Add abstract unix socket connect restriction [v3] landlock: Add abstract unix socket connect restriction - - - --- 2024-06-06 Tahera Fahimi pcmoore Handled Elsewhere
[v5,2/2] proc: restrict /proc/pid/mem [v5,1/2] proc: pass file instead of inode to proc_mem_open - - - --- 2024-06-05 Adrian Ratiu Handled Elsewhere
[v5,1/2] proc: pass file instead of inode to proc_mem_open [v5,1/2] proc: pass file instead of inode to proc_mem_open - 1 - --- 2024-06-05 Adrian Ratiu Handled Elsewhere
[v1,1/1] treewide: Align match_string() with sysfs_match_string() [v1,1/1] treewide: Align match_string() with sysfs_match_string() 9 3 - --- 2024-06-02 Andy Shevchenko Handled Elsewhere
smack: tcp: ipv4, fix incorrect labeling and unauthorized writes smack: tcp: ipv4, fix incorrect labeling and unauthorized writes - - - --- 2024-06-02 Konstantin Andreev Handled Elsewhere
[6/6] selftests/bpf: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm - - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[5/6] bpftool: Make task comm always be NUL-terminated kernel: Avoid memcpy of task comm - 1 - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[4/6] security: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm 1 - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[3/6] auditsc: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm 1 - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[2/6] tracing: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm - - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[1/6] fs/exec: Drop task_lock() inside __get_task_comm() kernel: Avoid memcpy of task comm - - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[GIT,PULL] Landlock fix for v6.10-rc2 [GIT,PULL] Landlock fix for v6.10-rc2 - - - --- 2024-05-31 Mickaël Salaün Handled Elsewhere
[RFC,v2,8/8] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,7/8] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,6/8] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,5/8] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,4/8] clavis: Prevent clavis boot param from changing during kexec Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,3/8] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,2/8] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,1/8] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[v2] KEYS: trusted: add missing MODULE_DESCRIPTION() [v2] KEYS: trusted: add missing MODULE_DESCRIPTION() - - - --- 2024-05-30 Jeff Johnson pcmoore Superseded
« 1 2 ... 8 9 1048 49 »