Show patches with: State = Action Required       |    Archived = No       |   165 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v4,6/6] landlock: Document LANDLOCK_SCOPED_SIGNAL landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi New
[v4,5/6] sample/landlock: Support sample for signal scoping restriction landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi New
[v4,4/6] selftest/landlock: Test file_send_sigiotask by sending out-of-bound message landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi New
[v4,3/6] selftest/landlock: Add signal_scoping_threads test landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi New
[v4,2/6] selftest/landlock: Signal restriction tests landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi New
[v4,1/6] landlock: Add signal scoping control landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi New
[RFC,v3,10/10] ima: Use digest caches for appraisal ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[RFC,v3,09/10] ima: Use digest caches for measurement ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[RFC,v3,08/10] ima: Load verified usage from digest cache found from query ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[RFC,v3,07/10] ima: Store verified usage in digest cache based on integrity metadata flags ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[RFC,v3,06/10] ima: Retrieve digest cache and check if changed ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[RFC,v3,05/10] ima: Modify existing boot-time built-in policies with digest cache policies ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[RFC,v3,04/10] ima: Add digest_cache_measure/appraise boot-time built-in policies ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[RFC,v3,03/10] ima: Add digest_cache policy keyword ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[RFC,v3,02/10] ima: Nest iint mutex for DIGEST_LIST_CHECK hook ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[RFC,v3,01/10] ima: Introduce hook DIGEST_LIST_CHECK ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,14/14] docs: Add documentation of the Integrity Digest Cache integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,13/14] selftests/digest_cache: Add selftests for the Integrity Digest Cache integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,12/14] digest_cache: Reset digest cache on file/directory change integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,11/14] digest cache: Prefetch digest lists if requested integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,10/14] digest_cache: Add support for directories integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,09/14] digest_cache: Add management of verification data integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,08/14] digest_cache: Parse rpm digest lists integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,07/14] digest_cache: Parse tlv digest lists integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,06/14] digest_cache: Populate the digest cache from a digest list integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,05/14] digest_cache: Add hash tables and operations integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,04/14] digest_cache: Add securityfs interface integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,03/14] digest_cache: Initialize digest caches integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,02/14] integrity: Introduce the Integrity Digest Cache integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v5,01/14] lib: Add TLV parser integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu New
[v11,8/8] Landlock: Document LANDLOCK_SCOPED_ABSTRACT_UNIX_SOCKET and ABI version Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi New
[v11,7/8] sample/landlock: Add support abstract UNIX socket restriction Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi New
[v11,6/8] selftests/landlock: Restrict inherited datagram UNIX socket to connect Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi New
[v11,5/8] selftests/landlock: Test connected vs non-connected datagram UNIX socket Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi New
[v11,4/8] selftests/landlock: Add tests for UNIX sockets with any address formats Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi New
[v11,3/8] selftests/landlock: Add abstract UNIX socket restriction tests Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi New
[v11,2/8] selftests/landlock: Add test for handling unknown scope Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi New
[v11,1/8] Landlock: Add abstract UNIX socket restriction Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi New
[RFC,v3,19/19] landlock: Document socket rule type support Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,18/19] samples/landlock: Support socket protocol restrictions Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,17/19] samples/landlock: Replace atoi() with strtoull() in populate_ruleset_net() Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,16/19] selftests/landlock: Test that accept(2) is not restricted Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,15/19] selftests/landlock: Test SCTP peeloff restriction Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,14/19] selftests/landlock: Test socketpair(2) restriction Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,13/19] selftests/landlock: Test packet protocol alias Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,12/19] selftests/landlock: Test that kernel space sockets are not restricted Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,11/19] selftests/landlock: Test unsupported protocol restriction Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,10/19] selftests/landlock: Test adding a rule with family and type outside the range Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,09/19] selftests/landlock: Test creating a ruleset with unknown access Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,08/19] selftests/landlock: Test overlapped restriction Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,07/19] selftests/landlock: Test adding a rule for empty access Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,06/19] selftests/landlock: Test adding a rule for unhandled access Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,05/19] selftests/landlock: Test adding a rule for each unknown access Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,04/19] selftests/landlock: Test adding a rule with each supported access Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,03/19] selftests/landlock: Test basic socket restriction Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,02/19] landlock: Add hook on socket creation Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
[RFC,v3,01/19] landlock: Support socket access-control Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov New
LSM: allow loadable kernel module based LSM modules LSM: allow loadable kernel module based LSM modules - - - --- 2024-09-04 Tetsuo Handa New
[RFC,v19,5/5] samples/should-exec: Add set-should-exec Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün Under Review
[RFC,v19,4/5] selftests/landlock: Add tests for execveat + AT_CHECK Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün Under Review
[RFC,v19,3/5] selftests/exec: Add tests for AT_CHECK and related securebits Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün Under Review
[RFC,v19,2/5] security: Add new SHOULD_EXEC_CHECK and SHOULD_EXEC_RESTRICT securebits Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün Under Review
[RFC,v19,1/5] exec: Add a new AT_CHECK flag to execveat(2) Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün Under Review
[v2] dm verity: add support for signature verification with platform keyring [v2] dm verity: add support for signature verification with platform keyring - - - --- 2024-07-04 Luca Boccassi New
[v4,14/14] Activate the configuration and build of the TSEM LSM. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,13/14] Implement infrastructure for loadable security models. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,12/14] Implement configuration and methods for default model. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,11/14] Implement the internal Trusted Modeling Agent. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,10/14] Implement security event mapping. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,09/14] Add event processing implementation. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,08/14] Add security event description export facility. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,07/14] Add namespace implementation. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,06/14] Implement TSEM control plane. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,05/14] Add root domain trust implementation. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,04/14] Add primary TSEM implementation file. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,03/14] TSEM global declarations. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,02/14] Add TSEM specific documentation. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[v4,01/14] Update MAINTAINERS file. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore New
[RESEND] cred: separate the refcount from frequently read fields [RESEND] cred: separate the refcount from frequently read fields - - - --- 2024-08-22 Mateusz Guzik pcmoore New
[v3,2/2] security: Update file_set_fowner documentation [v3,1/2] fs: Fix file_set_fowner LSM hook inconsistencies - - - --- 2024-08-21 Mickaël Salaün pcmoore Under Review
[v3,1/2] fs: Fix file_set_fowner LSM hook inconsistencies [v3,1/2] fs: Fix file_set_fowner LSM hook inconsistencies - - - --- 2024-08-21 Mickaël Salaün pcmoore Under Review
[v2] fs,security: Fix file_set_fowner LSM hook inconsistencies [v2] fs,security: Fix file_set_fowner LSM hook inconsistencies - - - --- 2024-08-12 Mickaël Salaün pcmoore Under Review
[v2,2/2] security: remove unused cred_alloc_blank/cred_transfer helpers get rid of cred_transfer - - - --- 2024-08-05 Jann Horn pcmoore New
[v2,1/2] KEYS: use synchronous task work for changing parent credentials get rid of cred_transfer - - - --- 2024-08-05 Jann Horn pcmoore New
[RFC,v2,8/8] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Under Review
[RFC,v2,7/8] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Under Review
[RFC,v2,6/8] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Under Review
[RFC,v2,5/8] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Under Review
[RFC,v2,4/8] clavis: Prevent clavis boot param from changing during kexec Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Under Review
[RFC,v2,3/8] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Under Review
[RFC,v2,2/8] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Under Review
[RFC,v2,1/8] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Under Review
cred: plug a hole in struct cred cred: plug a hole in struct cred - - - --- 2024-05-30 Mateusz Guzik pcmoore New
[v1,1/2] landlock: Fix d_parent walk Fix warning in collect_domain_accesses() - - - --- 2024-05-16 Mickaël Salaün pcmoore New
[RFC] ima: Use sequence number to wait for policy updates [RFC] ima: Use sequence number to wait for policy updates - - - --- 2024-05-07 Roberto Sassu pcmoore New
[2/2] selftests/landlock: Create 'listen_zero', 'deny_listen_zero' tests Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Mikhail Ivanov pcmoore New
[1/2] landlock: Add hook on socket_listen() Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Mikhail Ivanov pcmoore New
[v3,12/12] Activate the configuration and build of the TSEM LSM. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore Under Review
[v3,11/12] Implement the internal Trusted Modeling Agent. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore Under Review
[v3,10/12] Implement security event mapping. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore Under Review
« 1 2 »