Show patches with: State = Action Required       |    Archived = No       |   178 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 2 1 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[01/11] coccinelle: Add script to reorder capable() calls [01/11] coccinelle: Add script to reorder capable() calls - 1 - --- 2024-11-25 Christian Göttsche pcmoore New
[02/10] capability: add any wrappers to test for multiple caps with exactly one audit message [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[02/11] quota: reorder capability check last [01/11] coccinelle: Add script to reorder capable() calls - - - --- 2024-11-25 Christian Göttsche pcmoore New
[03/10] capability: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[03/11] ext4: reorder capability check last [01/11] coccinelle: Add script to reorder capable() calls - - - --- 2024-11-25 Christian Göttsche pcmoore New
[04/10] block: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[04/11] hugetlbfs: reorder capability check last [01/11] coccinelle: Add script to reorder capable() calls - - - --- 2024-11-25 Christian Göttsche pcmoore New
[05/10] drivers: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 2 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[05/11] genwqe: reorder capability check last [01/11] coccinelle: Add script to reorder capable() calls - - - --- 2024-11-25 Christian Göttsche pcmoore New
[06/10] fs: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[06/11] ubifs: reorder capability check last [01/11] coccinelle: Add script to reorder capable() calls 1 - - --- 2024-11-25 Christian Göttsche pcmoore New
[07/10] kernel: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 2 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[07/11] ipv4: reorder capability check last [01/11] coccinelle: Add script to reorder capable() calls - - - --- 2024-11-25 Christian Göttsche pcmoore New
[08/10] net: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[08/11] gfs2: reorder capability check last [01/11] coccinelle: Add script to reorder capable() calls - - - --- 2024-11-25 Christian Göttsche pcmoore New
[09/10] bpf: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[09/11] fs: reorder capability check last [01/11] coccinelle: Add script to reorder capable() calls - 1 - --- 2024-11-25 Christian Göttsche pcmoore New
[1/2] fs: add loopback/bind mount specific security hook [1/2] fs: add loopback/bind mount specific security hook - - - --- 2024-12-31 Shervin Oloumi pcmoore Under Review
[1/2] lsm: add LSM hooks for io_uring_setup() [1/2] lsm: add LSM hooks for io_uring_setup() - - - --- 2024-12-19 Hamza Mahfooz New
[1/6] Audit: Create audit_stamp structure [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore New
[10/10] coccinelle: add script for capable_any() [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[10/11] skbuff: reorder capability check last [01/11] coccinelle: Add script to reorder capable() calls - - - --- 2024-11-25 Christian Göttsche pcmoore New
[11/11] infiniband: reorder capability check last [01/11] coccinelle: Add script to reorder capable() calls - - - --- 2024-11-25 Christian Göttsche pcmoore New
[2/2] doc: Fix fs_context_parse_param description in mount_api.rst [1/2] lsm: Fix description of fs_context_parse_param - - - --- 2022-12-09 Roberto Sassu pcmoore Under Review
[2/2] io_uring: use security_uring_allowed() [1/2] lsm: add LSM hooks for io_uring_setup() - - - --- 2024-12-19 Hamza Mahfooz New
[2/2] landlock: add support for private bind mount [1/2] fs: add loopback/bind mount specific security hook - - - --- 2024-12-31 Shervin Oloumi pcmoore Under Review
[2/6] Audit: Allow multiple records in an audit_buffer [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore New
[3/6] LSM: security_lsmblob_to_secctx module selection [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore New
[4/6] Audit: Add record for multiple task security contexts [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore New
[5/6] Audit: multiple subject lsm values for netlabel [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore New
[6/6] Audit: Add record for multiple object contexts [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore New
[linux-next,1/2] perf: Remove unnecessary parameter of security check Fix perf security check problem - - - --- 2024-12-23 Luo Gengkun pcmoore Under Review
[linux-next,2/2] perf: Return EACCESS when need perfmon capability Fix perf security check problem - - - --- 2024-12-23 Luo Gengkun pcmoore Under Review
[RESEND] cred: separate the refcount from frequently read fields [RESEND] cred: separate the refcount from frequently read fields - - - --- 2024-08-22 Mateusz Guzik pcmoore New
[RFC,1/2] lsm: introduce new hook security_vm_execstack [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[RFC,2/2] selinux: wire up new execstack LSM hook [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[RFC,v3,01/13] certs: Remove CONFIG_INTEGRITY_PLATFORM_KEYRING check Clavis LSM - 1 - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,02/13] certs: Introduce ability to link to a system key Clavis LSM - 1 - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,03/13] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,04/13] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,05/13] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,06/13] clavis: Populate clavis keyring acl with kernel module signature Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,07/13] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,08/13] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,09/13] clavis: Allow user to define acl at build time Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,10/13] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,11/13] clavis: Prevent boot param change during kexec Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,12/13] clavis: Add function redirection for Kunit support Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,13/13] clavis: Kunit support Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v4] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() [RFC,v4] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-28 Shu Han Under Review
[v1,1/2] landlock: Handle weird files [v1,1/2] landlock: Handle weird files - 1 - --- 2025-01-10 Mickaël Salaün New
[v1,1/4] landlock: Use scoped guards for ruleset Use scoped guards on Landlock - 1 - --- 2025-01-13 Mickaël Salaün New
[v1,2/2] landlock: Constify get_mode_access() [v1,1/2] landlock: Handle weird files - 1 - --- 2025-01-10 Mickaël Salaün New
[v1,2/4] landlock: Use scoped guards for ruleset in landlock_add_rule() Use scoped guards on Landlock - 1 - --- 2025-01-13 Mickaël Salaün New
[v1,3/4] locking/mutex: Add mutex_nest_1() scoped guard Use scoped guards on Landlock - - - --- 2025-01-13 Mickaël Salaün New
[v1,4/4] landlock: Use scoped guards for mutex Use scoped guards on Landlock - 1 - --- 2025-01-13 Mickaël Salaün New
[v2,01/12] reboot: replace __hw_protection_shutdown bool action parameter with an enum reboot: support runtime configuration of emergency hw_protection action - - - --- 2025-01-13 Ahmad Fatoum New
[v2,02/12] reboot: reboot, not shutdown, on hw_protection_reboot timeout reboot: support runtime configuration of emergency hw_protection action - - - --- 2025-01-13 Ahmad Fatoum New
[v2,03/12] docs: thermal: sync hardware protection doc with code reboot: support runtime configuration of emergency hw_protection action - - - --- 2025-01-13 Ahmad Fatoum New
[v2,04/12] reboot: describe do_kernel_restart's cmd argument in kernel-doc reboot: support runtime configuration of emergency hw_protection action - - - --- 2025-01-13 Ahmad Fatoum New
[v2,05/12] reboot: rename now misleading __hw_protection_shutdown symbols reboot: support runtime configuration of emergency hw_protection action - - - --- 2025-01-13 Ahmad Fatoum New
[v2,06/12] reboot: indicate whether it is a HARDWARE PROTECTION reboot or shutdown reboot: support runtime configuration of emergency hw_protection action - - - --- 2025-01-13 Ahmad Fatoum New
[v2,07/12] reboot: add support for configuring emergency hardware protection action reboot: support runtime configuration of emergency hw_protection action - - - --- 2025-01-13 Ahmad Fatoum New
[v2,08/12] regulator: allow user configuration of hardware protection action reboot: support runtime configuration of emergency hw_protection action - - - --- 2025-01-13 Ahmad Fatoum New
[v2,09/12] platform/chrome: cros_ec_lpc: prepare for hw_protection_shutdown removal reboot: support runtime configuration of emergency hw_protection action - - - --- 2025-01-13 Ahmad Fatoum New
[v2,1/2] fs: add loopback/bind mount specific security hook [v2,1/2] fs: add loopback/bind mount specific security hook - - - --- 2025-01-06 Shervin Oloumi pcmoore New
[v2,1/2] KEYS: use synchronous task work for changing parent credentials get rid of cred_transfer - - - --- 2024-08-05 Jann Horn pcmoore Under Review
[v2,10/12] dt-bindings: thermal: give OS some leeway in absence of critical-action reboot: support runtime configuration of emergency hw_protection action 1 - - --- 2025-01-13 Ahmad Fatoum New
[v2,11/12] thermal: core: allow user configuration of hardware protection action reboot: support runtime configuration of emergency hw_protection action - - - --- 2025-01-13 Ahmad Fatoum New
[v2,12/12] reboot: retire hw_protection_reboot and hw_protection_shutdown helpers reboot: support runtime configuration of emergency hw_protection action - - - --- 2025-01-13 Ahmad Fatoum New
[v2,2/2] landlock: add support for private bind mount [v2,1/2] fs: add loopback/bind mount specific security hook - - - --- 2025-01-06 Shervin Oloumi pcmoore New
[v2,2/2] security: remove unused cred_alloc_blank/cred_transfer helpers get rid of cred_transfer - - - --- 2024-08-05 Jann Horn pcmoore Under Review
[v2] capability: Remove unused has_capability [v2] capability: Remove unused has_capability - 1 - --- 2024-12-19 Dr. David Alan Gilbert Under Review
[V2] loadpin: remove MODULE_COMPRESS_NONE as it is no longer supported [V2] loadpin: remove MODULE_COMPRESS_NONE as it is no longer supported - - - --- 2025-01-14 Arulpandiyan Vadivel New
[v2] mm: Split critical region in remap_file_pages() and invoke LSMs in between [v2] mm: Split critical region in remap_file_pages() and invoke LSMs in between - 5 2 --- 2024-10-18 Roberto Sassu pcmoore Under Review
[V2] security: fix typos and spelling errors [V2] security: fix typos and spelling errors - 1 - --- 2025-01-12 Tanya Agarwal New
[v2] treewide: const qualify ctl_tables where applicable [v2] treewide: const qualify ctl_tables where applicable 5 3 - --- 2025-01-10 Joel Granados New
[v21,1/6] exec: Add a new AT_EXECVE_CHECK flag to execveat(2) Script execution control (was O_MAYEXEC) 1 1 - --- 2024-11-12 Mickaël Salaün pcmoore New
[v21,2/6] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits Script execution control (was O_MAYEXEC) - 1 - --- 2024-11-12 Mickaël Salaün pcmoore New
[v21,3/6] selftests/exec: Add 32 tests for AT_EXECVE_CHECK and exec securebits Script execution control (was O_MAYEXEC) - - - --- 2024-11-12 Mickaël Salaün pcmoore New
[v21,4/6] selftests/landlock: Add tests for execveat + AT_EXECVE_CHECK Script execution control (was O_MAYEXEC) - - - --- 2024-11-12 Mickaël Salaün pcmoore New
[v21,5/6] samples/check-exec: Add set-exec Script execution control (was O_MAYEXEC) - - - --- 2024-11-12 Mickaël Salaün pcmoore New
[v21,6/6] samples/check-exec: Add an enlighten "inc" interpreter and 28 tests Script execution control (was O_MAYEXEC) - - - --- 2024-11-12 Mickaël Salaün pcmoore New
[v3,1/2] fs: add loopback/bind mount specific security hook [v3,1/2] fs: add loopback/bind mount specific security hook - - - --- 2025-01-10 Shervin Oloumi New
[v3,1/3] LSM: add security_execve_abort() hook fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v3,2/2] landlock: add support for private bind mount [v3,1/2] fs: add loopback/bind mount specific security hook - - - --- 2025-01-10 Shervin Oloumi New
[v3,2/3] tomoyo: replace current->in_execve flag with security_execve_abort() hook fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v3,3/3] fs/exec: remove current->in_execve flag fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v39,03/42] LSM: Add the lsmblob data structure. LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,04/42] IMA: avoid label collisions with stacked LSMs LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,05/42] LSM: Use lsmblob in security_audit_rule_match LSM: General module stacking 1 1 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,06/42] LSM: Add lsmblob_to_secctx hook LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,07/42] Audit: maintain an lsmblob in audit_context LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,08/42] LSM: Use lsmblob in security_ipc_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,09/42] Audit: Update shutdown LSM data LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,10/42] LSM: Use lsmblob in security_current_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,11/42] LSM: Use lsmblob in security_inode_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,12/42] Audit: use an lsmblob in audit_names LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,13/42] LSM: Create new security_cred_getlsmblob LSM hook LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
« 1 2 »