Show patches with: Archived = No       |   4564 patches
« 1 2 3 445 46 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,v1,7/7] selftests/landlock: Add UDP sendmsg/recvmsg tests landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,6/7] selftests/landlock: Adapt existing tests for UDP landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,5/7] samples/landlock: Add sandboxer UDP access control landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,4/7] landlock: Add UDP send+recv access control landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,3/7] landlock: Add UDP bind+connect access control landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,2/7] samples/landlock: Clarify option parsing behaviour landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,1/7] samples/landlock: Fix port parsing in sandboxer landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[v2,6/6] tpm: flush the auth session only when /dev/tpm0 is open lazy flush for the auth session - - - --- 2024-09-16 Jarkko Sakkinen pcmoore Handled Elsewhere
[v2,5/6] tpm: Allocate chip->auth in tpm2_start_auth_session() lazy flush for the auth session - - - --- 2024-09-16 Jarkko Sakkinen pcmoore Handled Elsewhere
[v2,4/6] tpm: flush the null key only when /dev/tpm0 is accessed lazy flush for the auth session - - 1 --- 2024-09-16 Jarkko Sakkinen pcmoore Handled Elsewhere
[v2,3/6] tpm: Return on tpm2_create_primary() failure in tpm2_load_null() lazy flush for the auth session - - - --- 2024-09-16 Jarkko Sakkinen pcmoore Handled Elsewhere
[v2,2/6] tpm: Return on tpm2_create_null_primary() failure lazy flush for the auth session - - - --- 2024-09-16 Jarkko Sakkinen pcmoore Handled Elsewhere
[v2,1/6] tpm: Remove documentation from the header of tpm2-sessions.c lazy flush for the auth session - - - --- 2024-09-16 Jarkko Sakkinen pcmoore Handled Elsewhere
[RFC,6/6] apparmor: Switch labels to percpu ref managed mode Managed Percpu Refcount - - - --- 2024-09-16 Neeraj Upadhyay pcmoore Handled Elsewhere
[RFC,5/6] apparmor: Switch labels to percpu refcount in atomic mode Managed Percpu Refcount - - - --- 2024-09-16 Neeraj Upadhyay pcmoore Handled Elsewhere
[RFC,4/6] percpu-refcount-torture: Extend test with runtime mode switches Managed Percpu Refcount - - - --- 2024-09-16 Neeraj Upadhyay pcmoore Handled Elsewhere
[RFC,3/6] percpu-refcount: Extend managed mode to allow runtime switching Managed Percpu Refcount - - - --- 2024-09-16 Neeraj Upadhyay pcmoore Handled Elsewhere
[RFC,2/6] percpu-refcount: Add torture test for percpu refcount Managed Percpu Refcount - - - --- 2024-09-16 Neeraj Upadhyay pcmoore Handled Elsewhere
[RFC,1/6] percpu-refcount: Add managed mode for RCU released objects Managed Percpu Refcount - - - --- 2024-09-16 Neeraj Upadhyay pcmoore Handled Elsewhere
[v10,8/8] rust: file: add abstraction for `poll_table` File abstractions needed by Rust Binder - 3 - --- 2024-09-15 Alice Ryhl pcmoore New
[v10,7/8] rust: file: add `Kuid` wrapper File abstractions needed by Rust Binder - 3 - --- 2024-09-15 Alice Ryhl pcmoore New
[v10,6/8] rust: file: add `FileDescriptorReservation` File abstractions needed by Rust Binder - 4 - --- 2024-09-15 Alice Ryhl pcmoore New
[v10,5/8] rust: security: add abstraction for secctx File abstractions needed by Rust Binder - 5 - --- 2024-09-15 Alice Ryhl pcmoore New
[v10,4/8] rust: cred: add Rust abstraction for `struct cred` File abstractions needed by Rust Binder - 5 - --- 2024-09-15 Alice Ryhl pcmoore New
[v10,3/8] rust: file: add Rust abstraction for `struct file` File abstractions needed by Rust Binder - 2 - --- 2024-09-15 Alice Ryhl pcmoore New
[v10,2/8] rust: task: add `Task::current_raw` File abstractions needed by Rust Binder - 4 - --- 2024-09-15 Alice Ryhl pcmoore New
[v10,1/8] rust: types: add `NotThreadSafe` File abstractions needed by Rust Binder - 5 - --- 2024-09-15 Alice Ryhl pcmoore New
[v2] ipe: allow secondary and platform keyrings to install/update policies [v2] ipe: allow secondary and platform keyrings to install/update policies - - - --- 2024-09-15 Luca Boccassi pcmoore Needs ACK
[GIT,PULL] Smack patches for 6.12 [GIT,PULL] Smack patches for 6.12 - - - --- 2024-09-14 Casey Schaufler Handled Elsewhere
ipe: allow secondary and platform keyrings to install/update policies ipe: allow secondary and platform keyrings to install/update policies - - - --- 2024-09-13 Luca Boccassi Changes Requested
smack: deduplicate access to string conversion smack: deduplicate access to string conversion - - - --- 2024-09-13 Konstantin Andreev Handled Elsewhere
security/keys: fix slab-out-of-bounds in key_task_permission security/keys: fix slab-out-of-bounds in key_task_permission - - - --- 2024-09-13 Chen Ridong Handled Elsewhere
[GIT,PULL] lsm/lsm-pr-20240911 [GIT,PULL] lsm/lsm-pr-20240911 - - - --- 2024-09-13 Paul Moore New
[GIT,PULL] selinux/selinux-pr-20240911 [GIT,PULL] selinux/selinux-pr-20240911 - - - --- 2024-09-13 Paul Moore Handled Elsewhere
[v6] tpm: Add new device/vendor ID 0x50666666 [v6] tpm: Add new device/vendor ID 0x50666666 - 1 - --- 2024-09-10 Jett Rink Handled Elsewhere
[v3,13/13] LSM: Remove lsm_prop scaffolding LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,12/13] Use lsm_prop for audit data LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,11/13] Audit: Change context data from secid to lsm_prop LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,10/13] LSM: Create new security_cred_getlsmprop LSM hook LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,09/13] Audit: use an lsm_prop in audit_names LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,08/13] LSM: Use lsm_prop in security_inode_getsecid LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,07/13] LSM: Use lsm_prop in security_current_getsecid LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,06/13] Audit: Update shutdown LSM data LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,05/13] LSM: Use lsm_prop in security_ipc_getsecid LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,04/13] Audit: maintain an lsm_prop in audit_context LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,03/13] LSM: Add lsmprop_to_secctx hook LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,02/13] LSM: Use lsm_prop in security_audit_rule_match LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
[v3,01/13] LSM: Add the lsm_prop data structure. LSM: Move away from secids - - - --- 2024-09-10 Casey Schaufler pcmoore Under Review
apparmor: Remove unnecessary NULL check before kvfree() apparmor: Remove unnecessary NULL check before kvfree() - - - --- 2024-09-10 Thorsten Blum Handled Elsewhere
[v2,06/19] crypto: rsassa-pkcs1 - Migrate to sig_alg backend Migrate to sig_alg and templatize ecdsa - - - --- 2024-09-10 Lukas Wunner Handled Elsewhere
[v4,6/6] landlock: Document LANDLOCK_SCOPED_SIGNAL landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi Handled Elsewhere
[v4,5/6] sample/landlock: Support sample for signal scoping restriction landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi Handled Elsewhere
[v4,4/6] selftest/landlock: Test file_send_sigiotask by sending out-of-bound message landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi Handled Elsewhere
[v4,3/6] selftest/landlock: Add signal_scoping_threads test landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi Handled Elsewhere
[v4,2/6] selftest/landlock: Signal restriction tests landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi Handled Elsewhere
[v4,1/6] landlock: Add signal scoping control landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi Handled Elsewhere
[RFC,v3,10/10] ima: Use digest caches for appraisal ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,09/10] ima: Use digest caches for measurement ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,08/10] ima: Load verified usage from digest cache found from query ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,07/10] ima: Store verified usage in digest cache based on integrity metadata flags ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,06/10] ima: Retrieve digest cache and check if changed ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,05/10] ima: Modify existing boot-time built-in policies with digest cache policies ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,04/10] ima: Add digest_cache_measure/appraise boot-time built-in policies ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,03/10] ima: Add digest_cache policy keyword ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,02/10] ima: Nest iint mutex for DIGEST_LIST_CHECK hook ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,01/10] ima: Introduce hook DIGEST_LIST_CHECK ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,14/14] docs: Add documentation of the Integrity Digest Cache integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,13/14] selftests/digest_cache: Add selftests for the Integrity Digest Cache integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,12/14] digest_cache: Reset digest cache on file/directory change integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,11/14] digest cache: Prefetch digest lists if requested integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,10/14] digest_cache: Add support for directories integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,09/14] digest_cache: Add management of verification data integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,08/14] digest_cache: Parse rpm digest lists integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,07/14] digest_cache: Parse tlv digest lists integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,06/14] digest_cache: Populate the digest cache from a digest list integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,05/14] digest_cache: Add hash tables and operations integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,04/14] digest_cache: Add securityfs interface integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,03/14] digest_cache: Initialize digest caches integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,02/14] integrity: Introduce the Integrity Digest Cache integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,01/14] lib: Add TLV parser integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v11,8/8] Landlock: Document LANDLOCK_SCOPED_ABSTRACT_UNIX_SOCKET and ABI version Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,7/8] sample/landlock: Add support abstract UNIX socket restriction Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,6/8] selftests/landlock: Restrict inherited datagram UNIX socket to connect Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,5/8] selftests/landlock: Test connected vs non-connected datagram UNIX socket Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,4/8] selftests/landlock: Add tests for UNIX sockets with any address formats Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,3/8] selftests/landlock: Add abstract UNIX socket restriction tests Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,2/8] selftests/landlock: Add test for handling unknown scope Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,1/8] Landlock: Add abstract UNIX socket restriction Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[RFC,v3,19/19] landlock: Document socket rule type support Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,18/19] samples/landlock: Support socket protocol restrictions Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,17/19] samples/landlock: Replace atoi() with strtoull() in populate_ruleset_net() Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,16/19] selftests/landlock: Test that accept(2) is not restricted Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,15/19] selftests/landlock: Test SCTP peeloff restriction Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,14/19] selftests/landlock: Test socketpair(2) restriction Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,13/19] selftests/landlock: Test packet protocol alias Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,12/19] selftests/landlock: Test that kernel space sockets are not restricted Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,11/19] selftests/landlock: Test unsupported protocol restriction Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,10/19] selftests/landlock: Test adding a rule with family and type outside the range Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,09/19] selftests/landlock: Test creating a ruleset with unknown access Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,08/19] selftests/landlock: Test overlapped restriction Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
« 1 2 3 445 46 »