Show patches with: State = Action Required       |   12230 patches
« 1 2 ... 8 9 10122 123 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v11,08/27] ima: Move some IMA policy and filesystem related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,07/27] ima: Move measurement list related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns - 1 - --- 2022-03-02 Stefan Berger New
[v11,06/27] ima: Move ima_htable into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,05/27] ima: Move arch_policy_entry into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,04/27] ima: Define ima_namespace struct and start moving variables into it ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,03/27] securityfs: Extend securityfs with namespacing support ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,02/27] securityfs: rework dentry creation ima: Namespace IMA with audit support in IMA-ns - 1 - --- 2022-03-02 Stefan Berger New
[v11,01/27] ima: Return error code obtained from securityfs functions ima: Namespace IMA with audit support in IMA-ns - 1 - --- 2022-03-02 Stefan Berger New
[v3,9/9] selftests/bpf: Check that bpf_kernel_read_file() denies reading IMA policy bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,8/9] selftests/bpf: Add test for bpf_lsm_kernel_read_file() bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,7/9] bpf-lsm: Make bpf_lsm_kernel_read_file() as sleepable bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,6/9] selftests/bpf: Check if the digest is refreshed after a file write bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,5/9] selftests/bpf: Add test for bpf_ima_file_hash() bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,4/9] selftests/bpf: Move sample generation code to ima_test_common() bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,3/9] bpf-lsm: Introduce new helper bpf_ima_file_hash() bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,2/9] ima: Always return a file measurement in ima_file_hash() bpf-lsm: Extend interoperability with IMA - 1 - --- 2022-03-02 Roberto Sassu New
[v3,1/9] ima: Fix documentation-related warnings in ima_main.c bpf-lsm: Extend interoperability with IMA - 2 - --- 2022-03-02 Roberto Sassu New
[4/4] integrity: CA enforcement in machine keyring Add CA enforcement in the machine keyring - - - --- 2022-03-01 Eric Snowberg New
[3/4] KEYS: CA link restriction Add CA enforcement in the machine keyring - - - --- 2022-03-01 Eric Snowberg New
[2/4] X.509: Parse Basic Constraints for CA Add CA enforcement in the machine keyring - - - --- 2022-03-01 Eric Snowberg New
[1/4] KEYS: Create static version of public_key_verify_signature Add CA enforcement in the machine keyring - 1 - --- 2022-03-01 Eric Snowberg New
ima: remove redundant initialization of pointer 'file'. ima: remove redundant initialization of pointer 'file'. - - - --- 2022-03-01 Colin Ian King New
[RESEND] xfs: don't generate selinux audit messages for capability testing [RESEND] xfs: don't generate selinux audit messages for capability testing 1 2 - --- 2022-03-01 Darrick J. Wong New
[v1] fs: Fix inconsistent f_mode [v1] fs: Fix inconsistent f_mode - - - --- 2022-02-28 Mickaël Salaün New
[v8,4/4] docs: security: Add secrets/coco documentation Allow guest access to EFI confidential computing secret area - 1 - --- 2022-02-28 Dov Murik New
[v8,3/4] efi: Load efi_secret module if EFI secret area is populated Allow guest access to EFI confidential computing secret area - 1 - --- 2022-02-28 Dov Murik New
[v8,2/4] virt: Add efi_secret module to expose confidential computing secrets Allow guest access to EFI confidential computing secret area - 1 - --- 2022-02-28 Dov Murik New
[v8,1/4] efi: Save location of EFI confidential computing area Allow guest access to EFI confidential computing secret area - 1 - --- 2022-02-28 Dov Murik New
userfaultfd, capability: introduce CAP_USERFAULTFD userfaultfd, capability: introduce CAP_USERFAULTFD - - - --- 2022-02-24 Axel Rasmussen New
[v3,2/2] fs/proc: Optimize arrays defined by struct ctl_path [v3,1/2] fs/proc: Optimize arrays defined by struct ctl_path - - - --- 2022-02-24 Meng Tang New
[v3,1/2] fs/proc: Optimize arrays defined by struct ctl_path [v3,1/2] fs/proc: Optimize arrays defined by struct ctl_path - - - --- 2022-02-24 Meng Tang New
[v2] fs/proc: Optimize arrays defined by struct ctl_path [v2] fs/proc: Optimize arrays defined by struct ctl_path - - - --- 2022-02-24 Meng Tang New
[GIT,PULL] SELinux fixes for v5.17 (#2) [GIT,PULL] SELinux fixes for v5.17 (#2) - - - --- 2022-02-23 Paul Moore New
fs/proc: Optimize arrays defined by struct ctl_path fs/proc: Optimize arrays defined by struct ctl_path - - - --- 2022-02-23 Meng Tang New
TOMOYO: fix __setup handlers return values TOMOYO: fix __setup handlers return values - - - --- 2022-02-22 Randy Dunlap New
EVM: fix the evm= __setup handler return value EVM: fix the evm= __setup handler return value - - - --- 2022-02-22 Randy Dunlap New
[v5,5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 3 3 --- 2022-02-22 Ahmad Fatoum New
[v5,4/5] crypto: caam - add in-kernel interface for blob generator KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 2 --- 2022-02-22 Ahmad Fatoum New
[v5,3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 2 2 1 --- 2022-02-22 Ahmad Fatoum New
[v5,2/5] KEYS: trusted: allow users to use kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 1 3 - --- 2022-02-22 Ahmad Fatoum New
[v5,1/5] KEYS: trusted: allow use of TEE as backend without TCG_TPM support KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 2 --- 2022-02-22 Ahmad Fatoum New
[RFC,v1] LSM: Remove double path_rename hook calls for RENAME_EXCHANGE [RFC,v1] LSM: Remove double path_rename hook calls for RENAME_EXCHANGE 2 - - --- 2022-02-22 Mickaël Salaün New
[v1,11/11] landlock: Add design choices documentation for filesystem access rights Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,10/11] landlock: Document good practices about filesystem policies Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,09/11] landlock: Document LANDLOCK_ACCESS_FS_REFER and ABI versioning Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,08/11] samples/landlock: Add support for file reparenting Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,07/11] selftest/landlock: Add 6 new test suites dedicated to file reparenting Landlock: file linking and renaming support - - - --- 2022-02-21 Mickaël Salaün New
[v1,06/11] landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER Landlock: file linking and renaming support - - - --- 2022-02-21 Mickaël Salaün New
[v1,05/11] landlock: Move filesystem helpers and add a new one Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,04/11] landlock: Fix same-layer rule unions Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,03/11] landlock: Create find_rule() from unmask_layers() Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,02/11] landlock: Reduce the maximum number of layers to 16 Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,01/11] landlock: Define access_mask_t to enforce a consistent access mask size Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,7/7] selftest/landlock: Fully test file rename with "remove" access Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,6/7] selftest/landlock: Extend access right tests to directories Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,5/7] selftest/landlock: Add tests for unknown access rights Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,4/7] selftest/landlock: Extend tests for minimal valid attribute size Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,3/7] selftest/landlock: Make tests build with old libc Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,2/7] landlock: Fix landlock_add_rule(2) signature Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,1/7] landlock: Fix landlock_add_rule(2) documentation Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[RFC,1/2] capability: add capable_or to test for multiple caps with exactly one audit message [RFC,1/2] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-02-17 Christian Göttsche New
[RFC,2/2] capability: use new capable_or functionality [RFC,1/2] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-02-17 Christian Göttsche New
selinux: log anon inode class name selinux: log anon inode class name - - - --- 2022-02-17 Christian Göttsche New
security: declare member holding string literal const security: declare member holding string literal const - 2 - --- 2022-02-17 Christian Göttsche New
[RFC,1/1] selinuxns: Replace state pointer with namespace id SELinux-namespaces - - - --- 2022-02-16 Igor Baranov New
[4/4] module, KEYS: Make use of platform keyring for signature verification [1/4] Fix arm64 kexec forbidding kernels signed with keys in the secondary keyring to boot - - - --- 2022-02-15 Michal Suchánek New
[3/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification [1/4] Fix arm64 kexec forbidding kernels signed with keys in the secondary keyring to boot - 1 - --- 2022-02-15 Michal Suchánek New
[2/4] kexec, KEYS, arm64: Make use of platform keyring for signature verification [1/4] Fix arm64 kexec forbidding kernels signed with keys in the secondary keyring to boot - 1 - --- 2022-02-15 Michal Suchánek New
[1/4] Fix arm64 kexec forbidding kernels signed with keys in the secondary keyring to boot [1/4] Fix arm64 kexec forbidding kernels signed with keys in the secondary keyring to boot 1 1 - --- 2022-02-15 Michal Suchánek New
[v5] KEYS: encrypted: Instantiate key with user-provided decrypted data [v5] KEYS: encrypted: Instantiate key with user-provided decrypted data - 3 - --- 2022-02-15 Yael Tzur New
[v2,6/6] selftests/bpf: Add test for bpf_lsm_kernel_read_file() bpf-lsm: Extend interoperability with IMA - - - --- 2022-02-15 Roberto Sassu New
[v2,5/6] bpf-lsm: Make bpf_lsm_kernel_read_file() as sleepable bpf-lsm: Extend interoperability with IMA - - - --- 2022-02-15 Roberto Sassu New
[v2,4/6] selftests/bpf: Add test for bpf_ima_file_hash() bpf-lsm: Extend interoperability with IMA - - - --- 2022-02-15 Roberto Sassu New
[v2,3/6] bpf-lsm: Introduce new helper bpf_ima_file_hash() bpf-lsm: Extend interoperability with IMA - - - --- 2022-02-15 Roberto Sassu New
[v2,2/6] ima: Always return a file measurement in ima_file_hash() bpf-lsm: Extend interoperability with IMA - - - --- 2022-02-15 Roberto Sassu New
[v2,1/6] ima: Fix documentation-related warnings in ima_main.c bpf-lsm: Extend interoperability with IMA - 1 - --- 2022-02-15 Roberto Sassu New
apparmor: fix aa_label_asxprint return check apparmor: fix aa_label_asxprint return check 1 - - --- 2022-02-13 Tom Rix New
[net,v3,2/2] security: implement sctp_assoc_established hook in selinux security: fixups for the security hooks in sctp - - - --- 2022-02-12 Ondrej Mosnacek New
[net,v3,1/2] security: add sctp_assoc_established hook security: fixups for the security hooks in sctp - - - --- 2022-02-12 Ondrej Mosnacek New
ima: Calculate digest in ima_inode_hash() if not available ima: Calculate digest in ima_inode_hash() if not available - - - --- 2022-02-11 Roberto Sassu New
[v3] efi: Do not import certificates from UEFI Secure Boot for T2 Macs [v3] efi: Do not import certificates from UEFI Secure Boot for T2 Macs - - - --- 2022-02-10 Aditya Garg New
[v2] efi: Do not import certificates from UEFI Secure Boot for T2 Macs [v2] efi: Do not import certificates from UEFI Secure Boot for T2 Macs - - - --- 2022-02-10 Aditya Garg New
efi: Do not import certificates from UEFI Secure Boot for T2 Macs efi: Do not import certificates from UEFI Secure Boot for T2 Macs - - - --- 2022-02-09 Aditya Garg New
KEYS: trusted: fix crash when TPM/TEE are built as module KEYS: trusted: fix crash when TPM/TEE are built as module - 1 - --- 2022-02-04 Tong Zhang New
[GIT,PULL] SELinux fixes for v5.17 (#1) [GIT,PULL] SELinux fixes for v5.17 (#1) - - - --- 2022-02-03 Paul Moore New
[v32,28/28] AppArmor: Remove the exclusive flag LSM: Module stacking for AppArmor 2 1 - --- 2022-02-02 Casey Schaufler New
[v32,27/28] LSM: Add /proc attr entry for full LSM context LSM: Module stacking for AppArmor - 1 - --- 2022-02-02 Casey Schaufler New
[v32,26/28] Audit: Add record for multiple object security contexts LSM: Module stacking for AppArmor - - - --- 2022-02-02 Casey Schaufler New
[v32,25/28] Audit: Add record for multiple task security contexts LSM: Module stacking for AppArmor - - - --- 2022-02-02 Casey Schaufler New
[v32,24/28] Audit: Add framework for auxiliary records LSM: Module stacking for AppArmor - - - --- 2022-02-02 Casey Schaufler New
[v32,23/28] Audit: Create audit_stamp structure LSM: Module stacking for AppArmor 1 - - --- 2022-02-02 Casey Schaufler New
[v32,22/28] Audit: Keep multiple LSM data in audit_names LSM: Module stacking for AppArmor 1 - - --- 2022-02-02 Casey Schaufler New
[v32,21/28] LSM: Extend security_secid_to_secctx to include module selection LSM: Module stacking for AppArmor - - - --- 2022-02-02 Casey Schaufler New
[v32,20/28] binder: Pass LSM identifier for confirmation LSM: Module stacking for AppArmor - - - --- 2022-02-02 Casey Schaufler New
[v32,19/28] NET: Store LSM netlabel data in a lsmblob LSM: Module stacking for AppArmor 2 2 - --- 2022-02-02 Casey Schaufler New
[v32,18/28] LSM: security_secid_to_secctx in netlink netfilter LSM: Module stacking for AppArmor 3 2 - --- 2022-02-02 Casey Schaufler New
[v32,17/28] LSM: Use lsmcontext in security_inode_getsecctx LSM: Module stacking for AppArmor 3 2 - --- 2022-02-02 Casey Schaufler New
[v32,16/28] LSM: Use lsmcontext in security_secid_to_secctx LSM: Module stacking for AppArmor - - - --- 2022-02-02 Casey Schaufler New
[v32,15/28] LSM: Ensure the correct LSM context releaser LSM: Module stacking for AppArmor 3 2 - --- 2022-02-02 Casey Schaufler New
[v32,14/28] LSM: Specify which LSM to display LSM: Module stacking for AppArmor - - - --- 2022-02-02 Casey Schaufler New
« 1 2 ... 8 9 10122 123 »