Show patches with: Archived = No       |   3619 patches
« 1 2 3 436 37 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,v2,9/9] ima: Register to the digest_cache LSM notifier and process events ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[RFC,v2,8/9] ima: Use digest caches for appraisal ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[RFC,v2,7/9] ima: Use digest caches for measurement ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[RFC,v2,6/9] ima: Store allowed usage in digest cache based on integrity metadata flags ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[RFC,v2,5/9] ima: Modify existing boot-time built-in policies with digest cache policies ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[RFC,v2,4/9] ima: Add digest_cache_measure/appraise boot-time built-in policies ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[RFC,v2,3/9] ima: Add digest_cache policy keyword ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[RFC,v2,2/9] ima: Nest iint mutex for DIGEST_LIST_CHECK hook ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[RFC,v2,1/9] ima: Introduce hook DIGEST_LIST_CHECK ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,14/14] docs: Add documentation of the digest_cache LSM security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,13/14] selftests/digest_cache: Add selftests for digest_cache LSM security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,12/14] digest_cache: Notify digest cache events security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,11/14] digest_cache: Reset digest cache on file/directory change security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,10/14] digest cache: Prefetch digest lists if requested security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,09/14] digest_cache: Add support for directories security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,08/14] digest_cache: Add management of verification data security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,07/14] digest_cache: Parse rpm digest lists security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,06/14] digest_cache: Parse tlv digest lists security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,05/14] digest_cache: Populate the digest cache from a digest list security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,04/14] digest_cache: Add hash tables and operations security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,03/14] digest_cache: Add securityfs interface security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,02/14] security: Introduce the digest_cache LSM security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v4,01/14] lib: Add TLV parser security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu New
[v2,1/1] mm: change inlined allocation helpers to account at the call site [v2,1/1] mm: change inlined allocation helpers to account at the call site - - - --- 2024-04-15 Suren Baghdasaryan New
[v17,21/21] MAINTAINERS: ipe: add ipe maintainer information Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,20/21] Documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - 1 - --- 2024-04-13 Fan Wu pcmoore New
[v17,19/21] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,18/21] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,17/21] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,16/21] fsverity: expose verified fsverity built-in signatures to LSMs Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,15/21] security: add security_inode_setintegrity() hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,14/21] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,13/21] dm verity: consume root hash digest and expose signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,12/21] dm: add finalize hook to target_type Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,11/21] block,lsm: add LSM blob and new LSM hooks for block device Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,10/21] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,09/21] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,08/21] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,07/21] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,06/21] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,05/21] initramfs|security: Add a security hook to do_populate_rootfs() Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,04/21] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,03/21] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,02/21] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[v17,01/21] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore New
[net] netlabel: fix RCU annotation for IPv4 options on socket creation [net] netlabel: fix RCU annotation for IPv4 options on socket creation - - - --- 2024-04-11 Davide Caratti pcmoore New
[bpf-next,v3,11/11] selftests/bpf: Add verifier tests for bpf lsm Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,10/11] selftests/bpf: Add test for lsm tail call Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,09/11] selftests/bpf: Add return value checks for failed tests Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,08/11] selftests/bpf: Avoid load failure for token_lsm.c Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,07/11] bpf: Fix a false rejection caused by AND operation Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,06/11] bpf: Fix compare error in function retval_range_within Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,05/11] bpf: Avoid progs for different hooks calling each other with tail call Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,04/11] bpf, lsm: Add bpf lsm disabled hook list Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,03/11] bpf, lsm: Check bpf lsm hook return values in verifier Add check for bpf lsm return value 1 - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,02/11] bpf, lsm: Add helper to read lsm hook return value range Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,01/11] bpf, lsm: Annotate lsm hook return value range Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[v3,2/2] proc: add Kconfigs to restrict /proc/pid/mem access [v3,1/2] proc: restrict /proc/pid/mem access via param knobs - - - --- 2024-04-09 Adrian Ratiu Handled Elsewhere
[v3,1/2] proc: restrict /proc/pid/mem access via param knobs [v3,1/2] proc: restrict /proc/pid/mem access via param knobs - - - --- 2024-04-09 Adrian Ratiu Handled Elsewhere
[2/2] selftests/landlock: Create 'listen_zero', 'deny_listen_zero' tests Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[1/2] landlock: Add hook on socket_listen() Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,10/10] samples/landlock: Support socket protocol restrictions Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,09/10] selftests/landlock: Create 'ruleset_with_unknown_access' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,08/10] selftests/landlock: Create 'ruleset_overlap' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,07/10] selftests/landlock: Create 'inval' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,06/10] selftests/landlock: Create 'rule_with_unhandled_access' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,05/10] selftests/landlock: Create 'rule_with_unknown_access' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,04/10] selftests/landlock: Create 'socket_access_rights' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,03/10] selftests/landlock: Create 'create' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,02/10] landlock: Add hook on socket_create() Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,01/10] landlock: Support socket access-control Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[v4,RESEND,7/7] kunit: Add tests for fault Handle faults in KUnit tests - 1 - --- 2024-04-08 Mickaël Salaün Handled Elsewhere
[v4,RESEND,6/7] kunit: Print last test location on fault Handle faults in KUnit tests - 1 - --- 2024-04-08 Mickaël Salaün Handled Elsewhere
[v4,RESEND,5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Handle faults in KUnit tests - 2 - --- 2024-04-08 Mickaël Salaün Handled Elsewhere
[v4,RESEND,4/7] kunit: Handle test faults Handle faults in KUnit tests - 2 1 --- 2024-04-08 Mickaël Salaün Handled Elsewhere
[v4,RESEND,3/7] kunit: Fix timeout message Handle faults in KUnit tests - 3 - --- 2024-04-08 Mickaël Salaün Handled Elsewhere
[v4,RESEND,2/7] kunit: Fix kthread reference Handle faults in KUnit tests - 3 - --- 2024-04-08 Mickaël Salaün Handled Elsewhere
[v4,RESEND,1/7] kunit: Handle thread creation error Handle faults in KUnit tests - 3 - --- 2024-04-08 Mickaël Salaün Handled Elsewhere
[v14,12/12] fs/ioctl: Add a comment to keep the logic in sync with LSM policies Landlock: IOCTL support - - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v14,11/12] MAINTAINERS: Notify Landlock maintainers about changes to fs/ioctl.c Landlock: IOCTL support - - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v14,10/12] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v14,09/12] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV Landlock: IOCTL support - - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v14,08/12] selftests/landlock: Exhaustive test for the IOCTL allow-list Landlock: IOCTL support - - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v14,07/12] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Landlock: IOCTL support - - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v14,06/12] selftests/landlock: Test IOCTLs on named pipes Landlock: IOCTL support - - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v14,05/12] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v14,04/12] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v14,03/12] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v14,02/12] landlock: Add IOCTL access right for character and block devices Landlock: IOCTL support - - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v14,01/12] fs: Return ENOTTY directly if FS_IOC_GETUUID or FS_IOC_GETFSSYSFSPATH fail Landlock: IOCTL support 2 - - --- 2024-04-05 Günther Noack Handled Elsewhere
[v4] Add test for io_uring openat access control with Landlock rules [v4] Add test for io_uring openat access control with Landlock rules - - - --- 2024-04-04 Dorine Tipo Handled Elsewhere
[1/1] mm: change inlined allocation helpers to account at the call site [1/1] mm: change inlined allocation helpers to account at the call site - - - --- 2024-04-04 Suren Baghdasaryan Handled Elsewhere
[v5,next] integrity: Avoid -Wflex-array-member-not-at-end warnings [v5,next] integrity: Avoid -Wflex-array-member-not-at-end warnings - 1 - --- 2024-04-04 Gustavo A. R. Silva Handled Elsewhere
[RESEND,v3] security: Place security_path_post_mknod() where the original IMA call was [RESEND,v3] security: Place security_path_post_mknod() where the original IMA call was - 1 - --- 2024-04-03 Roberto Sassu pcmoore Accepted
[v3] security: Place security_path_post_mknod() where the original IMA call was [v3] security: Place security_path_post_mknod() where the original IMA call was 1 1 - --- 2024-04-03 Roberto Sassu pcmoore Superseded
[v8,6/6] docs: trusted-encrypted: add DCP as new trust source DCP as trusted keys backend - 2 - --- 2024-04-03 David Gstir New
[v8,5/6] docs: document DCP-backed trusted keys kernel params DCP as trusted keys backend - 1 - --- 2024-04-03 David Gstir New
[v8,4/6] MAINTAINERS: add entry for DCP-based trusted keys DCP as trusted keys backend 1 - - --- 2024-04-03 David Gstir New
[v8,3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys DCP as trusted keys backend - 1 - --- 2024-04-03 David Gstir New
[v8,2/6] KEYS: trusted: improve scalability of trust source config DCP as trusted keys backend - 1 1 --- 2024-04-03 David Gstir New
« 1 2 3 436 37 »