Show patches with: State = Action Required       |   12060 patches
« 1 2 ... 6 7 8120 121 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v10,1/3] certs: export load_certificate_list() to be used outside certs/ integrity: support including firmware ".platform" keys at build time - 1 - --- 2022-03-06 Nayna Jain New
[v9,3/3] integrity: support including firmware ".platform" keys at build time integrity: support including firmware ".platform" keys at build time - 1 - --- 2022-03-04 Nayna Jain New
[v9,2/3] integrity: make integrity_keyring_from_id() non-static integrity: support including firmware ".platform" keys at build time - 1 - --- 2022-03-04 Nayna Jain New
[v9,1/3] certs: export load_certificate_list() to be used outside certs/ integrity: support including firmware ".platform" keys at build time - 1 - --- 2022-03-04 Nayna Jain New
[v2] KEYS: fix memory leaks when reading certificate [v2] KEYS: fix memory leaks when reading certificate - - - --- 2022-03-03 Denis Glazkov New
[5/5] loadpin: stop using bdevname [1/5] block: stop using bdevname in bdev_write_inode 1 1 - --- 2022-03-03 Christoph Hellwig New
[4/5] pktcdvd: stop using bdevname [1/5] block: stop using bdevname in bdev_write_inode - 1 - --- 2022-03-03 Christoph Hellwig New
[3/5] block: stop using bdevname in drbd_report_io_error [1/5] block: stop using bdevname in bdev_write_inode - 1 - --- 2022-03-03 Christoph Hellwig New
[2/5] block: stop using bdevname in __blkdev_issue_discard [1/5] block: stop using bdevname in bdev_write_inode - 1 - --- 2022-03-03 Christoph Hellwig New
[1/5] block: stop using bdevname in bdev_write_inode [1/5] block: stop using bdevname in bdev_write_inode - 1 - --- 2022-03-03 Christoph Hellwig New
KEYS: fix memory leak when reading certificate fails KEYS: fix memory leak when reading certificate fails - - - --- 2022-03-03 Denis Glazkov New
[v11,27/27] ima: Enable IMA namespaces ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,26/27] ima: Restrict informational audit messages to init_ima_ns ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,25/27] ima: Limit number of policy rules in non-init_ima_ns ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,24/27] ima: Show owning user namespace's uid and gid when displaying policy ima: Namespace IMA with audit support in IMA-ns - 1 - --- 2022-03-02 Stefan Berger New
[v11,23/27] ima: Introduce securityfs file to activate an IMA namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,22/27] ima: Setup securityfs for IMA namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,21/27] ima: Remove unused iints from the integrity_iint_cache ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,20/27] ima: Namespace audit status flags ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,19/27] integrity: Add optional callback function to integrity_inode_free() ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,18/27] integrity/ima: Define ns_status for storing namespaced iint data ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,17/27] ima: Add functions for creating and freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,16/27] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns - 1 - --- 2022-03-02 Stefan Berger New
[v11,15/27] ima: Implement hierarchical processing of file accesses ima: Namespace IMA with audit support in IMA-ns - 1 - --- 2022-03-02 Stefan Berger New
[v11,14/27] userns: Add pointer to ima_namespace to user_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,13/27] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable() ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,11/27] ima: Switch to lazy lsm policy updates for better performance ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,10/27] ima: Move ima_lsm_policy_notifier into ima_namespace ima: Namespace IMA with audit support in IMA-ns - 1 - --- 2022-03-02 Stefan Berger New
[v11,09/27] ima: Move IMA securityfs files into ima_namespace or onto stack ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,08/27] ima: Move some IMA policy and filesystem related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,07/27] ima: Move measurement list related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns - 1 - --- 2022-03-02 Stefan Berger New
[v11,06/27] ima: Move ima_htable into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,05/27] ima: Move arch_policy_entry into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,04/27] ima: Define ima_namespace struct and start moving variables into it ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-03-02 Stefan Berger New
[v11,03/27] securityfs: Extend securityfs with namespacing support ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-03-02 Stefan Berger New
[v11,02/27] securityfs: rework dentry creation ima: Namespace IMA with audit support in IMA-ns - 1 - --- 2022-03-02 Stefan Berger New
[v11,01/27] ima: Return error code obtained from securityfs functions ima: Namespace IMA with audit support in IMA-ns - 1 - --- 2022-03-02 Stefan Berger New
[v3,9/9] selftests/bpf: Check that bpf_kernel_read_file() denies reading IMA policy bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,8/9] selftests/bpf: Add test for bpf_lsm_kernel_read_file() bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,7/9] bpf-lsm: Make bpf_lsm_kernel_read_file() as sleepable bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,6/9] selftests/bpf: Check if the digest is refreshed after a file write bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,5/9] selftests/bpf: Add test for bpf_ima_file_hash() bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,4/9] selftests/bpf: Move sample generation code to ima_test_common() bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,3/9] bpf-lsm: Introduce new helper bpf_ima_file_hash() bpf-lsm: Extend interoperability with IMA - - - --- 2022-03-02 Roberto Sassu New
[v3,2/9] ima: Always return a file measurement in ima_file_hash() bpf-lsm: Extend interoperability with IMA - 1 - --- 2022-03-02 Roberto Sassu New
[v3,1/9] ima: Fix documentation-related warnings in ima_main.c bpf-lsm: Extend interoperability with IMA - 2 - --- 2022-03-02 Roberto Sassu New
[4/4] integrity: CA enforcement in machine keyring Add CA enforcement in the machine keyring - - - --- 2022-03-01 Eric Snowberg New
[3/4] KEYS: CA link restriction Add CA enforcement in the machine keyring - - - --- 2022-03-01 Eric Snowberg New
[2/4] X.509: Parse Basic Constraints for CA Add CA enforcement in the machine keyring - - - --- 2022-03-01 Eric Snowberg New
[1/4] KEYS: Create static version of public_key_verify_signature Add CA enforcement in the machine keyring - 1 - --- 2022-03-01 Eric Snowberg New
ima: remove redundant initialization of pointer 'file'. ima: remove redundant initialization of pointer 'file'. - - - --- 2022-03-01 Colin Ian King New
[RESEND] xfs: don't generate selinux audit messages for capability testing [RESEND] xfs: don't generate selinux audit messages for capability testing 1 2 - --- 2022-03-01 Darrick J. Wong New
[v1] fs: Fix inconsistent f_mode [v1] fs: Fix inconsistent f_mode - - - --- 2022-02-28 Mickaël Salaün New
[v8,4/4] docs: security: Add secrets/coco documentation Allow guest access to EFI confidential computing secret area - 1 - --- 2022-02-28 Dov Murik New
[v8,3/4] efi: Load efi_secret module if EFI secret area is populated Allow guest access to EFI confidential computing secret area - 1 - --- 2022-02-28 Dov Murik New
[v8,2/4] virt: Add efi_secret module to expose confidential computing secrets Allow guest access to EFI confidential computing secret area - 1 - --- 2022-02-28 Dov Murik New
[v8,1/4] efi: Save location of EFI confidential computing area Allow guest access to EFI confidential computing secret area - 1 - --- 2022-02-28 Dov Murik New
userfaultfd, capability: introduce CAP_USERFAULTFD userfaultfd, capability: introduce CAP_USERFAULTFD - - - --- 2022-02-24 Axel Rasmussen New
[v3,2/2] fs/proc: Optimize arrays defined by struct ctl_path [v3,1/2] fs/proc: Optimize arrays defined by struct ctl_path - - - --- 2022-02-24 Meng Tang New
[v3,1/2] fs/proc: Optimize arrays defined by struct ctl_path [v3,1/2] fs/proc: Optimize arrays defined by struct ctl_path - - - --- 2022-02-24 Meng Tang New
[v2] fs/proc: Optimize arrays defined by struct ctl_path [v2] fs/proc: Optimize arrays defined by struct ctl_path - - - --- 2022-02-24 Meng Tang New
[GIT,PULL] SELinux fixes for v5.17 (#2) [GIT,PULL] SELinux fixes for v5.17 (#2) - - - --- 2022-02-23 Paul Moore New
fs/proc: Optimize arrays defined by struct ctl_path fs/proc: Optimize arrays defined by struct ctl_path - - - --- 2022-02-23 Meng Tang New
TOMOYO: fix __setup handlers return values TOMOYO: fix __setup handlers return values - - - --- 2022-02-22 Randy Dunlap New
EVM: fix the evm= __setup handler return value EVM: fix the evm= __setup handler return value - - - --- 2022-02-22 Randy Dunlap New
[v5,5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 3 3 --- 2022-02-22 Ahmad Fatoum New
[v5,4/5] crypto: caam - add in-kernel interface for blob generator KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 2 --- 2022-02-22 Ahmad Fatoum New
[v5,3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 2 2 1 --- 2022-02-22 Ahmad Fatoum New
[v5,2/5] KEYS: trusted: allow users to use kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 1 3 - --- 2022-02-22 Ahmad Fatoum New
[v5,1/5] KEYS: trusted: allow use of TEE as backend without TCG_TPM support KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 2 --- 2022-02-22 Ahmad Fatoum New
[RFC,v1] LSM: Remove double path_rename hook calls for RENAME_EXCHANGE [RFC,v1] LSM: Remove double path_rename hook calls for RENAME_EXCHANGE 2 - - --- 2022-02-22 Mickaël Salaün New
[v1,11/11] landlock: Add design choices documentation for filesystem access rights Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,10/11] landlock: Document good practices about filesystem policies Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,09/11] landlock: Document LANDLOCK_ACCESS_FS_REFER and ABI versioning Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,08/11] samples/landlock: Add support for file reparenting Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,07/11] selftest/landlock: Add 6 new test suites dedicated to file reparenting Landlock: file linking and renaming support - - - --- 2022-02-21 Mickaël Salaün New
[v1,06/11] landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER Landlock: file linking and renaming support - - - --- 2022-02-21 Mickaël Salaün New
[v1,05/11] landlock: Move filesystem helpers and add a new one Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,04/11] landlock: Fix same-layer rule unions Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,03/11] landlock: Create find_rule() from unmask_layers() Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,02/11] landlock: Reduce the maximum number of layers to 16 Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,01/11] landlock: Define access_mask_t to enforce a consistent access mask size Landlock: file linking and renaming support - 1 - --- 2022-02-21 Mickaël Salaün New
[v1,7/7] selftest/landlock: Fully test file rename with "remove" access Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,6/7] selftest/landlock: Extend access right tests to directories Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,5/7] selftest/landlock: Add tests for unknown access rights Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,4/7] selftest/landlock: Extend tests for minimal valid attribute size Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,3/7] selftest/landlock: Make tests build with old libc Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,2/7] landlock: Fix landlock_add_rule(2) signature Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[v1,1/7] landlock: Fix landlock_add_rule(2) documentation Minor Landlock fixes and new tests - - - --- 2022-02-21 Mickaël Salaün New
[RFC,1/2] capability: add capable_or to test for multiple caps with exactly one audit message [RFC,1/2] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-02-17 Christian Göttsche New
[RFC,2/2] capability: use new capable_or functionality [RFC,1/2] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-02-17 Christian Göttsche New
selinux: log anon inode class name selinux: log anon inode class name - - - --- 2022-02-17 Christian Göttsche New
security: declare member holding string literal const security: declare member holding string literal const - 2 - --- 2022-02-17 Christian Göttsche New
[RFC,1/1] selinuxns: Replace state pointer with namespace id SELinux-namespaces - - - --- 2022-02-16 Igor Baranov New
[4/4] module, KEYS: Make use of platform keyring for signature verification [1/4] Fix arm64 kexec forbidding kernels signed with keys in the secondary keyring to boot - - - --- 2022-02-15 Michal Suchánek New
[3/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification [1/4] Fix arm64 kexec forbidding kernels signed with keys in the secondary keyring to boot - 1 - --- 2022-02-15 Michal Suchánek New
[2/4] kexec, KEYS, arm64: Make use of platform keyring for signature verification [1/4] Fix arm64 kexec forbidding kernels signed with keys in the secondary keyring to boot - 1 - --- 2022-02-15 Michal Suchánek New
[1/4] Fix arm64 kexec forbidding kernels signed with keys in the secondary keyring to boot [1/4] Fix arm64 kexec forbidding kernels signed with keys in the secondary keyring to boot 1 1 - --- 2022-02-15 Michal Suchánek New
[v5] KEYS: encrypted: Instantiate key with user-provided decrypted data [v5] KEYS: encrypted: Instantiate key with user-provided decrypted data - 3 - --- 2022-02-15 Yael Tzur New
« 1 2 ... 6 7 8120 121 »