Show patches with: State = Action Required       |    Archived = No       |   145 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore New
[02/10] capability: add any wrappers to test for multiple caps with exactly one audit message [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore New
[03/10] capability: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore New
[04/10] block: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore New
[05/10] drivers: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 2 - - --- 2024-03-15 Christian Göttsche pcmoore New
[06/10] fs: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore New
[07/10] kernel: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 2 - --- 2024-03-15 Christian Göttsche pcmoore New
[08/10] net: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore New
[09/10] bpf: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore New
[1/2] security: Handle dentries without inode in security_path_post_mknod() [1/2] security: Handle dentries without inode in security_path_post_mknod() 2 - - --- 2024-03-29 Roberto Sassu pcmoore Under Review
[1/2] yama: document function parameter [1/2] yama: document function parameter - 3 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[10/10] coccinelle: add script for capable_any() [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore New
[2/2] doc: Fix fs_context_parse_param description in mount_api.rst [1/2] lsm: Fix description of fs_context_parse_param - - - --- 2022-12-09 Roberto Sassu pcmoore Under Review
[2/2] ima: evm: Rename *_post_path_mknod() to *_path_post_mknod() [1/2] security: Handle dentries without inode in security_path_post_mknod() 1 1 - --- 2024-03-29 Roberto Sassu pcmoore Under Review
[bpf-next,v2,1/7] bpf, lsm: Annotate lsm hook return integer with new macro LSM_RET_INT Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,2/7] bpf, lsm: Add return value range description for lsm hook Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,3/7] bpf, lsm: Add function to read lsm hook return value range Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,4/7] bpf, lsm: Check bpf lsm hook return values in verifier Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,5/7] bpf: Fix compare error in function retval_range_within Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,6/7] selftests/bpf: Avoid load failure for token_lsm.c Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,7/7] selftests/bpf: Add return value checks and corrections for failed progs Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v3,01/11] bpf, lsm: Annotate lsm hook return value range Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,02/11] bpf, lsm: Add helper to read lsm hook return value range Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,03/11] bpf, lsm: Check bpf lsm hook return values in verifier Add check for bpf lsm return value 1 - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,04/11] bpf, lsm: Add bpf lsm disabled hook list Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,05/11] bpf: Avoid progs for different hooks calling each other with tail call Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,06/11] bpf: Fix compare error in function retval_range_within Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,07/11] bpf: Fix a false rejection caused by AND operation Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,08/11] selftests/bpf: Avoid load failure for token_lsm.c Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,09/11] selftests/bpf: Add return value checks for failed tests Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,10/11] selftests/bpf: Add test for lsm tail call Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[bpf-next,v3,11/11] selftests/bpf: Add verifier tests for bpf lsm Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai New
[net] netlabel: fix RCU annotation for IPv4 options on socket creation [net] netlabel: fix RCU annotation for IPv4 options on socket creation - - - --- 2024-04-11 Davide Caratti New
[RFC,1/2] lsm: introduce new hook security_vm_execstack [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[RFC,1/8] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,2/2] selinux: wire up new execstack LSM hook [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[RFC,2/8] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,3/8] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,4/8] clavis: Prevent clavis boot param from changing during kexec Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,5/8] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,6/8] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,7/8] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,8/8] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[v17,01/21] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,02/21] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,03/21] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,04/21] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,05/21] initramfs|security: Add a security hook to do_populate_rootfs() Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,06/21] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,07/21] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,08/21] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,09/21] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,10/21] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,11/21] block,lsm: add LSM blob and new LSM hooks for block device Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,12/21] dm: add finalize hook to target_type Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,13/21] dm verity: consume root hash digest and expose signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,14/21] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,15/21] security: add security_inode_setintegrity() hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,16/21] fsverity: expose verified fsverity built-in signatures to LSMs Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,17/21] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,18/21] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,19/21] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,20/21] Documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v17,21/21] MAINTAINERS: ipe: add ipe maintainer information Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu New
[v3,01/12] Update MAINTAINERS file. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,01/13] lib: Add TLV parser security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,02/12] Add TSEM specific documentation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,02/13] security: Introduce the digest_cache LSM security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,03/12] TSEM global declarations. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,03/13] digest_cache: Add securityfs interface security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,04/12] Add primary TSEM implementation file. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,04/13] digest_cache: Add hash tables and operations security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,05/12] Add root domain trust implementation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,05/13] digest_cache: Populate the digest cache from a digest list security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,06/12] Implement TSEM control plane. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,06/13] digest_cache: Parse tlv digest lists security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,07/12] Add namespace implementation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,07/13] digest_cache: Parse rpm digest lists security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,08/12] Add security event description export facility. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,08/13] digest_cache: Add management of verification data security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,09/12] Add event processing implementation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,09/13] digest_cache: Add support for directories security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,1/3] LSM: add security_execve_abort() hook fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v3,10/12] Implement security event mapping. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,10/13] digest cache: Prefetch digest lists if requested security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,11/12] Implement the internal Trusted Modeling Agent. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,11/13] digest_cache: Reset digest cache on file/directory change security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,12/12] Activate the configuration and build of the TSEM LSM. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,12/13] selftests/digest_cache: Add selftests for digest_cache LSM security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,13/13] docs: Add documentation of the digest_cache LSM security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,2/3] tomoyo: replace current->in_execve flag with security_execve_abort() hook fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v3,3/3] fs/exec: remove current->in_execve flag fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v39,01/42] integrity: disassociate ima_filter_rule from security_audit_rule LSM: General module stacking 1 1 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,02/42] SM: Infrastructure management of the sock security LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,03/42] LSM: Add the lsmblob data structure. LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,04/42] IMA: avoid label collisions with stacked LSMs LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,05/42] LSM: Use lsmblob in security_audit_rule_match LSM: General module stacking 1 1 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,06/42] LSM: Add lsmblob_to_secctx hook LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,07/42] Audit: maintain an lsmblob in audit_context LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,08/42] LSM: Use lsmblob in security_ipc_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore New
« 1 2 »