Show patches with: State = Action Required       |    Archived = No       |   75 patches
Patch Series A/R/T S/W/F Date Submitter Delegate State
[2/2] doc: Fix fs_context_parse_param description in mount_api.rst [1/2] lsm: Fix description of fs_context_parse_param - - - --- 2022-12-09 Roberto Sassu pcmoore Under Review
[v4,1/9] capability: introduce new capable flag NODENYAUDIT [v4,1/9] capability: introduce new capable flag NODENYAUDIT - 1 - --- 2023-05-11 Christian Göttsche pcmoore Under Review
[v4,2/9] capability: add any wrapper to test for multiple caps with exactly one audit message [v4,1/9] capability: introduce new capable flag NODENYAUDIT - - - --- 2023-05-11 Christian Göttsche pcmoore Under Review
[v4,3/9] capability: use new capable_any functionality [v4,1/9] capability: introduce new capable flag NODENYAUDIT 1 - - --- 2023-05-11 Christian Göttsche pcmoore Under Review
proc: Update inode upon changing task security attribute proc: Update inode upon changing task security attribute - - - --- 2023-11-30 Munehisa Kamata pcmoore Under Review
[v39,01/42] integrity: disassociate ima_filter_rule from security_audit_rule LSM: General module stacking 1 1 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,02/42] SM: Infrastructure management of the sock security LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,03/42] LSM: Add the lsmblob data structure. LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,04/42] IMA: avoid label collisions with stacked LSMs LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,05/42] LSM: Use lsmblob in security_audit_rule_match LSM: General module stacking 1 1 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,06/42] LSM: Add lsmblob_to_secctx hook LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,07/42] Audit: maintain an lsmblob in audit_context LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,08/42] LSM: Use lsmblob in security_ipc_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,09/42] Audit: Update shutdown LSM data LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,10/42] LSM: Use lsmblob in security_current_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,11/42] LSM: Use lsmblob in security_inode_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,12/42] Audit: use an lsmblob in audit_names LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,13/42] LSM: Create new security_cred_getlsmblob LSM hook LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,14/42] Audit: Change context data from secid to lsmblob LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,15/42] Netlabel: Use lsmblob for audit data LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,16/42] LSM: Ensure the correct LSM context releaser LSM: General module stacking 3 2 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,17/42] LSM: Use lsmcontext in security_secid_to_secctx LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,18/42] LSM: Use lsmcontext in security_lsmblob_to_secctx LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,19/42] LSM: Use lsmcontext in security_inode_getsecctx LSM: General module stacking 3 2 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,20/42] LSM: Use lsmcontext in security_dentry_init_security LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,21/42] LSM: security_lsmblob_to_secctx module selection LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,22/42] Audit: Create audit_stamp structure LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,23/42] Audit: Allow multiple records in an audit_buffer LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,24/42] Audit: Add record for multiple task security contexts LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,25/42] audit: multiple subject lsm values for netlabel LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,26/42] Audit: Add record for multiple object contexts LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,27/42] LSM: Remove unused lsmcontext_init() LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,28/42] LSM: Improve logic in security_getprocattr LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,29/42] LSM: secctx provider check on release LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,30/42] LSM: Single calls in socket_getpeersec hooks LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,31/42] LSM: Exclusive secmark usage LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,32/42] LSM: Identify which LSM handles the context string LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,33/42] AppArmor: Remove the exclusive flag LSM: General module stacking 2 1 - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,34/42] LSM: Add mount opts blob size tracking LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,35/42] LSM: allocate mnt_opts blobs instead of module specific data LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,36/42] LSM: Infrastructure management of the key security blob LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,37/42] LSM: Infrastructure management of the mnt_opts security blob LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,38/42] LSM: Correct handling of ENOSYS in inode_setxattr LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,39/42] LSM: Remove lsmblob scaffolding LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,40/42] LSM: Allow reservation of netlabel LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,41/42] LSM: restrict security_cred_getsecid() to a single LSM LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
[v39,42/42] Smack: Remove LSM_FLAG_EXCLUSIVE LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore New
security: fix no-op hook logic in security_inode_{set,remove}xattr() security: fix no-op hook logic in security_inode_{set,remove}xattr() - - - --- 2024-01-29 Ondrej Mosnacek pcmoore Under Review
security: use default hook return value in call_int_hook() security: use default hook return value in call_int_hook() - 1 - --- 2024-01-30 Ondrej Mosnacek pcmoore Under Review
[v3,1/3] LSM: add security_execve_abort() hook fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v3,2/3] tomoyo: replace current->in_execve flag with security_execve_abort() hook fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v3,3/3] fs/exec: remove current->in_execve flag fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v9,1/4] kernel: Add helper macros for loop unrolling Reduce overhead of LSMs with static calls 2 2 - --- 2024-02-07 KP Singh pcmoore New
[v9,2/4] security: Count the LSMs enabled at compile time Reduce overhead of LSMs with static calls 2 1 - --- 2024-02-07 KP Singh pcmoore New
[v9,3/4] security: Replace indirect LSM hook calls with static calls Reduce overhead of LSMs with static calls 2 2 - --- 2024-02-07 KP Singh pcmoore New
[v9,4/4] bpf: Only enable BPF LSM hooks when an LSM program is attached Reduce overhead of LSMs with static calls 3 2 - --- 2024-02-07 KP Singh pcmoore New
[v3,01/13] lib: Add TLV parser security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,02/13] security: Introduce the digest_cache LSM security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,03/13] digest_cache: Add securityfs interface security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,04/13] digest_cache: Add hash tables and operations security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,05/13] digest_cache: Populate the digest cache from a digest list security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,06/13] digest_cache: Parse tlv digest lists security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,07/13] digest_cache: Parse rpm digest lists security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,08/13] digest_cache: Add management of verification data security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,09/13] digest_cache: Add support for directories security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,10/13] digest cache: Prefetch digest lists if requested security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,11/13] digest_cache: Reset digest cache on file/directory change security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,12/13] selftests/digest_cache: Add selftests for digest_cache LSM security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
[v3,13/13] docs: Add documentation of the digest_cache LSM security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore New
proc: allow restricting /proc/pid/mem writes proc: allow restricting /proc/pid/mem writes - - - --- 2024-02-21 Adrian Ratiu New
[RFC,1/5] sbm: x86: fix SBM error entry path PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik New
[RFC,2/5] sbm: enhance buffer mapping API PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik New
[RFC,3/5] sbm: x86: infrastructure to fix up sandbox faults PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik New
[RFC,4/5] sbm: fix up calls to dynamic memory allocators PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik New
[RFC,5/5] apparmor: parse profiles in sandbox mode PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik New