Show patches with: State = Action Required       |    Archived = No       |   175 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
selinux,xfrm: fix dangling refcount on deferred skb free selinux,xfrm: fix dangling refcount on deferred skb free - - - --- 2024-11-06 Ondrej Mosnacek pcmoore Under Review
security: fix typos and spelling errors security: fix typos and spelling errors - - - --- 2025-01-11 Tanya Agarwal New
mm: move the check of READ_IMPLIES_EXEC out of do_mmap() mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-25 Shu Han Under Review
mm: move security_file_mmap() back into do_mmap() mm: move security_file_mmap() back into do_mmap() - - - --- 2024-09-25 Shu Han Under Review
lsm: integrity: Allow enable/disable ima and evm with lsm= cmdline lsm: integrity: Allow enable/disable ima and evm with lsm= cmdline - - - --- 2024-12-18 Song Liu pcmoore New
lsm: add reserved flag in lsm_prop struct lsm: add reserved flag in lsm_prop struct - - - --- 2024-12-06 李豪杰 pcmoore Under Review
lsm,io_uring: add LSM hooks for io_uring_setup() lsm,io_uring: add LSM hooks for io_uring_setup() - - - --- 2024-12-19 Hamza Mahfooz New
loadpin: remove MODULE_COMPRESS_NONE as it is no longer supported loadpin: remove MODULE_COMPRESS_NONE as it is no longer supported - - - --- 2025-01-13 Arulpandiyan Vadivel New
ipe: policy_fs: fix kernel-doc warnings ipe: policy_fs: fix kernel-doc warnings - - - --- 2025-01-11 Randy Dunlap New
capability: Remove unused has_capability capability: Remove unused has_capability - 1 - --- 2024-12-15 Dr. David Alan Gilbert pcmoore Under Review
[v9,bpf-next,7/7] selftests/bpf: Test kfuncs that set and remove xattr from BPF programs Enable writing xattr from BPF programs - - - --- 2025-01-10 Song Liu New
[v9,bpf-next,6/7] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs Enable writing xattr from BPF programs - - - --- 2025-01-10 Song Liu New
[v9,bpf-next,5/7] bpf: Use btf_kfunc_id_set.remap logic for bpf_dynptr_from_skb Enable writing xattr from BPF programs - - - --- 2025-01-10 Song Liu New
[v9,bpf-next,4/7] bpf: Extend btf_kfunc_id_set to handle kfunc polymorphism Enable writing xattr from BPF programs - - - --- 2025-01-10 Song Liu New
[v9,bpf-next,3/7] bpf: lsm: Add two more sleepable hooks Enable writing xattr from BPF programs - - - --- 2025-01-10 Song Liu New
[v9,bpf-next,2/7] selftests/bpf: Extend test fs_kfuncs to cover security.bpf. xattr names Enable writing xattr from BPF programs - - - --- 2025-01-10 Song Liu New
[v9,bpf-next,1/7] fs/xattr: bpf: Introduce security.bpf. xattr name prefix Enable writing xattr from BPF programs 1 1 - --- 2025-01-10 Song Liu New
[v5,-next,16/16] sysctl: remove unneeded include sysctl: move sysctls from vm_table into its own files - 2 - --- 2025-01-11 yukaixiong New
[v5,-next,15/16] sysctl: remove the vm_table sysctl: move sysctls from vm_table into its own files - - - --- 2025-01-11 yukaixiong New
[v5,-next,14/16] sh: vdso: move the sysctl to arch/sh/kernel/vsyscall/vsyscall.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2025-01-11 yukaixiong New
[v5,-next,13/16] x86: vdso: move the sysctl to arch/x86/entry/vdso/vdso32-setup.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2025-01-11 yukaixiong New
[v5,-next,12/16] fs: dcache: move the sysctl to fs/dcache.c sysctl: move sysctls from vm_table into its own files - 3 - --- 2025-01-11 yukaixiong New
[v5,-next,11/16] sunrpc: simplify rpcauth_cache_shrink_count() sysctl: move sysctls from vm_table into its own files 2 1 - --- 2025-01-11 yukaixiong New
[v5,-next,10/16] fs: drop_caches: move sysctl to fs/drop_caches.c sysctl: move sysctls from vm_table into its own files - 3 - --- 2025-01-11 yukaixiong New
[v5,-next,09/16] fs: fs-writeback: move sysctl to fs/fs-writeback.c sysctl: move sysctls from vm_table into its own files - 2 - --- 2025-01-11 yukaixiong New
[v5,-next,08/16] mm: nommu: move sysctl to mm/nommu.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2025-01-11 yukaixiong New
[v5,-next,07/16] security: min_addr: move sysctl to security/min_addr.c sysctl: move sysctls from vm_table into its own files 1 1 - --- 2025-01-11 yukaixiong New
[v5,-next,06/16] mm: mmap: move sysctl to mm/mmap.c sysctl: move sysctls from vm_table into its own files - 2 - --- 2025-01-11 yukaixiong New
[v5,-next,05/16] mm: util: move sysctls to mm/util.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2025-01-11 yukaixiong New
[v5,-next,04/16] mm: vmscan: move vmscan sysctls to mm/vmscan.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2025-01-11 yukaixiong New
[v5,-next,03/16] mm: swap: move sysctl to mm/swap.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2025-01-11 yukaixiong New
[v5,-next,02/16] mm: filemap: move sysctl to mm/filemap.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2025-01-11 yukaixiong New
[v5,-next,01/16] mm: vmstat: move sysctls to mm/vmstat.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2025-01-11 yukaixiong New
[v4,14/14] Activate the configuration and build of the TSEM LSM. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,13/14] Implement infrastructure for loadable security models. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,12/14] Implement configuration and methods for default model. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,11/14] Implement the internal Trusted Modeling Agent. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,10/14] Implement security event mapping. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,09/14] Add event processing implementation. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,08/14] Add security event description export facility. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,07/14] Add namespace implementation. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,06/14] Implement TSEM control plane. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,05/14] Add root domain trust implementation. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,04/14] Add primary TSEM implementation file. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,03/14] TSEM global declarations. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,02/14] Add TSEM specific documentation. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v4,01/14] Update MAINTAINERS file. Implement Trusted Security Event Modeling. - - - --- 2024-08-26 Dr. Greg pcmoore Under Review
[v39,42/42] Smack: Remove LSM_FLAG_EXCLUSIVE LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,41/42] LSM: restrict security_cred_getsecid() to a single LSM LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,40/42] LSM: Allow reservation of netlabel LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,39/42] LSM: Remove lsmblob scaffolding LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,38/42] LSM: Correct handling of ENOSYS in inode_setxattr LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,37/42] LSM: Infrastructure management of the mnt_opts security blob LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,36/42] LSM: Infrastructure management of the key security blob LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,35/42] LSM: allocate mnt_opts blobs instead of module specific data LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,34/42] LSM: Add mount opts blob size tracking LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,33/42] AppArmor: Remove the exclusive flag LSM: General module stacking 2 1 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,32/42] LSM: Identify which LSM handles the context string LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,31/42] LSM: Exclusive secmark usage LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,30/42] LSM: Single calls in socket_getpeersec hooks LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,29/42] LSM: secctx provider check on release LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,28/42] LSM: Improve logic in security_getprocattr LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,27/42] LSM: Remove unused lsmcontext_init() LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,26/42] Audit: Add record for multiple object contexts LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,25/42] audit: multiple subject lsm values for netlabel LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,24/42] Audit: Add record for multiple task security contexts LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,23/42] Audit: Allow multiple records in an audit_buffer LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,22/42] Audit: Create audit_stamp structure LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,21/42] LSM: security_lsmblob_to_secctx module selection LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,20/42] LSM: Use lsmcontext in security_dentry_init_security LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,19/42] LSM: Use lsmcontext in security_inode_getsecctx LSM: General module stacking 3 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,18/42] LSM: Use lsmcontext in security_lsmblob_to_secctx LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,17/42] LSM: Use lsmcontext in security_secid_to_secctx LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,16/42] LSM: Ensure the correct LSM context releaser LSM: General module stacking 3 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,15/42] Netlabel: Use lsmblob for audit data LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,14/42] Audit: Change context data from secid to lsmblob LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,13/42] LSM: Create new security_cred_getlsmblob LSM hook LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,12/42] Audit: use an lsmblob in audit_names LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,11/42] LSM: Use lsmblob in security_inode_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,10/42] LSM: Use lsmblob in security_current_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,09/42] Audit: Update shutdown LSM data LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,08/42] LSM: Use lsmblob in security_ipc_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,07/42] Audit: maintain an lsmblob in audit_context LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,06/42] LSM: Add lsmblob_to_secctx hook LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,05/42] LSM: Use lsmblob in security_audit_rule_match LSM: General module stacking 1 1 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,04/42] IMA: avoid label collisions with stacked LSMs LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,03/42] LSM: Add the lsmblob data structure. LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v3,3/3] fs/exec: remove current->in_execve flag fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v3,2/3] tomoyo: replace current->in_execve flag with security_execve_abort() hook fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v3,2/2] landlock: add support for private bind mount [v3,1/2] fs: add loopback/bind mount specific security hook - - - --- 2025-01-10 Shervin Oloumi New
[v3,1/3] LSM: add security_execve_abort() hook fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v3,1/2] fs: add loopback/bind mount specific security hook [v3,1/2] fs: add loopback/bind mount specific security hook - - - --- 2025-01-10 Shervin Oloumi New
[v21,6/6] samples/check-exec: Add an enlighten "inc" interpreter and 28 tests Script execution control (was O_MAYEXEC) - - - --- 2024-11-12 Mickaël Salaün pcmoore New
[v21,5/6] samples/check-exec: Add set-exec Script execution control (was O_MAYEXEC) - - - --- 2024-11-12 Mickaël Salaün pcmoore New
[v21,4/6] selftests/landlock: Add tests for execveat + AT_EXECVE_CHECK Script execution control (was O_MAYEXEC) - - - --- 2024-11-12 Mickaël Salaün pcmoore New
[v21,3/6] selftests/exec: Add 32 tests for AT_EXECVE_CHECK and exec securebits Script execution control (was O_MAYEXEC) - - - --- 2024-11-12 Mickaël Salaün pcmoore New
[v21,2/6] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits Script execution control (was O_MAYEXEC) - 1 - --- 2024-11-12 Mickaël Salaün pcmoore New
[v21,1/6] exec: Add a new AT_EXECVE_CHECK flag to execveat(2) Script execution control (was O_MAYEXEC) 1 1 - --- 2024-11-12 Mickaël Salaün pcmoore New
[v2] treewide: const qualify ctl_tables where applicable [v2] treewide: const qualify ctl_tables where applicable 5 3 - --- 2025-01-10 Joel Granados New
[V2] security: fix typos and spelling errors [V2] security: fix typos and spelling errors - 1 - --- 2025-01-12 Tanya Agarwal New
« 1 2 »