Show patches with: Archived = No       |   354 patches
« 1 2 3 4 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v5,5/5] selftests: vm: add /dev/userfaultfd test cases to run_vmtests.sh userfaultfd: add /dev/userfaultfd for fine grained access control 1 1 - --- 2022-08-08 Axel Rasmussen New
[v5,4/5] userfaultfd: update documentation to describe /dev/userfaultfd userfaultfd: add /dev/userfaultfd for fine grained access control 1 - - --- 2022-08-08 Axel Rasmussen New
[v5,3/5] userfaultfd: selftests: modify selftest to use /dev/userfaultfd userfaultfd: add /dev/userfaultfd for fine grained access control 1 - - --- 2022-08-08 Axel Rasmussen New
[v5,2/5] userfaultfd: add /dev/userfaultfd for fine grained access control userfaultfd: add /dev/userfaultfd for fine grained access control 2 - - --- 2022-08-08 Axel Rasmussen New
[v5,1/5] selftests: vm: add hugetlb_shared userfaultfd test to run_vmtests.sh userfaultfd: add /dev/userfaultfd for fine grained access control - 2 - --- 2022-08-08 Axel Rasmussen New
[1/1] efi: Correct Macmini capitalisation in uefi cert quirk [1/1] efi: Correct Macmini capitalisation in uefi cert quirk - - 1 --- 2022-08-06 Orlando Chamberlain New
netlabel: fix typo in comment netlabel: fix typo in comment 1 - - --- 2022-08-06 Topi Miettinen New
[v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing [v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing - 1 1 --- 2022-08-05 David Howells New
[v3,4/4] landlock: Document Landlock's file truncation support landlock: truncate support - - - --- 2022-08-04 Günther Noack New
[v3,3/4] samples/landlock: Extend sample tool to support LANDLOCK_ACCESS_FS_TRUNCATE landlock: truncate support - - - --- 2022-08-04 Günther Noack New
[v3,2/4] selftests/landlock: Selftests for file truncation support landlock: truncate support - - - --- 2022-08-04 Günther Noack New
[v3,1/4] landlock: Support file truncation landlock: truncate support - - - --- 2022-08-04 Günther Noack New
[v2] nfs: Fix automount superblock LSM init problem, preventing sb sharing [v2] nfs: Fix automount superblock LSM init problem, preventing sb sharing - - - --- 2022-08-04 David Howells New
nfs: Fix automount superblock LSM init problem, preventing sb sharing nfs: Fix automount superblock LSM init problem, preventing sb sharing - - - --- 2022-08-04 David Howells New
[GIT,PULL] tpmdd updates for v5.20 [GIT,PULL] tpmdd updates for v5.20 - - - --- 2022-08-03 Jarkko Sakkinen New
selftests/landlock: fix broken include of linux/landlock.h selftests/landlock: fix broken include of linux/landlock.h - - - --- 2022-08-03 Guillaume Tucker New
[GIT,PULL] SafeSetID changes for v6.0 [GIT,PULL] SafeSetID changes for v6.0 - - - --- 2022-08-02 Micah Morton New
[GIT,PULL] Smack patches for v6.0 [GIT,PULL] Smack patches for v6.0 - - - --- 2022-08-01 Casey Schaufler Handled Elsewhere
[GIT,PULL] LSM patches for v6.0 [GIT,PULL] LSM patches for v6.0 - - - --- 2022-08-01 Paul Moore New
[GIT,PULL] SELinux patches for v6.0 [GIT,PULL] SELinux patches for v6.0 - - - --- 2022-08-01 Paul Moore Handled Elsewhere
[v4,4/4] selinux: Implement userns_create hook Introduce security_create_user_ns() - - - --- 2022-08-01 Frederick Lawler pcmoore New
[v4,3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook Introduce security_create_user_ns() 1 - - --- 2022-08-01 Frederick Lawler pcmoore New
[v4,2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable Introduce security_create_user_ns() 3 - - --- 2022-08-01 Frederick Lawler pcmoore New
[v4,1/4] security, lsm: Introduce security_create_user_ns() Introduce security_create_user_ns() - 2 - --- 2022-08-01 Frederick Lawler pcmoore New
dm: verity-loadpin: Drop use of dm_table_get_num_targets() dm: verity-loadpin: Drop use of dm_table_get_num_targets() - 1 - --- 2022-07-28 Matthias Kaehlcke New
[v3] kernel/watch_queue: Make pipe NULL while clearing watch_queue [v3] kernel/watch_queue: Make pipe NULL while clearing watch_queue - - - --- 2022-07-28 Siddh Raman Pant New
[RFC,v2,7/7] ima: Support measurement of kexec initramfs components ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,6/7] HACK: Allow the use of generic decompress with gzip outside __init ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,5/7] lib/cpio: Add a parse-only option that doesn't extract any files ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,4/7] lib/cpio: Allow use outside of initramfs creation ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,3/7] lib/cpio: use non __init filesystem related functions ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,2/7] lib/cpio: Improve error handling ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v2,1/7] initramfs: Move cpio handling routines into lib/ ima: Support measurement of kexec initramfs components - - - --- 2022-07-28 Jonathan McDowell Handled Elsewhere
[RFC,v4,2/2] security/inode.c: Add capabilities file. Add capabilities file to securityfs 1 - - --- 2022-07-25 Francis Laniel New
[RFC,v4,1/2] capability: Add cap_string. Add capabilities file to securityfs 1 - - --- 2022-07-25 Francis Laniel New
[v2] kernel/watch_queue: Make pipe NULL while clearing watch_queue [v2] kernel/watch_queue: Make pipe NULL while clearing watch_queue - - - --- 2022-07-24 Siddh Raman Pant New
kernel/watch_queue: Make pipe NULL while clearing watch_queue kernel/watch_queue: Make pipe NULL while clearing watch_queue - - - --- 2022-07-23 Siddh Raman Pant Handled Elsewhere
keys/keyctl: Use kfree_rcu instead of kfree keys/keyctl: Use kfree_rcu instead of kfree - - - --- 2022-07-23 Siddh Raman Pant Handled Elsewhere
[v3] KEYS: trusted: Fix memory leak in tpm2_key_encode() [v3] KEYS: trusted: Fix memory leak in tpm2_key_encode() - - - --- 2022-07-22 Jianglei Nie Handled Elsewhere
[v3,4/4] selinux: Implement userns_create hook Introduce security_create_user_ns() - - - --- 2022-07-21 Frederick Lawler pcmoore Superseded
[v3,3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook Introduce security_create_user_ns() 1 - - --- 2022-07-21 Frederick Lawler pcmoore Superseded
[v3,2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable Introduce security_create_user_ns() 1 - - --- 2022-07-21 Frederick Lawler pcmoore Superseded
[v3,1/4] security, lsm: Introduce security_create_user_ns() Introduce security_create_user_ns() - 1 - --- 2022-07-21 Frederick Lawler pcmoore Superseded
[v2,1/1] lockdown: Fix kexec lockdown bypass with ima policy lockdown: Fix kexec lockdown bypass with ima policy 1 1 - --- 2022-07-20 Eric Snowberg Handled Elsewhere
apparmor: correct config reference to intended one apparmor: correct config reference to intended one 1 - - --- 2022-07-20 Lukas Bulwahn Handled Elsewhere
lockdown: Fix kexec lockdown bypass with ima policy lockdown: Fix kexec lockdown bypass with ima policy 1 1 - --- 2022-07-19 Eric Snowberg New
apparmor: Mark alloc_unconfined() as static apparmor: Mark alloc_unconfined() as static 1 - - --- 2022-07-19 Souptick Joarder Handled Elsewhere
[-next] apparmor: Fix some kernel-doc comments [-next] apparmor: Fix some kernel-doc comments 1 - - --- 2022-07-18 Yang Li New
[v2] lsm,io_uring: add LSM hooks for the new uring_cmd file op [v2] lsm,io_uring: add LSM hooks for the new uring_cmd file op 1 - - --- 2022-07-15 Luis Chamberlain pcmoore New
[1/1] keys/keyrings: Fix typo in string [1/1] keys/keyrings: Fix typo in string - - - --- 2022-07-15 XU pengfei New
[v10,4/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification Untitled series #659713 1 1 - --- 2022-07-14 Coiby Xu New
[v10,3/4] arm64: kexec_file: use more system keyrings to verify kernel image signature Untitled series #659713 2 - - --- 2022-07-14 Coiby Xu New
[v10,2/4] kexec, KEYS: make the code in bzImage64_verify_sig generic Untitled series #659713 - 1 - --- 2022-07-14 Coiby Xu New
[RESEND,-next] lsm_audit: Clean up redundant NULL pointer check [RESEND,-next] lsm_audit: Clean up redundant NULL pointer check - - - --- 2022-07-14 xiujianfeng pcmoore New
lsm,io_uring: add LSM hooks to for the new uring_cmd file op lsm,io_uring: add LSM hooks to for the new uring_cmd file op - - - --- 2022-07-14 Luis Chamberlain pcmoore New
[v2] ima: force signature verification when CONFIG_KEXEC_SIG is configured [v2] ima: force signature verification when CONFIG_KEXEC_SIG is configured - - - --- 2022-07-13 Coiby Xu Handled Elsewhere
[v2,4/4] landlock: Document Landlock's file truncation support landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v2,3/4] samples/landlock: Extend sample tool to support LANDLOCK_ACCESS_FS_TRUNCATE landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v2,2/4] selftests/landlock: Selftests for file truncation support landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v2,1/4] landlock: Support file truncation landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v7,7/7] selftests/bpf: Add test for bpf_verify_pkcs7_signature() helper bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu New
[v7,6/7] selftests/bpf: Add additional test for bpf_lookup_user_key() bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu New
[v7,5/7] selftests: Add verifier tests for bpf_lookup_user_key() and bpf_key_put() bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu New
[v7,4/7] bpf: Add bpf_verify_pkcs7_signature() helper bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu New
[v7,3/7] bpf: Add bpf_lookup_user_key() and bpf_key_put() helpers bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu New
[v7,2/7] KEYS: Move KEY_LOOKUP_ to include/linux/key.h bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu New
[v7,1/7] bpf: Export bpf_dynptr_get_size() bpf: Add bpf_verify_pkcs7_signature() helper - 1 - --- 2022-07-12 Roberto Sassu New
ima: force signature verification when CONFIG_KEXEC_SIG is configured ima: force signature verification when CONFIG_KEXEC_SIG is configured - - - --- 2022-07-12 Coiby Xu Handled Elsewhere
[v2] ima/evm: Fix potential memory leak in ima_init_crypto() [v2] ima/evm: Fix potential memory leak in ima_init_crypto() - - - --- 2022-07-12 Jianglei Nie Handled Elsewhere
ima/evm: Fix potential memory leak in ima_init_crypto() ima/evm: Fix potential memory leak in ima_init_crypto() - - - --- 2022-07-11 Jianglei Nie Handled Elsewhere
MAINTAINERS: update the LSM maintainer info MAINTAINERS: update the LSM maintainer info 3 - - --- 2022-07-08 Paul Moore pcmoore New
[RFC,7/7] ima: Support measurement of kexec initramfs components ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,6/7] HACK: Allow the use of generic decompress with gzip outside __init ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,5/7] lib/cpio: Add a parse-only option that doesn't extract any files ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,4/7] lib/cpio: Allow use outside of initramfs creation ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,3/7] lib/cpio: use non __init filesystem related functions ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,2/7] lib/cpio: Improve error handling ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,1/7] initramfs: Move cpio handling routines into lib/ ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,RESEND] userfaultfd: open userfaultfds with O_RDONLY [RFC,RESEND] userfaultfd: open userfaultfds with O_RDONLY 1 - - --- 2022-07-08 Ondrej Mosnacek New
[v2,4/4] selinux: Implement create_user_ns hook Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[v2,3/4] selftests/bpf: Add tests verifying bpf lsm create_user_ns hook Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[v2,2/4] bpf-lsm: Make bpf_lsm_create_user_ns() sleepable Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[v2,1/4] security, lsm: Introduce security_create_user_ns() Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[2/2] landlock: Selftests for truncate(2) support. landlock: truncate(2) support - - - --- 2022-07-07 Günther Noack Handled Elsewhere
[1/2] landlock: Support truncate(2). landlock: truncate(2) support - - - --- 2022-07-07 Günther Noack Handled Elsewhere
[v13,26/26] ima: Enable IMA namespaces ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,25/26] ima: Restrict informational audit messages to init_ima_ns ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,24/26] ima: Limit number of policy rules in non-init_ima_ns ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,23/26] ima: Show owning user namespace's uid and gid when displaying policy ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,22/26] ima: Introduce securityfs file to activate an IMA namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,21/26] ima: Setup securityfs for IMA namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,20/26] ima: Remove unused iints from the integrity_iint_cache ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,19/26] ima: Namespace audit status flags ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,18/26] integrity: Add optional callback function to integrity_inode_free() ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,17/26] integrity/ima: Define ns_status for storing namespaced iint data ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,16/26] ima: Add functions for creating and freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,14/26] ima: Implement hierarchical processing of file accesses ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,13/26] userns: Add pointer to ima_namespace to user_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
« 1 2 3 4 »