Show patches with: Archived = No       |   6011 patches
« 1 2 3 460 61 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[bpf-next,v9,10/10] landlock: Add user and kernel documentation for Landlock Landlock LSM: Toward unprivileged sandboxing - - - 0 0 0 2019-06-25 Mickaël Salaün New
[bpf-next,v9,09/10] bpf,landlock: Add tests for Landlock Landlock LSM: Toward unprivileged sandboxing - - - 0 0 0 2019-06-25 Mickaël Salaün New
[bpf-next,v9,08/10] bpf: Add a Landlock sandbox example Landlock LSM: Toward unprivileged sandboxing - - - 0 0 0 2019-06-25 Mickaël Salaün New
[bpf-next,v9,07/10] landlock: Add ptrace restrictions Landlock LSM: Toward unprivileged sandboxing - - - 0 0 0 2019-06-25 Mickaël Salaün New
[bpf-next,v9,06/10] landlock: Handle filesystem access control Landlock LSM: Toward unprivileged sandboxing - - - 0 0 0 2019-06-25 Mickaël Salaün New
[bpf-next,v9,05/10] bpf,landlock: Add a new map type: inode Landlock LSM: Toward unprivileged sandboxing - - - 0 0 0 2019-06-25 Mickaël Salaün New
[bpf-next,v9,04/10] seccomp,landlock: Enforce Landlock programs per process hierarchy Landlock LSM: Toward unprivileged sandboxing - - - 0 0 0 2019-06-25 Mickaël Salaün New
[bpf-next,v9,03/10] bpf,landlock: Define an eBPF program type for Landlock hooks Landlock LSM: Toward unprivileged sandboxing - - - 0 0 0 2019-06-25 Mickaël Salaün New
[bpf-next,v9,02/10] bpf: Add eBPF program subtype and is_valid_subtype() verifier Landlock LSM: Toward unprivileged sandboxing - - - 0 0 0 2019-06-25 Mickaël Salaün New
[bpf-next,v9,01/10] fs,security: Add a new file access type: MAY_CHROOT Landlock LSM: Toward unprivileged sandboxing - - - 0 0 0 2019-06-25 Mickaël Salaün New
[V10,3/3] KEXEC: Call ima_kexec_cmdline to measure the boot command line args Add support for measuring the boot command line during kexec_file_load 1 1 - 0 0 0 2019-06-24 Prakhar Srivastava New
[V10,2/3] IMA: Define a new template field buf Add support for measuring the boot command line during kexec_file_load - 2 - 0 0 0 2019-06-24 Prakhar Srivastava New
[V10,1/3] IMA: Define a new hook to measure the kexec boot command line arguments Add support for measuring the boot command line during kexec_file_load - - - 0 0 0 2019-06-24 Prakhar Srivastava New
[v2] tomoyo: Don't check open/getattr permission on sockets. [v2] tomoyo: Don't check open/getattr permission on sockets. - - - 0 0 0 2019-06-22 Tetsuo Handa New
[V34,29/29] lockdown: Print current->comm in restriction messages Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,28/29] efi: Restrict efivar_ssdt_load when the kernel is locked down Lockdown as an LSM 1 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,27/29] tracefs: Restrict tracefs when the kernel is locked down Lockdown as an LSM - - - 0 0 0 2019-06-22 Matthew Garrett New
[V34,26/29] debugfs: Restrict debugfs when the kernel is locked down Lockdown as an LSM - - - 0 0 0 2019-06-22 Matthew Garrett New
[V34,25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down Lockdown as an LSM 1 - - 0 0 0 2019-06-22 Matthew Garrett New
[V34,24/29] Lock down perf when in confidentiality mode Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,22/29] Lock down tracing and perf kprobes when in confidentiality mode Lockdown as an LSM 1 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,21/29] Lock down /proc/kcore Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,20/29] x86/mmiotrace: Lock down the testmmiotrace module Lockdown as an LSM - 2 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,19/29] Lock down module params that specify hardware parameters (eg. ioport) Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,18/29] Lock down TIOCSSERIAL Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,17/29] Prohibit PCMCIA CIS storage when the kernel is locked down Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,16/29] acpi: Disable ACPI table override if the kernel is locked down Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,14/29] ACPI: Limit access to custom_method when the kernel is locked down Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,13/29] x86/msr: Restrict MSR access when the kernel is locked down Lockdown as an LSM 1 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,12/29] x86: Lock down IO port access when the kernel is locked down Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,11/29] PCI: Lock down BAR access when the kernel is locked down Lockdown as an LSM 1 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,10/29] hibernate: Disable when the kernel is locked down Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,09/29] kexec_file: Restrict at runtime if the kernel is locked down Lockdown as an LSM - 2 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE Lockdown as an LSM - 2 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,07/29] Copy secure_boot flag in boot params across kexec reboot Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,06/29] kexec_load: Disable at runtime if the kernel is locked down Lockdown as an LSM 1 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,05/29] Restrict /dev/{mem,kmem,port} when the kernel is locked down Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,04/29] Enforce module signatures if the kernel is locked down Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,03/29] security: Add a static lockdown policy LSM Lockdown as an LSM - 1 - 0 0 0 2019-06-22 Matthew Garrett New
[V34,02/29] security: Add a "locked down" LSM hook Lockdown as an LSM 1 - - 0 0 0 2019-06-22 Matthew Garrett New
[V34,01/29] security: Support early LSMs Lockdown as an LSM 1 - - 0 0 0 2019-06-22 Matthew Garrett New
[v3,24/24] AppArmor: Remove the exclusive flag LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,23/24] NET: Store LSM netlabel data in a lsmblob LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,22/24] LSM: Return the lsmblob slot on initialization LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,21/24] Audit: Store LSM audit information in an lsmblob LSM: Module stacking for AppArmor - - - 0 0 0 2019-06-21 Casey Schaufler New
[v3,20/24] LSM: security_secid_to_secctx in netlink netfilter LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,19/24] LSM: Use lsmcontext in security_inode_getsecctx LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,18/24] LSM: Use lsmcontext in security_dentry_init_security LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,17/24] LSM: Use lsmcontext in security_secid_to_secctx LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,16/24] LSM: Ensure the correct LSM context releaser LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,15/24] LSM: Specify which LSM to display LSM: Module stacking for AppArmor - 1 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,14/24] IMA: Change internal interfaces to use lsmblobs LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,13/24] LSM: Use lsmblob in security_cred_getsecid LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,12/24] LSM: Use lsmblob in security_inode_getsecid LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,11/24] LSM: Use lsmblob in security_task_getsecid LSM: Module stacking for AppArmor - 1 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,10/24] Use lsmblob in security_ipc_getsecid LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,09/24] LSM: Use lsmblob in security_secid_to_secctx LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,08/24] LSM: Use lsmblob in security_secctx_to_secid LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,07/24] net: Prepare UDS for secuirty module stacking LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,06/24] LSM: Use lsmblob in security_kernel_act_as LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,05/24] Use lsmblob in security_audit_rule_match LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,04/24] LSM: Create and manage the lsmblob data structure. LSM: Module stacking for AppArmor 1 - - 0 0 0 2019-06-21 Casey Schaufler New
[v3,03/24] LSM: Infrastructure management of the key blob LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,02/24] LSM: Infrastructure management of the sock security LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[v3,01/24] LSM: Infrastructure management of the superblock LSM: Module stacking for AppArmor - 2 - 0 0 0 2019-06-21 Casey Schaufler New
[RFC,v4,12/12] LSM: x86/sgx: Show line of sight to LSM support SGX2's EAUG security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v4,11/12] security/apparmor: Add enclave_load() implementation security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v4,10/12] security/selinux: Add enclave_load() implementation security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v4,09/12] LSM: x86/sgx: Introduce ->enclave_load() hook for Intel SGX security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v4,08/12] security/selinux: Require SGX_MAPWX to map enclave page WX security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v4,07/12] LSM: x86/sgx: Introduce ->enclave_map() hook for Intel SGX security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v4,06/12] mm: Introduce vm_ops->may_mprotect() security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v4,05/12] x86/sgx: Enforce noexec filesystem restriction for enclaves security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v4,04/12] x86/sgx: Require userspace to define enclave pages' protection bits security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v4,03/12] selftests: x86/sgx: Mark the enclave loader as not needing an exec stack security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v4,02/12] x86/sgx: Do not naturally align MAP_FIXED address security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v4,01/12] x86/sgx: Use mmu_notifier.release() instead of per-vma refcounting security: x86/sgx: SGX vs. LSM - - - 0 0 0 2019-06-19 Sean Christopherson New
[RFC,v5,1/1] Add dm verity root hash pkcs7 sig validation. Add dm verity root hash pkcs7 sig validation. - - - 0 0 0 2019-06-19 Jaskaran Khurana New
[9/9] keys: Pass the network namespace into request_key mechanism [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[8/9] keys: Network namespace domain tag [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[7/9] keys: Garbage collect keys for which the domain has been removed [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[6/9] keys: Include target namespace in match criteria [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[5/9] keys: Move the user and user-session keyrings to the user_namespace [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[4/9] keys: Namespace keyring names [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[3/9] keys: Add a 'recurse' flag for keyring searches [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[2/9] keys: Cache the hash value to avoid lots of recalculation [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[1/9] keys: Simplify key description management [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[5/9] keys: Move the user and user-session keyrings to the user_namespace [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[4/9] keys: Namespace keyring names [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[3/9] keys: Add a 'recurse' flag for keyring searches [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[2/9] keys: Cache the hash value to avoid lots of recalculation [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[1/9] keys: Simplify key description management [ver #4] keys: Namespacing [ver #4] - - - 0 0 0 2019-06-19 David Howells New
[6/6] keys: Kill off request_key_async{, _with_auxdata} [ver #2] keys: request_key() improvements [ver #2] - - - 0 0 0 2019-06-19 David Howells New
[5/6] keys: Cache result of request_key*() temporarily in task_struct [ver #2] keys: request_key() improvements [ver #2] - - - 0 0 0 2019-06-19 David Howells New
[4/6] keys: Provide request_key_rcu() [ver #2] keys: request_key() improvements [ver #2] - - - 0 0 0 2019-06-19 David Howells New
[3/6] keys: Move the RCU locks outwards from the keyring search functions [ver #2] keys: request_key() improvements [ver #2] - - - 0 0 0 2019-06-19 David Howells New
[2/6] keys: Invalidate used request_key authentication keys [ver #2] keys: request_key() improvements [ver #2] - - - 0 0 0 2019-06-19 David Howells New
[1/6] keys: Fix request_key() lack of Link perm check on found key [ver #2] keys: request_key() improvements [ver #2] - - - 0 0 0 2019-06-19 David Howells New
« 1 2 3 460 61 »