Security modules development

Show patches with: none | 13542 patches

« 1 2 3 4 … 135 136 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	State
[v2,bpf-next,18/18] selftests/bpf: add BPF token-enabled BPF_PROG_LOAD tests	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,17/18] libbpf: add BPF token support to bpf_prog_load() API	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,16/18] bpf: consistenly use BPF token throughout BPF verifier logic	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,15/18] bpf: take into account BPF token when fetching helper protos	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,14/18] bpf: add BPF token support to BPF_PROG_LOAD command	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,13/18] bpf: keep BPF_PROG_LOAD permission checks clear of validations	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,12/18] selftests/bpf: add BPF token-enabled BPF_BTF_LOAD selftest	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,11/18] libbpf: add BPF token support to bpf_btf_load() API	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,10/18] bpf: add BPF token support to BPF_BTF_LOAD command	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,09/18] selftests/bpf: add BPF token-enabled test for BPF_MAP_CREATE command	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,08/18] libbpf: add BPF token support to bpf_map_create() API	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,07/18] bpf: add BPF token support to BPF_MAP_CREATE command	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,06/18] bpf: centralize permissions checks for all BPF map types	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,05/18] bpf: inline map creation logic in map_create() function	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,04/18] bpf: move unprivileged checks into map_create() and bpf_prog_load()	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,03/18] selftests/bpf: add BPF_TOKEN_CREATE test	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,02/18] libbpf: add bpf_token_create() API	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[v2,bpf-next,01/18] bpf: introduce BPF token object	BPF token	- - -	---	2023-06-07	Andrii Nakryiko	New
[RFC,5/5] ramfs: Initialize security of in-memory inodes	Smack transmute fixes	- - -	---	2023-06-07	Roberto Sassu	New
[RFC,4/5] smack: Initialize the in-memory inode in smack_inode_init_security()	Smack transmute fixes	- - -	---	2023-06-07	Roberto Sassu	New
[RFC,3/5] smack: Always determine inode labels in smack_inode_init_security()	Smack transmute fixes	- - -	---	2023-06-07	Roberto Sassu	New
[RFC,2/5] smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()	Smack transmute fixes	- - -	---	2023-06-07	Roberto Sassu	New
[RFC,1/5] smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()	Smack transmute fixes	- - -	---	2023-06-07	Roberto Sassu	New
[2/2] ima: Fix build warnings	[1/2] evm: Fix build warnings	1 - -	---	2023-06-06	Roberto Sassu	Handled Elsewhere
[1/2] evm: Fix build warnings	[1/2] evm: Fix build warnings	- - -	---	2023-06-06	Roberto Sassu	Handled Elsewhere
[GIT,PULL] Asymmetric keys fix for v6.4-rc5	[GIT,PULL] Asymmetric keys fix for v6.4-rc5	2 - -	---	2023-06-02	Roberto Sassu	Handled Elsewhere
[GIT,PULL] SELinux fixes for v6.4 (#1)	[GIT,PULL] SELinux fixes for v6.4 (#1)	- - -	---	2023-06-02	Paul Moore	Handled Elsewhere
[v2] integrity: Fix possible multiple allocation in integrity_inode_get()	[v2] integrity: Fix possible multiple allocation in integrity_inode_get()	- - -	---	2023-06-01	Tianjia Zhang	Handled Elsewhere
apparmor: remove unused macro	apparmor: remove unused macro	1 - -	---	2023-05-31	Ruiqi Gong	Handled Elsewhere
[1/2] sysctl: move umh sysctl registration to its own file	sysctl: move umh and keys sysctls	1 - -	---	2023-05-30	Luis Chamberlain	Handled Elsewhere
integrity: Fix possible multiple allocation in integrity_inode_get()	integrity: Fix possible multiple allocation in integrity_inode_get()	- - -	---	2023-05-30	Tianjia Zhang	Handled Elsewhere
KEYS: Replace all non-returning strlcpy with strscpy	KEYS: Replace all non-returning strlcpy with strscpy	- 2 -	---	2023-05-18	Azeem Shaikh	Handled Elsewhere
[v6,3/6] mm/gup: remove vmas parameter from get_user_pages_remote()	Untitled series #748630	1 3 -	---	2023-05-17	Lorenzo Stoakes	Handled Elsewhere
[v11,12/12] landlock: Document Landlock's network support	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v11,11/12] samples/landlock: Add network demo	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v11,10/12] selftests/landlock: Add 11 new test suites dedicated to network	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v11,09/12] selftests/landlock: Share enforce_ruleset()	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v11,08/12] landlock: Add network rules and TCP hooks support	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v11,07/12] landlock: Refactor landlock_add_rule() syscall	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v11,06/12] landlock: Refactor layer helpers	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v11,05/12] landlock: Move and rename layer helpers	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v11,04/12] landlock: Refactor merge/inherit_ruleset functions	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v11,03/12] landlock: Refactor landlock_find_rule/insert_rule	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v11,02/12] landlock: Allow filesystem layout changes for domains without such rule type	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v11,01/12] landlock: Make ruleset's access masks more generic	Network support for Landlock	- - -	---	2023-05-15	Konstantin Meskhidze (A)	Handled Elsewhere
[v5,3/6] mm/gup: remove vmas parameter from get_user_pages_remote()	Untitled series #747370	1 3 -	---	2023-05-14	Lorenzo Stoakes	Handled Elsewhere
apparmor: aa_buffer: Convert 1-element array to flexible array	apparmor: aa_buffer: Convert 1-element array to flexible array	1 - -	---	2023-05-11	Kees Cook	Handled Elsewhere
[RFC,v2] fs/xattr: add *at family syscalls	[RFC,v2] fs/xattr: add *at family syscalls	1 - -	---	2023-05-11	Christian Göttsche	Handled Elsewhere
security: keys: perform capable check only on privileged operations	security: keys: perform capable check only on privileged operations	1 - -	---	2023-05-11	Christian Göttsche	Handled Elsewhere
[3/3] integrity: Remove EXPERIMENTAL from Kconfig	Add digitalSignature enforcement keyring restrictions	1 1 -	---	2023-05-08	Eric Snowberg	Handled Elsewhere
[2/3] integrity: Enforce digitalSignature usage in the ima and evm keyrings	Add digitalSignature enforcement keyring restrictions	1 - -	---	2023-05-08	Eric Snowberg	Handled Elsewhere
[1/3] KEYS: DigitalSignature link restriction	Add digitalSignature enforcement keyring restrictions	- 1 -	---	2023-05-08	Eric Snowberg	Handled Elsewhere
[RFC,2/2] smack: Record transmuting in smk_transmuted	[RFC,1/2] smack: Retrieve transmuting information in smack_inode_getsecurity()	- - -	---	2023-05-08	Roberto Sassu	Handled Elsewhere
[RFC,1/2] smack: Retrieve transmuting information in smack_inode_getsecurity()	[RFC,1/2] smack: Retrieve transmuting information in smack_inode_getsecurity()	- - -	---	2023-05-08	Roberto Sassu	Handled Elsewhere
[RFC,16/16] nvme: Support atomic writes	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,15/16] scsi: scsi_debug: Atomic write support	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,14/16] scsi: sd: Add WRITE_ATOMIC_16 support	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,13/16] scsi: sd: Support reading atomic properties from block limits VPD	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,12/16] xfs: Add support for fallocate2	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,11/16] fs: iomap: Atomic write support	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,10/16] block: Add fops atomic write support	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,09/16] block: Add blk_validate_atomic_write_op()	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,08/16] block: Add support for atomic_write_unit	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,07/16] block: Add bdev_find_max_atomic_write_alignment()	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,06/16] block: Limit atomic writes according to bio and queue limits	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,05/16] block: Add REQ_ATOMIC flag	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,04/16] fs: Add RWF_ATOMIC and IOCB_ATOMIC flags for atomic write support	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,03/16] xfs: Support atomic write for statx	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,02/16] fs/bdev: Add atomic write support info to statx	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,01/16] block: Add atomic write operations to request_queue limits	block atomic writes	- - -	---	2023-05-03	John Garry	Handled Elsewhere
[RFC,4/4] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL	Landlock: ioctl support	- - -	---	2023-05-02	Günther Noack	Handled Elsewhere
[RFC,3/4] selftests/landlock: Test ioctl support	Landlock: ioctl support	- - -	---	2023-05-02	Günther Noack	Handled Elsewhere
[RFC,2/4] landlock: Add LANDLOCK_ACCESS_FS_IOCTL access right	Landlock: ioctl support	- - -	---	2023-05-02	Günther Noack	Handled Elsewhere
[RFC,1/4] landlock: Increment Landlock ABI version to 4	Landlock: ioctl support	- - -	---	2023-05-02	Günther Noack	Handled Elsewhere
LSM: SafeSetID: fix UID printed instead of GID	LSM: SafeSetID: fix UID printed instead of GID	- - -	---	2023-05-02	Aleksandr Mikhalitsyn	Superseded
[GIT,PULL] Smack patches for v6.4	[GIT,PULL] Smack patches for v6.4	- - -	---	2023-04-24	Casey Schaufler	Handled Elsewhere
[GIT,PULL] Landlock updates for v6.4	[GIT,PULL] Landlock updates for v6.4	- - -	---	2023-04-24	Mickaël Salaün	Handled Elsewhere
[RFC] Set SMK_INODE_CHANGED inside smack_dentry_create_files_as	[RFC] Set SMK_INODE_CHANGED inside smack_dentry_create_files_as	- - -	---	2023-04-19	Mengchi Cheng	Handled Elsewhere
[v4,3/6] mm/gup: remove vmas parameter from get_user_pages_remote()	Untitled series #741031	1 2 -	---	2023-04-18	Lorenzo Stoakes	Handled Elsewhere
IMA: use vfs_getattr_nosec to get the i_version	IMA: use vfs_getattr_nosec to get the i_version	- 1 -	---	2023-04-17	Jeff Layton	Handled Elsewhere
[v3,3/7] mm/gup: remove vmas parameter from get_user_pages_remote()	Untitled series #740110	1 1 -	---	2023-04-15	Lorenzo Stoakes	Handled Elsewhere
[v2,3/7] mm/gup: remove vmas parameter from get_user_pages_remote()	Untitled series #740064	- - -	---	2023-04-15	Lorenzo Stoakes	Handled Elsewhere
[3/7] mm/gup: remove vmas parameter from get_user_pages_remote()	Untitled series #740013	- - -	---	2023-04-14	Lorenzo Stoakes	Handled Elsewhere
selftests/memfd: fix test_sysctl	selftests/memfd: fix test_sysctl	- - 1	---	2023-04-14	Jeff Xu	Handled Elsewhere
Smack modifications for: security: Allow all LSMs to provide xattrs for inode_init_security hook	Smack modifications for: security: Allow all LSMs to provide xattrs for inode_init_security hook	- - -	---	2023-04-11	Roberto Sassu	RFC
overlayfs: Trigger file re-evaluation by IMA / EVM after writes	overlayfs: Trigger file re-evaluation by IMA / EVM after writes	- - 1	---	2023-04-05	Stefan Berger	Handled Elsewhere
apparmor: fix missing error check for rhashtable_insert_fast	apparmor: fix missing error check for rhashtable_insert_fast	1 - -	---	2023-04-04	Danila Chernetsov	Handled Elsewhere
Smack: Improve mount process memory use	Smack: Improve mount process memory use	- - -	---	2023-03-29	Casey Schaufler	Handled Elsewhere
[v10,13/13] landlock: Document Landlock's network support	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere
[v10,12/13] samples/landlock: Add network demo	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere
[v10,11/13] selftests/landlock: Add 10 new test suites dedicated to network	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere
[v10,10/13] selftests/landlock: Share enforce_ruleset()	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere
[v10,09/13] landlock: Add network rules and TCP hooks support	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere
[v10,08/13] landlock: Refactor landlock_add_rule() syscall	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere
[v10,07/13] landlock: Refactor layer helpers	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere
[v10,06/13] landlock: Move and rename layer helpers	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere
[v10,05/13] landlock: Refactor merge/inherit_ruleset functions	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere
[v10,04/13] landlock: Refactor landlock_find_rule/insert_rule	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere
[v10,03/13] landlock: Remove unnecessary inlining	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere
[v10,02/13] landlock: Allow filesystem layout changes for domains without such rule type	Network support for Landlock	- - -	---	2023-03-23	Konstantin Meskhidze (A)	Handled Elsewhere

« 1 2 3 4 … 135 136 »