Show patches with: none      |   16578 patches
« 1 2 3 4165 166 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v2] fsnotify, lsm: Decouple fsnotify from lsm [v2] fsnotify, lsm: Decouple fsnotify from lsm 1 - - --- 2024-10-13 Song Liu New
tomoyo: use u64 for handling numeric values tomoyo: use u64 for handling numeric values - - - --- 2024-10-12 Tetsuo Handa New
[v20,6/6] samples/check-exec: Add an enlighten "inc" interpreter and 28 tests Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün New
[v20,5/6] samples/check-exec: Add set-exec Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün New
[v20,4/6] selftests/landlock: Add tests for execveat + AT_CHECK Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün New
[v20,3/6] selftests/exec: Add 32 tests for AT_CHECK and exec securebits Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün New
[v20,2/6] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün New
[v20,1/6] exec: Add a new AT_CHECK flag to execveat(2) Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün New
ima: Suspend PCR extends and log appends when rebooting ima: Suspend PCR extends and log appends when rebooting - - - --- 2024-10-11 Stefan Berger New
apparmor: test: Fix memory leak for aa_unpack_strdup() apparmor: test: Fix memory leak for aa_unpack_strdup() - - - --- 2024-10-11 Jinjie Ruan New
[v1] ipe: add 'anonymous_memory' property for policy decisions [v1] ipe: add 'anonymous_memory' property for policy decisions - - - --- 2024-10-10 Fan Wu New
[v3,-next,15/15] sysctl: remove unneeded include sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,14/15] sh: vdso: move the sysctl to arch/sh/kernel/vsyscall/vsyscall.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,13/15] x86: vdso: move the sysctl to arch/x86/entry/vdso/vdso32-setup.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,12/15] fs: dcache: move the sysctl to fs/dcache.c sysctl: move sysctls from vm_table into its own files - 3 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,11/15] sunrpc: use vfs_pressure_ratio() helper sysctl: move sysctls from vm_table into its own files 2 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,10/15] fs: drop_caches: move sysctl to fs/drop_caches.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,09/15] fs: fs-writeback: move sysctl to fs/fs-writeback.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,08/15] mm: nommu: move sysctl to mm/nommu.c sysctl: move sysctls from vm_table into its own files - - - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,07/15] security: min_addr: move sysctl to security/min_addr.c sysctl: move sysctls from vm_table into its own files 1 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,06/15] mm: mmap: move sysctl to mm/mmap.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,05/15] mm: util: move sysctls to mm/util.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,04/15] mm: vmscan: move vmscan sysctls to mm/vmscan.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,03/15] mm: swap: move sysctl to mm/swap.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,02/15] mm: filemap: move sysctl to mm/filemap.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,01/15] mm: vmstat: move sysctls to mm/vmstat.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
ima: Fix OOB read when violation occurs with ima template. ima: Fix OOB read when violation occurs with ima template. - - - --- 2024-10-09 David Fernandez Gonzalez New
[v2] security/keys: fix slab-out-of-bounds in key_task_permission [v2] security/keys: fix slab-out-of-bounds in key_task_permission - - - --- 2024-10-08 Chen Ridong New
[v9,7/7] drm: Replace strcpy() with strscpy() Improve the copy of task comm 1 1 - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,6/7] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul} Improve the copy of task comm - - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,5/7] mm/util: Fix possible race condition in kstrdup() Improve the copy of task comm - - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,4/7] bpftool: Ensure task comm is always NUL-terminated Improve the copy of task comm - 1 - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,3/7] security: Replace memcpy() with get_task_comm() Improve the copy of task comm 1 - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,2/7] auditsc: Replace memcpy() with strscpy() Improve the copy of task comm 1 1 - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,1/7] Get rid of __get_task_comm() Improve the copy of task comm - - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v1] landlock: Improve documentation of previous limitations [v1] landlock: Improve documentation of previous limitations - 1 - --- 2024-10-04 Mickaël Salaün Handled Elsewhere
[RFC,v1,2/2] selftests/landlock: Test non-TCP INET connection-based protocols Fix non-TCP sockets restriction - 1 - --- 2024-10-03 Mikhail Ivanov Handled Elsewhere
[RFC,v1,1/2] landlock: Fix non-TCP sockets restriction Fix non-TCP sockets restriction - 1 - --- 2024-10-03 Mikhail Ivanov Handled Elsewhere
[v2,3/3] samples/landlock: Clarify option parsing behaviour samples/landlock: Fix port parsing behaviour - - - --- 2024-10-03 Matthieu Buffet Handled Elsewhere
[v2,2/3] samples/landlock: Refactor --help message in function samples/landlock: Fix port parsing behaviour - - - --- 2024-10-03 Matthieu Buffet Handled Elsewhere
[v2,1/3] samples/landlock: Fix port parsing in sandboxer samples/landlock: Fix port parsing behaviour - - - --- 2024-10-03 Matthieu Buffet Handled Elsewhere
[v5] rust: add PidNamespace [v5] rust: add PidNamespace - 1 - --- 2024-10-02 Christian Brauner Handled Elsewhere
[v4] rust: add PidNamespace [v4] rust: add PidNamespace - - - --- 2024-10-02 Christian Brauner Handled Elsewhere
[v3] rust: add PidNamespace [v3] rust: add PidNamespace - - - --- 2024-10-01 Christian Brauner Handled Elsewhere
[v1,3/3] landlock: Optimize scope enforcement Refactor Landlock access mask management - - - --- 2024-10-01 Mickaël Salaün Handled Elsewhere
[v1,2/3] landlock: Refactor network access mask management Refactor Landlock access mask management - - - --- 2024-10-01 Mickaël Salaün Handled Elsewhere
[v1,1/3] landlock: Refactor filesystem access mask management Refactor Landlock access mask management - 1 - --- 2024-10-01 Mickaël Salaün Handled Elsewhere
[v2] rust: add PidNamespace [v2] rust: add PidNamespace - - - --- 2024-10-01 Christian Brauner Handled Elsewhere
[RFC,v4] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() [RFC,v4] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-28 Shu Han New
[v5.15-v6.1] selinux,smack: don't bypass permissions check in inode_setsecctx hook [v5.15-v6.1] selinux,smack: don't bypass permissions check in inode_setsecctx hook 1 3 1 --- 2024-09-28 Shivani Agarwal Handled Elsewhere
[v5.10] selinux,smack: don't bypass permissions check in inode_setsecctx hook [v5.10] selinux,smack: don't bypass permissions check in inode_setsecctx hook 1 3 1 --- 2024-09-28 Shivani Agarwal Handled Elsewhere
ipe: fallback to platform keyring also if key in trusted keyring is rejected ipe: fallback to platform keyring also if key in trusted keyring is rejected 1 - - --- 2024-09-27 Luca Boccassi Handled Elsewhere
[2/2] Revert "mm: introduce PF_MEMALLOC_NORECLAIM, PF_MEMALLOC_NOWARN" remove PF_MEMALLOC_NORECLAIM - 4 - --- 2024-09-26 Michal Hocko Handled Elsewhere
[1/2] bcachefs: do not use PF_MEMALLOC_NORECLAIM remove PF_MEMALLOC_NORECLAIM - 3 - --- 2024-09-26 Michal Hocko Handled Elsewhere
[RFC] rust: add PidNamespace wrapper [RFC] rust: add PidNamespace wrapper - - - --- 2024-09-26 Christian Brauner Handled Elsewhere
[v3,2/2] ipe: also reject policy updates with the same version [v3,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version 1 1 - --- 2024-09-25 Luca Boccassi Handled Elsewhere
[v3,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version [v3,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version 1 1 - --- 2024-09-25 Luca Boccassi Handled Elsewhere
[v2,2/2] ipe: also reject policy updates with the same version [v2,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version - 1 - --- 2024-09-25 Luca Boccassi Handled Elsewhere
[v2,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version [v2,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version 1 1 - --- 2024-09-25 Luca Boccassi Handled Elsewhere
[RFC,v3] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() [RFC,v3] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-25 Shu Han Superseded
[RFC,v2] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() [RFC,v2] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-25 Shu Han Superseded
[RFC,v2] mm: move security_mmap_file() back into do_mmap() [RFC,v2] mm: move security_mmap_file() back into do_mmap() - - - --- 2024-09-25 Shu Han Superseded
tomoyo: fallback to realpath if symlink's pathname does not exist tomoyo: fallback to realpath if symlink's pathname does not exist - - - --- 2024-09-25 Tetsuo Handa Handled Elsewhere
mm: move security_file_mmap() back into do_mmap() mm: move security_file_mmap() back into do_mmap() - - - --- 2024-09-25 Shu Han New
mm: move the check of READ_IMPLIES_EXEC out of do_mmap() mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-25 Shu Han New
[GIT,PULL] lsm/lsm-pr-20240923 [GIT,PULL] lsm/lsm-pr-20240923 - - - --- 2024-09-23 Paul Moore Accepted
[GIT,PULL] Landlock updates for v6.12 [GIT,PULL] Landlock updates for v6.12 - - - --- 2024-09-23 Mickaël Salaün Handled Elsewhere
[2/2] ipe: also reject policy updates with the same version [1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version - 1 - --- 2024-09-22 Luca Boccassi Handled Elsewhere
[1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version [1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version - - - --- 2024-09-22 Luca Boccassi Handled Elsewhere
[v5,5/5] tpm: flush the auth session only when /dev/tpm0 is open Lazy flush for the auth session - 1 1 --- 2024-09-21 Jarkko Sakkinen Handled Elsewhere
[v5,4/5] tpm: Allocate chip->auth in tpm2_start_auth_session() Lazy flush for the auth session - 1 - --- 2024-09-21 Jarkko Sakkinen Handled Elsewhere
[v5,3/5] tpm: flush the null key only when /dev/tpm0 is accessed Lazy flush for the auth session - - 1 --- 2024-09-21 Jarkko Sakkinen Handled Elsewhere
[v5,2/5] tpm: Implement tpm2_load_null() rollback Lazy flush for the auth session - - - --- 2024-09-21 Jarkko Sakkinen Handled Elsewhere
[v5,1/5] tpm: Return on tpm2_create_null_primary() failure Lazy flush for the auth session - - - --- 2024-09-21 Jarkko Sakkinen Handled Elsewhere
apparmor: Remove deadcode apparmor: Remove deadcode - - - --- 2024-09-20 Dr. David Alan Gilbert Handled Elsewhere
[v4,5/5] tpm: flush the auth session only when /dev/tpm0 is open Lazy flush for the auth session - - 1 --- 2024-09-18 Jarkko Sakkinen Handled Elsewhere
[v4,4/5] tpm: Allocate chip->auth in tpm2_start_auth_session() Lazy flush for the auth session - - - --- 2024-09-18 Jarkko Sakkinen Handled Elsewhere
[v4,3/5] tpm: flush the null key only when /dev/tpm0 is accessed Lazy flush for the auth session - - 1 --- 2024-09-18 Jarkko Sakkinen Handled Elsewhere
[v4,2/5] tpm: Return on tpm2_create_primary() failure in tpm2_load_null() Lazy flush for the auth session - - - --- 2024-09-18 Jarkko Sakkinen Handled Elsewhere
[v4,1/5] tpm: Return on tpm2_create_null_primary() failure Lazy flush for the auth session - - - --- 2024-09-18 Jarkko Sakkinen Handled Elsewhere
[v3,7/7] tpm: open code tpm2_create_null_primary() Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,6/7] tpm: flush the auth session only when /dev/tpm0 is open Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,5/7] tpm: Allocate chip->auth in tpm2_start_auth_session() Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,4/7] tpm: flush the null key only when /dev/tpm0 is accessed Lazy flush for the auth session - - 1 --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,3/7] tpm: Return on tpm2_create_primary() failure in tpm2_load_null() Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,2/7] tpm: Return on tpm2_create_null_primary() failure Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,1/7] tpm: Remove the top-level documentation tpm2-sessions.c Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[RFC,v1,7/7] selftests/landlock: Add UDP sendmsg/recvmsg tests landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,6/7] selftests/landlock: Adapt existing tests for UDP landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,5/7] samples/landlock: Add sandboxer UDP access control landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,4/7] landlock: Add UDP send+recv access control landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,3/7] landlock: Add UDP bind+connect access control landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,2/7] samples/landlock: Clarify option parsing behaviour landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,1/7] samples/landlock: Fix port parsing in sandboxer landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[GIT,PULL] Smack patches for 6.12 [GIT,PULL] Smack patches for 6.12 - - - --- 2024-09-14 Casey Schaufler Handled Elsewhere
ipe: allow secondary and platform keyrings to install/update policies ipe: allow secondary and platform keyrings to install/update policies - - - --- 2024-09-13 Luca Boccassi Changes Requested
smack: deduplicate access to string conversion smack: deduplicate access to string conversion - - - --- 2024-09-13 Konstantin Andreev Handled Elsewhere
security/keys: fix slab-out-of-bounds in key_task_permission security/keys: fix slab-out-of-bounds in key_task_permission - - - --- 2024-09-13 chenridong Handled Elsewhere
[GIT,PULL] selinux/selinux-pr-20240911 [GIT,PULL] selinux/selinux-pr-20240911 - - - --- 2024-09-13 Paul Moore Handled Elsewhere
[v6] tpm: Add new device/vendor ID 0x50666666 [v6] tpm: Add new device/vendor ID 0x50666666 - 1 - --- 2024-09-10 Jett Rink Handled Elsewhere
« 1 2 3 4165 166 »