Show patches with: none      |   16090 patches
« 1 2 3 4160 161 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v3] proc: add config & param to block forcing mem writes [v3] proc: add config & param to block forcing mem writes - - - --- 2024-07-26 Adrian Ratiu New
[GIT,PULL] AppArmor updates for 6.11-rc1 [GIT,PULL] AppArmor updates for 6.11-rc1 - - - --- 2024-07-25 John Johansen New
security/tomoyo: Prevent message flooding if no Tomoyo loader is present security/tomoyo: Prevent message flooding if no Tomoyo loader is present - - - --- 2024-07-25 Yafang Shao New
[RFC] lsm: add the inode_free_security_rcu() LSM implementation hook [RFC] lsm: add the inode_free_security_rcu() LSM implementation hook - - - --- 2024-07-10 Paul Moore New
binfmt_elf: Fail execution of shared objects with ELIBEXEC (was: Re: [RFC PATCH v19 1/5] exec: Add … binfmt_elf: Fail execution of shared objects with ELIBEXEC (was: Re: [RFC PATCH v19 1/5] exec: Add … - - - --- 2024-07-08 Florian Weimer New
[RFC,v19,5/5] samples/should-exec: Add set-should-exec Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün New
[RFC,v19,4/5] selftests/landlock: Add tests for execveat + AT_CHECK Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün New
[RFC,v19,3/5] selftests/exec: Add tests for AT_CHECK and related securebits Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün New
[RFC,v19,2/5] security: Add new SHOULD_EXEC_CHECK and SHOULD_EXEC_RESTRICT securebits Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün New
[RFC,v19,1/5] exec: Add a new AT_CHECK flag to execveat(2) Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün New
[v2] dm verity: add support for signature verification with platform keyring [v2] dm verity: add support for signature verification with platform keyring - - - --- 2024-07-04 Luca Boccassi New
[RFC,v2,8/8] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,7/8] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,6/8] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,5/8] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,4/8] clavis: Prevent clavis boot param from changing during kexec Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,3/8] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,2/8] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,1/8] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
cred: plug a hole in struct cred cred: plug a hole in struct cred - - - --- 2024-05-30 Mateusz Guzik pcmoore New
[v1,1/2] landlock: Fix d_parent walk Fix warning in collect_domain_accesses() - - - --- 2024-05-16 Mickaël Salaün pcmoore New
[RFC] ima: Use sequence number to wait for policy updates [RFC] ima: Use sequence number to wait for policy updates - - - --- 2024-05-07 Roberto Sassu pcmoore New
[2/2] selftests/landlock: Create 'listen_zero', 'deny_listen_zero' tests Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Ivanov Mikhail pcmoore New
[1/2] landlock: Add hook on socket_listen() Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Ivanov Mikhail pcmoore New
[v3,12/12] Activate the configuration and build of the TSEM LSM. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,11/12] Implement the internal Trusted Modeling Agent. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,10/12] Implement security event mapping. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,09/12] Add event processing implementation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,08/12] Add security event description export facility. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,07/12] Add namespace implementation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,06/12] Implement TSEM control plane. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,05/12] Add root domain trust implementation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,04/12] Add primary TSEM implementation file. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,03/12] TSEM global declarations. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,02/12] Add TSEM specific documentation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,01/12] Update MAINTAINERS file. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[28/28] integrity: Switch from rbtree to LSM-managed blob for integrity_iint_cache security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[27/28] integrity: Move integrity functions to the LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[26/28] evm: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[25/28] ima: Move IMA-Appraisal to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[24/28] ima: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[23/28] security: Introduce LSM_ORDER_LAST security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[22/28] security: Introduce key_post_create_or_update hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[21/28] security: Introduce inode_post_remove_acl hook security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[20/28] security: Introduce inode_post_set_acl hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[19/28] security: Introduce inode_post_create_tmpfile hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[18/28] security: Introduce path_post_mknod hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[17/28] security: Introduce file_pre_free_security hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[16/28] security: Introduce file_post_open hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[15/28] security: Introduce inode_post_removexattr hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[14/28] security: Introduce inode_post_setattr hook security: Move IMA and EVM to the LSM infrastructure - 2 - --- 2023-03-03 Roberto Sassu pcmoore New
[13/28] security: Align inode_setattr hook definition with EVM security: Move IMA and EVM to the LSM infrastructure 1 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[12/28] fs: Fix description of vfs_tmpfile() security: Move IMA and EVM to the LSM infrastructure 1 - - --- 2023-03-03 Roberto Sassu pcmoore New
[11/28] evm: Complete description of evm_inode_setattr() security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[10/28] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[09/28] evm: Align evm_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[08/28] evm: Align evm_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[07/28] ima: Align ima_post_read_file() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[06/28] ima: Align ima_inode_removexattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[05/28] ima: Align ima_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[04/28] ima: Align ima_file_mprotect() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[03/28] ima: Align ima_post_create_tmpfile() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[02/28] ima: Align ima_post_path_mknod() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[01/28] ima: Align ima_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing [v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing 2 1 1 --- 2022-11-10 David Howells pcmoore New
[v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - 1 - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,8/8] net: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,7/8] bpf: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,6/8] kernel: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,5/8] fs: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,4/8] drivers: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - 1 - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,3/8] block: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - 1 - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,2/8] capability: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v10,6/7] doc: trusted-encrypted: describe new CAAM trust source KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 - --- 2022-05-13 Ahmad Fatoum New
[v10,5/7] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 3 5 --- 2022-05-13 Ahmad Fatoum New
[v10,4/7] crypto: caam - add in-kernel interface for blob generator KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 5 --- 2022-05-13 Ahmad Fatoum New
[v10,3/7] crypto: caam - determine whether CAAM supports blob encap/decap KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 1 1 --- 2022-05-13 Ahmad Fatoum New
[v10,2/7] KEYS: trusted: allow use of kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 2 3 3 --- 2022-05-13 Ahmad Fatoum New
[v10,1/7] KEYS: trusted: allow use of TEE as backend without TCG_TPM support KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 3 5 --- 2022-05-13 Ahmad Fatoum New
[v2] landlock: Explain how to support Landlock [v2] landlock: Explain how to support Landlock - 1 - --- 2022-05-13 Mickaël Salaün New
[v4] x86/kexec: Carry forward IMA measurement log on kexec [v4] x86/kexec: Carry forward IMA measurement log on kexec - 1 - --- 2022-05-12 Jonathan McDowell New
[v1] landlock: Explain how to support Landlock [v1] landlock: Explain how to support Landlock - - - --- 2022-05-12 Mickaël Salaün New
[-next] apparmor: Fix aa_str_perms() kernel-doc comment [-next] apparmor: Fix aa_str_perms() kernel-doc comment 1 - - --- 2022-05-12 Yang Li New
[v8,4/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification Untitled series #640875 2 1 - --- 2022-05-12 Coiby Xu New
[v8,3/4] arm64: kexec_file: use more system keyrings to verify kernel image signature Untitled series #640875 2 - - --- 2022-05-12 Coiby Xu New
[v8,2/4] kexec, KEYS: make the code in bzImage64_verify_sig generic Untitled series #640875 1 1 - --- 2022-05-12 Coiby Xu New
loadpin: stop using bdevname loadpin: stop using bdevname - - - --- 2022-05-12 Christoph Hellwig New
[v7,4/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification Untitled series #640797 1 1 - --- 2022-05-12 Coiby Xu New
[v7,3/4] arm64: kexec_file: use more system keyrings to verify kernel image signature Untitled series #640797 2 - - --- 2022-05-12 Coiby Xu New
[v7,2/4] kexec, KEYS: make the code in bzImage64_verify_sig generic Untitled series #640797 1 1 - --- 2022-05-12 Coiby Xu New
[v3] x86/kexec: Carry forward IMA measurement log on kexec [v3] x86/kexec: Carry forward IMA measurement log on kexec - - - --- 2022-05-11 Jonathan McDowell New
[v2] big_keys: Use struct for internal payload [v2] big_keys: Use struct for internal payload - - - --- 2022-05-10 Kees Cook New
big_keys: Use struct for internal payload big_keys: Use struct for internal payload - - - --- 2022-05-08 Kees Cook New
[v3,12/12] landlock: Add design choices documentation for filesystem access rights Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,11/12] landlock: Document good practices about filesystem policies Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,10/12] landlock: Document LANDLOCK_ACCESS_FS_REFER and ABI versioning Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,09/12] samples/landlock: Add support for file reparenting Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,08/12] selftests/landlock: Add 11 new test suites dedicated to file reparenting Landlock: file linking and renaming support - - - --- 2022-05-06 Mickaël Salaün New
[v3,07/12] landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,06/12] LSM: Remove double path_rename hook calls for RENAME_EXCHANGE Landlock: file linking and renaming support 2 1 - --- 2022-05-06 Mickaël Salaün New
« 1 2 3 4160 161 »