Show patches with: none      |   10836 patches
« 1 2 3 4108 109 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v4,3/3] virt: Add efi_secret module to expose confidential computing secrets Allow guest access to EFI confidential computing secret area - - - --- 2021-10-20 Dov Murik New
[v4,2/3] efi: Reserve confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-20 Dov Murik New
[v4,1/3] efi/libstub: Copy confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-20 Dov Murik New
smackfs: use __GFP_NOFAIL for smk_cipso_doi() smackfs: use __GFP_NOFAIL for smk_cipso_doi() - - - --- 2021-10-19 Tetsuo Handa New
smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi - - - --- 2021-10-19 Tetsuo Handa New
[v2,2/2] tpm: use SM3 instead of SM3_256 use SM3 instead of SM3_256 - - - --- 2021-10-19 Tianjia Zhang New
[v2,1/2] crypto: use SM3 instead of SM3_256 use SM3 instead of SM3_256 - - - --- 2021-10-19 Tianjia Zhang New
[v3,3/3] virt: Add efi_secret module to expose confidential computing secrets Allow guest access to EFI confidential computing secret area - - - --- 2021-10-14 Dov Murik New
[v3,2/3] efi: Reserve confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-14 Dov Murik New
[v3,1/3] efi/libstub: Copy confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-14 Dov Murik New
[v1,3/3] security: define a trusted_for hook [v1,1/3] ima: define ima_trusted_for hook - - - --- 2021-10-14 Mimi Zohar New
[v1,2/3] fs: extend the trusted_for syscall to call IMA [v1,1/3] ima: define ima_trusted_for hook - - - --- 2021-10-14 Mimi Zohar New
[v1,1/3] ima: define ima_trusted_for hook [v1,1/3] ima: define ima_trusted_for hook - - - --- 2021-10-14 Mimi Zohar New
[RFC,v7,16/16] documentation: add ipe documentation Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,15/16] ipe: kunit tests Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,14/16] scripts: add boot policy generation program Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,13/16] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,12/16] fsverity|security: add security hooks to fsverity digest and signature Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,11/16] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,10/16] fs|dm-verity: add block_dev LSM blob and submit dm-verity data Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,09/16] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,08/16] ipe: add permissive toggle Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,07/16] ipe: add auditing support Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,06/16] uapi|audit: add trust audit message definitions Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,05/16] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,04/16] ipe: add userspace interface Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,03/16] ipe: add evaluation loop Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,02/16] ipe: add policy parser Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,01/16] security: add ipe lsm & initial context creation Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
LSM: Avoid warnings about potentially unused hook variables LSM: Avoid warnings about potentially unused hook variables 2 - - --- 2021-10-13 Kees Cook New
[2/2] fs: extend the trusted_for syscall to call IMA [1/2] ima: define ima_trusted_for hook - - - --- 2021-10-13 Mimi Zohar New
[1/2] ima: define ima_trusted_for hook [1/2] ima: define ima_trusted_for hook - - - --- 2021-10-13 Mimi Zohar New
[v15,3/3] selftest/interpreter: Add tests for trusted_for(2) policies Add trusted_for(2) (was O_MAYEXEC) - 2 - --- 2021-10-12 Mickaël Salaün New
[v15,2/3] arch: Wire up trusted_for(2) Add trusted_for(2) (was O_MAYEXEC) 1 2 - --- 2021-10-12 Mickaël Salaün New
[v15,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl Add trusted_for(2) (was O_MAYEXEC) 1 - - --- 2021-10-12 Mickaël Salaün New
[v2,2/2] fuse: Send security context of inode on file creation fuse: Send file/inode security context during creation - - - --- 2021-10-12 Vivek Goyal New
[v2,1/2] fuse: Add a flag FUSE_SECURITY_CTX fuse: Send file/inode security context during creation - - - --- 2021-10-12 Vivek Goyal New
[v5,3/3] binder: use cred instead of task for getsecid binder: use cred instead of task for security context - - - --- 2021-10-12 Todd Kjos New
[v5,2/3] binder: use cred instead of task for selinux checks binder: use cred instead of task for security context - - - --- 2021-10-12 Todd Kjos New
[v5,1/3] binder: use euid from cred instead of using task binder: use cred instead of task for security context - - - --- 2021-10-12 Todd Kjos New
[v2] security: Return xattr name from security_dentry_init_security() [v2] security: Return xattr name from security_dentry_init_security() 1 2 - --- 2021-10-12 Vivek Goyal New
LSM: general protection fault in legacy_parse_param LSM: general protection fault in legacy_parse_param 1 - - --- 2021-10-11 Casey Schaufler New
[apparmor] apparmor: remove unneeded one-line hook wrappers [apparmor] apparmor: remove unneeded one-line hook wrappers - - - --- 2021-10-11 Florian Westphal New
[smack] smack: remove duplicated hook function [smack] smack: remove duplicated hook function - - - --- 2021-10-11 Florian Westphal New
security/landlock: use square brackets around "landlock-ruleset" security/landlock: use square brackets around "landlock-ruleset" - - - --- 2021-10-11 Christian Brauner New
[v4,5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 1 1 --- 2021-10-11 Ahmad Fatoum New
[v4,4/5] crypto: caam - add in-kernel interface for blob generator KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 1 1 --- 2021-10-11 Ahmad Fatoum New
[v4,3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 1 1 1 --- 2021-10-11 Ahmad Fatoum New
[v4,2/5] KEYS: trusted: allow users to use kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 1 1 1 --- 2021-10-11 Ahmad Fatoum New
[v4,1/5] KEYS: trusted: allow use of TEE as backend without TCG_TPM support KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 1 2 --- 2021-10-11 Ahmad Fatoum New
[2/2] tpm: use SM3 instead of SM3_256 tpm: use SM3 instead of SM3_256 - - - --- 2021-10-09 Tianjia Zhang New
[1/2] crypto: use SM3 instead of SM3_256 tpm: use SM3 instead of SM3_256 - - - --- 2021-10-09 Tianjia Zhang New
ima: fix deadlock when traversing "ima_default_rules". ima: fix deadlock when traversing "ima_default_rules". - 1 - --- 2021-10-09 liqiong New
[-next] integrity: return early if audit_log_start return NULL [-next] integrity: return early if audit_log_start return NULL 1 - - --- 2021-10-09 cuigaosheng New
[v14,3/3] selftest/interpreter: Add tests for trusted_for(2) policies Add trusted_for(2) (was O_MAYEXEC) - 2 - --- 2021-10-08 Mickaël Salaün New
[v14,2/3] arch: Wire up trusted_for(2) Add trusted_for(2) (was O_MAYEXEC) 1 2 - --- 2021-10-08 Mickaël Salaün New
[v14,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl Add trusted_for(2) (was O_MAYEXEC) 2 - - --- 2021-10-08 Mickaël Salaün New
[v13,3/3] selftest/interpreter: Add tests for trusted_for(2) policies Add trusted_for(2) (was O_MAYEXEC) - 1 - --- 2021-10-07 Mickaël Salaün New
[v13,2/3] arch: Wire up trusted_for(2) Add trusted_for(2) (was O_MAYEXEC) 1 2 - --- 2021-10-07 Mickaël Salaün New
[v13,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl Add trusted_for(2) (was O_MAYEXEC) 1 - - --- 2021-10-07 Mickaël Salaün New
[v2,4/4] virt: Add sev_secret module to expose confidential computing secrets Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
[v2,3/4] efi: Reserve confidential computing secret area Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
[v2,2/4] efi/libstub: Copy confidential computing secret area Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
[v2,1/4] x86: Export clean_cache_range() Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
[v4,3/3] binder: use euid from cred instead of using task binder: use cred instead of task for security context - - - --- 2021-10-07 Todd Kjos New
[v4,2/3] binder: use cred instead of task for getsecid binder: use cred instead of task for security context - - - --- 2021-10-07 Todd Kjos New
[v4,1/3] binder: use cred instead of task for selinux checks binder: use cred instead of task for security context 1 - - --- 2021-10-07 Todd Kjos New
[v3,3/3] binder: use euid from cred instead of using task binder: use cred instead of task for security context - - - --- 2021-10-06 Todd Kjos New
[v3,2/3] binder: use cred instead of task for getsecid binder: use cred instead of task for security context - - - --- 2021-10-06 Todd Kjos New
[v3,1/3] binder: use cred instead of task for selinux checks binder: use cred instead of task for security context 1 - - --- 2021-10-06 Todd Kjos New
[v3] integrity: support including firmware ".platform" keys at build time [v3] integrity: support including firmware ".platform" keys at build time - - - --- 2021-10-04 Nayna Jain New
[v2] binder: use cred instead of task for selinux checks [v2] binder: use cred instead of task for selinux checks 1 - - --- 2021-10-01 Todd Kjos New
binder: use cred instead of task for selinux checks binder: use cred instead of task for selinux checks - - - --- 2021-10-01 Todd Kjos New
security: Return xattr name from security_dentry_init_security() security: Return xattr name from security_dentry_init_security() - 1 - --- 2021-09-30 Vivek Goyal New
[RFC,7/7] ima: Add support for appraisal with digest lists ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,6/7] ima: Skip measurement of files found in DIGLIM hash table ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,5/7] ima: Query metadata digest and retrieve info from its digest lists ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,4/7] ima: Query file digest and retrieve info from its digest lists ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,3/7] ima: Introduce diglim and appraise_diglim policies ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,2/7] ima: Introduce new policy keyword use_diglim ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,1/7] integrity: Change type of IMA rule-related flags to u64 ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[next] apparmor: Use struct_size() helper in kzalloc() [next] apparmor: Use struct_size() helper in kzalloc() 1 - - --- 2021-09-29 Gustavo A. R. Silva New
lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() - - - --- 2021-09-29 Paul Moore New
[RESEND] apparmor: avoid -Wempty-body warning [RESEND] apparmor: avoid -Wempty-body warning 1 - - --- 2021-09-27 Arnd Bergmann New
[2/2] fuse: Send security context of inode on file creation fuse: Send file/inode security context during creation - - - --- 2021-09-24 Vivek Goyal New
[1/2] fuse: Add a flag FUSE_SECURITY_CTX fuse: Send file/inode security context during creation - - - --- 2021-09-24 Vivek Goyal New
[v29,28/28] AppArmor: Remove the exclusive flag LSM: Module stacking for AppArmor 2 1 - --- 2021-09-24 Casey Schaufler New
[v29,27/28] LSM: Add /proc attr entry for full LSM context LSM: Module stacking for AppArmor - 1 - --- 2021-09-24 Casey Schaufler New
[v29,26/28] Audit: Add record for multiple object security contexts LSM: Module stacking for AppArmor - - - --- 2021-09-24 Casey Schaufler New
[v29,25/28] Audit: Add record for multiple task security contexts LSM: Module stacking for AppArmor - - - --- 2021-09-24 Casey Schaufler New
[v29,24/28] Audit: Add framework for auxiliary records LSM: Module stacking for AppArmor - - - --- 2021-09-24 Casey Schaufler New
[v29,23/28] Audit: Create audit_stamp structure LSM: Module stacking for AppArmor - - - --- 2021-09-24 Casey Schaufler New
[v29,22/28] Audit: Keep multiple LSM data in audit_names LSM: Module stacking for AppArmor - - - --- 2021-09-24 Casey Schaufler New
[v29,21/28] LSM: Extend security_secid_to_secctx to include module selection LSM: Module stacking for AppArmor - - - --- 2021-09-24 Casey Schaufler New
[v29,20/28] LSM: Verify LSM display sanity in binder LSM: Module stacking for AppArmor 2 2 - --- 2021-09-24 Casey Schaufler New
[v29,19/28] NET: Store LSM netlabel data in a lsmblob LSM: Module stacking for AppArmor 2 2 - --- 2021-09-24 Casey Schaufler New
[v29,18/28] LSM: security_secid_to_secctx in netlink netfilter LSM: Module stacking for AppArmor 3 2 - --- 2021-09-24 Casey Schaufler New
[v29,17/28] LSM: Use lsmcontext in security_inode_getsecctx LSM: Module stacking for AppArmor 3 2 - --- 2021-09-24 Casey Schaufler New
[v29,16/28] LSM: Use lsmcontext in security_secid_to_secctx LSM: Module stacking for AppArmor 2 1 - --- 2021-09-24 Casey Schaufler New
[v29,15/28] LSM: Ensure the correct LSM context releaser LSM: Module stacking for AppArmor 3 2 - --- 2021-09-24 Casey Schaufler New
« 1 2 3 4108 109 »