Security modules development

Show patches with: none | 15567 patches

« 1 2 ... 10 11 12 … 155 156 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[v6,8/9] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL	Landlock: IOCTL support	- - -	---	2023-11-24	Günther Noack		Handled Elsewhere
[v6,7/9] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH)	Landlock: IOCTL support	- - -	---	2023-11-24	Günther Noack		Handled Elsewhere
[v6,6/9] selftests/landlock: Test IOCTL with memfds	Landlock: IOCTL support	- - -	---	2023-11-24	Günther Noack		Handled Elsewhere
[v6,5/9] selftests/landlock: Test IOCTL support	Landlock: IOCTL support	- - -	---	2023-11-24	Günther Noack		Handled Elsewhere
[v6,4/9] landlock: Add IOCTL access right	Landlock: IOCTL support	- - -	---	2023-11-24	Günther Noack		Handled Elsewhere
[v6,3/9] landlock: Optimize the number of calls to get_access_mask slightly	Landlock: IOCTL support	- - -	---	2023-11-24	Günther Noack		Handled Elsewhere
[v6,2/9] selftests/landlock: Rename "permitted" to "allowed" in ftruncate tests	Landlock: IOCTL support	- - -	---	2023-11-24	Günther Noack		Handled Elsewhere
[v6,1/9] landlock: Remove remaining "inline" modifiers in .c files	Landlock: IOCTL support	- - -	---	2023-11-24	Günther Noack		Handled Elsewhere
[v13,bpf-next,6/6] selftests/bpf: Add test that uses fsverity and xattr to sign a file	bpf: File verification with LSM and fsverity	- - -	---	2023-11-23	Song Liu		Superseded
[v13,bpf-next,5/6] selftests/bpf: Add tests for filesystem kfuncs	bpf: File verification with LSM and fsverity	- - -	---	2023-11-23	Song Liu		Superseded
[v13,bpf-next,4/6] selftests/bpf: Sort config in alphabetic order	bpf: File verification with LSM and fsverity	- - -	---	2023-11-23	Song Liu		Superseded
[v13,bpf-next,3/6] Documentation/bpf: Add documentation for filesystem kfuncs	bpf: File verification with LSM and fsverity	- - -	---	2023-11-23	Song Liu		Superseded
[v13,bpf-next,2/6] bpf, fsverity: Add kfunc bpf_get_fsverity_digest	bpf: File verification with LSM and fsverity	1 - -	---	2023-11-23	Song Liu		Superseded
[v13,bpf-next,1/6] bpf: Add kfunc bpf_get_file_xattr	bpf: File verification with LSM and fsverity	1 - -	---	2023-11-23	Song Liu		Superseded
[net,v2] calipso: Fix memory leak in netlbl_calipso_add_pass()	[net,v2] calipso: Fix memory leak in netlbl_calipso_add_pass()	1 - -	---	2023-11-23	Gavrilov Ilia	pcmoore	Accepted
selftests: remove the LSM_ID_IMA check in lsm/lsm_list_modules_test	selftests: remove the LSM_ID_IMA check in lsm/lsm_list_modules_test	1 - -	---	2023-11-22	Paul Moore	pcmoore	Accepted
[RFC,v2,6/6] selftests/bpf: Add selftests for set_mempolicy with a lsm prog	mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf	- - -	---	2023-11-22	Yafang Shao		Superseded
[RFC,v2,5/6] security: selinux: Implement set_mempolicy hook	mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf	- - -	---	2023-11-22	Yafang Shao		Superseded
[RFC,v2,4/6] mm, security: Add lsm hook for memory policy adjustment	mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf	- - -	---	2023-11-22	Yafang Shao		Superseded
[RFC,v2,3/6] mm, security: Fix missed security_task_movememory() in mbind(2)	mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf	- - -	---	2023-11-22	Yafang Shao		Superseded
[RFC,v2,2/6] mm: mempolicy: Revise comment regarding mempolicy mode flags	mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf	- 1 -	---	2023-11-22	Yafang Shao		Superseded
[RFC,v2,1/6] mm, doc: Add doc for MPOL_F_NUMA_BALANCING	mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf	- 1 -	---	2023-11-22	Yafang Shao		Superseded
[net] calipso: Fix memory leak in netlbl_calipso_add_pass()	[net] calipso: Fix memory leak in netlbl_calipso_add_pass()	- - -	---	2023-11-22	Gavrilov Ilia	pcmoore	Changes Requested
apparmor: make stack_msg static	apparmor: make stack_msg static	- - -	---	2023-11-22	Ben Dooks		Handled Elsewhere
MAINTAINERS: add an entry for the lockdown LSM	MAINTAINERS: add an entry for the lockdown LSM	- - -	---	2023-11-20	Paul Moore	pcmoore	Accepted
[v1,2/2] selftests/landlock: Add tests to check unhandled rule's access rights	Extend Landlock test to improve rule's coverage	- 1 -	---	2023-11-20	Mickaël Salaün		Handled Elsewhere
[v1,1/2] selftests/landlock: Add tests to check undefined rule's access rights	Extend Landlock test to improve rule's coverage	- 1 -	---	2023-11-20	Mickaël Salaün		Handled Elsewhere
[v6,25/25] security: Enforce ordering of 'ima' and 'evm' LSMs	security: Move IMA and EVM to the LSM infrastructure	- - -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,24/25] integrity: Remove LSM	security: Move IMA and EVM to the LSM infrastructure	- - -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,23/25] evm: Remove dependency on 'integrity' LSM	security: Move IMA and EVM to the LSM infrastructure	- - -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,22/25] ima: Remove dependency on 'integrity' LSM	security: Move IMA and EVM to the LSM infrastructure	- - -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,21/25] evm: Move to LSM infrastructure	security: Move IMA and EVM to the LSM infrastructure	- - -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,20/25] ima: Move IMA-Appraisal to LSM infrastructure	security: Move IMA and EVM to the LSM infrastructure	- - -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,19/25] ima: Move to LSM infrastructure	security: Move IMA and EVM to the LSM infrastructure	1 - -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,18/25] security: Introduce key_post_create_or_update hook	security: Move IMA and EVM to the LSM infrastructure	1 2 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,17/25] security: Introduce inode_post_remove_acl hook	security: Move IMA and EVM to the LSM infrastructure	1 2 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,16/25] security: Introduce inode_post_set_acl hook	security: Move IMA and EVM to the LSM infrastructure	1 2 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,15/25] security: Introduce inode_post_create_tmpfile hook	security: Move IMA and EVM to the LSM infrastructure	1 1 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,14/25] security: Introduce path_post_mknod hook	security: Move IMA and EVM to the LSM infrastructure	1 - -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,13/25] security: Introduce file_release hook	security: Move IMA and EVM to the LSM infrastructure	- - -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,12/25] security: Introduce file_post_open hook	security: Move IMA and EVM to the LSM infrastructure	1 2 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,11/25] security: Introduce inode_post_removexattr hook	security: Move IMA and EVM to the LSM infrastructure	- 2 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,10/25] security: Introduce inode_post_setattr hook	security: Move IMA and EVM to the LSM infrastructure	1 2 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,09/25] security: Align inode_setattr hook definition with EVM	security: Move IMA and EVM to the LSM infrastructure	1 2 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure	security: Move IMA and EVM to the LSM infrastructure	- 3 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure	security: Move IMA and EVM to the LSM infrastructure	- 3 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure	security: Move IMA and EVM to the LSM infrastructure	- 3 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,05/25] ima: Align ima_post_read_file() definition with LSM infrastructure	security: Move IMA and EVM to the LSM infrastructure	- 3 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,04/25] ima: Align ima_inode_removexattr() definition with LSM infrastructure	security: Move IMA and EVM to the LSM infrastructure	- 3 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,03/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure	security: Move IMA and EVM to the LSM infrastructure	- 3 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,02/25] ima: Align ima_file_mprotect() definition with LSM infrastructure	security: Move IMA and EVM to the LSM infrastructure	- 3 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[v6,01/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure	security: Move IMA and EVM to the LSM infrastructure	- 3 -	---	2023-11-20	Roberto Sassu	pcmoore	Superseded
[4/4] LSM: Add a LSM module which handles dynamically appendable LSM hooks.	LSM: Officially support appending LSM hooks after boot.	- - -	---	2023-11-20	Tetsuo Handa	pcmoore	Rejected
[3/4] LSM: Break LSM_HOOK() macro into 6 macros.	LSM: Officially support appending LSM hooks after boot.	- - -	---	2023-11-20	Tetsuo Handa	pcmoore	Rejected
[2/4] LSM: Add a header file containing only arguments of LSM callback functions.	LSM: Officially support appending LSM hooks after boot.	- - -	---	2023-11-20	Tetsuo Handa	pcmoore	Rejected
[1/4] LSM: Auto-undef LSM_HOOK macro.	LSM: Officially support appending LSM hooks after boot.	- - -	---	2023-11-20	Tetsuo Handa	pcmoore	Rejected
[v5,7/7] landlock: Document IOCTL support	Landlock: IOCTL support	- - -	---	2023-11-17	Günther Noack		Handled Elsewhere
[v5,6/7] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL	Landlock: IOCTL support	- - -	---	2023-11-17	Günther Noack		Handled Elsewhere
[v5,5/7] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH)	Landlock: IOCTL support	- - -	---	2023-11-17	Günther Noack		Handled Elsewhere
[v5,4/7] selftests/landlock: Test IOCTL with memfds	Landlock: IOCTL support	- - -	---	2023-11-17	Günther Noack		Handled Elsewhere
[v5,3/7] selftests/landlock: Test IOCTL support	Landlock: IOCTL support	- - -	---	2023-11-17	Günther Noack		Handled Elsewhere
[v5,2/7] landlock: Add IOCTL access right	Landlock: IOCTL support	- - -	---	2023-11-17	Günther Noack		Handled Elsewhere
[v5,1/7] landlock: Optimize the number of calls to get_access_mask slightly	Landlock: IOCTL support	- - -	---	2023-11-17	Günther Noack		Handled Elsewhere
[v3,5/5] ramfs: Initialize security of in-memory inodes	Smack transmute fixes	1 - -	---	2023-11-16	Roberto Sassu		Handled Elsewhere
[v3,4/5] smack: Initialize the in-memory inode in smack_inode_init_security()	Smack transmute fixes	- - -	---	2023-11-16	Roberto Sassu		Handled Elsewhere
[v3,3/5] smack: Always determine inode labels in smack_inode_init_security()	Smack transmute fixes	- - -	---	2023-11-16	Roberto Sassu		Handled Elsewhere
[v3,2/5] smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()	Smack transmute fixes	- - -	---	2023-11-16	Roberto Sassu		Handled Elsewhere
[v3,1/5] smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()	Smack transmute fixes	- - -	---	2023-11-16	Roberto Sassu		Handled Elsewhere
MAINTAINERS: update the LSM entry	MAINTAINERS: update the LSM entry	- - -	---	2023-11-15	Paul Moore	pcmoore	Accepted
mailmap: add entries for Serge Hallyn's dead accounts	mailmap: add entries for Serge Hallyn's dead accounts	- - -	---	2023-11-13	Paul Moore	pcmoore	Accepted
[RFC,v2,19/19] virt: Add Heki KUnit tests	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,18/19] heki: x86: Protect guest kernel memory using the KVM hypervisor	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,17/19] heki: x86: Update permissions counters during text patching	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,16/19] heki: x86: Update permissions counters when guest page permissions change	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,15/19] heki: x86: Initialize permissions counters for pages in vmap()/vunmap()	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,14/19] heki: x86: Initialize permissions counters for pages mapped into KVA	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,13/19] heki: Implement a kernel page table walker	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,12/19] x86: Implement the Memory Table feature to store arbitrary per-page data	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,11/19] KVM: x86: Add new hypercall to set EPT permissions	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,10/19] KVM: x86: Implement per-guest-page permissions	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,09/19] KVM: x86: Extend kvm_range_has_memory_attributes() with match_all	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,08/19] KVM: x86: Extend kvm_vm_set_mem_attributes() with a mask	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,07/19] KVM: x86: Make memory attribute helpers more generic	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,06/19] KVM: x86: Add kvm_x86_ops.fault_gva()	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,05/19] KVM: VMX: Add MBEC support	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,04/19] heki: Lock guest control registers at the end of guest kernel init	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,03/19] KVM: x86: Add notifications for Heki policy configuration and violation	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,02/19] KVM: x86: Add new hypercall to lock control registers	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,v2,01/19] virt: Introduce Hypervisor Enforced Kernel Integrity (Heki)	Hypervisor-Enforced Kernel Integrity	- - -	---	2023-11-13	Mickaël Salaün		Handled Elsewhere
[RFC,-mm,4/4] selftests/bpf: Add selftests for mbind(2) with lsm prog	mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf	- - -	---	2023-11-12	Yafang Shao	pcmoore	RFC
[RFC,-mm,3/4] mm, security: Add lsm hook for set_mempolicy_home_node(2)	mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf	- - -	---	2023-11-12	Yafang Shao	pcmoore	RFC
[RFC,-mm,2/4] mm, security: Add lsm hook for set_mempolicy(2)	mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf	- - -	---	2023-11-12	Yafang Shao	pcmoore	RFC
[RFC,-mm,1/4] mm, security: Add lsm hook for mbind(2)	mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf	- - -	---	2023-11-12	Yafang Shao	pcmoore	RFC
exitz syscall	exitz syscall	- - -	---	2023-11-11	York Jasper Niebuhr		Changes Requested
[5/5] LSM: A sample of dynamically appendable LSM module.	LSM: Officially support appending LSM hooks after boot.	- - -	---	2023-11-11	Tetsuo Handa		Superseded
[4/5] LSM: Add a LSM module which handles dynamically appendable LSM hooks.	LSM: Officially support appending LSM hooks after boot.	- - -	---	2023-11-11	Tetsuo Handa		Superseded
[3/5] LSM: Split LSM_HOOK() into LSM_INT_HOOK() and LSM_VOID_HOOK().	LSM: Officially support appending LSM hooks after boot.	- - -	---	2023-11-11	Tetsuo Handa		Superseded
[2/5] LSM: Add a header file containing only arguments of LSM callback functions.	LSM: Officially support appending LSM hooks after boot.	- - -	---	2023-11-11	Tetsuo Handa		Superseded
[1/5] LSM: Auto-undef LSM_HOOK macro.	LSM: Officially support appending LSM hooks after boot.	- - -	---	2023-11-11	Tetsuo Handa		Superseded
[v8,5/5] security: Add CONFIG_SECURITY_HOOK_LIKELY	Reduce overhead of LSMs with static calls	1 1 -	---	2023-11-10	KP Singh	pcmoore	Changes Requested

« 1 2 ... 10 11 12 … 155 156 »