Show patches with: Archived = No       |   3288 patches
« 1 2 3 432 33 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v2] proc: allow restricting /proc/pid/mem writes [v2] proc: allow restricting /proc/pid/mem writes - - - --- 2024-03-01 Adrian Ratiu New
[v2,7/7] kunit: Add tests for fault Handle faults in KUnit tests - - - --- 2024-03-01 Mickaël Salaün New
[v2,6/7] kunit: Print last test location on fault Handle faults in KUnit tests - 1 - --- 2024-03-01 Mickaël Salaün New
[v2,5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Handle faults in KUnit tests - 1 - --- 2024-03-01 Mickaël Salaün New
[v2,4/7] kunit: Handle test faults Handle faults in KUnit tests - 1 - --- 2024-03-01 Mickaël Salaün New
[v2,3/7] kunit: Fix timeout message Handle faults in KUnit tests - 1 - --- 2024-03-01 Mickaël Salaün New
[v2,2/7] kunit: Fix kthread reference Handle faults in KUnit tests - 1 - --- 2024-03-01 Mickaël Salaün New
[v2,1/7] kunit: Handle thread creation error Handle faults in KUnit tests - 1 - --- 2024-03-01 Mickaël Salaün New
[for,6.8] tomoyo: fix UAF write bug in tomoyo_write_control() [for,6.8] tomoyo: fix UAF write bug in tomoyo_write_control() - - - --- 2024-03-01 Tetsuo Handa New
[GIT,PULL] Landlock fixes for v6.8-rc7 [GIT,PULL] Landlock fixes for v6.8-rc7 - - - --- 2024-02-29 Mickaël Salaün New
[v1,8/8] kunit: Add tests for faults Run KUnit tests late and handle faults - - - --- 2024-02-29 Mickaël Salaün New
[v1,7/8] kunit: Print last test location on fault Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün New
[v1,6/8] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün New
[v1,5/8] kunit: Handle test faults Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün New
[v1,4/8] kunit: Fix timeout message Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün New
[v1,3/8] kunit: Fix kthread reference Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün New
[v1,2/8] kunit: Handle thread creation error Run KUnit tests late and handle faults - 1 - --- 2024-02-29 Mickaël Salaün New
[v1,1/8] kunit: Run tests when the kernel is fully setup Run KUnit tests late and handle faults - - - --- 2024-02-29 Mickaël Salaün New
[v4,12/12] selftests: ip_local_port_range: use XFAIL instead of SKIP selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski New
[v4,11/12] selftests: kselftest_harness: support using xfail selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski New
[v4,10/12] selftests: kselftest_harness: let PASS / FAIL provide diagnostic selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski New
[v4,09/12] selftests: kselftest_harness: separate diagnostic message with # in ksft_test_result_cod… selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski New
[v4,08/12] selftests: kselftest_harness: print test name for SKIP selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski New
[v4,07/12] selftests: kselftest: add ksft_test_result_code(), handling all exit codes selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski New
[v4,06/12] selftests: kselftest_harness: use exit code to store skip selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski New
[v4,05/12] selftests: kselftest_harness: save full exit code in metadata selftests: kselftest_harness: support using xfail - - - --- 2024-02-29 Jakub Kicinski New
[v4,04/12] selftests: kselftest_harness: generate test name once selftests: kselftest_harness: support using xfail 1 - - --- 2024-02-29 Jakub Kicinski New
[v4,03/12] selftests: kselftest_harness: use KSFT_* exit codes selftests: kselftest_harness: support using xfail 1 - 1 --- 2024-02-29 Jakub Kicinski New
[v4,02/12] selftests/harness: Merge TEST_F_FORK() into TEST_F() selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-29 Jakub Kicinski New
[v4,01/12] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() selftests: kselftest_harness: support using xfail - - - --- 2024-02-29 Jakub Kicinski New
[RFC,v13,20/20] documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,19/20] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,18/20] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,17/20] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,16/20] fsverity: consume builtin signature via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,15/20] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,14/20] dm verity: consume root hash digest and signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,13/20] dm: add finalize hook to target_type Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,12/20] dm verity: set DM_TARGET_SINGLETON feature flag Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,11/20] block|security: add LSM blob to block_device Integrity Policy Enforcement LSM (IPE) - 1 - --- 2024-02-29 Fan Wu New
[RFC,v13,10/20] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,09/20] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,08/20] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,07/20] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,06/20] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,05/20] initramfs|security: Add a security hook to do_populate_rootfs() Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,04/20] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,03/20] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,02/20] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,01/20] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[GIT,PULL] lsm/lsm-pr-20240227 [GIT,PULL] lsm/lsm-pr-20240227 - - - --- 2024-02-27 Paul Moore New
[v2,2/2] landlock: Warn once if a Landlock action is requested while disabled [v2,1/2] landlock: Extend documentation for kernel support - 2 - --- 2024-02-27 Mickaël Salaün Handled Elsewhere
[v2,1/2] landlock: Extend documentation for kernel support [v2,1/2] landlock: Extend documentation for kernel support - 1 - --- 2024-02-27 Mickaël Salaün Handled Elsewhere
[2/2] selftests/harness: Merge TEST_F_FORK() into TEST_F() [1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() - 1 - --- 2024-02-26 Mickaël Salaün Handled Elsewhere
[1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() [1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() - - - --- 2024-02-26 Mickaël Salaün Handled Elsewhere
[RFC,5/5] apparmor: parse profiles in sandbox mode PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,4/5] sbm: fix up calls to dynamic memory allocators PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,3/5] sbm: x86: infrastructure to fix up sandbox faults PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,2/5] sbm: enhance buffer mapping API PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,1/5] sbm: x86: fix SBM error entry path PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
proc: allow restricting /proc/pid/mem writes proc: allow restricting /proc/pid/mem writes - - - --- 2024-02-21 Adrian Ratiu New
[net-next,v3,11/11] selftests: ip_local_port_range: use XFAIL instead of SKIP selftests: kselftest_harness: support using xfail - 1 1 --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,10/11] selftests: kselftest_harness: support using xfail selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,09/11] selftests: kselftest_harness: let PASS / FAIL provide diagnostic selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,08/11] selftests: kselftest_harness: separate diagnostic message with # in ksft_test_r… selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,07/11] selftests: kselftest_harness: print test name for SKIP selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,06/11] selftests: kselftest: add ksft_test_result_code(), handling all exit codes selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,05/11] selftests: kselftest_harness: use exit code to store skip selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,04/11] selftests: kselftest_harness: save full exit code in metadata selftests: kselftest_harness: support using xfail - - - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,03/11] selftests: kselftest_harness: generate test name once selftests: kselftest_harness: support using xfail 1 - - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,02/11] selftests: kselftest_harness: use KSFT_* exit codes selftests: kselftest_harness: support using xfail 1 - 1 --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,01/11] selftests: kselftest_harness: pass step via shared memory selftests: kselftest_harness: support using xfail 1 - 1 --- 2024-02-20 Jakub Kicinski Handled Elsewhere
landlock: Warn once if a Landlock action is requested while disabled landlock: Warn once if a Landlock action is requested while disabled - 2 - --- 2024-02-19 Mickaël Salaün Handled Elsewhere
landlock: Fix asymmetric private inodes referring landlock: Fix asymmetric private inodes referring - - - --- 2024-02-19 Mickaël Salaün Handled Elsewhere
[RFC] fs: Add vfs_masks_device_ioctl*() helpers [RFC] fs: Add vfs_masks_device_ioctl*() helpers - - - --- 2024-02-19 Mickaël Salaün Handled Elsewhere
[RFC,8/8] ima: Detect if digest cache changed since last measurement/appraisal ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,7/8] ima: Use digest cache for appraisal ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,6/8] ima: Use digest cache for measurement ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,5/8] ima: Record IMA verification result of digest lists in digest cache ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,4/8] ima: Add digest_cache_measure and digest_cache_appraise boot-time policies ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,3/8] ima: Add digest_cache policy keyword ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,2/8] ima: Nest iint mutex for DIGEST_LIST_CHECK hook ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,1/8] ima: Introduce hook DIGEST_LIST_CHECK ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[GIT,PULL] Landlock fixes for v6.8-rc5 [GIT,PULL] Landlock fixes for v6.8-rc5 - - - --- 2024-02-14 Mickaël Salaün Handled Elsewhere
[v9,8/8] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,7/8] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,6/8] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,5/8] selftests/landlock: Test IOCTLs on named pipes Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,4/8] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,3/8] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,2/8] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,1/8] landlock: Add IOCTL access right Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v2,9/9] ima: Record i_version of real_inode for change detection evm: Support signatures on stacked filesystem - - - --- 2024-02-05 Stefan Berger Handled Elsewhere
[v2,8/9] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs evm: Support signatures on stacked filesystem - - - --- 2024-02-05 Stefan Berger Handled Elsewhere
[v2,7/9] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED evm: Support signatures on stacked filesystem 1 - - --- 2024-02-05 Stefan Berger Handled Elsewhere
[v2,6/9] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509 evm: Support signatures on stacked filesystem - - - --- 2024-02-05 Stefan Berger Handled Elsewhere
[v2,5/9] evm: Use the inode holding the metadata to calculate metadata hash evm: Support signatures on stacked filesystem 1 - - --- 2024-02-05 Stefan Berger Handled Elsewhere
[v2,4/9] ima: Reset EVM status upon detecting changes to the real file evm: Support signatures on stacked filesystem - - - --- 2024-02-05 Stefan Berger Handled Elsewhere
[v2,3/9] evm: Implement per signature type decision in security_inode_copy_up_xattr evm: Support signatures on stacked filesystem - - - --- 2024-02-05 Stefan Berger Handled Elsewhere
[v2,2/9] security: allow finer granularity in permitting copy-up of security xattrs evm: Support signatures on stacked filesystem 2 - - --- 2024-02-05 Stefan Berger Handled Elsewhere
« 1 2 3 432 33 »