Show patches with: Archived = No       |   5656 patches
« 1 2 3 456 57 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
yama: don't abuse rcu_read_lock/get_task_struct in yama_task_prctl() yama: don't abuse rcu_read_lock/get_task_struct in yama_task_prctl() - - - --- 2025-02-19 Oleg Nesterov Handled Elsewhere
xattr: restrict vfs_getxattr_alloc() allocation size xattr: restrict vfs_getxattr_alloc() allocation size 1 3 - --- 2024-03-05 Christian Brauner Handled Elsewhere
treewide: const qualify ctl_tables where applicable treewide: const qualify ctl_tables where applicable 4 3 - --- 2025-01-09 Joel Granados Handled Elsewhere
trace: constify string literal data member trace: constify string literal data member - - - --- 2024-11-25 Christian Göttsche Handled Elsewhere
tpm: validate object type in tpm2_handle_mso() tpm: validate object type in tpm2_handle_mso() - - - --- 2024-07-07 Jarkko Sakkinen Handled Elsewhere
tpm: Remove the documentation from tpm2-sessions.c tpm: Remove the documentation from tpm2-sessions.c - - - --- 2024-11-07 Jarkko Sakkinen Handled Elsewhere
tpm: Remove illict WARN's from tpm2-sessions.c tpm: Remove illict WARN's from tpm2-sessions.c - - - --- 2024-05-29 Jarkko Sakkinen Handled Elsewhere
tpm: Open code tpm_buf_parameters() tpm: Open code tpm_buf_parameters() - - - --- 2024-05-25 Jarkko Sakkinen Handled Elsewhere
tpm: Limit TCG_TPM2_HMAC to known good drivers tpm: Limit TCG_TPM2_HMAC to known good drivers - - - --- 2024-07-03 Jarkko Sakkinen Handled Elsewhere
tpm: Fix alignment of buf->handles tpm: Fix alignment of buf->handles - - - --- 2024-07-16 Jarkko Sakkinen Handled Elsewhere
tpm: enable HMAC encryption for only x86-64 and aarch64 tpm: enable HMAC encryption for only x86-64 and aarch64 1 - - --- 2024-05-21 Jarkko Sakkinen Handled Elsewhere
tpm: Disable TPM on tpm2_create_primary() failure tpm: Disable TPM on tpm2_create_primary() failure - - - --- 2024-11-13 Jarkko Sakkinen Handled Elsewhere
tpm: Check non-nullity of chip->auth tpm: Check non-nullity of chip->auth - 1 - --- 2024-07-01 Jarkko Sakkinen Handled Elsewhere
tomoyo: use u64 for handling numeric values tomoyo: use u64 for handling numeric values - - - --- 2024-10-12 Tetsuo Handa Handled Elsewhere
tomoyo: use realpath if symlink's pathname refers to procfs tomoyo: use realpath if symlink's pathname refers to procfs - - - --- 2024-12-17 Tetsuo Handa Handled Elsewhere
tomoyo: use better patterns for procfs in learning mode tomoyo: use better patterns for procfs in learning mode - - - --- 2025-01-31 Tetsuo Handa Handled Elsewhere
tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support 1 - - --- 2024-10-03 Paul Moore pcmoore Accepted
tomoyo: replace tomoyo_round2() with kmalloc_size_roundup() tomoyo: replace tomoyo_round2() with kmalloc_size_roundup() - - - --- 2023-02-28 Vlastimil Babka Handled Elsewhere
tomoyo: remove unused function declaration tomoyo: remove unused function declaration - - - --- 2023-08-11 GONG, Ruiqi Handled Elsewhere
tomoyo: remove a temporary output file tomoyo: remove a temporary output file - - - --- 2023-01-09 Masahiro Yamada Handled Elsewhere
tomoyo: Reject excessively long lines tomoyo: Reject excessively long lines - - - --- 2024-12-16 Leo Stone Handled Elsewhere
tomoyo: refactor deprecated strncpy tomoyo: refactor deprecated strncpy - 1 - --- 2023-08-03 Justin Stitt Handled Elsewhere
tomoyo: prevent bad buffer size in tracing_cpumask_write tomoyo: prevent bad buffer size in tracing_cpumask_write - - 1 --- 2024-12-16 Lizhi Xu Handled Elsewhere
tomoyo: Fix typo in comment tomoyo: Fix typo in comment - - - --- 2022-06-24 Xiang wangx Handled Elsewhere
tomoyo: fix spelling error tomoyo: fix spelling error - 1 - --- 2025-01-23 Tanya Agarwal Handled Elsewhere
tomoyo: fallback to realpath if symlink's pathname does not exist tomoyo: fallback to realpath if symlink's pathname does not exist - - - --- 2024-09-25 Tetsuo Handa Handled Elsewhere
tomoyo: don't emit warning in tomoyo_write_control() tomoyo: don't emit warning in tomoyo_write_control() - - - --- 2024-12-16 Tetsuo Handa Handled Elsewhere
tomoyo: automatically use patterns for several situations in learning mode tomoyo: automatically use patterns for several situations in learning mode - - - --- 2025-01-01 Tetsuo Handa Handled Elsewhere
tomoyo: add format attributes to functions tomoyo: add format attributes to functions - - - --- 2023-07-19 Christian Göttsche Handled Elsewhere
Systemd v254 LSM stacking issue - patch Systemd v254 LSM stacking issue - patch - - - --- 2024-03-19 Casey Schaufler pcmoore Not Applicable
sysctl: set variable key_sysctls storage-class-specifier to static sysctl: set variable key_sysctls storage-class-specifier to static - - - --- 2023-06-11 Tom Rix Handled Elsewhere
Subject: [PATCH] Add test for more file systems in landlock - ext4 Subject: [PATCH] Add test for more file systems in landlock - ext4 - - - --- 2024-04-02 Saasha Gupta Handled Elsewhere
Subject: [PATCH 01/11] ->getprocattr(): attribute name is const char *, TYVM... Subject: [PATCH 01/11] ->getprocattr(): attribute name is const char *, TYVM... 2 - - --- 2022-08-20 Al Viro pcmoore Handled Elsewhere
smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipso smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipso - - - --- 2024-09-02 Jiawei Ye Handled Elsewhere
smackfs: Prevent underflow in smk_set_cipso() smackfs: Prevent underflow in smk_set_cipso() - - - --- 2023-07-06 Dan Carpenter Handled Elsewhere
smackfs: check for allocation failure of kmalloc() smackfs: check for allocation failure of kmalloc() - - - --- 2022-06-13 Li Qiong Handled Elsewhere
smackfs: Added check catlen smackfs: Added check catlen - - - --- 2023-01-24 Arefev Handled Elsewhere
smack: unix sockets: fix accept()ed socket label smack: unix sockets: fix accept()ed socket label - - - --- 2024-06-16 Konstantin Andreev Handled Elsewhere
smack: tcp: ipv4, fix incorrect labeling and unauthorized writes smack: tcp: ipv4, fix incorrect labeling and unauthorized writes - - - --- 2024-06-02 Konstantin Andreev Handled Elsewhere
smack: remove /smack/logging if audit is not configured smack: remove /smack/logging if audit is not configured - - - --- 2025-01-17 Konstantin Andreev Handled Elsewhere
smack: ipv4/ipv6: tcp/dccp/sctp: fix incorrect child socket label smack: ipv4/ipv6: tcp/dccp/sctp: fix incorrect child socket label - - - --- 2025-01-26 Konstantin Andreev Handled Elsewhere
Smack: Improve mount process memory use Smack: Improve mount process memory use - - - --- 2023-03-29 Casey Schaufler Handled Elsewhere
smack: fix the smack_lsmprop_to_secctx() kdoc smack: fix the smack_lsmprop_to_secctx() kdoc - 1 - --- 2024-11-01 Paul Moore pcmoore Accepted
smack: dont compile ipv6 code unless ipv6 is configured smack: dont compile ipv6 code unless ipv6 is configured - - - --- 2025-01-17 Konstantin Andreev Handled Elsewhere
smack: deduplicate access to string conversion smack: deduplicate access to string conversion - - - --- 2024-09-13 Konstantin Andreev Handled Elsewhere
Smack modifications for: security: Allow all LSMs to provide xattrs for inode_init_security hook Smack modifications for: security: Allow all LSMs to provide xattrs for inode_init_security hook - - - --- 2023-04-11 Roberto Sassu RFC
Semantics of blktrace with lockdown (integrity) enabled kernel. Semantics of blktrace with lockdown (integrity) enabled kernel. - - - --- 2023-04-06 Konrad Rzeszutek Wilk pcmoore Changes Requested
selinux: use GFP_ATOMIC in convert_context() selinux: use GFP_ATOMIC in convert_context() - - - --- 2022-10-18 GONG Ruiqi Handled Elsewhere
selinux: remove the runtime disable functionality selinux: remove the runtime disable functionality 1 1 - --- 2023-03-17 Paul Moore pcmoore Accepted
selinux: Read sk->sk_family once in selinux_socket_bind() selinux: Read sk->sk_family once in selinux_socket_bind() 1 - - --- 2024-12-12 Mikhail Ivanov pcmoore Handled Elsewhere
selinux: Fix error priority for bind with AF_UNSPEC on AF_INET6 socket selinux: Fix error priority for bind with AF_UNSPEC on AF_INET6 socket - - - --- 2023-12-28 Mickaël Salaün pcmoore Changes Requested
selinux: add FILE__WATCH_MOUNTNS selinux: add FILE__WATCH_MOUNTNS 1 - - --- 2025-02-24 Miklos Szeredi pcmoore Handled Elsewhere
selinux,xfrm: fix dangling refcount on deferred skb free selinux,xfrm: fix dangling refcount on deferred skb free - - - --- 2024-11-06 Ondrej Mosnacek pcmoore Under Review
selinux,smack: remove the capability checks in the removexattr hooks selinux,smack: remove the capability checks in the removexattr hooks 1 - - --- 2024-07-03 Paul Moore pcmoore Accepted
selinux,smack: properly reference the LSM blob in security_watch_key() selinux,smack: properly reference the LSM blob in security_watch_key() - 1 - --- 2024-09-19 Paul Moore pcmoore Accepted
selftests/move_mount_set_group:Make tests build with old libc selftests/move_mount_set_group:Make tests build with old libc - 1 - --- 2024-01-10 Hu Yadi Handled Elsewhere
selftests/memfd: fix test_sysctl selftests/memfd: fix test_sysctl - - 1 --- 2023-04-14 Jeff Xu Handled Elsewhere
selftests/landlock:Fix two build issues selftests/landlock:Fix two build issues - 1 - --- 2024-01-10 Hu Yadi Handled Elsewhere
selftests/landlock:Fix net_test build issues with old libc selftests/landlock:Fix net_test build issues with old libc - 1 - --- 2024-01-23 Hu Yadi Handled Elsewhere
selftests/landlock:Fix fs_test build issues with old libc selftests/landlock:Fix fs_test build issues with old libc - 1 - --- 2024-01-24 Hu Yadi Handled Elsewhere
selftests/landlock: skip ptrace_test when YAMA is enabled selftests/landlock: skip ptrace_test when YAMA is enabled - - 1 --- 2022-06-28 Jeff Xu Handled Elsewhere
selftests/landlock: skip overlayfs test when kernel not support it selftests/landlock: skip overlayfs test when kernel not support it - - - --- 2022-08-20 Jeff Xu Handled Elsewhere
selftests/landlock: Improve ptrace_test with Yama selftests/landlock: Improve ptrace_test with Yama - - - --- 2023-01-13 Mickaël Salaün Handled Elsewhere
selftests/landlock: fix broken include of linux/landlock.h selftests/landlock: fix broken include of linux/landlock.h - - - --- 2022-08-03 Guillaume Tucker Handled Elsewhere
selftests/landlock: Fix a resource leak selftests/landlock: Fix a resource leak - - - --- 2023-08-30 Ding Xiang Handled Elsewhere
selftests/landlock: add binaries to gitignore selftests/landlock: add binaries to gitignore - - - --- 2025-02-10 Bharadwaj Raju Handled Elsewhere
selftests/harness: Fix TEST_F()'s vfork handling selftests/harness: Fix TEST_F()'s vfork handling - 1 2 --- 2024-03-05 Mickaël Salaün Handled Elsewhere
selftests/filesystems:fix build error in overlayfs selftests/filesystems:fix build error in overlayfs 1 - - --- 2024-01-12 Hu Yadi Handled Elsewhere
selftests/core: Fix build issue with CLOSE_RANGE_UNSHARE selftests/core: Fix build issue with CLOSE_RANGE_UNSHARE - 1 - --- 2024-01-11 Hu Yadi Handled Elsewhere
selftests: remove the LSM_ID_IMA check in lsm/lsm_list_modules_test selftests: remove the LSM_ID_IMA check in lsm/lsm_list_modules_test 1 - - --- 2023-11-22 Paul Moore pcmoore Accepted
selftests: lsm: Refactor `flags_overset_lsm_set_self_attr` test selftests: lsm: Refactor `flags_overset_lsm_set_self_attr` test - 2 - --- 2024-11-12 Amit pcmoore Changes Requested
selftests: Fix wrong TARGET in kselftest top level Makefile selftests: Fix wrong TARGET in kselftest top level Makefile - - - --- 2023-09-26 Juntong Deng Handled Elsewhere
security/tomoyo: Prevent message flooding if no Tomoyo loader is present security/tomoyo: Prevent message flooding if no Tomoyo loader is present - - - --- 2024-07-25 Yafang Shao Handled Elsewhere
security/keys: remove request_key_conswq and keyring_search_instkey() declarations security/keys: remove request_key_conswq and keyring_search_instkey() declarations - - - --- 2022-09-09 cuigaosheng Handled Elsewhere
security/keys: Remove inconsistent __user annotation security/keys: Remove inconsistent __user annotation 1 1 - --- 2022-09-07 Vincenzo Frascino pcmoore Handled Elsewhere
security/keys: fix slab-out-of-bounds in key_task_permission security/keys: fix slab-out-of-bounds in key_task_permission - - - --- 2024-09-13 chenridong Handled Elsewhere
security/commoncap: don't assume "setid" if all ids are identical security/commoncap: don't assume "setid" if all ids are identical - - - --- 2025-03-06 Max Kellermann Handled Elsewhere
security:trusted_tpm2: Fix memory leak in tpm2_key_encode() security:trusted_tpm2: Fix memory leak in tpm2_key_encode() - - - --- 2022-06-07 Jianglei Nie Handled Elsewhere
security:trusted_tpm2: Fix memory leak in tpm2_key_encode() security:trusted_tpm2: Fix memory leak in tpm2_key_encode() - - - --- 2022-06-08 Jianglei Nie Handled Elsewhere
security: use default hook return value in call_int_hook() security: use default hook return value in call_int_hook() - 1 - --- 2024-01-30 Ondrej Mosnacek pcmoore Accepted
security: smack: smackfs: fix typo (lables->labels) security: smack: smackfs: fix typo (lables->labels) - - - --- 2023-07-06 Tóth János via B4 Relay Handled Elsewhere
security: smack: fix typos and spelling errors security: smack: fix typos and spelling errors - 1 - --- 2025-01-23 Tanya Agarwal Handled Elsewhere
security: smack: Fix indentation in smack_netfilter.c security: smack: Fix indentation in smack_netfilter.c - - - --- 2024-08-22 GiSeong Ji Handled Elsewhere
security: Restore passing final prot to ima_file_mmap() security: Restore passing final prot to ima_file_mmap() - - - --- 2022-12-21 Roberto Sassu Superseded
security: new security_file_ioctl_compat() hook security: new security_file_ioctl_compat() hook - 2 - --- 2023-12-19 Alfred Piccioni pcmoore Accepted
security: move from strlcpy with unused retval to strscpy security: move from strlcpy with unused retval to strscpy 1 - - --- 2022-08-18 Wolfram Sang Handled Elsewhere
security: keys: perform capable check only on privileged operations security: keys: perform capable check only on privileged operations 1 - - --- 2023-05-11 Christian Göttsche Handled Elsewhere
security: keys: Modify mismatched function name security: keys: Modify mismatched function name - 1 - --- 2023-06-14 Jiapeng Chong pcmoore Handled Elsewhere
security: keys: Make sysctl table const security: keys: Make sysctl table const - 2 - --- 2025-01-23 Ricardo B. Marlière pcmoore Handled Elsewhere
security: keys: add __randomize_layout to keyring_search_context security: keys: add __randomize_layout to keyring_search_context - 1 - --- 2022-05-18 GONG Ruiqi Handled Elsewhere
security: fix typos and spelling errors security: fix typos and spelling errors - - - --- 2025-01-11 Tanya Agarwal pcmoore Changes Requested
security: fix the logic in security_inode_getsecctx() security: fix the logic in security_inode_getsecctx() - 1 - --- 2024-01-26 Ondrej Mosnacek pcmoore Accepted
security: Fix ret values doc for security_inode_init_security() security: Fix ret values doc for security_inode_init_security() - - - --- 2023-07-24 Roberto Sassu pcmoore Changes Requested
security: fix no-op hook logic in security_inode_{set,remove}xattr() security: fix no-op hook logic in security_inode_{set,remove}xattr() - - - --- 2024-01-29 Ondrej Mosnacek pcmoore Rejected
security: fix integer overflow in lsm_set_self_attr() syscall security: fix integer overflow in lsm_set_self_attr() syscall 1 1 - --- 2024-02-14 Jann Horn pcmoore Accepted
security: Don't yet account for IMA in LSM_CONFIG_COUNT calculation security: Don't yet account for IMA in LSM_CONFIG_COUNT calculation - - - --- 2023-10-26 Roberto Sassu pcmoore Accepted
security: commoncap: fix potential memleak on error path from vfs_getxattr_alloc security: commoncap: fix potential memleak on error path from vfs_getxattr_alloc - - - --- 2022-10-25 cuigaosheng Changes Requested
security, lsm: security_old_inode_init_security() Handle multi LSM registration security, lsm: security_old_inode_init_security() Handle multi LSM registration - - - --- 2023-04-01 Valentin Vidić pcmoore In Next
samples/landlock: Fix possible NULL dereference in parse_path() samples/landlock: Fix possible NULL dereference in parse_path() - - - --- 2024-11-26 Gax-c Handled Elsewhere
samples/landlock: Fix incorrect free in populate_ruleset_net samples/landlock: Fix incorrect free in populate_ruleset_net - 1 - --- 2024-03-26 Mikhail Ivanov Handled Elsewhere
« 1 2 3 456 57 »