Show patches with: Archived = No       |   3619 patches
« 1 2 3 436 37 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
xattr: restrict vfs_getxattr_alloc() allocation size xattr: restrict vfs_getxattr_alloc() allocation size 1 3 - --- 2024-03-05 Christian Brauner Handled Elsewhere
tomoyo: replace tomoyo_round2() with kmalloc_size_roundup() tomoyo: replace tomoyo_round2() with kmalloc_size_roundup() - - - --- 2023-02-28 Vlastimil Babka Handled Elsewhere
tomoyo: remove unused function declaration tomoyo: remove unused function declaration - - - --- 2023-08-11 GONG, Ruiqi Handled Elsewhere
tomoyo: remove a temporary output file tomoyo: remove a temporary output file - - - --- 2023-01-09 Masahiro Yamada Handled Elsewhere
tomoyo: refactor deprecated strncpy tomoyo: refactor deprecated strncpy - 1 - --- 2023-08-03 Justin Stitt Handled Elsewhere
tomoyo: Fix typo in comment tomoyo: Fix typo in comment - - - --- 2022-06-24 Xiang wangx Handled Elsewhere
tomoyo: add format attributes to functions tomoyo: add format attributes to functions - - - --- 2023-07-19 Christian Göttsche Handled Elsewhere
Systemd v254 LSM stacking issue - patch Systemd v254 LSM stacking issue - patch - - - --- 2024-03-19 Casey Schaufler pcmoore Not Applicable
sysctl: set variable key_sysctls storage-class-specifier to static sysctl: set variable key_sysctls storage-class-specifier to static - - - --- 2023-06-11 Tom Rix Handled Elsewhere
Subject: [PATCH] Add test for more file systems in landlock - ext4 Subject: [PATCH] Add test for more file systems in landlock - ext4 - - - --- 2024-04-02 Saasha Gupta Handled Elsewhere
Subject: [PATCH 01/11] ->getprocattr(): attribute name is const char *, TYVM... Subject: [PATCH 01/11] ->getprocattr(): attribute name is const char *, TYVM... 2 - - --- 2022-08-20 Al Viro pcmoore Handled Elsewhere
smackfs: Prevent underflow in smk_set_cipso() smackfs: Prevent underflow in smk_set_cipso() - - - --- 2023-07-06 Dan Carpenter Handled Elsewhere
smackfs: check for allocation failure of kmalloc() smackfs: check for allocation failure of kmalloc() - - - --- 2022-06-13 Li Qiong Handled Elsewhere
smackfs: Added check catlen smackfs: Added check catlen - - - --- 2023-01-24 Denis Arefev Handled Elsewhere
Smack: Improve mount process memory use Smack: Improve mount process memory use - - - --- 2023-03-29 Casey Schaufler Handled Elsewhere
Smack modifications for: security: Allow all LSMs to provide xattrs for inode_init_security hook Smack modifications for: security: Allow all LSMs to provide xattrs for inode_init_security hook - - - --- 2023-04-11 Roberto Sassu RFC
Semantics of blktrace with lockdown (integrity) enabled kernel. Semantics of blktrace with lockdown (integrity) enabled kernel. - - - --- 2023-04-06 Konrad Rzeszutek Wilk pcmoore Changes Requested
selinux: use GFP_ATOMIC in convert_context() selinux: use GFP_ATOMIC in convert_context() - - - --- 2022-10-18 GONG, Ruiqi Handled Elsewhere
selinux: remove the runtime disable functionality selinux: remove the runtime disable functionality 1 1 - --- 2023-03-17 Paul Moore pcmoore Accepted
selinux: Fix error priority for bind with AF_UNSPEC on AF_INET6 socket selinux: Fix error priority for bind with AF_UNSPEC on AF_INET6 socket - - - --- 2023-12-28 Mickaël Salaün pcmoore Changes Requested
selftests/move_mount_set_group:Make tests build with old libc selftests/move_mount_set_group:Make tests build with old libc - 1 - --- 2024-01-10 Hu Yadi Handled Elsewhere
selftests/memfd: fix test_sysctl selftests/memfd: fix test_sysctl - - 1 --- 2023-04-14 Jeff Xu Handled Elsewhere
selftests/landlock:Fix two build issues selftests/landlock:Fix two build issues - 1 - --- 2024-01-10 Hu Yadi Handled Elsewhere
selftests/landlock:Fix net_test build issues with old libc selftests/landlock:Fix net_test build issues with old libc - 1 - --- 2024-01-23 Hu Yadi Handled Elsewhere
selftests/landlock:Fix fs_test build issues with old libc selftests/landlock:Fix fs_test build issues with old libc - 1 - --- 2024-01-24 Hu Yadi Handled Elsewhere
selftests/landlock: skip ptrace_test when YAMA is enabled selftests/landlock: skip ptrace_test when YAMA is enabled - - 1 --- 2022-06-28 Jeff Xu Handled Elsewhere
selftests/landlock: skip overlayfs test when kernel not support it selftests/landlock: skip overlayfs test when kernel not support it - - - --- 2022-08-20 Jeff Xu Handled Elsewhere
selftests/landlock: Improve ptrace_test with Yama selftests/landlock: Improve ptrace_test with Yama - - - --- 2023-01-13 Mickaël Salaün Handled Elsewhere
selftests/landlock: fix broken include of linux/landlock.h selftests/landlock: fix broken include of linux/landlock.h - - - --- 2022-08-03 Guillaume Tucker Handled Elsewhere
selftests/landlock: Fix a resource leak selftests/landlock: Fix a resource leak - - - --- 2023-08-30 Ding Xiang Handled Elsewhere
selftests/harness: Fix TEST_F()'s vfork handling selftests/harness: Fix TEST_F()'s vfork handling - 1 2 --- 2024-03-05 Mickaël Salaün Handled Elsewhere
selftests/filesystems:fix build error in overlayfs selftests/filesystems:fix build error in overlayfs 1 - - --- 2024-01-12 Hu Yadi Handled Elsewhere
selftests/core: Fix build issue with CLOSE_RANGE_UNSHARE selftests/core: Fix build issue with CLOSE_RANGE_UNSHARE - 1 - --- 2024-01-11 Hu Yadi Handled Elsewhere
selftests: remove the LSM_ID_IMA check in lsm/lsm_list_modules_test selftests: remove the LSM_ID_IMA check in lsm/lsm_list_modules_test 1 - - --- 2023-11-22 Paul Moore pcmoore Accepted
selftests: Fix wrong TARGET in kselftest top level Makefile selftests: Fix wrong TARGET in kselftest top level Makefile - - - --- 2023-09-26 Juntong Deng Handled Elsewhere
security/keys: remove request_key_conswq and keyring_search_instkey() declarations security/keys: remove request_key_conswq and keyring_search_instkey() declarations - - - --- 2022-09-09 Gaosheng Cui Handled Elsewhere
security/keys: Remove inconsistent __user annotation security/keys: Remove inconsistent __user annotation 1 1 - --- 2022-09-07 Vincenzo Frascino pcmoore Handled Elsewhere
security:trusted_tpm2: Fix memory leak in tpm2_key_encode() security:trusted_tpm2: Fix memory leak in tpm2_key_encode() - - - --- 2022-06-07 Jianglei Nie Handled Elsewhere
security:trusted_tpm2: Fix memory leak in tpm2_key_encode() security:trusted_tpm2: Fix memory leak in tpm2_key_encode() - - - --- 2022-06-08 Jianglei Nie Handled Elsewhere
security: use default hook return value in call_int_hook() security: use default hook return value in call_int_hook() - 1 - --- 2024-01-30 Ondrej Mosnacek pcmoore Accepted
security: smack: smackfs: fix typo (lables->labels) security: smack: smackfs: fix typo (lables->labels) - - - --- 2023-07-06 Tóth János via B4 Relay Handled Elsewhere
security: Restore passing final prot to ima_file_mmap() security: Restore passing final prot to ima_file_mmap() - - - --- 2022-12-21 Roberto Sassu Superseded
security: new security_file_ioctl_compat() hook security: new security_file_ioctl_compat() hook - 2 - --- 2023-12-19 Alfred Piccioni pcmoore Accepted
security: move from strlcpy with unused retval to strscpy security: move from strlcpy with unused retval to strscpy 1 - - --- 2022-08-18 Wolfram Sang Handled Elsewhere
security: keys: perform capable check only on privileged operations security: keys: perform capable check only on privileged operations 1 - - --- 2023-05-11 Christian Göttsche Handled Elsewhere
security: keys: Modify mismatched function name security: keys: Modify mismatched function name - 1 - --- 2023-06-14 Jiapeng Chong pcmoore Handled Elsewhere
security: keys: add __randomize_layout to keyring_search_context security: keys: add __randomize_layout to keyring_search_context - 1 - --- 2022-05-18 GONG, Ruiqi Handled Elsewhere
security: fix the logic in security_inode_getsecctx() security: fix the logic in security_inode_getsecctx() - 1 - --- 2024-01-26 Ondrej Mosnacek pcmoore Accepted
security: Fix ret values doc for security_inode_init_security() security: Fix ret values doc for security_inode_init_security() - - - --- 2023-07-24 Roberto Sassu pcmoore Changes Requested
security: fix no-op hook logic in security_inode_{set,remove}xattr() security: fix no-op hook logic in security_inode_{set,remove}xattr() - - - --- 2024-01-29 Ondrej Mosnacek pcmoore Under Review
security: fix integer overflow in lsm_set_self_attr() syscall security: fix integer overflow in lsm_set_self_attr() syscall 1 1 - --- 2024-02-14 Jann Horn pcmoore Accepted
security: Don't yet account for IMA in LSM_CONFIG_COUNT calculation security: Don't yet account for IMA in LSM_CONFIG_COUNT calculation - - - --- 2023-10-26 Roberto Sassu pcmoore Accepted
security: commoncap: fix potential memleak on error path from vfs_getxattr_alloc security: commoncap: fix potential memleak on error path from vfs_getxattr_alloc - - - --- 2022-10-25 Gaosheng Cui Changes Requested
security, lsm: security_old_inode_init_security() Handle multi LSM registration security, lsm: security_old_inode_init_security() Handle multi LSM registration - - - --- 2023-04-01 Valentin Vidić pcmoore In Next
samples/landlock: Fix incorrect free in populate_ruleset_net samples/landlock: Fix incorrect free in populate_ruleset_net - 1 - --- 2024-03-26 Ivanov Mikhail Handled Elsewhere
samples/landlock: Don't error out if a file path cannot be opened samples/landlock: Don't error out if a file path cannot be opened - 1 - --- 2024-03-07 Mickaël Salaün Handled Elsewhere
samples/landlock: Document best-effort approach for LANDLOCK_ACCESS_FS_REFER samples/landlock: Document best-effort approach for LANDLOCK_ACCESS_FS_REFER - - - --- 2022-10-30 Günther Noack Handled Elsewhere
Revert "integrity: double check iint_cache was initialized" Revert "integrity: double check iint_cache was initialized" - - - --- 2023-03-08 Roberto Sassu Handled Elsewhere
remove unnecessary type casting remove unnecessary type casting - - - --- 2022-08-10 zhounan Handled Elsewhere
public_key: Add a comment to public_key_signature struct definition public_key: Add a comment to public_key_signature struct definition - 1 - --- 2022-12-07 Roberto Sassu pcmoore Superseded
proc: Update inode upon changing task security attribute proc: Update inode upon changing task security attribute - - - --- 2023-11-30 Munehisa Kamata pcmoore Under Review
proc: allow restricting /proc/pid/mem writes proc: allow restricting /proc/pid/mem writes - - - --- 2024-02-21 Adrian Ratiu Superseded
preventing executable stack with file_mprotect hook preventing executable stack with file_mprotect hook - - - --- 2024-01-16 Dmitry Mastykin Superseded
preventing executable stack with file_mprotect hook preventing executable stack with file_mprotect hook - - - --- 2024-01-16 Dmitry Mastykin pcmoore Handled Elsewhere
overlayfs: Trigger file re-evaluation by IMA / EVM after writes overlayfs: Trigger file re-evaluation by IMA / EVM after writes - - 1 --- 2023-04-05 Stefan Berger Handled Elsewhere
nfs: Fix automount superblock LSM init problem, preventing sb sharing nfs: Fix automount superblock LSM init problem, preventing sb sharing - - - --- 2022-08-04 David Howells Superseded
netlabel: fix typo in comment netlabel: fix typo in comment 1 - - --- 2022-08-06 Topi Miettinen Handled Elsewhere
netlabel: fix shift wrapping bug in netlbl_catmap_setlong() netlabel: fix shift wrapping bug in netlbl_catmap_setlong() 1 - - --- 2023-06-08 Dmitry Mastykin pcmoore Accepted
net: fix memory leak in security_sk_alloc() net: fix memory leak in security_sk_alloc() - - - --- 2022-11-11 wangyufen Rejected
mm: init_mlocked_on_free_v2 mm: init_mlocked_on_free_v2 - - - --- 2024-01-29 York Jasper Niebuhr pcmoore Handled Elsewhere
mm: init_mlocked_on_free mm: init_mlocked_on_free - - - --- 2023-12-02 York Jasper Niebuhr Handled Elsewhere
MAINTAINERS: update the LSM maintainer info MAINTAINERS: update the LSM maintainer info 3 - - --- 2022-07-08 Paul Moore pcmoore Accepted
MAINTAINERS: update the LSM entry MAINTAINERS: update the LSM entry - - - --- 2023-11-15 Paul Moore pcmoore Accepted
MAINTAINERS: update SafeSetID entry MAINTAINERS: update SafeSetID entry - - - --- 2023-06-30 Paul Moore pcmoore Rejected
MAINTAINERS: Update Landlock repository MAINTAINERS: Update Landlock repository - 1 - --- 2023-02-09 Mickaël Salaün Handled Elsewhere
MAINTAINERS: move labeled networking to "supported" MAINTAINERS: move labeled networking to "supported" - - - --- 2023-06-08 Paul Moore pcmoore Accepted
MAINTAINERS: git://github -> https://github.com for cschaufler MAINTAINERS: git://github -> https://github.com for cschaufler - 2 - --- 2022-10-13 Palmer Dabbelt Handled Elsewhere
MAINTAINERS: Add Roberto Sassu as co-maintainer to IMA and EVM MAINTAINERS: Add Roberto Sassu as co-maintainer to IMA and EVM 1 - - --- 2023-12-12 Mimi Zohar Handled Elsewhere
MAINTAINERS: Add Eric Snowberg as a reviewer to IMA MAINTAINERS: Add Eric Snowberg as a reviewer to IMA 1 - - --- 2023-12-12 Mimi Zohar Handled Elsewhere
MAINTAINERS: add an entry for the lockdown LSM MAINTAINERS: add an entry for the lockdown LSM - - - --- 2023-11-20 Paul Moore pcmoore Accepted
mailmap: update/replace my old email addresses mailmap: update/replace my old email addresses - - - --- 2023-11-10 Paul Moore pcmoore Accepted
mailmap: add entries for Serge Hallyn's dead accounts mailmap: add entries for Serge Hallyn's dead accounts - - - --- 2023-11-13 Paul Moore pcmoore Accepted
LSM: use 32 bit compatible data types in LSM syscalls. LSM: use 32 bit compatible data types in LSM syscalls. - - - --- 2024-03-12 Casey Schaufler pcmoore Changes Requested
LSM: SafeSetID: fix UID printed instead of GID LSM: SafeSetID: fix UID printed instead of GID - - - --- 2023-05-02 Alexander Mikhalitsyn Superseded
lsm: Resolve compiling 'security.c' error lsm: Resolve compiling 'security.c' error - - - --- 2024-01-17 Lu Yao pcmoore Rejected
lsm: move hook comments docs to security/security.c lsm: move hook comments docs to security/security.c 1 - - --- 2023-04-28 Randy Dunlap pcmoore Accepted
lsm: mark the lsm_id variables are marked as static lsm: mark the lsm_id variables are marked as static - 1 - --- 2023-11-10 Paul Moore pcmoore Accepted
lsm: make security_socket_getpeersec_stream() sockptr_t safe lsm: make security_socket_getpeersec_stream() sockptr_t safe 2 - - --- 2022-10-10 Paul Moore pcmoore Accepted
LSM: Infrastructure management of the sock LSM: Infrastructure management of the sock - - - --- 2023-05-31 GONG, Ruiqi pcmoore Rejected
lsm: handle the NULL buffer case in lsm_fill_user_ctx() lsm: handle the NULL buffer case in lsm_fill_user_ctx() 1 - - --- 2024-03-14 Paul Moore pcmoore Accepted
LSM: Fix typos in security/security.c comment headers LSM: Fix typos in security/security.c comment headers - - - --- 2024-02-17 Pairman Guo pcmoore Accepted
LSM: Fix typo in a comment LSM: Fix typo in a comment - - - --- 2023-07-02 Pairman Guo pcmoore Accepted
lsm: fix doc warnings in the LSM hook comments lsm: fix doc warnings in the LSM hook comments - - - --- 2023-03-08 Paul Moore pcmoore Accepted
lsm: fix default return value of the socket_getpeersec_* hooks lsm: fix default return value of the socket_getpeersec_* hooks - - - --- 2024-01-26 Ondrej Mosnacek pcmoore Accepted
lsm: fix a spelling mistake lsm: fix a spelling mistake - - - --- 2023-10-04 Paul Moore pcmoore Accepted
lsm: fix a number of misspellings lsm: fix a number of misspellings - 1 - --- 2023-05-25 Paul Moore pcmoore Accepted
lsm: fix a badly named parameter in security_get_getsecurity() lsm: fix a badly named parameter in security_get_getsecurity() - - - --- 2023-03-08 Paul Moore pcmoore Accepted
lsm: drop LSM_ID_IMA lsm: drop LSM_ID_IMA - 1 - --- 2023-10-18 Paul Moore pcmoore Accepted
lsm: convert security_setselfattr() to use memdup_user() lsm: convert security_setselfattr() to use memdup_user() 1 - - --- 2023-11-02 Paul Moore pcmoore Accepted
lsm: constify the 'mm' parameter in security_vm_enough_memory_mm() lsm: constify the 'mm' parameter in security_vm_enough_memory_mm() - - - --- 2023-08-23 Khadija Kamran pcmoore Changes Requested
« 1 2 3 436 37 »