Show patches with: Archived = No       |   736 patches
« 1 2 3 47 8 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
tpm: ibmvtpm: Avoid error message when process gets signal while waiting tpm: ibmvtpm: Avoid error message when process gets signal while waiting - - 1 --- 2021-07-29 Stefan Berger New
tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) - - 1 --- 2021-12-12 Stefan Berger New
tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok(). tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok(). - - - --- 2021-12-14 Dmitry Vyukov New
smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi - - - --- 2021-10-19 Tetsuo Handa New
smackfs: use __GFP_NOFAIL for smk_cipso_doi() smackfs: use __GFP_NOFAIL for smk_cipso_doi() - - - --- 2021-10-19 Tetsuo Handa New
smackfs: Fix use-after-free in netlbl_catmap_walk() smackfs: Fix use-after-free in netlbl_catmap_walk() - - - --- 2021-09-01 Pawan Gupta New
smack: Guard smack_ipv6_lock definition within a SMACK_IPV6_PORT_LABELING block smack: Guard smack_ipv6_lock definition within a SMACK_IPV6_PORT_LABELING block - - - --- 2021-09-10 Sebastian Andrzej Siewior New
smack: clean up smack_enabled to be more readable smack: clean up smack_enabled to be more readable - - - --- 2021-11-03 Austin Kim New
selinux,smack: fix subjective/objective credential use mixups selinux,smack: fix subjective/objective credential use mixups 2 - - --- 2021-09-23 Paul Moore New
security/landlock: use square brackets around "landlock-ruleset" security/landlock: use square brackets around "landlock-ruleset" - - - --- 2021-10-11 Christian Brauner New
security/apparmor: remove redundant ret variable security/apparmor: remove redundant ret variable 1 - - --- 2022-01-12 CGEL New
security:trusted_tpm2: Fix memory leak in tpm2_key_encode() security:trusted_tpm2: Fix memory leak in tpm2_key_encode() - - - --- 2021-11-24 Jianglei Nie New
security:trusted_tpm2: Fix memory leak in tpm2_key_encode() security:trusted_tpm2: Fix memory leak in tpm2_key_encode() - 1 - --- 2021-12-12 Jianglei Nie New
security:trusted_tpm2: Fix memory leak in tpm2_key_encode() security:trusted_tpm2: Fix memory leak in tpm2_key_encode() - - - --- 2021-12-21 Jianglei Nie New
security: Return xattr name from security_dentry_init_security() security: Return xattr name from security_dentry_init_security() - 1 - --- 2021-09-30 Vivek Goyal New
security,selinux: remove security_add_mnt_opt() security,selinux: remove security_add_mnt_opt() 1 1 - --- 2021-12-06 Ondrej Mosnacek New
sctp: initialize endpoint LSM labels also on the client side sctp: initialize endpoint LSM labels also on the client side - - - --- 2021-10-21 Ondrej Mosnacek New
Revert "net: fix NULL pointer reference in cipso_v4_doi_free" Revert "net: fix NULL pointer reference in cipso_v4_doi_free" - - - --- 2021-09-01 王贇 New
Revert "Enable '-Werror' by default for all kernel builds" Revert "Enable '-Werror' by default for all kernel builds" 1 1 - --- 2021-09-07 Nick Desaulniers New
net: remove the unnecessary check in cipso_v4_doi_free net: remove the unnecessary check in cipso_v4_doi_free 1 - - --- 2021-09-03 王贇 New
NET: IPV4: fix error "do not initialise globals to 0" NET: IPV4: fix error "do not initialise globals to 0" - - - --- 2021-09-18 wangzhitong New
net: fix NULL pointer reference in cipso_v4_doi_free net: fix NULL pointer reference in cipso_v4_doi_free - - - --- 2021-08-26 王贇 New
net,lsm,selinux: revert the security_sctp_assoc_established() hook net,lsm,selinux: revert the security_sctp_assoc_established() hook - - - --- 2021-11-12 Paul Moore New
mm: Remove HARDENED_USERCOPY_FALLBACK mm: Remove HARDENED_USERCOPY_FALLBACK 2 1 - --- 2021-09-21 Stephen Kitt New
MAINTAINERS: add missing "security/integrity" directory MAINTAINERS: add missing "security/integrity" directory - 1 - --- 2022-01-17 Mimi Zohar New
lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() - 2 - --- 2021-09-29 Paul Moore New
LSM: general protection fault in legacy_parse_param LSM: general protection fault in legacy_parse_param 1 - - --- 2021-10-11 Casey Schaufler New
LSM: Avoid warnings about potentially unused hook variables LSM: Avoid warnings about potentially unused hook variables 2 - - --- 2021-10-13 Kees Cook New
lsm_audit: avoid overloading the "key" audit field lsm_audit: avoid overloading the "key" audit field - 1 - --- 2021-09-14 Ondrej Mosnacek New
landlock: Initialize kernel stack variables properly landlock: Initialize kernel stack variables properly - - - --- 2021-11-03 Austin Kim New
landlock: Drop "const" argument qualifier to avoid GCC 4.9 warnings landlock: Drop "const" argument qualifier to avoid GCC 4.9 warnings - - - --- 2021-09-10 Kees Cook New
integrity: support including firmware ".platform" keys at build time integrity: support including firmware ".platform" keys at build time - - - --- 2021-09-10 Nayna Jain New
integrity: Do not load MOK and MOKx when secure boot be disabled integrity: Do not load MOK and MOKx when secure boot be disabled - - - --- 2021-12-18 Lee, Chun-Yi New
integrity: check the return value of audit_log_start() integrity: check the return value of audit_log_start() - - - --- 2021-12-14 Xiaoke Wang New
ima/evm: mark evm_fixmode as __ro_after_init ima/evm: mark evm_fixmode as __ro_after_init - 1 - --- 2021-10-26 Austin Kim New
ima: Fix trivial typos in the comments ima: Fix trivial typos in the comments - 1 - --- 2021-11-24 Austin Kim New
ima: fix infinite loop within "ima_match_policy" function. ima: fix infinite loop within "ima_match_policy" function. - - - --- 2021-08-19 liqiong New
ima: fix deadlock within "ima_match_policy" function. ima: fix deadlock within "ima_match_policy" function. - 1 - --- 2021-08-24 liqiong New
ima: fix deadlock when traversing "ima_default_rules". ima: fix deadlock when traversing "ima_default_rules". - 1 - --- 2021-08-27 liqiong New
ima: fix deadlock when traversing "ima_default_rules". ima: fix deadlock when traversing "ima_default_rules". - 1 - --- 2021-09-18 liqiong New
ima: fix deadlock when traversing "ima_default_rules". ima: fix deadlock when traversing "ima_default_rules". - 1 - --- 2021-10-09 liqiong New
hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO - 3 - --- 2021-09-14 Will Deacon New
evm: mark evm_fixmode as __ro_after_init evm: mark evm_fixmode as __ro_after_init - - - --- 2021-10-28 Austin Kim New
block: Check ADMIN before NICE for IOPRIO_CLASS_RT block: Check ADMIN before NICE for IOPRIO_CLASS_RT - - - --- 2021-11-15 Alistair Delva New
binder: use cred instead of task for selinux checks binder: use cred instead of task for selinux checks - - - --- 2021-10-01 Todd Kjos New
binder: fix test regression due to sender_euid change binder: fix test regression due to sender_euid change 2 - - --- 2021-11-12 Todd Kjos New
apparmor: use per file locks for transactional queries apparmor: use per file locks for transactional queries 1 - - --- 2021-07-30 Hamza Mahfooz New
apparmor: remove unused argument of aa_umount() apparmor: remove unused argument of aa_umount() 1 1 - --- 2021-08-31 Austin Kim New
apparmor: remove duplicated 'Returns:' comments apparmor: remove duplicated 'Returns:' comments - - - --- 2021-11-03 Austin Kim New
Add GlowSlayer Explicit Access Control from Cory Craig <gs.cory.craig@gmail.com> Add GlowSlayer Explicit Access Control from Cory Craig <gs.cory.craig@gmail.com> - - - --- 2021-12-02 Cory Craig New
[v9,8/8] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true Enroll kernel keys thru MOK - 1 - --- 2022-01-05 Eric Snowberg New
[v9,7/8] integrity: Trust MOK keys if MokListTrustedRT found Enroll kernel keys thru MOK - 1 - --- 2022-01-05 Eric Snowberg New
[v9,6/8] efi/mokvar: move up init order Enroll kernel keys thru MOK - 1 - --- 2022-01-05 Eric Snowberg New
[v9,5/8] KEYS: Introduce link restriction for machine keys Enroll kernel keys thru MOK - 1 - --- 2022-01-05 Eric Snowberg New
[v9,4/8] KEYS: store reference to machine keyring Enroll kernel keys thru MOK - 1 - --- 2022-01-05 Eric Snowberg New
[v9,3/8] integrity: add new keyring handler for mok keys Enroll kernel keys thru MOK - 2 - --- 2022-01-05 Eric Snowberg New
[v9,2/8] integrity: Introduce a Linux keyring called machine Enroll kernel keys thru MOK - - 1 --- 2022-01-05 Eric Snowberg New
[v9,1/8] integrity: Fix warning about missing prototypes Enroll kernel keys thru MOK - 2 - --- 2022-01-05 Eric Snowberg New
[v8,3/3] integrity: support including firmware ".platform" keys at build time integrity: support including firmware ".platform" keys at build time - 1 - --- 2022-01-11 Nayna Jain New
[v8,2/3] integrity: make integrity_keyring_from_id() non-static integrity: support including firmware ".platform" keys at build time - 1 - --- 2022-01-11 Nayna Jain New
[v8,19/19] ima: Enable IMA namespaces ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,18/19] ima: Show owning user namespace's uid and gid when displaying policy ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,17/19] ima: Setup securityfs for IMA namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,17/17] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true Enroll kernel keys thru MOK - - - --- 2021-11-24 Eric Snowberg New
[v8,16/19] ima: Enable re-auditing of modified files ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,16/17] integrity: Trust MOK keys if MokListTrustedRT found Enroll kernel keys thru MOK - - - --- 2021-11-24 Eric Snowberg New
[v8,15/19] ima: Namespace audit status flags ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,15/17] efi/mokvar: move up init order Enroll kernel keys thru MOK - - - --- 2021-11-24 Eric Snowberg New
[v8,14/19] integrity/ima: Define ns_status for storing namespaced iint data ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,14/17] KEYS: link machine trusted keys to secondary_trusted_keys Enroll kernel keys thru MOK - - - --- 2021-11-24 Eric Snowberg New
[v8,13/19] ima: Add functions for creation and freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,13/17] integrity: store reference to machine keyring Enroll kernel keys thru MOK - - - --- 2021-11-24 Eric Snowberg New
[v8,12/19] userns: Add pointer to ima_namespace to user_namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,12/17] KEYS: integrity: change link restriction to trust the machine keyring Enroll kernel keys thru MOK - 1 - --- 2021-11-24 Eric Snowberg New
[v8,11/19] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,11/17] KEYS: Introduce link restriction for machine keys Enroll kernel keys thru MOK - - - --- 2021-11-24 Eric Snowberg New
[v8,10/19] ima: Implement hierarchical processing of file accesses ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,10/17] KEYS: add a reference to machine keyring Enroll kernel keys thru MOK - - - --- 2021-11-24 Eric Snowberg New
[v8,1/3] certs: export load_certificate_list() to be used outside certs/ integrity: support including firmware ".platform" keys at build time - 1 - --- 2022-01-11 Nayna Jain New
[v8,09/19] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,09/17] KEYS: Rename get_builtin_and_secondary_restriction Enroll kernel keys thru MOK - 1 - --- 2021-11-24 Eric Snowberg New
[v8,08/19] ima: Use mac_admin_ns_capable() to check corresponding capability ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,08/17] integrity: add new keyring handler for mok keys Enroll kernel keys thru MOK - 1 - --- 2021-11-24 Eric Snowberg New
[v8,07/19] ima: Move dentry into ima_namespace and others onto stack ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,07/17] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca Enroll kernel keys thru MOK - - - --- 2021-11-24 Eric Snowberg New
[v8,06/19] ima: Move some IMA policy and filesystem related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,06/17] KEYS: CA link restriction Enroll kernel keys thru MOK - - - --- 2021-11-24 Eric Snowberg New
[v8,05/19] ima: Move measurement list related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,05/17] X.509: Parse Basic Constraints for CA Enroll kernel keys thru MOK - - - --- 2021-11-24 Eric Snowberg New
[v8,04/19] ima: Move ima_htable into ima_namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,04/17] integrity: Do not allow machine keyring updates following init Enroll kernel keys thru MOK - 1 - --- 2021-11-24 Eric Snowberg New
[v8,03/19] ima: Move policy related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,03/17] integrity: Introduce a Linux keyring called machine Enroll kernel keys thru MOK - 2 - --- 2021-11-24 Eric Snowberg New
[v8,02/19] ima: Define ima_namespace structure and implement basic functions ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,02/17] integrity: Fix warning about missing prototypes Enroll kernel keys thru MOK - 1 - --- 2021-11-24 Eric Snowberg New
[v8,01/19] securityfs: Extend securityfs with namespacing support ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-01-04 Stefan Berger New
[v8,01/17] KEYS: Create static version of public_key_verify_signature Enroll kernel keys thru MOK - 1 - --- 2021-11-24 Eric Snowberg New
[v7,3/3] integrity: support including firmware ".platform" keys at build time integrity: support including firmware ".platform" keys at build time - 1 - --- 2022-01-05 Nayna Jain New
[v7,2/3] integrity: make integrity_keyring_from_id() non-static integrity: support including firmware ".platform" keys at build time - 1 - --- 2022-01-05 Nayna Jain New
[v7,17/17] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true Enroll kernel keys thru MOK - - - --- 2021-11-16 Eric Snowberg New
« 1 2 3 47 8 »