Show patches with: Archived = No       |   4193 patches
« 1 2 3 441 42 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[GIT,PULL] Landlock fix for v6.11 [GIT,PULL] Landlock fix for v6.11 - - - --- 2024-07-20 Mickaël Salaün New
[RFC,v1,3/3] landlock: Document network restrictions tied to sockets Use socket's Landlock domain - - - --- 2024-07-19 Mickaël Salaün New
[RFC,v1,2/3] selftests/landlock: Add test for socket's domain Use socket's Landlock domain - - - --- 2024-07-19 Mickaël Salaün New
[RFC,v1,1/3] landlock: Use socket's domain instead of current's domain Use socket's Landlock domain - - - --- 2024-07-19 Mickaël Salaün New
[bpf-next,v2,9/9] selftests/bpf: Add verifier tests for bpf lsm Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v2,8/9] selftests/bpf: Add test for lsm tail call Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v2,7/9] selftests/bpf: Add return value checks for failed tests Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v2,6/9] selftests/bpf: Avoid load failure for token_lsm.c Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v2,5/9] bpf, verifier: improve signed ranges inference for BPF_AND Add BPF LSM return value range check, BPF part 1 - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v2,4/9] bpf: Fix compare error in function retval_range_within Add BPF LSM return value range check, BPF part 1 - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v2,3/9] bpf: Prevent tail call between progs attached to different hooks Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v2,2/9] bpf, lsm: Add check for BPF LSM return value Add BPF LSM return value range check, BPF part 1 - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v2,1/9] bpf, lsm: Add disabled BPF LSM hook list Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v1,9/9] selftests/bpf: Add verifier tests for bpf lsm Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v1,8/9] selftests/bpf: Add test for lsm tail call Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v1,7/9] selftests/bpf: Add return value checks for failed tests Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v1,6/9] selftests/bpf: Avoid load failure for token_lsm.c Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v1,5/9] bpf, verifier: improve signed ranges inference for BPF_AND Add BPF LSM return value range check, BPF part 1 - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v1,4/9] bpf: Fix compare error in function retval_range_within Add BPF LSM return value range check, BPF part 1 - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v1,3/9] bpf: Prevent tail call between progs attached to different hooks Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v1,2/9] bpf, lsm: Add check for BPF LSM return value Add BPF LSM return value range check, BPF part 1 - - --- 2024-07-19 Xu Kuohai New
[bpf-next,v1,1/9] bpf, lsm: Add disabled BPF LSM hook list Add BPF LSM return value range check, BPF part - - - --- 2024-07-19 Xu Kuohai New
[v2] tpm: Add new device/vendor ID 0x50666666 [v2] tpm: Add new device/vendor ID 0x50666666 - - - --- 2024-07-18 Jett Rink New
[v7,4/4] documentation/landlock: Adding scoping mechanism documentation Landlock: Abstract Unix Socket Scoping Support - - - --- 2024-07-18 Tahera Fahimi New
[v7,3/4] samples/landlock: Support abstract unix socket restriction Landlock: Abstract Unix Socket Scoping Support - - - --- 2024-07-18 Tahera Fahimi New
[v7,2/4] selftests/landlock: Abstract unix socket restriction tests Landlock: Abstract Unix Socket Scoping Support - - - --- 2024-07-18 Tahera Fahimi New
[v7,1/4] Landlock: Add abstract unix socket connect restriction Landlock: Abstract Unix Socket Scoping Support - - - --- 2024-07-18 Tahera Fahimi New
[v5,16/21] mm/mmap: Use vms accounted pages in mmap_region() Untitled series #872064 - 3 - --- 2024-07-17 Liam R. Howlett New
[v2,2/2] KEYS: trusted: dcp: fix leak of blob encryption key [v2,1/2] KEYS: trusted: fix DCP blob payload length assignment - - - --- 2024-07-17 David Gstir New
[v2,1/2] KEYS: trusted: fix DCP blob payload length assignment [v2,1/2] KEYS: trusted: fix DCP blob payload length assignment - - - --- 2024-07-17 David Gstir New
proc: add config to block FOLL_FORCE in mem writes proc: add config to block FOLL_FORCE in mem writes - - - --- 2024-07-17 Adrian Ratiu New
[v3] tpm: Relocate buf->handles to appropriate place [v3] tpm: Relocate buf->handles to appropriate place - - - --- 2024-07-16 Jarkko Sakkinen New
[v2] tpm: Relocate buf->handles to appropriate place [v2] tpm: Relocate buf->handles to appropriate place - - - --- 2024-07-16 Jarkko Sakkinen New
tpm: Fix alignment of buf->handles tpm: Fix alignment of buf->handles - - - --- 2024-07-16 Jarkko Sakkinen New
[GIT,PULL] Smack patches for 6.11 [GIT,PULL] Smack patches for 6.11 - - - --- 2024-07-15 Casey Schaufler New
[GIT,PULL] lsm/lsm-pr-20240715 [GIT,PULL] lsm/lsm-pr-20240715 - - - --- 2024-07-15 Paul Moore New
[GIT,PULL] selinux/selinux-pr-20240715 [GIT,PULL] selinux/selinux-pr-20240715 - - - --- 2024-07-15 Paul Moore New
landlock: Various documentation improvements landlock: Various documentation improvements - - - --- 2024-07-15 Günther Noack New
[v2,2/2] landlock: Mention -1 return code on failure [v2,1/2] Unify error wording - 1 - --- 2024-07-12 Petr Vorel New
[v2,1/2] Unify error wording [v2,1/2] Unify error wording - - - --- 2024-07-12 Petr Vorel New
[1/1] landlock: Mention -1 return code on failure [1/1] landlock: Mention -1 return code on failure - 1 - --- 2024-07-12 Petr Vorel New
[v2] landlock: Clarify documentation for struct landlock_ruleset_attr [v2] landlock: Clarify documentation for struct landlock_ruleset_attr - - - --- 2024-07-11 Günther Noack New
[v4,16/21] mm/mmap: Use vms accounted pages in mmap_region() Untitled series #870217 - 3 - --- 2024-07-10 Liam R. Howlett New
landlock: Clarify documentation for struct landlock_ruleset_attr landlock: Clarify documentation for struct landlock_ruleset_attr - 1 - --- 2024-07-10 Günther Noack New
[RFC] lsm: add the inode_free_security_rcu() LSM implementation hook [RFC] lsm: add the inode_free_security_rcu() LSM implementation hook - - - --- 2024-07-10 Paul Moore New
binfmt_elf: Fail execution of shared objects with ELIBEXEC (was: Re: [RFC PATCH v19 1/5] exec: Add … binfmt_elf: Fail execution of shared objects with ELIBEXEC (was: Re: [RFC PATCH v19 1/5] exec: Add … - - - --- 2024-07-08 Florian Weimer New
[RFC,v19,5/5] samples/should-exec: Add set-should-exec Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün New
[RFC,v19,4/5] selftests/landlock: Add tests for execveat + AT_CHECK Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün New
[RFC,v19,3/5] selftests/exec: Add tests for AT_CHECK and related securebits Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün New
[RFC,v19,2/5] security: Add new SHOULD_EXEC_CHECK and SHOULD_EXEC_RESTRICT securebits Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün New
[RFC,v19,1/5] exec: Add a new AT_CHECK flag to execveat(2) Script execution control (was O_MAYEXEC) - - - --- 2024-07-04 Mickaël Salaün New
[v2] dm verity: add support for signature verification with platform keyring [v2] dm verity: add support for signature verification with platform keyring - - - --- 2024-07-04 Luca Boccassi New
[RFC,v2,8/8] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,7/8] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,6/8] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,5/8] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,4/8] clavis: Prevent clavis boot param from changing during kexec Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,3/8] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,2/8] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
[RFC,v2,1/8] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore New
cred: plug a hole in struct cred cred: plug a hole in struct cred - - - --- 2024-05-30 Mateusz Guzik pcmoore New
[v1,1/2] landlock: Fix d_parent walk Fix warning in collect_domain_accesses() - - - --- 2024-05-16 Mickaël Salaün pcmoore New
[RFC] ima: Use sequence number to wait for policy updates [RFC] ima: Use sequence number to wait for policy updates - - - --- 2024-05-07 Roberto Sassu pcmoore New
[2/2] selftests/landlock: Create 'listen_zero', 'deny_listen_zero' tests Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Ivanov Mikhail pcmoore New
[1/2] landlock: Add hook on socket_listen() Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Ivanov Mikhail pcmoore New
[v3,12/12] Activate the configuration and build of the TSEM LSM. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,11/12] Implement the internal Trusted Modeling Agent. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,10/12] Implement security event mapping. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,09/12] Add event processing implementation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,08/12] Add security event description export facility. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,07/12] Add namespace implementation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,06/12] Implement TSEM control plane. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,05/12] Add root domain trust implementation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,04/12] Add primary TSEM implementation file. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,03/12] TSEM global declarations. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,02/12] Add TSEM specific documentation. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v3,01/12] Update MAINTAINERS file. Implement Trusted Security Event Modeling. - - - --- 2024-04-01 Dr. Greg pcmoore New
[v2,6/6] LSM: Infrastructure management of the perf_event security blob LSM: Infrastructure blob allocation - 1 - --- 2024-07-10 Casey Schaufler pcmoore Under Review
[v2,5/6] LSM: Infrastructure management of the infiniband blob LSM: Infrastructure blob allocation - 1 - --- 2024-07-10 Casey Schaufler pcmoore Under Review
[v2,4/6] LSM: Infrastructure management of the dev_tun blob LSM: Infrastructure blob allocation - 1 - --- 2024-07-10 Casey Schaufler pcmoore Under Review
[v2,3/6] LSM: Add helper for blob allocations LSM: Infrastructure blob allocation - 1 - --- 2024-07-10 Casey Schaufler pcmoore Under Review
[v2,2/6] LSM: Infrastructure management of the key security blob LSM: Infrastructure blob allocation - 1 - --- 2024-07-10 Casey Schaufler pcmoore Under Review
[v2,1/6] LSM: Infrastructure management of the sock security LSM: Infrastructure blob allocation 2 2 - --- 2024-07-10 Casey Schaufler pcmoore Under Review
[v14,3/3] security: Replace indirect LSM hook calls with static calls Reduce overhead of LSMs with static calls 2 2 - --- 2024-07-10 KP Singh pcmoore Under Review
[v14,2/3] security: Count the LSMs enabled at compile time Reduce overhead of LSMs with static calls 2 2 - --- 2024-07-10 KP Singh pcmoore Under Review
[v14,1/3] kernel: Add helper macros for loop unrolling Reduce overhead of LSMs with static calls 2 2 - --- 2024-07-10 KP Singh pcmoore Under Review
[1/6] LSM: Infrastructure management of the sock security LSM: Infrastructure blob allocation 2 2 - --- 2024-07-08 Casey Schaufler pcmoore Under Review
[RFC,1/2] lsm: introduce new hook security_vm_execstack [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[RFC,2/2] selinux: wire up new execstack LSM hook [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[10/10] coccinelle: add script for capable_any() [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[09/10] bpf: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[08/10] net: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[07/10] kernel: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 2 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[06/10] fs: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[05/10] drivers: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 2 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[04/10] block: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[03/10] capability: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[02/10] capability: add any wrappers to test for multiple caps with exactly one audit message [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 2 1 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[v3,3/3] fs/exec: remove current->in_execve flag fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
« 1 2 3 441 42 »