Security modules development

Show patches with: Submitter = Stefan Berger | Archived = No | 104 patches

« 1 2 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
ima: Fix use-after-free on a dentry's dname.name	ima: Fix use-after-free on a dentry's dname.name	- - -	---	2024-03-22	Stefan Berger		Handled Elsewhere
[v3,10/10] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	pcmoore	Handled Elsewhere
[v3,09/10] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-23	Stefan Berger	pcmoore	Handled Elsewhere
[v3,08/10] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	pcmoore	Handled Elsewhere
[v3,07/10] ima: re-evaluate file integrity on file metadata change	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	pcmoore	Handled Elsewhere
[v3,06/10] evm: Store and detect metadata inode attributes changes	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	pcmoore	Handled Elsewhere
[v3,05/10] ima: Move file-change detection variables into new structure	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	pcmoore	Handled Elsewhere
[v3,04/10] evm: Use the metadata inode to calculate metadata hash	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-23	Stefan Berger	pcmoore	Handled Elsewhere
[v3,03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	pcmoore	Handled Elsewhere
[v3,02/10] security: allow finer granularity in permitting copy-up of security xattrs	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-23	Stefan Berger	pcmoore	Handled Elsewhere
[v3,01/10] ima: Rename backing_inode to real_inode	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-23	Stefan Berger	pcmoore	Handled Elsewhere
[v2,9/9] ima: Record i_version of real_inode for change detection	evm: Support signatures on stacked filesystem	- - -	---	2024-02-05	Stefan Berger		Handled Elsewhere
[v2,8/9] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs	evm: Support signatures on stacked filesystem	- - -	---	2024-02-05	Stefan Berger		Handled Elsewhere
[v2,7/9] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-05	Stefan Berger		Handled Elsewhere
[v2,6/9] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509	evm: Support signatures on stacked filesystem	- - -	---	2024-02-05	Stefan Berger		Handled Elsewhere
[v2,5/9] evm: Use the inode holding the metadata to calculate metadata hash	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-05	Stefan Berger		Handled Elsewhere
[v2,4/9] ima: Reset EVM status upon detecting changes to the real file	evm: Support signatures on stacked filesystem	- - -	---	2024-02-05	Stefan Berger		Handled Elsewhere
[v2,3/9] evm: Implement per signature type decision in security_inode_copy_up_xattr	evm: Support signatures on stacked filesystem	- - -	---	2024-02-05	Stefan Berger		Handled Elsewhere
[v2,2/9] security: allow finer granularity in permitting copy-up of security xattrs	evm: Support signatures on stacked filesystem	2 - -	---	2024-02-05	Stefan Berger		Handled Elsewhere
[v2,1/9] ima: Rename backing_inode to real_inode	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-05	Stefan Berger		Handled Elsewhere
[5/5] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509	evm: Support signatures on stacked filesystem	- - -	---	2024-01-30	Stefan Berger	pcmoore	Superseded
[4/5] evm: Use the real inode's metadata to calculate metadata hash	evm: Support signatures on stacked filesystem	- - -	---	2024-01-30	Stefan Berger	pcmoore	Superseded
[3/5] ima: Reset EVM status upon detecting changes to overlay backing file	evm: Support signatures on stacked filesystem	- - -	---	2024-01-30	Stefan Berger	pcmoore	Superseded
[2/5] evm: Implement per signature type decision in security_inode_copy_up_xattr	evm: Support signatures on stacked filesystem	- - -	---	2024-01-30	Stefan Berger	pcmoore	Superseded
[1/5] security: allow finer granularity in permitting copy-up of security xattrs	evm: Support signatures on stacked filesystem	- - -	---	2024-01-30	Stefan Berger	pcmoore	Superseded
overlayfs: Trigger file re-evaluation by IMA / EVM after writes	overlayfs: Trigger file re-evaluation by IMA / EVM after writes	- - 1	---	2023-04-05	Stefan Berger		Handled Elsewhere
[v15,26/26] ima: Enable IMA namespaces	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,25/26] ima: Restrict informational audit messages to init_ima_ns	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,24/26] ima: Limit number of policy rules in non-init_ima_ns	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,23/26] ima: Show owning user namespace's uid and gid when displaying policy	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,22/26] ima: Introduce securityfs file to activate an IMA namespace	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,21/26] ima: Setup securityfs for IMA namespace	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,20/26] ima: Remove unused iints from the integrity_iint_cache	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,19/26] ima: Namespace audit status flags	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,18/26] integrity: Add optional callback function to integrity_inode_free()	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,17/26] integrity/ima: Define ns_status for storing namespaced iint data	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,16/26] ima: Add functions for creating and freeing of an ima_namespace	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,14/26] ima: Implement hierarchical processing of file accesses	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,13/26] userns: Add pointer to ima_namespace to user_namespace	ima: Namespace IMA with audit support in IMA-ns	1 1 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now	ima: Namespace IMA with audit support in IMA-ns	1 1 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,10/26] ima: Switch to lazy lsm policy updates for better performance	ima: Namespace IMA with audit support in IMA-ns	1 - -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,09/26] ima: Move ima_lsm_policy_notifier into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	1 1 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,08/26] ima: Move IMA securityfs files into ima_namespace or onto stack	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,06/26] ima: Move measurement list related variables into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,05/26] ima: Move ima_htable into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	1 2 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,04/26] ima: Move arch_policy_entry into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	1 2 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,03/26] ima: Define ima_namespace struct and start moving variables into it	ima: Namespace IMA with audit support in IMA-ns	1 1 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,02/26] securityfs: Extend securityfs with namespacing support	ima: Namespace IMA with audit support in IMA-ns	1 - -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v15,01/26] securityfs: rework dentry creation	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2023-02-06	Stefan Berger	pcmoore	RFC
[v14,26/26] ima: Enable IMA namespaces	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,25/26] ima: Restrict informational audit messages to init_ima_ns	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,24/26] ima: Limit number of policy rules in non-init_ima_ns	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,23/26] ima: Show owning user namespace's uid and gid when displaying policy	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,22/26] ima: Introduce securityfs file to activate an IMA namespace	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,21/26] ima: Setup securityfs for IMA namespace	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,20/26] ima: Remove unused iints from the integrity_iint_cache	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,19/26] ima: Namespace audit status flags	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,18/26] integrity: Add optional callback function to integrity_inode_free()	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,17/26] integrity/ima: Define ns_status for storing namespaced iint data	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,16/26] ima: Add functions for creating and freeing of an ima_namespace	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,14/26] ima: Implement hierarchical processing of file accesses	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,13/26] userns: Add pointer to ima_namespace to user_namespace	ima: Namespace IMA with audit support in IMA-ns	1 1 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now	ima: Namespace IMA with audit support in IMA-ns	1 1 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,10/26] ima: Switch to lazy lsm policy updates for better performance	ima: Namespace IMA with audit support in IMA-ns	1 - -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,09/26] ima: Move ima_lsm_policy_notifier into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	1 1 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,08/26] ima: Move IMA securityfs files into ima_namespace or onto stack	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,06/26] ima: Move measurement list related variables into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,05/26] ima: Move ima_htable into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	1 2 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,04/26] ima: Move arch_policy_entry into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	1 2 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,03/26] ima: Define ima_namespace struct and start moving variables into it	ima: Namespace IMA with audit support in IMA-ns	1 1 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,02/26] securityfs: Extend securityfs with namespacing support	ima: Namespace IMA with audit support in IMA-ns	1 - -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v14,01/26] securityfs: rework dentry creation	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2022-09-15	Stefan Berger		Handled Elsewhere
[v13,26/26] ima: Enable IMA namespaces	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,25/26] ima: Restrict informational audit messages to init_ima_ns	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,24/26] ima: Limit number of policy rules in non-init_ima_ns	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,23/26] ima: Show owning user namespace's uid and gid when displaying policy	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,22/26] ima: Introduce securityfs file to activate an IMA namespace	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,21/26] ima: Setup securityfs for IMA namespace	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,20/26] ima: Remove unused iints from the integrity_iint_cache	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,19/26] ima: Namespace audit status flags	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,18/26] integrity: Add optional callback function to integrity_inode_free()	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,17/26] integrity/ima: Define ns_status for storing namespaced iint data	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,16/26] ima: Add functions for creating and freeing of an ima_namespace	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,14/26] ima: Implement hierarchical processing of file accesses	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,13/26] userns: Add pointer to ima_namespace to user_namespace	ima: Namespace IMA with audit support in IMA-ns	1 1 -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now	ima: Namespace IMA with audit support in IMA-ns	1 1 -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()	ima: Namespace IMA with audit support in IMA-ns	- - -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,10/26] ima: Switch to lazy lsm policy updates for better performance	ima: Namespace IMA with audit support in IMA-ns	1 - -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,09/26] ima: Move ima_lsm_policy_notifier into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	1 1 -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,08/26] ima: Move IMA securityfs files into ima_namespace or onto stack	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	2 1 -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,06/26] ima: Move measurement list related variables into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	- 2 -	---	2022-07-07	Stefan Berger		Handled Elsewhere
[v13,05/26] ima: Move ima_htable into ima_namespace	ima: Namespace IMA with audit support in IMA-ns	1 2 -	---	2022-07-07	Stefan Berger		Handled Elsewhere

« 1 2 »