Show patches with: none      |   9937 patches
« 1 2 3 499 100 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
security: tomoyo: fix error return code of tomoyo_update_domain() security: tomoyo: fix error return code of tomoyo_update_domain() - - - --- 2021-03-06 Jia-Ju Bai New
[v4,11/11] ima: Don't remove security.ima if file must not be appraised evm: Improve usability of portable signatures - 1 - --- 2021-03-05 Roberto Sassu New
[v4,10/11] ima: Introduce template field evmsig and write to field sig as fallback evm: Improve usability of portable signatures - - - --- 2021-03-05 Roberto Sassu New
[v4,09/11] ima: Allow imasig requirement to be satisfied by EVM portable signatures evm: Improve usability of portable signatures - 1 - --- 2021-03-05 Roberto Sassu New
[v4,08/11] evm: Allow setxattr() and setattr() for unmodified metadata evm: Improve usability of portable signatures - - - --- 2021-03-05 Roberto Sassu New
[v4,07/11] evm: Allow xattr/attr operations for portable signatures evm: Improve usability of portable signatures - 1 - --- 2021-03-05 Roberto Sassu New
[v4,06/11] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe evm: Improve usability of portable signatures - - - --- 2021-03-05 Roberto Sassu New
[v4,05/11] evm: Introduce evm_status_revalidate() evm: Improve usability of portable signatures - - - --- 2021-03-05 Roberto Sassu New
[v4,04/11] ima: Move ima_reset_appraise_flags() call to post hooks evm: Improve usability of portable signatures - - - --- 2021-03-05 Roberto Sassu New
[v4,03/11] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded evm: Improve usability of portable signatures - - - --- 2021-03-05 Roberto Sassu New
[v4,02/11] evm: Load EVM key in ima_load_x509() to avoid appraisal evm: Improve usability of portable signatures - 1 - --- 2021-03-05 Roberto Sassu New
[v4,01/11] evm: Execute evm_inode_init_security() only when an HMAC key is loaded evm: Improve usability of portable signatures - 1 - --- 2021-03-05 Roberto Sassu New
[v2] CIPSO: Fix unaligned memory access in cipso_v4_gentag_hdr [v2] CIPSO: Fix unaligned memory access in cipso_v4_gentag_hdr 1 - - --- 2021-03-05 Sergey Nazarov New
[v3] security/loadpin: Replace "kernel_read_file_str[j]" with function "kernel_read_file_id_str(j)". [v3] security/loadpin: Replace "kernel_read_file_str[j]" with function "kernel_read_file_id_str(j)". - - - --- 2021-03-05 Jiele zhao New
[v2] security/loadpin: Replace "kernel_read_file_str[j]" with function "kernel_read_file_id_str(j)". [v2] security/loadpin: Replace "kernel_read_file_str[j]" with function "kernel_read_file_id_str(j)". - - - --- 2021-03-05 Jiele zhao New
[v6] ARM: Implement SLS mitigation [v6] ARM: Implement SLS mitigation - - - --- 2021-03-05 Jian Cai New
cipso,calipso: resolve a number of problems with the DOI refcounts cipso,calipso: resolve a number of problems with the DOI refcounts - - - --- 2021-03-04 Paul Moore New
CIPSO: Fix unaligned memory access in cipso_v4_gentag_hdr CIPSO: Fix unaligned memory access in cipso_v4_gentag_hdr - - - --- 2021-03-04 Sergey Nazarov New
security/loadpin: Replace "kernel_read_file_str[j]" with function "kernel_read_file_id_str(j)". security/loadpin: Replace "kernel_read_file_str[j]" with function "kernel_read_file_id_str(j)". - - - --- 2021-03-04 Jiele zhao New
[v3,1/1] mm/madvise: replace ptrace attach requirement for process_madvise [v3,1/1] mm/madvise: replace ptrace attach requirement for process_madvise 2 1 - --- 2021-03-03 Suren Baghdasaryan New
ima: Fix the error code for restoring the PCR value ima: Fix the error code for restoring the PCR value - - - --- 2021-03-03 Li Huafei New
[v9,4/4] MAINTAINERS: Add entry for TEE based Trusted Keys Introduce TEE based Trusted Keys support 1 - - --- 2021-03-01 Sumit Garg New
[v9,3/4] doc: trusted-encrypted: updates with TEE as a new trust source Introduce TEE based Trusted Keys support - - - --- 2021-03-01 Sumit Garg New
[v9,2/4] KEYS: trusted: Introduce TEE based Trusted Keys Introduce TEE based Trusted Keys support - 1 1 --- 2021-03-01 Sumit Garg New
[v9,1/4] KEYS: trusted: Add generic trusted keys framework Introduce TEE based Trusted Keys support - 1 - --- 2021-03-01 Sumit Garg New
[v5,8/8] MAINTAINERS: Add a new entry for the Brute LSM Fork brute force attack mitigation - - - --- 2021-02-27 John Wood New
[v5,7/8] Documentation: Add documentation for the Brute LSM Fork brute force attack mitigation - - - --- 2021-02-27 John Wood New
[v5,6/8] selftests/brute: Add tests for the Brute LSM Fork brute force attack mitigation - - - --- 2021-02-27 John Wood New
[v5,5/8] security/brute: Mitigate a brute force attack Fork brute force attack mitigation - - - --- 2021-02-27 John Wood New
[v5,4/8] security/brute: Fine tuning the attack detection Fork brute force attack mitigation - - - --- 2021-02-27 John Wood New
[v5,3/8] securtiy/brute: Detect a brute force attack Fork brute force attack mitigation - - - --- 2021-02-27 John Wood New
[v5,2/8] security/brute: Define a LSM and manage statistical data Fork brute force attack mitigation - - - --- 2021-02-27 John Wood New
[v5,1/8] security: Add LSM hook at the point where a task gets a fatal signal Fork brute force attack mitigation - - - --- 2021-02-27 John Wood New
[v4,1/3,security] Add new hook to compare new mount to an existing mount [v4,1/3,security] Add new hook to compare new mount to an existing mount - - - --- 2021-02-27 Olga Kornievskaia New
[v2,4/4] integrity: Load mokx variables into the blacklist keyring keys: Add EFI_CERT_X509_GUID support for dbx/mokx entries - 1 - --- 2021-02-26 David Howells New
[v2,3/4] certs: Add ability to preload revocation certs keys: Add EFI_CERT_X509_GUID support for dbx/mokx entries 1 - - --- 2021-02-26 David Howells New
[v2,2/4] certs: Move load_system_certificate_list to a common function keys: Add EFI_CERT_X509_GUID support for dbx/mokx entries 1 - - --- 2021-02-26 David Howells New
[v2,1/4] certs: Add EFI_CERT_X509_GUID support for dbx entries keys: Add EFI_CERT_X509_GUID support for dbx/mokx entries - - - --- 2021-02-26 David Howells New
[4/4] integrity: Load mokx variables into the blacklist keyring keys: Add EFI_CERT_X509_GUID support for dbx/mokx entries - - - --- 2021-02-25 David Howells New
[3/4] certs: Add ability to preload revocation certs keys: Add EFI_CERT_X509_GUID support for dbx/mokx entries 1 - - --- 2021-02-25 David Howells New
[2/4] certs: Move load_system_certificate_list to a common function keys: Add EFI_CERT_X509_GUID support for dbx/mokx entries 1 - - --- 2021-02-25 David Howells New
[1/4] certs: Add EFI_CERT_X509_GUID support for dbx entries keys: Add EFI_CERT_X509_GUID support for dbx/mokx entries - - - --- 2021-02-25 David Howells New
[v29,12/12] landlock: Add user and kernel documentation Landlock LSM - 1 - --- 2021-02-25 Mickaël Salaün New
[v29,11/12] samples/landlock: Add a sandbox manager example Landlock LSM - 1 - --- 2021-02-25 Mickaël Salaün New
[v29,09/12] arch: Wire up Landlock syscalls Landlock LSM - - - --- 2021-02-25 Mickaël Salaün New
[v29,08/12] landlock: Add syscall implementations Landlock LSM 1 - - --- 2021-02-25 Mickaël Salaün New
[v29,07/12] landlock: Support filesystem access-control Landlock LSM - - - --- 2021-02-25 Mickaël Salaün New
[v29,06/12] fs,security: Add sb_delete hook Landlock LSM 1 1 - --- 2021-02-25 Mickaël Salaün New
[v29,05/12] LSM: Infrastructure management of the superblock Landlock LSM 1 1 - --- 2021-02-25 Mickaël Salaün New
[v29,04/12] landlock: Add ptrace restrictions Landlock LSM 1 1 - --- 2021-02-25 Mickaël Salaün New
[v29,03/12] landlock: Set up the security framework and manage credentials Landlock LSM 1 1 - --- 2021-02-25 Mickaël Salaün New
[v29,02/12] landlock: Add ruleset and domain management Landlock LSM 1 - - --- 2021-02-25 Mickaël Salaün New
[v29,01/12] landlock: Add object management Landlock LSM 1 1 - --- 2021-02-25 Mickaël Salaün New
perf/core: fix unconditional security_locked_down() call perf/core: fix unconditional security_locked_down() call - - - --- 2021-02-24 Ondrej Mosnacek New
[v5] ARM: Implement SLS mitigation [v5] ARM: Implement SLS mitigation - 1 - --- 2021-02-23 Jian Cai New
[v5] ARM: Implement SLS mitigation [v5] ARM: Implement SLS mitigation - 1 - --- 2021-02-23 Jian Cai New
[v3,1/1] security: Add CONFIG_LSM_AUTO to handle default LSM stack ordering Automatic LSM stack ordering - - - --- 2021-02-22 Mickaël Salaün New
[v3,8/8] MAINTAINERS: Add a new entry for the Brute LSM Fork brute force attack mitigation - - - --- 2021-02-21 John Wood New
[v3,7/8] Documentation: Add documentation for the Brute LSM Fork brute force attack mitigation - - - --- 2021-02-21 John Wood New
[v3,6/8] selftests/brute: Add tests for the Brute LSM Fork brute force attack mitigation - - - --- 2021-02-21 John Wood New
[v3,5/8] security/brute: Mitigate a brute force attack Fork brute force attack mitigation - - - --- 2021-02-21 John Wood New
[v3,4/8] security/brute: Fine tuning the attack detection Fork brute force attack mitigation - - - --- 2021-02-21 John Wood New
[v3,3/8] securtiy/brute: Detect a brute force attack Fork brute force attack mitigation - - - --- 2021-02-21 John Wood New
[v3,2/8] security/brute: Define a LSM and manage statistical data Fork brute force attack mitigation - - - --- 2021-02-21 John Wood New
[v3,1/8] security: Add LSM hook at the point where a task gets a fatal signal Fork brute force attack mitigation - - - --- 2021-02-21 John Wood New
[RFC,4/4] apparmor: differentiate between subjective and objective task credentials Split security_task_getsecid() into subj and obj variants - - - --- 2021-02-19 Paul Moore New
[RFC,3/4] smack: differentiate between subjective and objective task credentials Split security_task_getsecid() into subj and obj variants - - - --- 2021-02-19 Paul Moore New
[RFC,2/4] selinux: clarify task subjective and objective credentials Split security_task_getsecid() into subj and obj variants - - - --- 2021-02-19 Paul Moore New
[RFC,1/4] lsm: separate security_task_getsecid() into subjective and objective variants Split security_task_getsecid() into subj and obj variants 1 - - --- 2021-02-19 Paul Moore New
[v4] ARM: Implement SLS mitigation [v4] ARM: Implement SLS mitigation - 1 - --- 2021-02-19 Jian Cai New
[v3,3/3] NFSv4 account for selinux security context when deciding to share superblock [v3,1/3,security] Add new hook to compare new mount to an existing mount - - - --- 2021-02-19 Olga Kornievskaia New
[v3,2/3,NFS] cleanup: remove unneeded null check in nfs_fill_super() [v3,1/3,security] Add new hook to compare new mount to an existing mount - - - --- 2021-02-19 Olga Kornievskaia New
[v3,1/3,security] Add new hook to compare new mount to an existing mount [v3,1/3,security] Add new hook to compare new mount to an existing mount - - - --- 2021-02-19 Olga Kornievskaia New
[v3] ARM: Implement SLS mitigation [v3] ARM: Implement SLS mitigation - 1 - --- 2021-02-19 Jian Cai New
[v3,2/2] NFSv4 account for selinux security context when deciding to share superblock [v3,1/2,security] Add new hook to compare new mount to an existing mount - - - --- 2021-02-19 Olga Kornievskaia New
[v3,1/2,security] Add new hook to compare new mount to an existing mount [v3,1/2,security] Add new hook to compare new mount to an existing mount - - - --- 2021-02-19 Olga Kornievskaia New
certs: Add support for using elliptic curve keys for signing modules certs: Add support for using elliptic curve keys for signing modules - 1 1 --- 2021-02-19 Stefan Berger New
ima: Replacing deprecated strlcpy with strscpy ima: Replacing deprecated strlcpy with strscpy - - - --- 2021-02-19 Palash Oswal New
[v2,5/5] ima: enable loading of build time generated key on .ima keyring ima: kernel build support for loading the kernel module signing key - 2 - --- 2021-02-18 Nayna Jain New
[v2,4/5] keys: define build time generated ephemeral kernel CA key ima: kernel build support for loading the kernel module signing key - - - --- 2021-02-18 Nayna Jain New
[v2,3/5] ima: update kernel module signing process during build ima: kernel build support for loading the kernel module signing key - 1 - --- 2021-02-18 Nayna Jain New
[v2,2/5] keys: generate self-signed module signing key using CSR ima: kernel build support for loading the kernel module signing key - 1 - --- 2021-02-18 Nayna Jain New
[v2,1/5] keys: cleanup build time module signing keys ima: kernel build support for loading the kernel module signing key - 1 - --- 2021-02-18 Nayna Jain New
[v2,2/2] NFSv4 account for selinux security context when deciding to share superblock [v2,1/2,security] Add new hook to compare new mount to an existing mount - - - --- 2021-02-18 Olga Kornievskaia New
[v2,1/2,security] Add new hook to compare new mount to an existing mount [v2,1/2,security] Add new hook to compare new mount to an existing mount - - - --- 2021-02-18 Olga Kornievskaia New
[GIT,PULL] Smack patches for v5.12 [GIT,PULL] Smack patches for v5.12 - - - --- 2021-02-16 Casey Schaufler New
RTIC: selinux: ARM64: Move selinux_state to a separate page RTIC: selinux: ARM64: Move selinux_state to a separate page 1 - - --- 2021-02-16 Preeti Nagar New
[GIT,PULL] SELinux patches for v5.12 [GIT,PULL] SELinux patches for v5.12 - - - --- 2021-02-15 Paul Moore New
[v2,3/3] security: Add LSMs dependencies to CONFIG_LSM Kconfig oldconfig string update - - - --- 2021-02-15 Mickaël Salaün New
[v2,2/3] kconfig: Ask user if string needs to be changed when dependency changed Kconfig oldconfig string update - - - --- 2021-02-15 Mickaël Salaün New
[v2,1/3] kconfig: Remove duplicate call to sym_get_string_value() Kconfig oldconfig string update - - - --- 2021-02-15 Mickaël Salaün New
[v1,3/3] security: Add LSMs dependencies to CONFIG_LSM Kconfig oldconfig string update - - - --- 2021-02-15 Mickaël Salaün New
[v1,2/3] kconfig: Ask user if string needs to be changed when dependency changed Kconfig oldconfig string update - - - --- 2021-02-15 Mickaël Salaün New
[v1,1/3] kconfig: Remove duplicate call to sym_get_string_value() Kconfig oldconfig string update - - - --- 2021-02-15 Mickaël Salaün New
integrity/ima: Provide Kconfig option for ima-modsig template integrity/ima: Provide Kconfig option for ima-modsig template - - - --- 2021-02-15 Weiß, Michael New
[GIT,PULL] tomoyo fixes for v5.12 [GIT,PULL] tomoyo fixes for v5.12 - - - --- 2021-02-15 Tetsuo Handa New
[2/2] NFSv4 account for selinux security context when deciding to share superblock [1/2,security] Add new hook to compare new mount to an existing mount - - - --- 2021-02-12 Olga Kornievskaia New
[1/2,security] Add new hook to compare new mount to an existing mount [1/2,security] Add new hook to compare new mount to an existing mount - - - --- 2021-02-12 Olga Kornievskaia New
[v2] ARM: Implement Clang's SLS mitigation [v2] ARM: Implement Clang's SLS mitigation - - - --- 2021-02-12 Jian Cai New
[v3] selinux: measure state and policy capabilities [v3] selinux: measure state and policy capabilities - - - --- 2021-02-12 Lakshmi Ramasubramanian New
« 1 2 3 499 100 »