Security modules development

Show patches with: none | 10153 patches

« 1 2 3 4 … 101 102 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	State
integrity/ima: Add declarations to init_once void arguments.	integrity/ima: Add declarations to init_once void arguments.	- - -	---	2021-03-23	Jiele Zhao	New
[GIT,PULL] SELinux fixes for v5.12 (#1)	[GIT,PULL] SELinux fixes for v5.12 (#1)	- - -	---	2021-03-22	Paul Moore	New
[11/11,RFC] drm/i915/dp: fix array overflow warning	treewide: address gcc-11 -Wstringop-overread warnings	- - -	---	2021-03-22	Arnd Bergmann	New
[10/11] drm/i915: avoid stringop-overread warning on pri_latency	treewide: address gcc-11 -Wstringop-overread warnings	- 1 -	---	2021-03-22	Arnd Bergmann	New
[09/11] scsi: lpfc: fix gcc -Wstringop-overread warning	treewide: address gcc-11 -Wstringop-overread warnings	- - -	---	2021-03-22	Arnd Bergmann	New
[08/11] atmel: avoid gcc -Wstringop-overflow warning	treewide: address gcc-11 -Wstringop-overread warnings	- - -	---	2021-03-22	Arnd Bergmann	New
[07/11] ARM: sharpsl_param: work around -Wstringop-overread warning	treewide: address gcc-11 -Wstringop-overread warnings	- - -	---	2021-03-22	Arnd Bergmann	New
[06/11] cgroup: fix -Wzero-length-bounds warnings	treewide: address gcc-11 -Wstringop-overread warnings	- 1 -	---	2021-03-22	Arnd Bergmann	New
[05/11] qnx: avoid -Wstringop-overread warning	treewide: address gcc-11 -Wstringop-overread warnings	- - -	---	2021-03-22	Arnd Bergmann	New
[04/11] ath11: Wstringop-overread warning	treewide: address gcc-11 -Wstringop-overread warnings	- - -	---	2021-03-22	Arnd Bergmann	New
[03/11] security: commoncap: fix -Wstringop-overread warning	treewide: address gcc-11 -Wstringop-overread warnings	1 - -	---	2021-03-22	Arnd Bergmann	New
[02/11] x86: tboot: avoid Wstringop-overread-warning	treewide: address gcc-11 -Wstringop-overread warnings	- - -	---	2021-03-22	Arnd Bergmann	New
[01/11] x86: compressed: avoid gcc-11 -Wstringop-overread warning	treewide: address gcc-11 -Wstringop-overread warnings	- - -	---	2021-03-22	Arnd Bergmann	New
[2/2] integrity: double check iint_cache was initialized	[1/2] ima: don't access a file's integrity status before an IMA policy is loaded	- - -	---	2021-03-22	Mimi Zohar	New
[1/2] ima: don't access a file's integrity status before an IMA policy is loaded	[1/2] ima: don't access a file's integrity status before an IMA policy is loaded	- - -	---	2021-03-22	Mimi Zohar	New
apparmor: avoid -Wempty-body warning	apparmor: avoid -Wempty-body warning	- - -	---	2021-03-22	Arnd Bergmann	New
keys: Allow disabling read permissions for key possessor	keys: Allow disabling read permissions for key possessor	- - -	---	2021-03-22	Andrey Ryabinin	New
[V2] device_cgroup: A typo fix	[V2] device_cgroup: A typo fix	1 - -	---	2021-03-21	Bhaskar Chowdhury	New
security: A typo fix	security: A typo fix	- - -	---	2021-03-21	Bhaskar Chowdhury	New
security: A typo fix	security: A typo fix	1 - -	---	2021-03-21	Bhaskar Chowdhury	New
cap: Trivial spelling fixes throughout the file	cap: Trivial spelling fixes throughout the file	- - -	---	2021-03-21	Bhaskar Chowdhury	New
[RFC,2/2] integrity: double check iint_cache was initialized	[RFC,1/2] ima: don't access a file's integrity status before an IMA policy is loaded	- - -	---	2021-03-19	Mimi Zohar	New
[RFC,1/2] ima: don't access a file's integrity status before an IMA policy is loaded	[RFC,1/2] ima: don't access a file's integrity status before an IMA policy is loaded	- - -	---	2021-03-19	Mimi Zohar	New
[v2,3/3] smack: differentiate between subjective and objective task credentials	Split security_task_getsecid() into subj and obj variants	1 2 -	---	2021-03-18	Paul Moore	New
[v2,2/3] selinux: clarify task subjective and objective credentials	Split security_task_getsecid() into subj and obj variants	- 1 -	---	2021-03-18	Paul Moore	New
[v2,1/3] lsm: separate security_task_getsecid() into subjective and objective variants	Split security_task_getsecid() into subj and obj variants	2 1 -	---	2021-03-18	Paul Moore	New
security: fix misspellings using codespell tool	security: fix misspellings using codespell tool	- - -	---	2021-03-18	Menglong Dong	New
security/smack: fix misspellings using codespell tool	security/smack: fix misspellings using codespell tool	- - -	---	2021-03-18	Menglong Dong	New
security/smack/: fix misspellings using codespell tool	security/smack/: fix misspellings using codespell tool	- - -	---	2021-03-18	Menglong Dong	New
selinux: vsock: Set SID for socket returned by accept()	selinux: vsock: Set SID for socket returned by accept()	- - -	---	2021-03-17	David Brazdil	New
KEYS: trusted: tee: fix build error due to missing include	KEYS: trusted: tee: fix build error due to missing include	- - -	---	2021-03-17	Ahmad Fatoum	New
[v12,10/10] certs: Add support for using elliptic curve keys for signing modules	Add support for x509 certs with NIST P384/256/192 keys	1 1 -	---	2021-03-16	Stefan Berger	New
[v12,09/10] x509: Add OID for NIST P384 and extend parser for it	Add support for x509 certs with NIST P384/256/192 keys	- - 1	---	2021-03-16	Stefan Berger	New
[v12,08/10] ima: Support EC keys for signature verification	Add support for x509 certs with NIST P384/256/192 keys	1 2 -	---	2021-03-16	Stefan Berger	New
[v12,07/10] x509: Add support for parsing x509 certs with ECDSA keys	Add support for x509 certs with NIST P384/256/192 keys	- - -	---	2021-03-16	Stefan Berger	New
[v12,06/10] x509: Detect sm2 keys by their parameters OID	Add support for x509 certs with NIST P384/256/192 keys	- 1 1	---	2021-03-16	Stefan Berger	New
[v12,05/10] ecdsa: Register NIST P384 and extend test suite	Add support for x509 certs with NIST P384/256/192 keys	1 - 1	---	2021-03-16	Stefan Berger	New
[v12,04/10] crypto: Add math to support fast NIST P384	Add support for x509 certs with NIST P384/256/192 keys	- - 1	---	2021-03-16	Stefan Berger	New
[v12,03/10] crypto: Add NIST P384 curve parameters	Add support for x509 certs with NIST P384/256/192 keys	1 - 1	---	2021-03-16	Stefan Berger	New
[v12,02/10] crypto: Add support for ECDSA signature verification	Add support for x509 certs with NIST P384/256/192 keys	- - -	---	2021-03-16	Stefan Berger	New
[v12,01/10] oid_registry: Add OIDs for ECDSA with SHA224/256/384/512	Add support for x509 certs with NIST P384/256/192 keys	1 - -	---	2021-03-16	Stefan Berger	New
[v30,12/12] landlock: Add user and kernel documentation	Landlock LSM	- 1 -	---	2021-03-16	Mickaël Salaün	New
[v30,11/12] samples/landlock: Add a sandbox manager example	Landlock LSM	- 2 -	---	2021-03-16	Mickaël Salaün	New
[v30,09/12] arch: Wire up Landlock syscalls	Landlock LSM	- - -	---	2021-03-16	Mickaël Salaün	New
[v30,08/12] landlock: Add syscall implementations	Landlock LSM	1 - -	---	2021-03-16	Mickaël Salaün	New
[v30,07/12] landlock: Support filesystem access-control	Landlock LSM	- 1 -	---	2021-03-16	Mickaël Salaün	New
[v30,06/12] fs,security: Add sb_delete hook	Landlock LSM	1 2 -	---	2021-03-16	Mickaël Salaün	New
[v30,05/12] LSM: Infrastructure management of the superblock	Landlock LSM	1 2 -	---	2021-03-16	Mickaël Salaün	New
[v30,04/12] landlock: Add ptrace restrictions	Landlock LSM	1 2 -	---	2021-03-16	Mickaël Salaün	New
[v30,03/12] landlock: Set up the security framework and manage credentials	Landlock LSM	1 2 -	---	2021-03-16	Mickaël Salaün	New
[v30,02/12] landlock: Add ruleset and domain management	Landlock LSM	1 2 -	---	2021-03-16	Mickaël Salaün	New
[v30,01/12] landlock: Add object management	Landlock LSM	1 2 -	---	2021-03-16	Mickaël Salaün	New
[v5,1/1] fs: Allow no_new_privs tasks to call chroot(2)	Unprivileged chroot	- 1 -	---	2021-03-16	Mickaël Salaün	New
xfs: use has_capability_noaudit() instead of capable() where appropriate	xfs: use has_capability_noaudit() instead of capable() where appropriate	- - -	---	2021-03-16	Ondrej Mosnacek	New
[v4,1/1] fs: Allow no_new_privs tasks to call chroot(2)	Unprivileged chroot	- 1 -	---	2021-03-16	Mickaël Salaün	New
[v1,3/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	- - -	---	2021-03-16	Ahmad Fatoum	New
[v1,2/3] KEYS: trusted: implement fallback to kernel RNG	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	- - -	---	2021-03-16	Ahmad Fatoum	New
[v1,1/3] crypto: caam - add in-kernel interface for blob generator	KEYS: trusted: Introduce support for NXP CAAM-based trusted keys	- - -	---	2021-03-16	Ahmad Fatoum	New
[v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs	[v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs	- - 1	---	2021-03-16	Ondrej Mosnacek	New
[v7,5/5] certs: Allow root user to append signed hashes to the blacklist keyring	Enable root to update the blacklist keyring	- - -	---	2021-03-12	Mickaël Salaün	New
[v7,4/5] certs: Factor out the blacklist hash creation	Enable root to update the blacklist keyring	- 1 -	---	2021-03-12	Mickaël Salaün	New
[v7,3/5] certs: Make blacklist_vet_description() more strict	Enable root to update the blacklist keyring	- 1 -	---	2021-03-12	Mickaël Salaün	New
[v7,2/5] certs: Check that builtin blacklist hashes are valid	Enable root to update the blacklist keyring	- 1 -	---	2021-03-12	Mickaël Salaün	New
[v7,1/5] tools/certs: Add print-cert-tbs-hash.sh	Enable root to update the blacklist keyring	- 1 1	---	2021-03-12	Mickaël Salaün	New
[GIT,PULL] Add EFI_CERT_X509_GUID support for dbx/mokx entries	[GIT,PULL] Add EFI_CERT_X509_GUID support for dbx/mokx entries	- - -	---	2021-03-11	David Howells	New
[v3,1/1] fs: Allow no_new_privs tasks to call chroot(2)	Unprivileged chroot	- - -	---	2021-03-11	Mickaël Salaün	New
[v2,3/3] tpm: vtpm_proxy: Avoid reading host log when using a virtual device	Fix bugs related to TPM2 event log	- 1 -	---	2021-03-10	Stefan Berger	New
[v2,2/3] tpm: acpi: Check eventlog signature before using it	Fix bugs related to TPM2 event log	- 1 -	---	2021-03-10	Stefan Berger	New
[v2,1/3] tpm: efi: Use local variable for calculating final log size	Fix bugs related to TPM2 event log	- 1 -	---	2021-03-10	Stefan Berger	New
[v2,1/1] fs: Allow no_new_privs tasks to call chroot(2)	Unprivileged chroot	- - -	---	2021-03-10	Mickaël Salaün	New
[v1,1/1] fs: Allow no_new_privs tasks to call chroot(2)	Unprivileged chroot	- - -	---	2021-03-10	Mickaël Salaün	New
LSM: SafeSetID: Fix code specification by scripts/checkpatch.pl	LSM: SafeSetID: Fix code specification by scripts/checkpatch.pl	- - -	---	2021-03-10	Yanwei Gao	New
[v25,25/25] AppArmor: Remove the exclusive flag	LSM: Module stacking for AppArmor	2 1 -	---	2021-03-09	Casey Schaufler	New
[v25,24/25] LSM: Add /proc attr entry for full LSM context	LSM: Module stacking for AppArmor	- 1 -	---	2021-03-09	Casey Schaufler	New
[v25,23/25] Audit: Add a new record for multiple object LSM attributes	LSM: Module stacking for AppArmor	- - -	---	2021-03-09	Casey Schaufler	New
[v25,22/25] Audit: Add new record for multiple process LSM attributes	LSM: Module stacking for AppArmor	- - -	---	2021-03-09	Casey Schaufler	New
[v25,21/25] audit: add support for non-syscall auxiliary records	LSM: Module stacking for AppArmor	- - -	---	2021-03-09	Casey Schaufler	New
[v25,20/25] LSM: Verify LSM display sanity in binder	LSM: Module stacking for AppArmor	2 2 -	---	2021-03-09	Casey Schaufler	New
[v25,19/25] NET: Store LSM netlabel data in a lsmblob	LSM: Module stacking for AppArmor	2 2 -	---	2021-03-09	Casey Schaufler	New
[v25,18/25] LSM: security_secid_to_secctx in netlink netfilter	LSM: Module stacking for AppArmor	2 2 -	---	2021-03-09	Casey Schaufler	New
[v25,17/25] LSM: Use lsmcontext in security_inode_getsecctx	LSM: Module stacking for AppArmor	3 1 -	---	2021-03-09	Casey Schaufler	New
[v25,16/25] LSM: Use lsmcontext in security_secid_to_secctx	LSM: Module stacking for AppArmor	2 1 -	---	2021-03-09	Casey Schaufler	New
[v25,15/25] LSM: Ensure the correct LSM context releaser	LSM: Module stacking for AppArmor	1 2 -	---	2021-03-09	Casey Schaufler	New
[v25,14/25] LSM: Specify which LSM to display	LSM: Module stacking for AppArmor	- - -	---	2021-03-09	Casey Schaufler	New
[v25,13/25] IMA: Change internal interfaces to use lsmblobs	LSM: Module stacking for AppArmor	1 2 -	---	2021-03-09	Casey Schaufler	New
[v25,12/25] LSM: Use lsmblob in security_cred_getsecid	LSM: Module stacking for AppArmor	2 2 -	---	2021-03-09	Casey Schaufler	New
[v25,11/25] LSM: Use lsmblob in security_inode_getsecid	LSM: Module stacking for AppArmor	2 2 -	---	2021-03-09	Casey Schaufler	New
[v25,10/25] LSM: Use lsmblob in security_task_getsecid	LSM: Module stacking for AppArmor	2 2 -	---	2021-03-09	Casey Schaufler	New
[v25,09/25] LSM: Use lsmblob in security_ipc_getsecid	LSM: Module stacking for AppArmor	2 2 -	---	2021-03-09	Casey Schaufler	New
[v25,08/25] LSM: Use lsmblob in security_secid_to_secctx	LSM: Module stacking for AppArmor	- - -	---	2021-03-09	Casey Schaufler	New
[v25,07/25] LSM: Use lsmblob in security_secctx_to_secid	LSM: Module stacking for AppArmor	- - -	---	2021-03-09	Casey Schaufler	New
[v25,06/25] LSM: Use lsmblob in security_kernel_act_as	LSM: Module stacking for AppArmor	2 2 -	---	2021-03-09	Casey Schaufler	New
[v25,05/25] LSM: Use lsmblob in security_audit_rule_match	LSM: Module stacking for AppArmor	2 2 -	---	2021-03-09	Casey Schaufler	New
[v25,04/25] IMA: avoid label collisions with stacked LSMs	LSM: Module stacking for AppArmor	- - -	---	2021-03-09	Casey Schaufler	New
[v25,03/25] LSM: provide lsm name and id slot mappings	LSM: Module stacking for AppArmor	- - -	---	2021-03-09	Casey Schaufler	New
[v25,02/25] LSM: Add the lsmblob data structure.	LSM: Module stacking for AppArmor	3 - -	---	2021-03-09	Casey Schaufler	New
[v25,01/25] LSM: Infrastructure management of the sock security	LSM: Module stacking for AppArmor	2 2 -	---	2021-03-09	Casey Schaufler	New
[RFC,3/3] include/linux: Update LSM hook text part2	LSM Documentation - Render lsm_hooks.h for kernel_docs	- - -	---	2021-03-09	Richard Haines	New
[RFC,2/3] include/linux: Update LSM hook text part1	LSM Documentation - Render lsm_hooks.h for kernel_docs	- - -	---	2021-03-09	Richard Haines	New
[RFC,1/3] Documentation/security: Update LSM security hook text	LSM Documentation - Render lsm_hooks.h for kernel_docs	- - -	---	2021-03-09	Richard Haines	New

« 1 2 3 4 … 101 102 »