Show patches with: none      |   15839 patches
« 1 2 ... 3 4 5158 159 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v2] nfsd: set security label during create operations [v2] nfsd: set security label during create operations - 1 - --- 2024-05-02 Stephen Smalley Handled Elsewhere
[RFC] nfsd: set security label during create operations [RFC] nfsd: set security label during create operations - - - --- 2024-05-02 Stephen Smalley Handled Elsewhere
MAINTAINERS: update the LSM file list MAINTAINERS: update the LSM file list - - - --- 2024-05-01 Paul Moore pcmoore Accepted
[v3,2/2] fs/xattr: add *at family syscalls Untitled series #848336 - 1 - --- 2024-04-26 Christian Göttsche Handled Elsewhere
MAINTAINER: Add Günther Noack as Landlock reviewer MAINTAINER: Add Günther Noack as Landlock reviewer 1 - - --- 2024-04-25 Mickaël Salaün Handled Elsewhere
[net,v2] netlabel: fix RCU annotation for IPv4 options on socket creation [net,v2] netlabel: fix RCU annotation for IPv4 options on socket creation - - - --- 2024-04-24 Davide Caratti pcmoore Changes Requested
[v3,11/11] sysctl: treewide: constify the ctl_table argument of handlers sysctl: treewide: constify ctl_table argument of sysctl handlers 1 - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,10/11] sysctl: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,09/11] ipvs: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,08/11] ipv6/ndisc: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,07/11] ipv6/addrconf: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,06/11] ipv4/sysctl: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,05/11] neighbour: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,04/11] utsname: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,03/11] hugetlb: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,02/11] cgroup: bpf: constify ctl_table arguments and fields sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v3,01/11] stackleak: don't modify ctl_table argument sysctl: treewide: constify ctl_table argument of sysctl handlers 1 - - --- 2024-04-23 Thomas Weißschuh pcmoore Handled Elsewhere
[v2] tty: n_gsm: restrict tty devices to attach [v2] tty: n_gsm: restrict tty devices to attach - - - --- 2024-04-20 Tetsuo Handa Handled Elsewhere
[v15,11/11] fs/ioctl: Add a comment to keep the logic in sync with LSM policies Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,10/11] MAINTAINERS: Notify Landlock maintainers about changes to fs/ioctl.c Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,09/11] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,08/11] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,07/11] selftests/landlock: Exhaustive test for the IOCTL allow-list Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,06/11] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,05/11] selftests/landlock: Test IOCTLs on named pipes Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,04/11] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,03/11] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,02/11] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[v15,01/11] landlock: Add IOCTL access right for character and block devices Landlock: IOCTL support - - - --- 2024-04-19 Günther Noack pcmoore Handled Elsewhere
[2/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options - - - --- 2024-04-16 Ondrej Mosnacek pcmoore Under Review
[1/2] cipso: fix total option length computation cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options - - - --- 2024-04-16 Ondrej Mosnacek pcmoore Under Review
[RFC,v2,9/9] ima: Register to the digest_cache LSM notifier and process events ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[RFC,v2,8/9] ima: Use digest caches for appraisal ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[RFC,v2,7/9] ima: Use digest caches for measurement ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[RFC,v2,6/9] ima: Store allowed usage in digest cache based on integrity metadata flags ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[RFC,v2,5/9] ima: Modify existing boot-time built-in policies with digest cache policies ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[RFC,v2,4/9] ima: Add digest_cache_measure/appraise boot-time built-in policies ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[RFC,v2,3/9] ima: Add digest_cache policy keyword ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[RFC,v2,2/9] ima: Nest iint mutex for DIGEST_LIST_CHECK hook ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[RFC,v2,1/9] ima: Introduce hook DIGEST_LIST_CHECK ima: Integrate with digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,14/14] docs: Add documentation of the digest_cache LSM security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,13/14] selftests/digest_cache: Add selftests for digest_cache LSM security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,12/14] digest_cache: Notify digest cache events security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,11/14] digest_cache: Reset digest cache on file/directory change security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,10/14] digest cache: Prefetch digest lists if requested security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,09/14] digest_cache: Add support for directories security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,08/14] digest_cache: Add management of verification data security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,07/14] digest_cache: Parse rpm digest lists security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,06/14] digest_cache: Parse tlv digest lists security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,05/14] digest_cache: Populate the digest cache from a digest list security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,04/14] digest_cache: Add hash tables and operations security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,03/14] digest_cache: Add securityfs interface security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,02/14] security: Introduce the digest_cache LSM security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v4,01/14] lib: Add TLV parser security: digest_cache LSM - - - --- 2024-04-15 Roberto Sassu pcmoore New
[v2,1/1] mm: change inlined allocation helpers to account at the call site [v2,1/1] mm: change inlined allocation helpers to account at the call site 1 - - --- 2024-04-15 Suren Baghdasaryan Handled Elsewhere
[v17,21/21] MAINTAINERS: ipe: add ipe maintainer information Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,20/21] Documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - 1 - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,19/21] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,18/21] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,17/21] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,16/21] fsverity: expose verified fsverity built-in signatures to LSMs Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,15/21] security: add security_inode_setintegrity() hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,14/21] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,13/21] dm verity: consume root hash digest and expose signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,12/21] dm: add finalize hook to target_type Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,11/21] block,lsm: add LSM blob and new LSM hooks for block device Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,10/21] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,09/21] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,08/21] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,07/21] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,06/21] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,05/21] initramfs|security: Add a security hook to do_populate_rootfs() Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,04/21] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,03/21] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,02/21] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[v17,01/21] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-04-13 Fan Wu pcmoore Changes Requested
[net] netlabel: fix RCU annotation for IPv4 options on socket creation [net] netlabel: fix RCU annotation for IPv4 options on socket creation - - - --- 2024-04-11 Davide Caratti pcmoore Changes Requested
[bpf-next,v3,11/11] selftests/bpf: Add verifier tests for bpf lsm Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai pcmoore New
[bpf-next,v3,10/11] selftests/bpf: Add test for lsm tail call Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai pcmoore New
[bpf-next,v3,09/11] selftests/bpf: Add return value checks for failed tests Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai pcmoore New
[bpf-next,v3,08/11] selftests/bpf: Avoid load failure for token_lsm.c Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai pcmoore New
[bpf-next,v3,07/11] bpf: Fix a false rejection caused by AND operation Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai pcmoore New
[bpf-next,v3,06/11] bpf: Fix compare error in function retval_range_within Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai pcmoore New
[bpf-next,v3,05/11] bpf: Avoid progs for different hooks calling each other with tail call Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai pcmoore New
[bpf-next,v3,04/11] bpf, lsm: Add bpf lsm disabled hook list Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai pcmoore New
[bpf-next,v3,03/11] bpf, lsm: Check bpf lsm hook return values in verifier Add check for bpf lsm return value 1 - - --- 2024-04-11 Xu Kuohai pcmoore New
[bpf-next,v3,02/11] bpf, lsm: Add helper to read lsm hook return value range Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai pcmoore New
[bpf-next,v3,01/11] bpf, lsm: Annotate lsm hook return value range Add check for bpf lsm return value - - - --- 2024-04-11 Xu Kuohai pcmoore New
[v3,2/2] proc: add Kconfigs to restrict /proc/pid/mem access [v3,1/2] proc: restrict /proc/pid/mem access via param knobs - - - --- 2024-04-09 Adrian Ratiu Handled Elsewhere
[v3,1/2] proc: restrict /proc/pid/mem access via param knobs [v3,1/2] proc: restrict /proc/pid/mem access via param knobs - - - --- 2024-04-09 Adrian Ratiu Handled Elsewhere
[2/2] selftests/landlock: Create 'listen_zero', 'deny_listen_zero' tests Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Ivanov Mikhail pcmoore New
[1/2] landlock: Add hook on socket_listen() Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Ivanov Mikhail pcmoore New
[RFC,v1,10/10] samples/landlock: Support socket protocol restrictions Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,09/10] selftests/landlock: Create 'ruleset_with_unknown_access' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,08/10] selftests/landlock: Create 'ruleset_overlap' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,07/10] selftests/landlock: Create 'inval' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,06/10] selftests/landlock: Create 'rule_with_unhandled_access' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,05/10] selftests/landlock: Create 'rule_with_unknown_access' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,04/10] selftests/landlock: Create 'socket_access_rights' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
[RFC,v1,03/10] selftests/landlock: Create 'create' test Socket type control for Landlock - 1 - --- 2024-04-08 Ivanov Mikhail Handled Elsewhere
« 1 2 ... 3 4 5158 159 »