Show patches with: Archived = No       |   3632 patches
« 1 2 3 436 37 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v12,2/9] landlock: Add IOCTL access right for character and block devices Landlock: IOCTL support - - - --- 2024-03-25 Günther Noack pcmoore Changes Requested
[v12,1/9] security: Introduce ENOFILEOPS return value for IOCTL hooks Landlock: IOCTL support - - - --- 2024-03-25 Günther Noack pcmoore Changes Requested
[bpf-next,v2,7/7] selftests/bpf: Add return value checks and corrections for failed progs Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,6/7] selftests/bpf: Avoid load failure for token_lsm.c Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,5/7] bpf: Fix compare error in function retval_range_within Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,4/7] bpf, lsm: Check bpf lsm hook return values in verifier Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,3/7] bpf, lsm: Add function to read lsm hook return value range Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,2/7] bpf, lsm: Add return value range description for lsm hook Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,1/7] bpf, lsm: Annotate lsm hook return integer with new macro LSM_RET_INT Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
Do not require attributes for security_inode_init_security. Do not require attributes for security_inode_init_security. - - - --- 2024-03-24 Dr. Greg pcmoore Changes Requested
[v11,9/9] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,8/9] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,7/9] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,6/9] selftests/landlock: Test IOCTLs on named pipes Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,5/9] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,4/9] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,3/9] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,2/9] landlock: Add IOCTL access right for character and block devices Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,1/9] fs: Add and use vfs_get_ioctl_handler() Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
ima: Fix use-after-free on a dentry's dname.name ima: Fix use-after-free on a dentry's dname.name - - - --- 2024-03-22 Stefan Berger Handled Elsewhere
[v3,next] integrity: Avoid -Wflex-array-member-not-at-end warnings [v3,next] integrity: Avoid -Wflex-array-member-not-at-end warnings - - - --- 2024-03-21 Gustavo A. R. Silva Handled Elsewhere
[v2,next] integrity: Avoid -Wflex-array-member-not-at-end warnings [v2,next] integrity: Avoid -Wflex-array-member-not-at-end warnings - - - --- 2024-03-21 Gustavo A. R. Silva Handled Elsewhere
Systemd v254 LSM stacking issue - patch Systemd v254 LSM stacking issue - patch - - - --- 2024-03-19 Casey Schaufler pcmoore Not Applicable
[v3,7/7] kunit: Add tests for fault Handle faults in KUnit tests - 1 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,6/7] kunit: Print last test location on fault Handle faults in KUnit tests - 1 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Handle faults in KUnit tests - 2 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,4/7] kunit: Handle test faults Handle faults in KUnit tests - 2 1 --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,3/7] kunit: Fix timeout message Handle faults in KUnit tests - 3 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,2/7] kunit: Fix kthread reference Handle faults in KUnit tests - 3 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,1/7] kunit: Handle thread creation error Handle faults in KUnit tests - 3 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[bpf-next,5/5] bpf: Fix compare error in function retval_range_within Fix kernel panic caused by bpf lsm return value - - - --- 2024-03-16 Xu Kuohai pcmoore Superseded
[bpf-next,4/5] bpf, lsm: Check bpf lsm hook return values in verifier Fix kernel panic caused by bpf lsm return value - - - --- 2024-03-16 Xu Kuohai pcmoore Superseded
[bpf-next,3/5] bpf, lsm: Add function to read lsm hook return value range Fix kernel panic caused by bpf lsm return value - - - --- 2024-03-16 Xu Kuohai pcmoore Superseded
[bpf-next,2/5] bpf, lsm: Add return value range description for lsm hook Fix kernel panic caused by bpf lsm return value - - - --- 2024-03-16 Xu Kuohai pcmoore Superseded
[bpf-next,1/5] bpf, lsm: Annotate lsm hook return integer with new macro LSM_RET_INT Fix kernel panic caused by bpf lsm return value - - - --- 2024-03-16 Xu Kuohai pcmoore Superseded
[RFC,v15,21/21] documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,20/21] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,19/21] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,18/21] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,17/21] fsverity: consume builtin signature via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,16/21] security: add security_inode_setintegrity() hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,15/21] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,14/21] dm verity: consume root hash digest and signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,13/21] dm: add finalize hook to target_type Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,12/21] security: add security_bdev_setintegrity() hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,11/21] block|security: add LSM blob to block_device Integrity Policy Enforcement LSM (IPE) - 1 - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,10/21] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,09/21] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,08/21] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,07/21] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,06/21] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,05/21] initramfs|security: Add a security hook to do_populate_rootfs() Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,04/21] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,03/21] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,02/21] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,01/21] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[11/11] sysctl: treewide: constify the ctl_table argument of handlers sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[10/11] sysctl: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[09/11] ipvs: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[08/11] ipv6/ndisc: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[07/11] ipv6/addrconf: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[06/11] ipv4/sysctl: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[05/11] neighbour: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[04/11] utsname: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[03/11] hugetlb: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[02/11] cgroup: bpf: constify ctl_table arguments and fields sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[01/11] stackleak: don't modify ctl_table argument sysctl: treewide: constify ctl_table argument of sysctl handlers 1 - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[RFC,1/2] lsm: introduce new hook security_vm_execstack [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[RFC,2/2] selinux: wire up new execstack LSM hook [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[RFC] fs: Add an use vfs_get_ioctl_handler() [RFC] fs: Add an use vfs_get_ioctl_handler() - - - --- 2024-03-15 Mickaël Salaün pcmoore RFC
[1/2] yama: document function parameter [1/2] yama: document function parameter - 3 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[2/2] apparmor: fix typo in kernel doc [1/2] yama: document function parameter - 1 - --- 2024-03-15 Christian Göttsche Handled Elsewhere
[10/10] coccinelle: add script for capable_any() [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore New
[09/10] bpf: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore New
[08/10] net: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore New
[07/10] kernel: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 2 - --- 2024-03-15 Christian Göttsche pcmoore New
[06/10] fs: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore New
[05/10] drivers: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 2 - - --- 2024-03-15 Christian Göttsche pcmoore New
[04/10] block: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore New
[03/10] capability: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore New
[02/10] capability: add any wrappers to test for multiple caps with exactly one audit message [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore New
[01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore New
[GIT,PULL] lsm/lsm-pr-20240314 [GIT,PULL] lsm/lsm-pr-20240314 - - - --- 2024-03-14 Paul Moore pcmoore Accepted
lsm: handle the NULL buffer case in lsm_fill_user_ctx() lsm: handle the NULL buffer case in lsm_fill_user_ctx() 1 - - --- 2024-03-14 Paul Moore pcmoore Accepted
[v3] LSM: use 32 bit compatible data types in LSM syscalls. [v3] LSM: use 32 bit compatible data types in LSM syscalls. - - - --- 2024-03-13 Casey Schaufler pcmoore Accepted
[GIT,PULL] Landlock updates for v6.9 [GIT,PULL] Landlock updates for v6.9 - - - --- 2024-03-13 Mickaël Salaün pcmoore Handled Elsewhere
[v2] LSM: use 32 bit compatible data types in LSM syscalls. [v2] LSM: use 32 bit compatible data types in LSM syscalls. - - - --- 2024-03-13 Casey Schaufler pcmoore Changes Requested
[GIT,PULL] lsm/lsm-pr-20240312 [GIT,PULL] lsm/lsm-pr-20240312 - - - --- 2024-03-12 Paul Moore pcmoore Accepted
[GIT,PULL] selinux/selinux-pr-20240312 [GIT,PULL] selinux/selinux-pr-20240312 - - - --- 2024-03-12 Paul Moore pcmoore Handled Elsewhere
LSM: use 32 bit compatible data types in LSM syscalls. LSM: use 32 bit compatible data types in LSM syscalls. - - - --- 2024-03-12 Casey Schaufler pcmoore Changes Requested
[GIT,PULL] Smack patches for 6.9 [GIT,PULL] Smack patches for 6.9 - - - --- 2024-03-11 Casey Schaufler pcmoore Handled Elsewhere
[RFC,8/8] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,7/8] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,6/8] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,5/8] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,4/8] clavis: Prevent clavis boot param from changing during kexec Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,3/8] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,2/8] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,1/8] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[v10,9/9] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2024-03-09 Günther Noack pcmoore Handled Elsewhere
« 1 2 3 436 37 »