Show patches with: Archived = No       |   3621 patches
« 1 2 ... 9 10 1136 37 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[14/16] commoncap: remove cap_inode_getsecurity() fs: use type-safe uid representation for filesystem capabilities 1 - - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[13/16] fs: use vfs interfaces for capabilities xattrs fs: use type-safe uid representation for filesystem capabilities - - - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[12/16] ovl: use vfs_{get,set}_fscaps() for copy-up fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[11/16] ovl: add fscaps handlers fs: use type-safe uid representation for filesystem capabilities - - - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[10/16] fs: add vfs_remove_fscaps() fs: use type-safe uid representation for filesystem capabilities - - - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[09/16] fs: add vfs_set_fscaps() fs: use type-safe uid representation for filesystem capabilities - - - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[08/16] fs: add vfs_get_fscaps() fs: use type-safe uid representation for filesystem capabilities - - - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[07/16] fs: add inode operations to get/set/remove fscaps fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[06/16] capability: provide a helper for converting vfs_caps to xattr for userspace fs: use type-safe uid representation for filesystem capabilities - - - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[05/16] capability: provide helpers for converting between xattrs and vfs_caps fs: use type-safe uid representation for filesystem capabilities - - - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[04/16] capability: use vfsuid_t for vfs_caps rootids fs: use type-safe uid representation for filesystem capabilities 1 - - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[03/16] capability: rename cpu_vfs_cap_data to vfs_caps fs: use type-safe uid representation for filesystem capabilities 1 1 - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[02/16] mnt_idmapping: include cred.h fs: use type-safe uid representation for filesystem capabilities - - - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[01/16] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h fs: use type-safe uid representation for filesystem capabilities - - - --- 2023-11-29 Seth Forshee pcmoore Changes Requested
[v14,bpf-next,6/6] selftests/bpf: Add test that uses fsverity and xattr to sign a file bpf: File verification with LSM and fsverity - - - --- 2023-11-29 Song Liu pcmoore Superseded
[v14,bpf-next,5/6] selftests/bpf: Add tests for filesystem kfuncs bpf: File verification with LSM and fsverity - - - --- 2023-11-29 Song Liu pcmoore Superseded
[v14,bpf-next,4/6] selftests/bpf: Sort config in alphabetic order bpf: File verification with LSM and fsverity - - - --- 2023-11-29 Song Liu pcmoore Superseded
[v14,bpf-next,3/6] Documentation/bpf: Add documentation for filesystem kfuncs bpf: File verification with LSM and fsverity - - - --- 2023-11-29 Song Liu pcmoore Superseded
[v14,bpf-next,2/6] bpf, fsverity: Add kfunc bpf_get_fsverity_digest bpf: File verification with LSM and fsverity 1 - - --- 2023-11-29 Song Liu pcmoore Superseded
[v14,bpf-next,1/6] bpf: Add kfunc bpf_get_file_xattr bpf: File verification with LSM and fsverity 2 - - --- 2023-11-29 Song Liu pcmoore Superseded
[4/4] listmount: allow continuing listmount changes - - - --- 2023-11-28 Miklos Szeredi pcmoore Handled Elsewhere
[3/4] listmount: small changes in semantics listmount changes - - - --- 2023-11-28 Miklos Szeredi pcmoore Handled Elsewhere
[2/4] listmount: list mounts in ID order listmount changes - - - --- 2023-11-28 Miklos Szeredi pcmoore Handled Elsewhere
[1/4] listmount: rip out flags listmount changes - - - --- 2023-11-28 Miklos Szeredi pcmoore Handled Elsewhere
[v11,bpf-next,17/17] bpf,selinux: allocate bpf_security_struct per BPF token BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,16/17] selftests/bpf: add BPF token-enabled tests BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,15/17] libbpf: add BPF token support to bpf_prog_load() API BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,14/17] libbpf: add BPF token support to bpf_btf_load() API BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,13/17] libbpf: add BPF token support to bpf_map_create() API BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,12/17] libbpf: add bpf_token_create() API BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,11/17] bpf,lsm: add BPF token LSM hooks BPF token and BPF FS-based delegation 1 - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,10/17] bpf,lsm: refactor bpf_map_alloc/bpf_map_free LSM hooks BPF token and BPF FS-based delegation 1 - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,09/17] bpf,lsm: refactor bpf_prog_alloc/bpf_prog_free LSM hooks BPF token and BPF FS-based delegation 1 - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,08/17] bpf: consistently use BPF token throughout BPF verifier logic BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,07/17] bpf: take into account BPF token when fetching helper protos BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,06/17] bpf: add BPF token support to BPF_PROG_LOAD command BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,05/17] bpf: add BPF token support to BPF_BTF_LOAD command BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,04/17] bpf: add BPF token support to BPF_MAP_CREATE command BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,03/17] bpf: introduce BPF token object BPF token and BPF FS-based delegation - - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,02/17] bpf: add BPF token delegation mount options to BPF FS BPF token and BPF FS-based delegation 1 - - --- 2023-11-27 Andrii Nakryiko Superseded
[v11,bpf-next,01/17] bpf: align CAP_NET_ADMIN checks with bpf_capable() approach BPF token and BPF FS-based delegation 1 - - --- 2023-11-27 Andrii Nakryiko Superseded
apparmor: free the allocated pdb objects apparmor: free the allocated pdb objects 1 - - --- 2023-11-27 Fedor Pchelkin Handled Elsewhere
[v6,9/9] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2023-11-24 Günther Noack Handled Elsewhere
[v6,8/9] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL Landlock: IOCTL support - - - --- 2023-11-24 Günther Noack Handled Elsewhere
[v6,7/9] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2023-11-24 Günther Noack Handled Elsewhere
[v6,6/9] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2023-11-24 Günther Noack Handled Elsewhere
[v6,5/9] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2023-11-24 Günther Noack Handled Elsewhere
[v6,4/9] landlock: Add IOCTL access right Landlock: IOCTL support - - - --- 2023-11-24 Günther Noack Handled Elsewhere
[v6,3/9] landlock: Optimize the number of calls to get_access_mask slightly Landlock: IOCTL support - - - --- 2023-11-24 Günther Noack Handled Elsewhere
[v6,2/9] selftests/landlock: Rename "permitted" to "allowed" in ftruncate tests Landlock: IOCTL support - - - --- 2023-11-24 Günther Noack Handled Elsewhere
[v6,1/9] landlock: Remove remaining "inline" modifiers in .c files Landlock: IOCTL support - - - --- 2023-11-24 Günther Noack Handled Elsewhere
[v13,bpf-next,6/6] selftests/bpf: Add test that uses fsverity and xattr to sign a file bpf: File verification with LSM and fsverity - - - --- 2023-11-23 Song Liu Superseded
[v13,bpf-next,5/6] selftests/bpf: Add tests for filesystem kfuncs bpf: File verification with LSM and fsverity - - - --- 2023-11-23 Song Liu Superseded
[v13,bpf-next,4/6] selftests/bpf: Sort config in alphabetic order bpf: File verification with LSM and fsverity - - - --- 2023-11-23 Song Liu Superseded
[v13,bpf-next,3/6] Documentation/bpf: Add documentation for filesystem kfuncs bpf: File verification with LSM and fsverity - - - --- 2023-11-23 Song Liu Superseded
[v13,bpf-next,2/6] bpf, fsverity: Add kfunc bpf_get_fsverity_digest bpf: File verification with LSM and fsverity 1 - - --- 2023-11-23 Song Liu Superseded
[v13,bpf-next,1/6] bpf: Add kfunc bpf_get_file_xattr bpf: File verification with LSM and fsverity 1 - - --- 2023-11-23 Song Liu Superseded
[net,v2] calipso: Fix memory leak in netlbl_calipso_add_pass() [net,v2] calipso: Fix memory leak in netlbl_calipso_add_pass() 1 - - --- 2023-11-23 Gavrilov Ilia pcmoore Accepted
selftests: remove the LSM_ID_IMA check in lsm/lsm_list_modules_test selftests: remove the LSM_ID_IMA check in lsm/lsm_list_modules_test 1 - - --- 2023-11-22 Paul Moore pcmoore Accepted
[RFC,v2,6/6] selftests/bpf: Add selftests for set_mempolicy with a lsm prog mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf - - - --- 2023-11-22 Yafang Shao Superseded
[RFC,v2,5/6] security: selinux: Implement set_mempolicy hook mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf - - - --- 2023-11-22 Yafang Shao Superseded
[RFC,v2,4/6] mm, security: Add lsm hook for memory policy adjustment mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf - - - --- 2023-11-22 Yafang Shao Superseded
[RFC,v2,3/6] mm, security: Fix missed security_task_movememory() in mbind(2) mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf - - - --- 2023-11-22 Yafang Shao Superseded
[RFC,v2,2/6] mm: mempolicy: Revise comment regarding mempolicy mode flags mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf - 1 - --- 2023-11-22 Yafang Shao Superseded
[RFC,v2,1/6] mm, doc: Add doc for MPOL_F_NUMA_BALANCING mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf - 1 - --- 2023-11-22 Yafang Shao Superseded
[net] calipso: Fix memory leak in netlbl_calipso_add_pass() [net] calipso: Fix memory leak in netlbl_calipso_add_pass() - - - --- 2023-11-22 Gavrilov Ilia pcmoore Changes Requested
apparmor: make stack_msg static apparmor: make stack_msg static - - - --- 2023-11-22 Ben Dooks Handled Elsewhere
MAINTAINERS: add an entry for the lockdown LSM MAINTAINERS: add an entry for the lockdown LSM - - - --- 2023-11-20 Paul Moore pcmoore Accepted
[v1,2/2] selftests/landlock: Add tests to check unhandled rule's access rights Extend Landlock test to improve rule's coverage - 1 - --- 2023-11-20 Mickaël Salaün Handled Elsewhere
[v1,1/2] selftests/landlock: Add tests to check undefined rule's access rights Extend Landlock test to improve rule's coverage - 1 - --- 2023-11-20 Mickaël Salaün Handled Elsewhere
[v6,25/25] security: Enforce ordering of 'ima' and 'evm' LSMs security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,24/25] integrity: Remove LSM security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,23/25] evm: Remove dependency on 'integrity' LSM security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,22/25] ima: Remove dependency on 'integrity' LSM security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,21/25] evm: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,20/25] ima: Move IMA-Appraisal to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,19/25] ima: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 1 - - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,18/25] security: Introduce key_post_create_or_update hook security: Move IMA and EVM to the LSM infrastructure 1 2 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,17/25] security: Introduce inode_post_remove_acl hook security: Move IMA and EVM to the LSM infrastructure 1 2 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,16/25] security: Introduce inode_post_set_acl hook security: Move IMA and EVM to the LSM infrastructure 1 2 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,15/25] security: Introduce inode_post_create_tmpfile hook security: Move IMA and EVM to the LSM infrastructure 1 1 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,14/25] security: Introduce path_post_mknod hook security: Move IMA and EVM to the LSM infrastructure 1 - - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,13/25] security: Introduce file_release hook security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,12/25] security: Introduce file_post_open hook security: Move IMA and EVM to the LSM infrastructure 1 2 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,11/25] security: Introduce inode_post_removexattr hook security: Move IMA and EVM to the LSM infrastructure - 2 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,10/25] security: Introduce inode_post_setattr hook security: Move IMA and EVM to the LSM infrastructure 1 2 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,09/25] security: Align inode_setattr hook definition with EVM security: Move IMA and EVM to the LSM infrastructure 1 2 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 3 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 3 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 3 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,05/25] ima: Align ima_post_read_file() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 3 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,04/25] ima: Align ima_inode_removexattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 3 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,03/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 3 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,02/25] ima: Align ima_file_mprotect() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 3 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[v6,01/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 3 - --- 2023-11-20 Roberto Sassu pcmoore Superseded
[4/4] LSM: Add a LSM module which handles dynamically appendable LSM hooks. LSM: Officially support appending LSM hooks after boot. - - - --- 2023-11-20 Tetsuo Handa pcmoore Rejected
[3/4] LSM: Break LSM_HOOK() macro into 6 macros. LSM: Officially support appending LSM hooks after boot. - - - --- 2023-11-20 Tetsuo Handa pcmoore Rejected
[2/4] LSM: Add a header file containing only arguments of LSM callback functions. LSM: Officially support appending LSM hooks after boot. - - - --- 2023-11-20 Tetsuo Handa pcmoore Rejected
[1/4] LSM: Auto-undef LSM_HOOK macro. LSM: Officially support appending LSM hooks after boot. - - - --- 2023-11-20 Tetsuo Handa pcmoore Rejected
[v5,7/7] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2023-11-17 Günther Noack Handled Elsewhere
« 1 2 ... 9 10 1136 37 »