Show patches with: Archived = No       |   4193 patches
« 1 2 ... 39 40 41 42 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RESEND,-next] lsm_audit: Clean up redundant NULL pointer check [RESEND,-next] lsm_audit: Clean up redundant NULL pointer check - - - --- 2022-07-14 Xiu Jianfeng pcmoore Accepted
lsm,io_uring: add LSM hooks to for the new uring_cmd file op lsm,io_uring: add LSM hooks to for the new uring_cmd file op - - - --- 2022-07-14 Luis Chamberlain pcmoore Superseded
[v2] ima: force signature verification when CONFIG_KEXEC_SIG is configured [v2] ima: force signature verification when CONFIG_KEXEC_SIG is configured - - - --- 2022-07-13 Coiby Xu Handled Elsewhere
[v2,4/4] landlock: Document Landlock's file truncation support landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v2,3/4] samples/landlock: Extend sample tool to support LANDLOCK_ACCESS_FS_TRUNCATE landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v2,2/4] selftests/landlock: Selftests for file truncation support landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v2,1/4] landlock: Support file truncation landlock: truncate support - - - --- 2022-07-12 Günther Noack Handled Elsewhere
[v7,7/7] selftests/bpf: Add test for bpf_verify_pkcs7_signature() helper bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,6/7] selftests/bpf: Add additional test for bpf_lookup_user_key() bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,5/7] selftests: Add verifier tests for bpf_lookup_user_key() and bpf_key_put() bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,4/7] bpf: Add bpf_verify_pkcs7_signature() helper bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,3/7] bpf: Add bpf_lookup_user_key() and bpf_key_put() helpers bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,2/7] KEYS: Move KEY_LOOKUP_ to include/linux/key.h bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-07-12 Roberto Sassu Handled Elsewhere
[v7,1/7] bpf: Export bpf_dynptr_get_size() bpf: Add bpf_verify_pkcs7_signature() helper - 1 - --- 2022-07-12 Roberto Sassu Handled Elsewhere
ima: force signature verification when CONFIG_KEXEC_SIG is configured ima: force signature verification when CONFIG_KEXEC_SIG is configured - - - --- 2022-07-12 Coiby Xu Handled Elsewhere
[v2] ima/evm: Fix potential memory leak in ima_init_crypto() [v2] ima/evm: Fix potential memory leak in ima_init_crypto() - - - --- 2022-07-12 Jianglei Nie Handled Elsewhere
ima/evm: Fix potential memory leak in ima_init_crypto() ima/evm: Fix potential memory leak in ima_init_crypto() - - - --- 2022-07-11 Jianglei Nie Handled Elsewhere
MAINTAINERS: update the LSM maintainer info MAINTAINERS: update the LSM maintainer info 3 - - --- 2022-07-08 Paul Moore pcmoore Accepted
[RFC,7/7] ima: Support measurement of kexec initramfs components ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,6/7] HACK: Allow the use of generic decompress with gzip outside __init ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,5/7] lib/cpio: Add a parse-only option that doesn't extract any files ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,4/7] lib/cpio: Allow use outside of initramfs creation ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,3/7] lib/cpio: use non __init filesystem related functions ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,2/7] lib/cpio: Improve error handling ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,1/7] initramfs: Move cpio handling routines into lib/ ima: Support measurement of kexec initramfs components - - - --- 2022-07-08 Jonathan McDowell Handled Elsewhere
[RFC,RESEND] userfaultfd: open userfaultfds with O_RDONLY [RFC,RESEND] userfaultfd: open userfaultfds with O_RDONLY 2 - - --- 2022-07-08 Ondrej Mosnacek pcmoore Accepted
[v2,4/4] selinux: Implement create_user_ns hook Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[v2,3/4] selftests/bpf: Add tests verifying bpf lsm create_user_ns hook Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[v2,2/4] bpf-lsm: Make bpf_lsm_create_user_ns() sleepable Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[v2,1/4] security, lsm: Introduce security_create_user_ns() Introduce security_create_user_ns() - - - --- 2022-07-07 Frederick Lawler pcmoore Superseded
[2/2] landlock: Selftests for truncate(2) support. landlock: truncate(2) support - - - --- 2022-07-07 Günther Noack Handled Elsewhere
[1/2] landlock: Support truncate(2). landlock: truncate(2) support - - - --- 2022-07-07 Günther Noack Handled Elsewhere
[v13,26/26] ima: Enable IMA namespaces ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,25/26] ima: Restrict informational audit messages to init_ima_ns ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,24/26] ima: Limit number of policy rules in non-init_ima_ns ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,23/26] ima: Show owning user namespace's uid and gid when displaying policy ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,22/26] ima: Introduce securityfs file to activate an IMA namespace ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,21/26] ima: Setup securityfs for IMA namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,20/26] ima: Remove unused iints from the integrity_iint_cache ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,19/26] ima: Namespace audit status flags ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,18/26] integrity: Add optional callback function to integrity_inode_free() ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,17/26] integrity/ima: Define ns_status for storing namespaced iint data ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,16/26] ima: Add functions for creating and freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,14/26] ima: Implement hierarchical processing of file accesses ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,13/26] userns: Add pointer to ima_namespace to user_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable() ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,10/26] ima: Switch to lazy lsm policy updates for better performance ima: Namespace IMA with audit support in IMA-ns 1 - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,09/26] ima: Move ima_lsm_policy_notifier into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,08/26] ima: Move IMA securityfs files into ima_namespace or onto stack ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,06/26] ima: Move measurement list related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,05/26] ima: Move ima_htable into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,04/26] ima: Move arch_policy_entry into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,03/26] ima: Define ima_namespace struct and start moving variables into it ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,02/26] securityfs: Extend securityfs with namespacing support ima: Namespace IMA with audit support in IMA-ns 1 - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,01/26] securityfs: rework dentry creation ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v3] apparmor: test: Remove some casts which are no-longer required [v3] apparmor: test: Remove some casts which are no-longer required 1 1 - --- 2022-07-06 David Gow Handled Elsewhere
keys/keyring: Fix typo in string keys/keyring: Fix typo in string - 1 - --- 2022-07-04 Li zeming Handled Elsewhere
keys/keyctl: Fix typo in string keys/keyctl: Fix typo in string - - - --- 2022-07-04 Li zeming Handled Elsewhere
[v9,4/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification Untitled series #656160 1 1 - --- 2022-07-04 Coiby Xu Handled Elsewhere
[v9,3/4] arm64: kexec_file: use more system keyrings to verify kernel image signature Untitled series #656160 2 - - --- 2022-07-04 Coiby Xu Handled Elsewhere
[v9,2/4] kexec, KEYS: make the code in bzImage64_verify_sig generic Untitled series #656160 - 1 - --- 2022-07-04 Coiby Xu Handled Elsewhere
ima/evm: Fix potential memory leak in ima_init_crypto() ima/evm: Fix potential memory leak in ima_init_crypto() - - - --- 2022-07-04 Jianglei Nie Handled Elsewhere
[v7] x86/kexec: Carry forward IMA measurement log on kexec [v7] x86/kexec: Carry forward IMA measurement log on kexec - 2 - --- 2022-06-30 Jonathan McDowell Handled Elsewhere
selftests/landlock: skip ptrace_test when YAMA is enabled selftests/landlock: skip ptrace_test when YAMA is enabled - - 1 --- 2022-06-28 Jeff Xu Handled Elsewhere
[v5,bpf-next,5/5] bpf/selftests: Add a selftest for bpf_getxattr Add bpf_getxattr - - - --- 2022-06-28 KP Singh Handled Elsewhere
[v5,bpf-next,4/5] bpf: Add a bpf_getxattr kfunc Add bpf_getxattr - - - --- 2022-06-28 KP Singh Handled Elsewhere
[v5,bpf-next,3/5] bpf: Allow kfuncs to be used in LSM programs Add bpf_getxattr - - - --- 2022-06-28 KP Singh Handled Elsewhere
[v5,bpf-next,2/5] bpf: kfunc support for ARG_PTR_TO_CONST_STR Add bpf_getxattr - - - --- 2022-06-28 KP Singh Handled Elsewhere
[v5,bpf-next,1/5] btf: Add a new kfunc set which allows to mark a function to be sleepable Add bpf_getxattr 1 - - --- 2022-06-28 KP Singh Handled Elsewhere
[v6,5/5] selftests/bpf: Add test for bpf_verify_pkcs7_signature() helper bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-06-28 Roberto Sassu Handled Elsewhere
[v6,4/5] bpf: Add bpf_verify_pkcs7_signature() helper bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-06-28 Roberto Sassu Handled Elsewhere
[v6,3/5] scripts: Handle unsigned type prefix in bpf_doc.py bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-06-28 Roberto Sassu Handled Elsewhere
[v6,2/5] KEYS: Move KEY_LOOKUP_ to include/linux/key.h bpf: Add bpf_verify_pkcs7_signature() helper - - - --- 2022-06-28 Roberto Sassu Handled Elsewhere
[v6,1/5] bpf: Export bpf_dynptr_get_size() bpf: Add bpf_verify_pkcs7_signature() helper - 1 - --- 2022-06-28 Roberto Sassu Handled Elsewhere
device_cgroup: Fix a spelling mistake device_cgroup: Fix a spelling mistake - - - --- 2022-06-28 Zhang Jiaming Handled Elsewhere
[v37,33/33] AppArmor: Remove the exclusive flag LSM: Module stacking for AppArmor 2 1 - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,32/33] LSM: Add /proc attr entry for full LSM context LSM: Module stacking for AppArmor 1 1 - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,31/33] LSM: Removed scaffolding function lsmcontext_init LSM: Module stacking for AppArmor - - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,30/33] netlabel: Use a struct lsmblob in audit data LSM: Module stacking for AppArmor 1 - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,29/33] Audit: Add record for multiple object contexts LSM: Module stacking for AppArmor 1 - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,28/33] audit: multiple subject lsm values for netlabel LSM: Module stacking for AppArmor 1 - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,27/33] Audit: Add record for multiple task security contexts LSM: Module stacking for AppArmor 1 - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,26/33] Audit: Allow multiple records in an audit_buffer LSM: Module stacking for AppArmor - - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,25/33] LSM: Add a function to report multiple LSMs LSM: Module stacking for AppArmor 1 1 - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,24/33] Audit: Create audit_stamp structure LSM: Module stacking for AppArmor 1 - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,23/33] Audit: Keep multiple LSM data in audit_names LSM: Module stacking for AppArmor 1 - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,22/33] LSM: security_secid_to_secctx module selection LSM: Module stacking for AppArmor - - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,21/33] binder: Pass LSM identifier for confirmation LSM: Module stacking for AppArmor - - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,20/33] NET: Store LSM netlabel data in a lsmblob LSM: Module stacking for AppArmor 2 2 - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,19/33] LSM: security_secid_to_secctx in netlink netfilter LSM: Module stacking for AppArmor 3 2 - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,18/33] LSM: Use lsmcontext in security_dentry_init_security LSM: Module stacking for AppArmor - - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,17/33] LSM: Use lsmcontext in security_inode_getsecctx LSM: Module stacking for AppArmor 3 2 - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,16/33] LSM: Use lsmcontext in security_secid_to_secctx LSM: Module stacking for AppArmor - - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,15/33] LSM: Ensure the correct LSM context releaser LSM: Module stacking for AppArmor 3 2 - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,14/33] LSM: Specify which LSM to display LSM: Module stacking for AppArmor - - - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,13/33] LSM: Use lsmblob in security_cred_getsecid LSM: Module stacking for AppArmor 2 2 - --- 2022-06-28 Casey Schaufler pcmoore Superseded
[v37,12/33] LSM: Use lsmblob in security_inode_getsecid LSM: Module stacking for AppArmor 2 2 - --- 2022-06-28 Casey Schaufler pcmoore Superseded
« 1 2 ... 39 40 41 42 »