Show patches with: Archived = No       |   1274 patches
« 1 2 3 412 13 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
commoncap: check return value to avoid null pointer dereference commoncap: check return value to avoid null pointer dereference - - - --- 2022-05-16 刘永志 pcmoore Rejected
remove unnecessary type casting remove unnecessary type casting - - - --- 2022-08-10 zhoun Handled Elsewhere
device_cgroup: Fix a spelling mistake device_cgroup: Fix a spelling mistake - - - --- 2022-06-28 Zhang Jiaming Handled Elsewhere
[1/1] security: avoid a leak in securityfs_remove() [1/1] security: avoid a leak in securityfs_remove() - - - --- 2022-06-02 Yuanjun Gong pcmoore Rejected
[V2] bpf: security enhancement by limiting the offensive eBPF helpers [V2] bpf: security enhancement by limiting the offensive eBPF helpers - - - --- 2023-01-18 Yi He Handled Elsewhere
[V2] bpf: security enhancement by limiting the offensive eBPF helpers [V2] bpf: security enhancement by limiting the offensive eBPF helpers - - - --- 2023-01-19 Yi He Handled Elsewhere
[RFC,v2] bpf: use bpf_capable() instead of CAP_SYS_ADMIN for blinding decision [RFC,v2] bpf: use bpf_capable() instead of CAP_SYS_ADMIN for blinding decision - - - --- 2022-08-31 Yauheni Kaliuta Handled Elsewhere
[bpf-next] bpf: use bpf_capable() instead of CAP_SYS_ADMIN for blinding decision [bpf-next] bpf: use bpf_capable() instead of CAP_SYS_ADMIN for blinding decision - - - --- 2022-09-05 Yauheni Kaliuta Handled Elsewhere
[-next] apparmor: Fix some kernel-doc comments [-next] apparmor: Fix some kernel-doc comments 1 - - --- 2022-07-18 Yang Li Handled Elsewhere
[-next] security: Fix some kernel-doc comments [-next] security: Fix some kernel-doc comments - - - --- 2022-09-05 Yang Li Handled Elsewhere
[-next] apparmor: Fix spelling of function name in comment block [-next] apparmor: Fix spelling of function name in comment block 1 - - --- 2022-10-14 Yang Li Handled Elsewhere
[1/1] keys/keyrings: Fix typo in string [1/1] keys/keyrings: Fix typo in string - - - --- 2022-07-15 XU pengfei Handled Elsewhere
[1/1] smack_lsm: remove unnecessary type casting [1/1] smack_lsm: remove unnecessary type casting - - - --- 2022-10-26 XU pengfei Handled Elsewhere
[-next] Revert "evm: Fix memleak in init_desc" [-next] Revert "evm: Fix memleak in init_desc" - - - --- 2022-05-27 xiujianfeng Handled Elsewhere
[-next] evm: Use IS_ENABLED to initialize .enabled [-next] evm: Use IS_ENABLED to initialize .enabled - 1 - --- 2022-06-06 xiujianfeng Handled Elsewhere
[-next] ima: Use if/else statement in init_ima() [-next] ima: Use if/else statement in init_ima() - - - --- 2022-06-09 xiujianfeng Handled Elsewhere
[-next] smack: Remove the redundant lsm_inode_alloc [-next] smack: Remove the redundant lsm_inode_alloc - - - --- 2022-06-10 xiujianfeng Handled Elsewhere
[-next] apparmor: Fix memleak in aa_simple_write_to_buffer() [-next] apparmor: Fix memleak in aa_simple_write_to_buffer() 1 - - --- 2022-06-14 xiujianfeng Handled Elsewhere
[-next] lsm_audit: Clean up redundant NULL pointer check [-next] lsm_audit: Clean up redundant NULL pointer check - 1 - --- 2022-06-14 xiujianfeng pcmoore Superseded
[RESEND,-next] lsm_audit: Clean up redundant NULL pointer check [RESEND,-next] lsm_audit: Clean up redundant NULL pointer check - - - --- 2022-07-14 xiujianfeng pcmoore Accepted
[-next,1/5] landlock: expand access_mask_t to u32 type landlock: add chmod and chown support - - - --- 2022-08-22 xiujianfeng Handled Elsewhere
[-next,2/5] landlock: add chmod and chown support landlock: add chmod and chown support - - - --- 2022-08-22 xiujianfeng Handled Elsewhere
[-next,3/5] landlock/selftests: add selftests for chmod and chown landlock: add chmod and chown support - - - --- 2022-08-22 xiujianfeng Handled Elsewhere
[-next,4/5] landlock/samples: add chmod and chown support landlock: add chmod and chown support - - - --- 2022-08-22 xiujianfeng Handled Elsewhere
[-next,5/5] landlock: update chmod and chown support in document landlock: add chmod and chown support - - - --- 2022-08-22 xiujianfeng Handled Elsewhere
[-next,v2,1/6] landlock: expand access_mask_t to u32 type landlock: add chmod and chown support - - - --- 2022-08-27 xiujianfeng Handled Elsewhere
[-next,v2,2/6] landlock: abstract walk_to_visible_parent() helper landlock: add chmod and chown support - - - --- 2022-08-27 xiujianfeng Handled Elsewhere
[-next,v2,3/6] landlock: add chmod and chown support landlock: add chmod and chown support - - - --- 2022-08-27 xiujianfeng Handled Elsewhere
[-next,v2,4/6] landlock/selftests: add selftests for chmod and chown landlock: add chmod and chown support - - - --- 2022-08-27 xiujianfeng Handled Elsewhere
[-next,v2,5/6] landlock/samples: add chmod and chown support landlock: add chmod and chown support - - - --- 2022-08-27 xiujianfeng Handled Elsewhere
[-next,v2,6/6] landlock: update chmod and chown support in document landlock: add chmod and chown support - - - --- 2022-08-27 xiujianfeng Handled Elsewhere
[-next] smack: cleanup obsolete mount option flags [-next] smack: cleanup obsolete mount option flags - - - --- 2022-09-08 xiujianfeng Handled Elsewhere
apparmor: make __aa_path_perm() static apparmor: make __aa_path_perm() static 1 - - --- 2022-09-14 xiujianfeng Handled Elsewhere
apparmor: Use pointer to struct aa_label for lbs_cred apparmor: Use pointer to struct aa_label for lbs_cred - - - --- 2022-10-20 xiujianfeng Handled Elsewhere
[v2] apparmor: Use pointer to struct aa_label for lbs_cred [v2] apparmor: Use pointer to struct aa_label for lbs_cred 1 - - --- 2022-10-21 xiujianfeng Handled Elsewhere
apparmor: Fix memleak issue in unpack_profile() apparmor: Fix memleak issue in unpack_profile() 1 - - --- 2022-10-21 xiujianfeng Handled Elsewhere
apparmor: Fix memleak in alloc_ns() apparmor: Fix memleak in alloc_ns() 1 - - --- 2022-10-28 xiujianfeng Handled Elsewhere
apparmor: Add __init annotation to aa_{setup/teardown}_dfa_engine() apparmor: Add __init annotation to aa_{setup/teardown}_dfa_engine() 1 - - --- 2022-10-29 xiujianfeng Handled Elsewhere
ima: Fix misuse of dereference of pointer in template_desc_init_fields() ima: Fix misuse of dereference of pointer in template_desc_init_fields() - 1 - --- 2022-11-12 xiujianfeng Handled Elsewhere
[-next] evm: Support small xattr in dump_security_xattr() [-next] evm: Support small xattr in dump_security_xattr() - - - --- 2022-12-26 xiujianfeng Handled Elsewhere
[-next] evm: Use __vfs_setxattr() to update security.evm [-next] evm: Use __vfs_setxattr() to update security.evm - - - --- 2022-12-28 xiujianfeng Handled Elsewhere
[-next] evm: call dump_security_xattr() in all cases to remove code duplication [-next] evm: call dump_security_xattr() in all cases to remove code duplication - - - --- 2023-01-29 xiujianfeng New
[-next] evm: call dump_security_xattr() in all cases to remove code duplication [-next] evm: call dump_security_xattr() in all cases to remove code duplication - - - --- 2023-01-31 xiujianfeng New
KEYS: Variable type completion KEYS: Variable type completion - - - --- 2022-08-16 Xin Gao Handled Elsewhere
keys: Variable type completion keys: Variable type completion - - - --- 2022-08-16 Xin Gao Handled Elsewhere
tomoyo: Fix typo in comment tomoyo: Fix typo in comment - - - --- 2022-06-24 Xiang wangx Handled Elsewhere
security: move from strlcpy with unused retval to strscpy security: move from strlcpy with unused retval to strscpy 1 - - --- 2022-08-18 Wolfram Sang Handled Elsewhere
device_cgroup: Roll back to original exceptions after copy failure device_cgroup: Roll back to original exceptions after copy failure - 1 - --- 2022-10-25 wangweiyang pcmoore Accepted
net: fix memory leak in security_sk_alloc() net: fix memory leak in security_sk_alloc() - - - --- 2022-11-11 Wang Yufen Rejected
[bpf] selftests/bpf: fix memory leak of lsm_cgroup [bpf] selftests/bpf: fix memory leak of lsm_cgroup - - - --- 2022-11-14 Wang Yufen Handled Elsewhere
[bpf,v2] selftests/bpf: fix memory leak of lsm_cgroup [bpf,v2] selftests/bpf: fix memory leak of lsm_cgroup 1 - - --- 2022-11-15 Wang Yufen Handled Elsewhere
security/keys: Remove inconsistent __user annotation security/keys: Remove inconsistent __user annotation 1 1 - --- 2022-09-07 Vincenzo Frascino pcmoore Handled Elsewhere
[1/2] security/keys/secure_key: Adds the secure key support based on CAAM. - 1 - --- 2018-07-20 Udit Agarwal Superseded
[2/2] encrypted_keys: Adds support for secure key-type as master key. - 1 - --- 2018-07-20 Udit Agarwal Superseded
netlabel: fix typo in comment netlabel: fix typo in comment 1 - - --- 2022-08-06 Topi Miettinen Handled Elsewhere
ima: Fix hash dependency to correct algorithm ima: Fix hash dependency to correct algorithm - - - --- 2022-11-25 Tianjia Zhang Handled Elsewhere
[v2,1/3] certs: log more information on blacklist error certs: Prevent spurious errors on repeated blacklisting - - - --- 2022-11-09 Thomas Weißschuh Handled Elsewhere
[v2,2/3] KEYS: Add key_create() certs: Prevent spurious errors on repeated blacklisting - - - --- 2022-11-09 Thomas Weißschuh Handled Elsewhere
[v2,3/3] certs: don't try to update blacklist keys certs: Prevent spurious errors on repeated blacklisting - - - --- 2022-11-09 Thomas Weißschuh Handled Elsewhere
[v3,1/3] certs: log hash value on blacklist error certs: Prevent spurious errors on repeated blacklisting - - - --- 2022-11-18 Thomas Weißschuh Handled Elsewhere
[v3,2/3] KEYS: Add key_create() certs: Prevent spurious errors on repeated blacklisting - - - --- 2022-11-18 Thomas Weißschuh Handled Elsewhere
[v3,3/3] certs: don't try to update blacklist keys certs: Prevent spurious errors on repeated blacklisting - - - --- 2022-11-18 Thomas Weißschuh Handled Elsewhere
[RESEND,v6,1/3] certs: make blacklisted hash available in klog certs: Prevent spurious errors on repeated blacklisting - 1 - --- 2023-01-09 Thomas Weißschuh Handled Elsewhere
[RESEND,v6,2/3] KEYS: Add new function key_create() certs: Prevent spurious errors on repeated blacklisting - - - --- 2023-01-09 Thomas Weißschuh Handled Elsewhere
[RESEND,v6,3/3] certs: don't try to update blacklist keys certs: Prevent spurious errors on repeated blacklisting - 1 1 --- 2023-01-09 Thomas Weißschuh Handled Elsewhere
[(urgent)] vfs: fix uninitialized uid/gid in chown_common() [(urgent)] vfs: fix uninitialized uid/gid in chown_common() - - - --- 2022-09-19 Tetsuo Handa Handled Elsewhere
[01/10] security: Export security_hook_heads [01/10] security: Export security_hook_heads - - - --- 2022-11-02 Tetsuo Handa pcmoore Rejected
[02/10] mm: Export copy_to_kernel_nofault() [01/10] security: Export security_hook_heads - - - --- 2022-11-02 Tetsuo Handa pcmoore Rejected
[03/10] fs,kernel: Export d_absolute_path()/find_task_by_pid_ns()/find_task_by_vpid() [01/10] security: Export security_hook_heads - - - --- 2022-11-02 Tetsuo Handa pcmoore Rejected
[04/10] CaitSith: Add header file. [01/10] security: Export security_hook_heads - - - --- 2022-11-02 Tetsuo Handa pcmoore Rejected
[05/10] CaitSith: Add LSM interface management file. [01/10] security: Export security_hook_heads - - - --- 2022-11-02 Tetsuo Handa pcmoore Rejected
[07/10] CaitSith: Add permission checking functions. [01/10] security: Export security_hook_heads - - - --- 2022-11-02 Tetsuo Handa pcmoore Rejected
[08/10] CaitSith: Add pathname calculation functions. [01/10] security: Export security_hook_heads - - - --- 2022-11-02 Tetsuo Handa pcmoore Rejected
[09/10] CaitSith: Add garbage collector functions. [01/10] security: Export security_hook_heads - - - --- 2022-11-02 Tetsuo Handa pcmoore Rejected
[10/10] CaitSith: Add Kconfig and Makefile files. [01/10] security: Export security_hook_heads - - - --- 2022-11-02 Tetsuo Handa pcmoore Rejected
[6a/10] CaitSith: Add policy management functions. [6a/10] CaitSith: Add policy management functions. - - - --- 2022-11-02 Tetsuo Handa pcmoore Rejected
[6b/10] CaitSith: Add policy management functions. [6b/10] CaitSith: Add policy management functions. - - - --- 2022-11-02 Tetsuo Handa pcmoore Rejected
[4/4] security: binder: Add transfer_charge SElinux hook Track exported dma-buffers with memcg - - - --- 2023-01-09 T.J. Mercier pcmoore Changes Requested
[v2,1/4] memcg: Track exported dma-buffers Track exported dma-buffers with memcg - - - --- 2023-01-23 T.J. Mercier pcmoore Changes Requested
[v2,2/4] dmabuf: Add cgroup charge transfer function Track exported dma-buffers with memcg - - - --- 2023-01-23 T.J. Mercier pcmoore Changes Requested
[v2,3/4] binder: Add flags to relinquish ownership of fds Track exported dma-buffers with memcg 1 - - --- 2023-01-23 T.J. Mercier pcmoore Changes Requested
[v2,4/4] security: binder: Add binder object flags to selinux_binder_transfer_file Track exported dma-buffers with memcg - - - --- 2023-01-23 T.J. Mercier pcmoore Changes Requested
KEYS: trusted: tee: Make registered shm dependency explicit KEYS: trusted: tee: Make registered shm dependency explicit - 1 1 --- 2022-11-10 Sumit Garg Handled Elsewhere
[v13,01/26] securityfs: rework dentry creation ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,02/26] securityfs: Extend securityfs with namespacing support ima: Namespace IMA with audit support in IMA-ns 1 - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,03/26] ima: Define ima_namespace struct and start moving variables into it ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,04/26] ima: Move arch_policy_entry into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,05/26] ima: Move ima_htable into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,06/26] ima: Move measurement list related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,08/26] ima: Move IMA securityfs files into ima_namespace or onto stack ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,09/26] ima: Move ima_lsm_policy_notifier into ima_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,10/26] ima: Switch to lazy lsm policy updates for better performance ima: Namespace IMA with audit support in IMA-ns 1 - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable() ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,13/26] userns: Add pointer to ima_namespace to user_namespace ima: Namespace IMA with audit support in IMA-ns 1 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,14/26] ima: Implement hierarchical processing of file accesses ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns - 2 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,16/26] ima: Add functions for creating and freeing of an ima_namespace ima: Namespace IMA with audit support in IMA-ns 2 1 - --- 2022-07-07 Stefan Berger Handled Elsewhere
[v13,17/26] integrity/ima: Define ns_status for storing namespaced iint data ima: Namespace IMA with audit support in IMA-ns - - - --- 2022-07-07 Stefan Berger Handled Elsewhere
« 1 2 3 412 13 »