Show patches with: Archived = No       |   3595 patches
« 1 2 3 435 36 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v16,20/20] documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,19/20] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,18/20] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,17/20] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,16/20] fsverity: consume fsverity built-in signatures via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,15/20] security: add security_inode_setintegrity() hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,14/20] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,13/20] dm verity: consume root hash digest and signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,12/20] dm: add finalize hook to target_type Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,11/20] block|security: add LSM blob to block_device Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,10/20] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,09/20] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,08/20] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,07/20] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,06/20] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,05/20] initramfs|security: Add a security hook to do_populate_rootfs() Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,04/20] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,03/20] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,02/20] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
[v16,01/20] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-28 Fan Wu pcmoore Changes Requested
landlock: Add abstract unix socket connect restrictions landlock: Add abstract unix socket connect restrictions - - - --- 2024-03-28 Tahera Fahimi Handled Elsewhere
[7/7] drivers: perf: Remove the now superfluous sentinel elements from ctl_table array [1/7] memory: Remove the now superfluous sentinel element from ctl_table array - - - --- 2024-03-28 Joel Granados via B4 Relay Handled Elsewhere
[6/7] io_uring: Remove the now superfluous sentinel elements from ctl_table array [1/7] memory: Remove the now superfluous sentinel element from ctl_table array - - - --- 2024-03-28 Joel Granados via B4 Relay Handled Elsewhere
[5/7] ipc: Remove the now superfluous sentinel element from ctl_table array [1/7] memory: Remove the now superfluous sentinel element from ctl_table array - - - --- 2024-03-28 Joel Granados via B4 Relay Handled Elsewhere
[4/7] initrd: Remove the now superfluous sentinel element from ctl_table array [1/7] memory: Remove the now superfluous sentinel element from ctl_table array - - - --- 2024-03-28 Joel Granados via B4 Relay Handled Elsewhere
[3/7] crypto: Remove the now superfluous sentinel element from ctl_table array [1/7] memory: Remove the now superfluous sentinel element from ctl_table array - - - --- 2024-03-28 Joel Granados via B4 Relay Handled Elsewhere
[2/7] security: Remove the now superfluous sentinel element from ctl_table array [1/7] memory: Remove the now superfluous sentinel element from ctl_table array - - - --- 2024-03-28 Joel Granados via B4 Relay Handled Elsewhere
[1/7] memory: Remove the now superfluous sentinel element from ctl_table array [1/7] memory: Remove the now superfluous sentinel element from ctl_table array - 2 - --- 2024-03-28 Joel Granados via B4 Relay Handled Elsewhere
[0/7] sysctl: Remove sentinel elements from misc directories - - - --- 2024-03-28 Joel Granados via B4 Relay Handled Elsewhere
LANDLOCK: use kmem_cache for landlock_object LANDLOCK: use kmem_cache for landlock_object - - - --- 2024-03-27 Ayush Tiwari Handled Elsewhere
[v13,10/10] fs/ioctl: Add a comment to keep the logic in sync with the Landlock LSM Landlock: IOCTL support - - - --- 2024-03-27 Günther Noack Changes Requested
[v13,09/10] MAINTAINERS: Notify Landlock maintainers about changes to fs/ioctl.c Landlock: IOCTL support - - - --- 2024-03-27 Günther Noack Handled Elsewhere
[v13,08/10] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2024-03-27 Günther Noack Handled Elsewhere
[v13,07/10] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV Landlock: IOCTL support - - - --- 2024-03-27 Günther Noack Handled Elsewhere
[v13,06/10] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Landlock: IOCTL support - - - --- 2024-03-27 Günther Noack Handled Elsewhere
[v13,05/10] selftests/landlock: Test IOCTLs on named pipes Landlock: IOCTL support - - - --- 2024-03-27 Günther Noack Handled Elsewhere
[v13,04/10] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2024-03-27 Günther Noack Handled Elsewhere
[v13,03/10] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2024-03-27 Günther Noack Handled Elsewhere
[v13,02/10] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2024-03-27 Günther Noack Handled Elsewhere
[v13,01/10] landlock: Add IOCTL access right for character and block devices Landlock: IOCTL support - - - --- 2024-03-27 Günther Noack Handled Elsewhere
[v1,2/2] selftests/landlock: Improve AF_UNSPEC tests [v1,1/2] lsm: Check and handle error priority for socket_bind and socket_connect - - - --- 2024-03-27 Mickaël Salaün pcmoore Changes Requested
[v1,1/2] lsm: Check and handle error priority for socket_bind and socket_connect [v1,1/2] lsm: Check and handle error priority for socket_bind and socket_connect - - - --- 2024-03-27 Mickaël Salaün pcmoore Changes Requested
[v7,6/6] docs: trusted-encrypted: add DCP as new trust source DCP as trusted keys backend - - - --- 2024-03-27 David Gstir Superseded
[v7,5/6] docs: document DCP-backed trusted keys kernel params DCP as trusted keys backend - 1 - --- 2024-03-27 David Gstir Superseded
[v7,4/6] MAINTAINERS: add entry for DCP-based trusted keys DCP as trusted keys backend 1 - - --- 2024-03-27 David Gstir Superseded
[v7,3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys DCP as trusted keys backend - 1 - --- 2024-03-27 David Gstir Superseded
[v7,2/6] KEYS: trusted: improve scalability of trust source config DCP as trusted keys backend - 1 1 --- 2024-03-27 David Gstir Superseded
[v7,1/6] crypto: mxs-dcp: Add support for hardware-bound keys DCP as trusted keys backend 1 1 - --- 2024-03-27 David Gstir Superseded
samples/landlock: Fix incorrect free in populate_ruleset_net samples/landlock: Fix incorrect free in populate_ruleset_net - 1 - --- 2024-03-26 Ivanov Mikhail Handled Elsewhere
[v4,7/7] kunit: Add tests for fault Handle faults in KUnit tests - 1 - --- 2024-03-26 Mickaël Salaün Handled Elsewhere
[v4,6/7] kunit: Print last test location on fault Handle faults in KUnit tests - 1 - --- 2024-03-26 Mickaël Salaün Handled Elsewhere
[v4,5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Handle faults in KUnit tests - 2 - --- 2024-03-26 Mickaël Salaün Handled Elsewhere
[v4,4/7] kunit: Handle test faults Handle faults in KUnit tests - 2 1 --- 2024-03-26 Mickaël Salaün Handled Elsewhere
[v4,3/7] kunit: Fix timeout message Handle faults in KUnit tests - 3 - --- 2024-03-26 Mickaël Salaün Handled Elsewhere
[v4,2/7] kunit: Fix kthread reference Handle faults in KUnit tests - 3 - --- 2024-03-26 Mickaël Salaün Handled Elsewhere
[v4,1/7] kunit: Handle thread creation error Handle faults in KUnit tests - 3 - --- 2024-03-26 Mickaël Salaün Handled Elsewhere
[v12,9/9] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2024-03-25 Günther Noack pcmoore Changes Requested
[v12,8/9] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV Landlock: IOCTL support - - - --- 2024-03-25 Günther Noack pcmoore Changes Requested
[v12,7/9] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Landlock: IOCTL support - - - --- 2024-03-25 Günther Noack pcmoore Changes Requested
[v12,6/9] selftests/landlock: Test IOCTLs on named pipes Landlock: IOCTL support - - - --- 2024-03-25 Günther Noack pcmoore Changes Requested
[v12,5/9] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2024-03-25 Günther Noack pcmoore Changes Requested
[v12,4/9] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2024-03-25 Günther Noack pcmoore Changes Requested
[v12,3/9] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2024-03-25 Günther Noack pcmoore Changes Requested
[v12,2/9] landlock: Add IOCTL access right for character and block devices Landlock: IOCTL support - - - --- 2024-03-25 Günther Noack pcmoore Changes Requested
[v12,1/9] security: Introduce ENOFILEOPS return value for IOCTL hooks Landlock: IOCTL support - - - --- 2024-03-25 Günther Noack pcmoore Changes Requested
[bpf-next,v2,7/7] selftests/bpf: Add return value checks and corrections for failed progs Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,6/7] selftests/bpf: Avoid load failure for token_lsm.c Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,5/7] bpf: Fix compare error in function retval_range_within Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,4/7] bpf, lsm: Check bpf lsm hook return values in verifier Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,3/7] bpf, lsm: Add function to read lsm hook return value range Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,2/7] bpf, lsm: Add return value range description for lsm hook Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
[bpf-next,v2,1/7] bpf, lsm: Annotate lsm hook return integer with new macro LSM_RET_INT Add check for bpf lsm return value - - - --- 2024-03-25 Xu Kuohai pcmoore New
Do not require attributes for security_inode_init_security. Do not require attributes for security_inode_init_security. - - - --- 2024-03-24 Dr. Greg pcmoore Changes Requested
[v11,9/9] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,8/9] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,7/9] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,6/9] selftests/landlock: Test IOCTLs on named pipes Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,5/9] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,4/9] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,3/9] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,2/9] landlock: Add IOCTL access right for character and block devices Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
[v11,1/9] fs: Add and use vfs_get_ioctl_handler() Landlock: IOCTL support - - - --- 2024-03-22 Günther Noack pcmoore Superseded
ima: Fix use-after-free on a dentry's dname.name ima: Fix use-after-free on a dentry's dname.name - - - --- 2024-03-22 Stefan Berger Handled Elsewhere
[v3,next] integrity: Avoid -Wflex-array-member-not-at-end warnings [v3,next] integrity: Avoid -Wflex-array-member-not-at-end warnings - - - --- 2024-03-21 Gustavo A. R. Silva Handled Elsewhere
[v2,next] integrity: Avoid -Wflex-array-member-not-at-end warnings [v2,next] integrity: Avoid -Wflex-array-member-not-at-end warnings - - - --- 2024-03-21 Gustavo A. R. Silva Handled Elsewhere
Systemd v254 LSM stacking issue - patch Systemd v254 LSM stacking issue - patch - - - --- 2024-03-19 Casey Schaufler pcmoore Not Applicable
[v3,7/7] kunit: Add tests for fault Handle faults in KUnit tests - 1 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,6/7] kunit: Print last test location on fault Handle faults in KUnit tests - 1 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Handle faults in KUnit tests - 2 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,4/7] kunit: Handle test faults Handle faults in KUnit tests - 2 1 --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,3/7] kunit: Fix timeout message Handle faults in KUnit tests - 3 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,2/7] kunit: Fix kthread reference Handle faults in KUnit tests - 3 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[v3,1/7] kunit: Handle thread creation error Handle faults in KUnit tests - 3 - --- 2024-03-19 Mickaël Salaün Handled Elsewhere
[bpf-next,5/5] bpf: Fix compare error in function retval_range_within Fix kernel panic caused by bpf lsm return value - - - --- 2024-03-16 Xu Kuohai pcmoore Superseded
[bpf-next,4/5] bpf, lsm: Check bpf lsm hook return values in verifier Fix kernel panic caused by bpf lsm return value - - - --- 2024-03-16 Xu Kuohai pcmoore Superseded
[bpf-next,3/5] bpf, lsm: Add function to read lsm hook return value range Fix kernel panic caused by bpf lsm return value - - - --- 2024-03-16 Xu Kuohai pcmoore Superseded
[bpf-next,2/5] bpf, lsm: Add return value range description for lsm hook Fix kernel panic caused by bpf lsm return value - - - --- 2024-03-16 Xu Kuohai pcmoore Superseded
[bpf-next,1/5] bpf, lsm: Annotate lsm hook return integer with new macro LSM_RET_INT Fix kernel panic caused by bpf lsm return value - - - --- 2024-03-16 Xu Kuohai pcmoore Superseded
[RFC,v15,21/21] documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,20/21] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
« 1 2 3 435 36 »