Show patches with: State = Action Required       |   12020 patches
« 1 2 ... 12 13 14120 121 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[GIT,PULL] SELinux patches for v5.16 [GIT,PULL] SELinux patches for v5.16 - - - --- 2021-11-01 Paul Moore New
[GIT,PULL] Smack patches for v5.16 [GIT,PULL] Smack patches for v5.16 - - - --- 2021-11-01 Casey Schaufler New
[RESEND] KEYS: trusted: Fix trusted key backends when building as module [RESEND] KEYS: trusted: Fix trusted key backends when building as module - - 1 --- 2021-11-01 Andreas Rammhold New
[GIT,PULL] hardening updates for v5.16-rc1 [GIT,PULL] hardening updates for v5.16-rc1 - - - --- 2021-11-01 Kees Cook New
evm: mark evm_fixmode as __ro_after_init evm: mark evm_fixmode as __ro_after_init - - - --- 2021-10-28 Austin Kim New
ima/evm: mark evm_fixmode as __ro_after_init ima/evm: mark evm_fixmode as __ro_after_init - 1 - --- 2021-10-26 Austin Kim New
[v3,2/2] tpm: use SM3 instead of SM3_256 use SM3 instead of SM3_256 - - - --- 2021-10-26 tianjia.zhang New
[v3,1/2] crypto: use SM3 instead of SM3_256 use SM3 instead of SM3_256 - - - --- 2021-10-26 tianjia.zhang New
[net,4/4] security: implement sctp_assoc_established hook in selinux security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
[net,3/4] security: add sctp_assoc_established hook security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
[net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
[net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
sctp: initialize endpoint LSM labels also on the client side sctp: initialize endpoint LSM labels also on the client side - - - --- 2021-10-21 Ondrej Mosnacek New
[2/2] gcc-plugins: Remove cyc_complexity gcc-plugins: Explicitly document purpose and deprecation schedule - 2 - --- 2021-10-20 Kees Cook New
[1/2] gcc-plugins: Explicitly document purpose and deprecation schedule gcc-plugins: Explicitly document purpose and deprecation schedule - 2 - --- 2021-10-20 Kees Cook New
[v4,3/3] virt: Add efi_secret module to expose confidential computing secrets Allow guest access to EFI confidential computing secret area - - - --- 2021-10-20 Dov Murik New
[v4,2/3] efi: Reserve confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-20 Dov Murik New
[v4,1/3] efi/libstub: Copy confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-20 Dov Murik New
smackfs: use __GFP_NOFAIL for smk_cipso_doi() smackfs: use __GFP_NOFAIL for smk_cipso_doi() - - - --- 2021-10-19 Tetsuo Handa New
smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi - - - --- 2021-10-19 Tetsuo Handa New
[v2,2/2] tpm: use SM3 instead of SM3_256 use SM3 instead of SM3_256 - - - --- 2021-10-19 tianjia.zhang New
[v2,1/2] crypto: use SM3 instead of SM3_256 use SM3 instead of SM3_256 - - - --- 2021-10-19 tianjia.zhang New
[v3,3/3] virt: Add efi_secret module to expose confidential computing secrets Allow guest access to EFI confidential computing secret area - - - --- 2021-10-14 Dov Murik New
[v3,2/3] efi: Reserve confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-14 Dov Murik New
[v3,1/3] efi/libstub: Copy confidential computing secret area Allow guest access to EFI confidential computing secret area - - - --- 2021-10-14 Dov Murik New
[v1,3/3] security: define a trusted_for hook [v1,1/3] ima: define ima_trusted_for hook - - - --- 2021-10-14 Mimi Zohar New
[v1,2/3] fs: extend the trusted_for syscall to call IMA [v1,1/3] ima: define ima_trusted_for hook - - - --- 2021-10-14 Mimi Zohar New
[v1,1/3] ima: define ima_trusted_for hook [v1,1/3] ima: define ima_trusted_for hook - - - --- 2021-10-14 Mimi Zohar New
[RFC,v7,16/16] documentation: add ipe documentation Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,15/16] ipe: kunit tests Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,14/16] scripts: add boot policy generation program Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,13/16] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,12/16] fsverity|security: add security hooks to fsverity digest and signature Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,11/16] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,10/16] fs|dm-verity: add block_dev LSM blob and submit dm-verity data Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,09/16] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,08/16] ipe: add permissive toggle Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,07/16] ipe: add auditing support Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,06/16] uapi|audit: add trust audit message definitions Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,05/16] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,04/16] ipe: add userspace interface Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,03/16] ipe: add evaluation loop Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,02/16] ipe: add policy parser Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
[RFC,v7,01/16] security: add ipe lsm & initial context creation Integrity Policy Enforcement (IPE) - - - --- 2021-10-13 Deven Bowers New
LSM: Avoid warnings about potentially unused hook variables LSM: Avoid warnings about potentially unused hook variables 2 - - --- 2021-10-13 Kees Cook New
[2/2] fs: extend the trusted_for syscall to call IMA [1/2] ima: define ima_trusted_for hook - - - --- 2021-10-13 Mimi Zohar New
[1/2] ima: define ima_trusted_for hook [1/2] ima: define ima_trusted_for hook - - - --- 2021-10-13 Mimi Zohar New
[v15,3/3] selftest/interpreter: Add tests for trusted_for(2) policies Add trusted_for(2) (was O_MAYEXEC) - 2 - --- 2021-10-12 Mickaël Salaün New
[v15,2/3] arch: Wire up trusted_for(2) Add trusted_for(2) (was O_MAYEXEC) 1 2 - --- 2021-10-12 Mickaël Salaün New
[v15,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl Add trusted_for(2) (was O_MAYEXEC) 1 - - --- 2021-10-12 Mickaël Salaün New
[v2,2/2] fuse: Send security context of inode on file creation fuse: Send file/inode security context during creation - - - --- 2021-10-12 Vivek Goyal New
[v2,1/2] fuse: Add a flag FUSE_SECURITY_CTX fuse: Send file/inode security context during creation - - - --- 2021-10-12 Vivek Goyal New
[v5,3/3] binder: use cred instead of task for getsecid binder: use cred instead of task for security context - - - --- 2021-10-12 Todd Kjos New
[v5,2/3] binder: use cred instead of task for selinux checks binder: use cred instead of task for security context - - - --- 2021-10-12 Todd Kjos New
[v5,1/3] binder: use euid from cred instead of using task binder: use cred instead of task for security context - - - --- 2021-10-12 Todd Kjos New
[v2] security: Return xattr name from security_dentry_init_security() [v2] security: Return xattr name from security_dentry_init_security() 1 2 - --- 2021-10-12 Vivek Goyal New
LSM: general protection fault in legacy_parse_param LSM: general protection fault in legacy_parse_param 2 - - --- 2021-10-11 Casey Schaufler New
[apparmor] apparmor: remove unneeded one-line hook wrappers [apparmor] apparmor: remove unneeded one-line hook wrappers - - - --- 2021-10-11 Florian Westphal New
[smack] smack: remove duplicated hook function [smack] smack: remove duplicated hook function - - - --- 2021-10-11 Florian Westphal New
security/landlock: use square brackets around "landlock-ruleset" security/landlock: use square brackets around "landlock-ruleset" - - - --- 2021-10-11 Christian Brauner New
[v4,5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 1 2 --- 2021-10-11 Ahmad Fatoum New
[v4,4/5] crypto: caam - add in-kernel interface for blob generator KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 1 --- 2021-10-11 Ahmad Fatoum New
[v4,3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 1 1 1 --- 2021-10-11 Ahmad Fatoum New
[v4,2/5] KEYS: trusted: allow users to use kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 1 2 1 --- 2021-10-11 Ahmad Fatoum New
[v4,1/5] KEYS: trusted: allow use of TEE as backend without TCG_TPM support KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 2 --- 2021-10-11 Ahmad Fatoum New
[2/2] tpm: use SM3 instead of SM3_256 tpm: use SM3 instead of SM3_256 - - - --- 2021-10-09 tianjia.zhang New
[1/2] crypto: use SM3 instead of SM3_256 tpm: use SM3 instead of SM3_256 - - - --- 2021-10-09 tianjia.zhang New
ima: fix deadlock when traversing "ima_default_rules". ima: fix deadlock when traversing "ima_default_rules". - 1 - --- 2021-10-09 Li Qiong New
[-next] integrity: return early if audit_log_start return NULL [-next] integrity: return early if audit_log_start return NULL 1 - - --- 2021-10-09 cuigaosheng New
[v14,3/3] selftest/interpreter: Add tests for trusted_for(2) policies Add trusted_for(2) (was O_MAYEXEC) - 2 - --- 2021-10-08 Mickaël Salaün New
[v14,2/3] arch: Wire up trusted_for(2) Add trusted_for(2) (was O_MAYEXEC) 1 2 - --- 2021-10-08 Mickaël Salaün New
[v14,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl Add trusted_for(2) (was O_MAYEXEC) 2 - - --- 2021-10-08 Mickaël Salaün New
[v13,3/3] selftest/interpreter: Add tests for trusted_for(2) policies Add trusted_for(2) (was O_MAYEXEC) - 1 - --- 2021-10-07 Mickaël Salaün New
[v13,2/3] arch: Wire up trusted_for(2) Add trusted_for(2) (was O_MAYEXEC) 1 2 - --- 2021-10-07 Mickaël Salaün New
[v13,1/3] fs: Add trusted_for(2) syscall implementation and related sysctl Add trusted_for(2) (was O_MAYEXEC) 1 - - --- 2021-10-07 Mickaël Salaün New
[v2,4/4] virt: Add sev_secret module to expose confidential computing secrets Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
[v2,3/4] efi: Reserve confidential computing secret area Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
[v2,2/4] efi/libstub: Copy confidential computing secret area Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
[v2,1/4] x86: Export clean_cache_range() Allow access to confidential computing secret area in SEV guests - - - --- 2021-10-07 Dov Murik New
[v4,3/3] binder: use euid from cred instead of using task binder: use cred instead of task for security context - - - --- 2021-10-07 Todd Kjos New
[v4,2/3] binder: use cred instead of task for getsecid binder: use cred instead of task for security context - - - --- 2021-10-07 Todd Kjos New
[v4,1/3] binder: use cred instead of task for selinux checks binder: use cred instead of task for security context 1 - - --- 2021-10-07 Todd Kjos New
[v3,3/3] binder: use euid from cred instead of using task binder: use cred instead of task for security context - - - --- 2021-10-06 Todd Kjos New
[v3,2/3] binder: use cred instead of task for getsecid binder: use cred instead of task for security context - - - --- 2021-10-06 Todd Kjos New
[v3,1/3] binder: use cred instead of task for selinux checks binder: use cred instead of task for security context 1 - - --- 2021-10-06 Todd Kjos New
[v3] integrity: support including firmware ".platform" keys at build time [v3] integrity: support including firmware ".platform" keys at build time - - - --- 2021-10-04 Nayna Jain New
[v2] binder: use cred instead of task for selinux checks [v2] binder: use cred instead of task for selinux checks 1 - - --- 2021-10-01 Todd Kjos New
binder: use cred instead of task for selinux checks binder: use cred instead of task for selinux checks - - - --- 2021-10-01 Todd Kjos New
security: Return xattr name from security_dentry_init_security() security: Return xattr name from security_dentry_init_security() - 1 - --- 2021-09-30 Vivek Goyal New
[RFC,7/7] ima: Add support for appraisal with digest lists ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,6/7] ima: Skip measurement of files found in DIGLIM hash table ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,5/7] ima: Query metadata digest and retrieve info from its digest lists ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,4/7] ima: Query file digest and retrieve info from its digest lists ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,3/7] ima: Introduce diglim and appraise_diglim policies ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,2/7] ima: Introduce new policy keyword use_diglim ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[RFC,1/7] integrity: Change type of IMA rule-related flags to u64 ima: Measure and appraise files with DIGLIM - - - --- 2021-09-30 Roberto Sassu New
[next] apparmor: Use struct_size() helper in kzalloc() [next] apparmor: Use struct_size() helper in kzalloc() 1 - - --- 2021-09-29 Gustavo A. R. Silva New
lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() - 2 - --- 2021-09-29 Paul Moore New
[RESEND] apparmor: avoid -Wempty-body warning [RESEND] apparmor: avoid -Wempty-body warning 1 - - --- 2021-09-27 Arnd Bergmann New
[2/2] fuse: Send security context of inode on file creation fuse: Send file/inode security context during creation - - - --- 2021-09-24 Vivek Goyal New
« 1 2 ... 12 13 14120 121 »