Show patches with: none      |   16651 patches
« 1 2 3 4166 167 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v3,-next,07/15] security: min_addr: move sysctl to security/min_addr.c sysctl: move sysctls from vm_table into its own files 1 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,06/15] mm: mmap: move sysctl to mm/mmap.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,05/15] mm: util: move sysctls to mm/util.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,04/15] mm: vmscan: move vmscan sysctls to mm/vmscan.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,03/15] mm: swap: move sysctl to mm/swap.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,02/15] mm: filemap: move sysctl to mm/filemap.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,01/15] mm: vmstat: move sysctls to mm/vmstat.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v4,13/13] LSM: Remove lsm_prop scaffolding LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,12/13] Use lsm_prop for audit data LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,11/13] Audit: Change context data from secid to lsm_prop LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,10/13] LSM: Create new security_cred_getlsmprop LSM hook LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,09/13] Audit: use an lsm_prop in audit_names LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,08/13] LSM: Use lsm_prop in security_inode_getsecid LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,07/13] LSM: Use lsm_prop in security_current_getsecid LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,06/13] Audit: Update shutdown LSM data LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,05/13] LSM: Use lsm_prop in security_ipc_getsecid LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,04/13] Audit: maintain an lsm_prop in audit_context LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,03/13] LSM: Add lsmprop_to_secctx hook LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,02/13] LSM: Use lsm_prop in security_audit_rule_match LSM: Move away from secids - - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
[v4,01/13] LSM: Add the lsm_prop data structure. LSM: Move away from secids 1 - - --- 2024-10-09 Casey Schaufler pcmoore Accepted
ima: Fix OOB read when violation occurs with ima template. ima: Fix OOB read when violation occurs with ima template. - - - --- 2024-10-09 David Fernandez Gonzalez Handled Elsewhere
[3/3] ima: Mark concurrent accesses to the iint pointer in the inode security blob [1/3] ima: Remove inode lock - - - --- 2024-10-08 Roberto Sassu pcmoore Handled Elsewhere
[2/3] ima: Ensure lock is held when setting iint pointer in inode security blob [1/3] ima: Remove inode lock - - - --- 2024-10-08 Roberto Sassu pcmoore Handled Elsewhere
[1/3] ima: Remove inode lock [1/3] ima: Remove inode lock - 1 - --- 2024-10-08 Roberto Sassu pcmoore Handled Elsewhere
[v2] security/keys: fix slab-out-of-bounds in key_task_permission [v2] security/keys: fix slab-out-of-bounds in key_task_permission - 1 - --- 2024-10-08 Chen Ridong Handled Elsewhere
[v9,7/7] drm: Replace strcpy() with strscpy() Improve the copy of task comm 1 1 - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,6/7] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul} Improve the copy of task comm - - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,5/7] mm/util: Fix possible race condition in kstrdup() Improve the copy of task comm - - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,4/7] bpftool: Ensure task comm is always NUL-terminated Improve the copy of task comm - 1 - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,3/7] security: Replace memcpy() with get_task_comm() Improve the copy of task comm 1 - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,2/7] auditsc: Replace memcpy() with strscpy() Improve the copy of task comm 1 1 - --- 2024-10-07 Yafang Shao Handled Elsewhere
[v9,1/7] Get rid of __get_task_comm() Improve the copy of task comm - - - --- 2024-10-07 Yafang Shao Handled Elsewhere
[GIT,PULL] lsm/lsm-pr-20241004 [GIT,PULL] lsm/lsm-pr-20241004 - - - --- 2024-10-04 Paul Moore pcmoore Accepted
[v1] landlock: Improve documentation of previous limitations [v1] landlock: Improve documentation of previous limitations - 1 - --- 2024-10-04 Mickaël Salaün Handled Elsewhere
tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support 1 - - --- 2024-10-03 Paul Moore pcmoore Accepted
[RFC,v1,2/2] selftests/landlock: Test non-TCP INET connection-based protocols Fix non-TCP sockets restriction - 1 - --- 2024-10-03 Mikhail Ivanov Handled Elsewhere
[RFC,v1,1/2] landlock: Fix non-TCP sockets restriction Fix non-TCP sockets restriction - 1 - --- 2024-10-03 Mikhail Ivanov Handled Elsewhere
[v2,3/3] samples/landlock: Clarify option parsing behaviour samples/landlock: Fix port parsing behaviour - - - --- 2024-10-03 Matthieu Buffet Handled Elsewhere
[v2,2/3] samples/landlock: Refactor --help message in function samples/landlock: Fix port parsing behaviour - - - --- 2024-10-03 Matthieu Buffet Handled Elsewhere
[v2,1/3] samples/landlock: Fix port parsing in sandboxer samples/landlock: Fix port parsing behaviour - - - --- 2024-10-03 Matthieu Buffet Handled Elsewhere
[v5] rust: add PidNamespace [v5] rust: add PidNamespace - 1 - --- 2024-10-02 Christian Brauner Handled Elsewhere
[v4] rust: add PidNamespace [v4] rust: add PidNamespace - - - --- 2024-10-02 Christian Brauner Handled Elsewhere
[v3] rust: add PidNamespace [v3] rust: add PidNamespace - - - --- 2024-10-01 Christian Brauner Handled Elsewhere
[v1,3/3] landlock: Optimize scope enforcement Refactor Landlock access mask management - - - --- 2024-10-01 Mickaël Salaün Handled Elsewhere
[v1,2/3] landlock: Refactor network access mask management Refactor Landlock access mask management - - - --- 2024-10-01 Mickaël Salaün Handled Elsewhere
[v1,1/3] landlock: Refactor filesystem access mask management Refactor Landlock access mask management - 1 - --- 2024-10-01 Mickaël Salaün Handled Elsewhere
[v2] rust: add PidNamespace [v2] rust: add PidNamespace - - - --- 2024-10-01 Christian Brauner Handled Elsewhere
[RFC,v4] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() [RFC,v4] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-28 Shu Han Under Review
[v5.15-v6.1] selinux,smack: don't bypass permissions check in inode_setsecctx hook [v5.15-v6.1] selinux,smack: don't bypass permissions check in inode_setsecctx hook 1 3 1 --- 2024-09-28 Shivani Agarwal Handled Elsewhere
[v5.10] selinux,smack: don't bypass permissions check in inode_setsecctx hook [v5.10] selinux,smack: don't bypass permissions check in inode_setsecctx hook 1 3 1 --- 2024-09-28 Shivani Agarwal Handled Elsewhere
ipe: fallback to platform keyring also if key in trusted keyring is rejected ipe: fallback to platform keyring also if key in trusted keyring is rejected 1 - - --- 2024-09-27 Luca Boccassi Handled Elsewhere
[2/2] Revert "mm: introduce PF_MEMALLOC_NORECLAIM, PF_MEMALLOC_NOWARN" remove PF_MEMALLOC_NORECLAIM - 4 - --- 2024-09-26 Michal Hocko Handled Elsewhere
[1/2] bcachefs: do not use PF_MEMALLOC_NORECLAIM remove PF_MEMALLOC_NORECLAIM - 3 - --- 2024-09-26 Michal Hocko Handled Elsewhere
[RFC] rust: add PidNamespace wrapper [RFC] rust: add PidNamespace wrapper - - - --- 2024-09-26 Christian Brauner Handled Elsewhere
[v3,2/2] ipe: also reject policy updates with the same version [v3,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version 1 1 - --- 2024-09-25 Luca Boccassi Handled Elsewhere
[v3,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version [v3,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version 1 1 - --- 2024-09-25 Luca Boccassi Handled Elsewhere
[v2,2/2] ipe: also reject policy updates with the same version [v2,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version - 1 - --- 2024-09-25 Luca Boccassi Handled Elsewhere
[v2,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version [v2,1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version 1 1 - --- 2024-09-25 Luca Boccassi Handled Elsewhere
[RFC] capabilities: remove cap_mmap_file() [RFC] capabilities: remove cap_mmap_file() - 2 - --- 2024-09-25 Paul Moore pcmoore Handled Elsewhere
[RFC,v3] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() [RFC,v3] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-25 Shu Han Superseded
[RFC,v2] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() [RFC,v2] mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-25 Shu Han Superseded
[RFC,v2] mm: move security_mmap_file() back into do_mmap() [RFC,v2] mm: move security_mmap_file() back into do_mmap() - - - --- 2024-09-25 Shu Han Superseded
tomoyo: fallback to realpath if symlink's pathname does not exist tomoyo: fallback to realpath if symlink's pathname does not exist - - - --- 2024-09-25 Tetsuo Handa Handled Elsewhere
mm: move security_file_mmap() back into do_mmap() mm: move security_file_mmap() back into do_mmap() - - - --- 2024-09-25 Shu Han Under Review
mm: move the check of READ_IMPLIES_EXEC out of do_mmap() mm: move the check of READ_IMPLIES_EXEC out of do_mmap() - - - --- 2024-09-25 Shu Han Under Review
[GIT,PULL] lsm/lsm-pr-20240923 [GIT,PULL] lsm/lsm-pr-20240923 - - - --- 2024-09-23 Paul Moore Accepted
[GIT,PULL] Landlock updates for v6.12 [GIT,PULL] Landlock updates for v6.12 - - - --- 2024-09-23 Mickaël Salaün Handled Elsewhere
ipe: Fix out-of-bound access of kunit_suite_num_test_cases() ipe: Fix out-of-bound access of kunit_suite_num_test_cases() - - - --- 2024-09-23 Jinjie Ruan pcmoore In Next
[1/1] netlabel: Add missing comment to struct field [1/1] netlabel: Add missing comment to struct field 1 - - --- 2024-09-23 George Guo pcmoore Handled Elsewhere
ipe: Add missing terminator to list of unit tests ipe: Add missing terminator to list of unit tests 1 - - --- 2024-09-22 Guenter Roeck pcmoore Accepted
[2/2] ipe: also reject policy updates with the same version [1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version - 1 - --- 2024-09-22 Luca Boccassi Handled Elsewhere
[1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version [1/2] ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version - - - --- 2024-09-22 Luca Boccassi Handled Elsewhere
[v5,5/5] tpm: flush the auth session only when /dev/tpm0 is open Lazy flush for the auth session - 1 1 --- 2024-09-21 Jarkko Sakkinen Handled Elsewhere
[v5,4/5] tpm: Allocate chip->auth in tpm2_start_auth_session() Lazy flush for the auth session - 1 - --- 2024-09-21 Jarkko Sakkinen Handled Elsewhere
[v5,3/5] tpm: flush the null key only when /dev/tpm0 is accessed Lazy flush for the auth session - - 1 --- 2024-09-21 Jarkko Sakkinen Handled Elsewhere
[v5,2/5] tpm: Implement tpm2_load_null() rollback Lazy flush for the auth session - - - --- 2024-09-21 Jarkko Sakkinen Handled Elsewhere
[v5,1/5] tpm: Return on tpm2_create_null_primary() failure Lazy flush for the auth session - - - --- 2024-09-21 Jarkko Sakkinen Handled Elsewhere
apparmor: Remove deadcode apparmor: Remove deadcode - - - --- 2024-09-20 Dr. David Alan Gilbert Handled Elsewhere
[GIT,PULL] lsm/lsm-pr-20240920 [GIT,PULL] lsm/lsm-pr-20240920 - - - --- 2024-09-20 Paul Moore pcmoore Accepted
selinux,smack: properly reference the LSM blob in security_watch_key() selinux,smack: properly reference the LSM blob in security_watch_key() - 1 - --- 2024-09-19 Paul Moore pcmoore Accepted
mm: call the security_mmap_file() LSM hook in remap_file_pages() mm: call the security_mmap_file() LSM hook in remap_file_pages() 1 - - --- 2024-09-19 Paul Moore pcmoore Accepted
[v4,5/5] tpm: flush the auth session only when /dev/tpm0 is open Lazy flush for the auth session - - 1 --- 2024-09-18 Jarkko Sakkinen Handled Elsewhere
[v4,4/5] tpm: Allocate chip->auth in tpm2_start_auth_session() Lazy flush for the auth session - - - --- 2024-09-18 Jarkko Sakkinen Handled Elsewhere
[v4,3/5] tpm: flush the null key only when /dev/tpm0 is accessed Lazy flush for the auth session - - 1 --- 2024-09-18 Jarkko Sakkinen Handled Elsewhere
[v4,2/5] tpm: Return on tpm2_create_primary() failure in tpm2_load_null() Lazy flush for the auth session - - - --- 2024-09-18 Jarkko Sakkinen Handled Elsewhere
[v4,1/5] tpm: Return on tpm2_create_null_primary() failure Lazy flush for the auth session - - - --- 2024-09-18 Jarkko Sakkinen Handled Elsewhere
[5/5] LSM: Use lsm_context in security_inode_notifysecctx LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-09-17 Casey Schaufler pcmoore Superseded
[4/5] LSM: secctx provider check on release LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-09-17 Casey Schaufler pcmoore Superseded
[3/5] LSM: lsm_context in security_dentry_init_security LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-09-17 Casey Schaufler pcmoore Superseded
[2/5] LSM: Use lsm_context in security_inode_getsecctx LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-09-17 Casey Schaufler pcmoore Superseded
[1/5] LSM: Replace context+len with lsm_context LSM: Replace secctx/len pairs with lsm_context - 1 - --- 2024-09-17 Casey Schaufler pcmoore Superseded
[v3,7/7] tpm: open code tpm2_create_null_primary() Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,6/7] tpm: flush the auth session only when /dev/tpm0 is open Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,5/7] tpm: Allocate chip->auth in tpm2_start_auth_session() Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,4/7] tpm: flush the null key only when /dev/tpm0 is accessed Lazy flush for the auth session - - 1 --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,3/7] tpm: Return on tpm2_create_primary() failure in tpm2_load_null() Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,2/7] tpm: Return on tpm2_create_null_primary() failure Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[v3,1/7] tpm: Remove the top-level documentation tpm2-sessions.c Lazy flush for the auth session - - - --- 2024-09-17 Jarkko Sakkinen Handled Elsewhere
[RFC,v1,7/7] selftests/landlock: Add UDP sendmsg/recvmsg tests landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
[RFC,v1,6/7] selftests/landlock: Adapt existing tests for UDP landlock: Add UDP access control support - - - --- 2024-09-16 Matthieu Buffet Handled Elsewhere
« 1 2 3 4166 167 »