Show patches with: State = Action Required       |   12149 patches
« 1 2 3 4121 122 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v1,1/2] landlock: Fix d_parent walk Fix warning in collect_domain_accesses() - - - --- 2024-05-16 Mickaël Salaün pcmoore New
[RFC] ima: Use sequence number to wait for policy updates [RFC] ima: Use sequence number to wait for policy updates - - - --- 2024-05-07 Roberto Sassu pcmoore New
[2/2] selftests/landlock: Create 'listen_zero', 'deny_listen_zero' tests Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Mikhail Ivanov pcmoore New
[1/2] landlock: Add hook on socket_listen() Forbid illegitimate binding via listen(2) - 1 - --- 2024-04-08 Mikhail Ivanov pcmoore New
[RFC,1/2] lsm: introduce new hook security_vm_execstack [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[RFC,2/2] selinux: wire up new execstack LSM hook [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[10/10] coccinelle: add script for capable_any() [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[09/10] bpf: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[08/10] net: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[07/10] kernel: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 2 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[06/10] fs: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[05/10] drivers: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 2 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[04/10] block: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[03/10] capability: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[02/10] capability: add any wrappers to test for multiple caps with exactly one audit message [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 2 1 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[v3,3/3] fs/exec: remove current->in_execve flag fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v3,2/3] tomoyo: replace current->in_execve flag with security_execve_abort() hook fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v3,1/3] LSM: add security_execve_abort() hook fs/exec: remove current->in_execve flag 1 - - --- 2024-02-06 Tetsuo Handa pcmoore Under Review
[v39,42/42] Smack: Remove LSM_FLAG_EXCLUSIVE LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,41/42] LSM: restrict security_cred_getsecid() to a single LSM LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,40/42] LSM: Allow reservation of netlabel LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,39/42] LSM: Remove lsmblob scaffolding LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,38/42] LSM: Correct handling of ENOSYS in inode_setxattr LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,37/42] LSM: Infrastructure management of the mnt_opts security blob LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,36/42] LSM: Infrastructure management of the key security blob LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,35/42] LSM: allocate mnt_opts blobs instead of module specific data LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,34/42] LSM: Add mount opts blob size tracking LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,33/42] AppArmor: Remove the exclusive flag LSM: General module stacking 2 1 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,32/42] LSM: Identify which LSM handles the context string LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,31/42] LSM: Exclusive secmark usage LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,30/42] LSM: Single calls in socket_getpeersec hooks LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,29/42] LSM: secctx provider check on release LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,28/42] LSM: Improve logic in security_getprocattr LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,27/42] LSM: Remove unused lsmcontext_init() LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,26/42] Audit: Add record for multiple object contexts LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,25/42] audit: multiple subject lsm values for netlabel LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,24/42] Audit: Add record for multiple task security contexts LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,23/42] Audit: Allow multiple records in an audit_buffer LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,22/42] Audit: Create audit_stamp structure LSM: General module stacking 1 - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,21/42] LSM: security_lsmblob_to_secctx module selection LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,20/42] LSM: Use lsmcontext in security_dentry_init_security LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,19/42] LSM: Use lsmcontext in security_inode_getsecctx LSM: General module stacking 3 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,18/42] LSM: Use lsmcontext in security_lsmblob_to_secctx LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,17/42] LSM: Use lsmcontext in security_secid_to_secctx LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,16/42] LSM: Ensure the correct LSM context releaser LSM: General module stacking 3 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,15/42] Netlabel: Use lsmblob for audit data LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,14/42] Audit: Change context data from secid to lsmblob LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,13/42] LSM: Create new security_cred_getlsmblob LSM hook LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,12/42] Audit: use an lsmblob in audit_names LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,11/42] LSM: Use lsmblob in security_inode_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,10/42] LSM: Use lsmblob in security_current_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,09/42] Audit: Update shutdown LSM data LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,08/42] LSM: Use lsmblob in security_ipc_getsecid LSM: General module stacking 2 2 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,07/42] Audit: maintain an lsmblob in audit_context LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,06/42] LSM: Add lsmblob_to_secctx hook LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,05/42] LSM: Use lsmblob in security_audit_rule_match LSM: General module stacking 1 1 - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,04/42] IMA: avoid label collisions with stacked LSMs LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[v39,03/42] LSM: Add the lsmblob data structure. LSM: General module stacking - - - --- 2023-12-15 Casey Schaufler pcmoore Under Review
[28/28] integrity: Switch from rbtree to LSM-managed blob for integrity_iint_cache security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[27/28] integrity: Move integrity functions to the LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[26/28] evm: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[25/28] ima: Move IMA-Appraisal to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[24/28] ima: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[23/28] security: Introduce LSM_ORDER_LAST security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[22/28] security: Introduce key_post_create_or_update hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[21/28] security: Introduce inode_post_remove_acl hook security: Move IMA and EVM to the LSM infrastructure - - - --- 2023-03-03 Roberto Sassu pcmoore New
[20/28] security: Introduce inode_post_set_acl hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[19/28] security: Introduce inode_post_create_tmpfile hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[18/28] security: Introduce path_post_mknod hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[17/28] security: Introduce file_pre_free_security hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[16/28] security: Introduce file_post_open hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[15/28] security: Introduce inode_post_removexattr hook security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[14/28] security: Introduce inode_post_setattr hook security: Move IMA and EVM to the LSM infrastructure - 2 - --- 2023-03-03 Roberto Sassu pcmoore New
[13/28] security: Align inode_setattr hook definition with EVM security: Move IMA and EVM to the LSM infrastructure 1 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[12/28] fs: Fix description of vfs_tmpfile() security: Move IMA and EVM to the LSM infrastructure 1 - - --- 2023-03-03 Roberto Sassu pcmoore New
[11/28] evm: Complete description of evm_inode_setattr() security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[10/28] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[09/28] evm: Align evm_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[08/28] evm: Align evm_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[07/28] ima: Align ima_post_read_file() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[06/28] ima: Align ima_inode_removexattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[05/28] ima: Align ima_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[04/28] ima: Align ima_file_mprotect() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[03/28] ima: Align ima_post_create_tmpfile() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[02/28] ima: Align ima_post_path_mknod() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[01/28] ima: Align ima_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure - 1 - --- 2023-03-03 Roberto Sassu pcmoore New
[2/2] doc: Fix fs_context_parse_param description in mount_api.rst [1/2] lsm: Fix description of fs_context_parse_param - - - --- 2022-12-09 Roberto Sassu pcmoore Under Review
[v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing [v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing 2 1 1 --- 2022-11-10 David Howells pcmoore New
[v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - 1 - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,8/8] net: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,7/8] bpf: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,6/8] kernel: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,5/8] fs: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,4/8] drivers: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - 1 - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,3/8] block: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - 1 - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,2/8] capability: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v10,6/7] doc: trusted-encrypted: describe new CAAM trust source KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 - --- 2022-05-13 Ahmad Fatoum New
[v10,5/7] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 3 5 --- 2022-05-13 Ahmad Fatoum New
[v10,4/7] crypto: caam - add in-kernel interface for blob generator KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 5 --- 2022-05-13 Ahmad Fatoum New
« 1 2 3 4121 122 »