Show patches with: none      |   16761 patches
« 1 2 ... 48 49 50167 168 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v36,09/33] LSM: Use lsmblob in security_secid_to_secctx LSM: Module stacking for AppArmor 1 1 - --- 2022-06-09 Casey Schaufler pcmoore Superseded
[v36,08/33] LSM: Use lsmblob in security_secctx_to_secid LSM: Module stacking for AppArmor 1 1 - --- 2022-06-09 Casey Schaufler pcmoore Superseded
[v36,07/33] LSM: Use lsmblob in security_kernel_act_as LSM: Module stacking for AppArmor 2 2 - --- 2022-06-09 Casey Schaufler pcmoore Superseded
[v36,06/33] LSM: Use lsmblob in security_audit_rule_match LSM: Module stacking for AppArmor 1 1 - --- 2022-06-09 Casey Schaufler pcmoore Superseded
[v36,05/33] IMA: avoid label collisions with stacked LSMs LSM: Module stacking for AppArmor - - - --- 2022-06-09 Casey Schaufler pcmoore Superseded
[v36,04/33] LSM: provide lsm name and id slot mappings LSM: Module stacking for AppArmor 1 1 - --- 2022-06-09 Casey Schaufler pcmoore Superseded
[v36,03/33] LSM: Add the lsmblob data structure. LSM: Module stacking for AppArmor - 2 - --- 2022-06-09 Casey Schaufler pcmoore Superseded
[v36,02/33] LSM: Infrastructure management of the sock security LSM: Module stacking for AppArmor 2 2 - --- 2022-06-09 Casey Schaufler pcmoore Superseded
[v36,01/33] integrity: disassociate ima_filter_rule from security_audit_rule LSM: Module stacking for AppArmor 1 1 - --- 2022-06-09 Casey Schaufler pcmoore Superseded
[-next] ima: Use if/else statement in init_ima() [-next] ima: Use if/else statement in init_ima() - - - --- 2022-06-09 Xiu Jianfeng Handled Elsewhere
[RFC,v8,17/17] documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,16/17] ipe: kunit tests Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,15/17] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,14/17] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,13/17] fsverity: consume builtin signature via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,12/17] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,11/17] dm-verity: consume root hash digest and signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,10/17] block|security: add LSM blob to block_device Integrity Policy Enforcement LSM (IPE) - 1 - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,09/17] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,08/17] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,07/17] ipe: add auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,06/17] uapi|audit: add ipe audit message definitions Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,05/17] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,04/17] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,03/17] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,02/17] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[RFC,v8,01/17] security: add ipe lsm & initial context creation Integrity Policy Enforcement LSM (IPE) - - - --- 2022-06-08 Deven Bowers pcmoore Changes Requested
[v3] cred: Propagate security_prepare_creds() error code [v3] cred: Propagate security_prepare_creds() error code 2 1 - --- 2022-06-08 Frederick Lawler Changes Requested
[v2] KEYS: trusted: Fix memory leak in tpm2_key_encode() [v2] KEYS: trusted: Fix memory leak in tpm2_key_encode() - - - --- 2022-06-08 Jianglei Nie Handled Elsewhere
[v2] KEYS: trusted: Fix memory leak in tpm2_key_encode() [v2] KEYS: trusted: Fix memory leak in tpm2_key_encode() - - - --- 2022-06-08 Jianglei Nie Handled Elsewhere
[GIT,PULL] tpmdd updates for v5.19-rc2-v2 [GIT,PULL] tpmdd updates for v5.19-rc2-v2 - - - --- 2022-06-08 Jarkko Sakkinen Handled Elsewhere
[GIT,PULL] tpmdd updates for v5.19-rc2 [GIT,PULL] tpmdd updates for v5.19-rc2 - - - --- 2022-06-08 Jarkko Sakkinen Handled Elsewhere
security:trusted_tpm2: Fix memory leak in tpm2_key_encode() security:trusted_tpm2: Fix memory leak in tpm2_key_encode() - - - --- 2022-06-08 Jianglei Nie Handled Elsewhere
[v2] KEYS: trusted: tpm2: Fix migratable logic [v2] KEYS: trusted: tpm2: Fix migratable logic - 2 - --- 2022-06-07 david.safford@gmail.com Handled Elsewhere
[RESEND] smack: Replace kzalloc + strncpy with kstrndup [RESEND] smack: Replace kzalloc + strncpy with kstrndup - 1 - --- 2022-06-07 Gong Ruiqi Handled Elsewhere
security:trusted_tpm2: Fix memory leak in tpm2_key_encode() security:trusted_tpm2: Fix memory leak in tpm2_key_encode() - - - --- 2022-06-07 Jianglei Nie Handled Elsewhere
[-next] evm: Use IS_ENABLED to initialize .enabled [-next] evm: Use IS_ENABLED to initialize .enabled - 1 - --- 2022-06-06 Xiu Jianfeng Handled Elsewhere
[1/1] security: avoid a leak in securityfs_remove() [1/1] security: avoid a leak in securityfs_remove() - - - --- 2022-06-02 Yuanjun Gong pcmoore Rejected
[-next] Revert "evm: Fix memleak in init_desc" [-next] Revert "evm: Fix memleak in init_desc" - - - --- 2022-05-27 Xiu Jianfeng Handled Elsewhere
[v2] cred: Propagate security_prepare_creds() error code [v2] cred: Propagate security_prepare_creds() error code 2 1 - --- 2022-05-25 Frederick Lawler Changes Requested
[v6,3/3] dm: verity-loadpin: Use CONFIG_SECURITY_LOADPIN_VERITY for conditional compilation LoadPin: Enable loading from trusted dm-verity devices 1 - - --- 2022-05-23 Matthias Kaehlcke Handled Elsewhere
[v6,2/3] LoadPin: Enable loading from trusted dm-verity devices LoadPin: Enable loading from trusted dm-verity devices 1 - - --- 2022-05-23 Matthias Kaehlcke Handled Elsewhere
[v6,1/3] dm: Add verity helpers for LoadPin LoadPin: Enable loading from trusted dm-verity devices 1 - - --- 2022-05-23 Matthias Kaehlcke Handled Elsewhere
[GIT,PULL] Smack patches for v5.19 [GIT,PULL] Smack patches for v5.19 - - - --- 2022-05-23 Casey Schaufler Handled Elsewhere
[GIT,PULL] TPM DEVICE DRIVER updates for v5.19-rc1 [GIT,PULL] TPM DEVICE DRIVER updates for v5.19-rc1 - - - --- 2022-05-23 Jarkko Sakkinen Handled Elsewhere
[GIT,PULL] Landlock changes for v5.19 [GIT,PULL] Landlock changes for v5.19 - - - --- 2022-05-23 Mickaël Salaün Handled Elsewhere
[GIT,PULL] SELinux patches for v5.19 [GIT,PULL] SELinux patches for v5.19 - - - --- 2022-05-23 Paul Moore Handled Elsewhere
cred: Propagate security_prepare_creds() error code cred: Propagate security_prepare_creds() error code - 1 - --- 2022-05-20 Frederick Lawler Changes Requested
[v1,5/5] RISC-V: Allow kexec_file() on 32-bit platforms Support kexec_file on 32-bit RISC-V - - - --- 2022-05-20 Palmer Dabbelt Handled Elsewhere
[v1,4/5] RISC-V: purgatory: Use XLEN-length loads to support rv32 Support kexec_file on 32-bit RISC-V - - - --- 2022-05-20 Palmer Dabbelt Handled Elsewhere
[v1,3/5] RISC-V: kexec: Use Elf64 on 64-bit targets Support kexec_file on 32-bit RISC-V - - - --- 2022-05-20 Palmer Dabbelt Handled Elsewhere
[v1,2/5] ima: Fix a build issue on 32-bit platforms Support kexec_file on 32-bit RISC-V - - - --- 2022-05-20 Palmer Dabbelt Handled Elsewhere
[v1,1/5] drivers: of: kexec ima: Support 32-bit platforms Support kexec_file on 32-bit RISC-V 1 - - --- 2022-05-20 Palmer Dabbelt Handled Elsewhere
[v5,3/3] dm: verity-loadpin: Use CONFIG_SECURITY_LOADPIN_VERITY for conditional compilation LoadPin: Enable loading from trusted dm-verity devices 1 - - --- 2022-05-19 Matthias Kaehlcke Superseded
[v5,2/3] LoadPin: Enable loading from trusted dm-verity devices LoadPin: Enable loading from trusted dm-verity devices 1 - - --- 2022-05-19 Matthias Kaehlcke Superseded
[v5,1/3] dm: Add verity helpers for LoadPin LoadPin: Enable loading from trusted dm-verity devices 1 - - --- 2022-05-19 Matthias Kaehlcke Superseded
[GIT,PULL] SELinux fixes for v5.18 (#1) [GIT,PULL] SELinux fixes for v5.18 (#1) - - - --- 2022-05-18 Paul Moore Handled Elsewhere
security: keys: add __randomize_layout to keyring_search_context security: keys: add __randomize_layout to keyring_search_context - 1 - --- 2022-05-18 Gong Ruiqi Handled Elsewhere
[v4,3/3] dm: verity-loadpin: Use CONFIG_SECURITY_LOADPIN_VERITY for conditional compilation LoadPin: Enable loading from trusted dm-verity devices - - - --- 2022-05-17 Matthias Kaehlcke Superseded
[v4,2/3] LoadPin: Enable loading from trusted dm-verity devices LoadPin: Enable loading from trusted dm-verity devices - - - --- 2022-05-17 Matthias Kaehlcke Superseded
[v4,1/3] dm: Add verity helpers for LoadPin LoadPin: Enable loading from trusted dm-verity devices - - - --- 2022-05-17 Matthias Kaehlcke Superseded
commoncap: check return value to avoid null pointer dereference commoncap: check return value to avoid null pointer dereference - - - --- 2022-05-16 刘永志 pcmoore Rejected
[v5,15/15] samples/landlock: adds network demo Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,14/15] seltests/landlock: invalid user input data test Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,13/15] seltests/landlock: ruleset expanding test Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,12/15] seltests/landlock: rules overlapping test Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,11/15] seltests/landlock: connect() with AF_UNSPEC tests Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,10/15] seltests/landlock: add tests for connect() hooks Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,09/15] seltests/landlock: add tests for bind() hooks Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,08/15] landlock: TCP network hooks implementation Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,07/15] landlock: add support network rules Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,06/15] landlock: user space API network support Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,05/15] landlock: landlock_add_rule syscall refactoring Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,04/15] landlock: helper functions refactoring Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,03/15] landlock: merge and inherit function refactoring Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,02/15] landlock: landlock_find/insert_rule refactoring Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v5,01/15] landlock: access mask renaming Network support for Landlock - - - --- 2022-05-16 Konstantin Meskhidze (A) Handled Elsewhere
[v10,7/7] MAINTAINERS: add KEYS-TRUSTED-CAAM KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 1 1 - --- 2022-05-13 Ahmad Fatoum Handled Elsewhere
[v10,6/7] doc: trusted-encrypted: describe new CAAM trust source KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 - --- 2022-05-13 Ahmad Fatoum New
[v10,5/7] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 3 5 --- 2022-05-13 Ahmad Fatoum New
[v10,4/7] crypto: caam - add in-kernel interface for blob generator KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 2 5 --- 2022-05-13 Ahmad Fatoum New
[v10,3/7] crypto: caam - determine whether CAAM supports blob encap/decap KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 1 1 --- 2022-05-13 Ahmad Fatoum New
[v10,2/7] KEYS: trusted: allow use of kernel RNG for key material KEYS: trusted: Introduce support for NXP CAAM-based trusted keys 2 3 3 --- 2022-05-13 Ahmad Fatoum New
[v10,1/7] KEYS: trusted: allow use of TEE as backend without TCG_TPM support KEYS: trusted: Introduce support for NXP CAAM-based trusted keys - 3 5 --- 2022-05-13 Ahmad Fatoum New
[v2] landlock: Explain how to support Landlock [v2] landlock: Explain how to support Landlock - 1 - --- 2022-05-13 Mickaël Salaün New
[v4] x86/kexec: Carry forward IMA measurement log on kexec [v4] x86/kexec: Carry forward IMA measurement log on kexec - 1 - --- 2022-05-12 Jonathan McDowell New
[v1] landlock: Explain how to support Landlock [v1] landlock: Explain how to support Landlock - - - --- 2022-05-12 Mickaël Salaün New
[-next] apparmor: Fix aa_str_perms() kernel-doc comment [-next] apparmor: Fix aa_str_perms() kernel-doc comment 1 - - --- 2022-05-12 Yang Li New
[v8,4/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification Untitled series #640875 2 1 - --- 2022-05-12 Coiby Xu New
[v8,3/4] arm64: kexec_file: use more system keyrings to verify kernel image signature Untitled series #640875 2 - - --- 2022-05-12 Coiby Xu New
[v8,2/4] kexec, KEYS: make the code in bzImage64_verify_sig generic Untitled series #640875 1 1 - --- 2022-05-12 Coiby Xu New
loadpin: stop using bdevname loadpin: stop using bdevname - - - --- 2022-05-12 Christoph Hellwig New
[v7,4/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification Untitled series #640797 1 1 - --- 2022-05-12 Coiby Xu New
[v7,3/4] arm64: kexec_file: use more system keyrings to verify kernel image signature Untitled series #640797 2 - - --- 2022-05-12 Coiby Xu New
[v7,2/4] kexec, KEYS: make the code in bzImage64_verify_sig generic Untitled series #640797 1 1 - --- 2022-05-12 Coiby Xu New
[v3] x86/kexec: Carry forward IMA measurement log on kexec [v3] x86/kexec: Carry forward IMA measurement log on kexec - - - --- 2022-05-11 Jonathan McDowell New
[v2] big_keys: Use struct for internal payload [v2] big_keys: Use struct for internal payload - - - --- 2022-05-10 Kees Cook New
big_keys: Use struct for internal payload big_keys: Use struct for internal payload - - - --- 2022-05-08 Kees Cook New
[v3,12/12] landlock: Add design choices documentation for filesystem access rights Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
[v3,11/12] landlock: Document good practices about filesystem policies Landlock: file linking and renaming support - 1 - --- 2022-05-06 Mickaël Salaün New
« 1 2 ... 48 49 50167 168 »