Show patches with: Archived = No       |   4924 patches
« 1 2 ... 17 18 1949 50 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v3,04/10] evm: Use the metadata inode to calculate metadata hash evm: Support signatures on stacked filesystem 1 - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,02/10] security: allow finer granularity in permitting copy-up of security xattrs evm: Support signatures on stacked filesystem 1 - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[v3,01/10] ima: Rename backing_inode to real_inode evm: Support signatures on stacked filesystem 1 - - --- 2024-02-23 Stefan Berger pcmoore Handled Elsewhere
[RFC,5/5] apparmor: parse profiles in sandbox mode PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,4/5] sbm: fix up calls to dynamic memory allocators PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,3/5] sbm: x86: infrastructure to fix up sandbox faults PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,2/5] sbm: enhance buffer mapping API PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[RFC,1/5] sbm: x86: fix SBM error entry path PoC: convert AppArmor parser to SandBox Mode - - - --- 2024-02-22 Petr Tesarik RFC
[v2,25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr() fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,24/25] commoncap: use vfs fscaps interfaces fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,23/25] commoncap: remove cap_inode_getsecurity() fs: use type-safe uid representation for filesystem capabilities 1 - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,22/25] fs: use vfs interfaces for capabilities xattrs fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,21/25] ovl: use vfs_{get,set}_fscaps() for copy-up fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,20/25] ovl: add fscaps handlers fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,19/25] fs: add vfs_remove_fscaps() fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,18/25] fs: add vfs_set_fscaps() fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,17/25] fs: add vfs_get_fscaps() fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,16/25] fs: add inode operations to get/set/remove fscaps fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,15/25] security: call evm fscaps hooks from generic security hooks fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,14/25] evm: add support for fscaps security hooks fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,13/25] smack: add hooks for fscaps operations fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,12/25] selinux: add hooks for fscaps operations fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,11/25] security: add hooks for set/get/remove of fscaps fs: use type-safe uid representation for filesystem capabilities 1 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,10/25] xattr: use is_fscaps_xattr() fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,09/25] commoncap: use is_fscaps_xattr() fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,08/25] xattr: add is_fscaps_xattr() helper fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,07/25] capability: provide a helper for converting vfs_caps to xattr for userspace fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,06/25] capability: provide helpers for converting between xattrs and vfs_caps fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,05/25] capability: use vfsuid_t for vfs_caps rootids fs: use type-safe uid representation for filesystem capabilities 1 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,04/25] capability: rename cpu_vfs_cap_data to vfs_caps fs: use type-safe uid representation for filesystem capabilities 1 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,02/25] mnt_idmapping: include cred.h fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
[v2,01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Changes Requested
proc: allow restricting /proc/pid/mem writes proc: allow restricting /proc/pid/mem writes - - - --- 2024-02-21 Adrian Ratiu Superseded
[net-next,v3,11/11] selftests: ip_local_port_range: use XFAIL instead of SKIP selftests: kselftest_harness: support using xfail - 1 1 --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,10/11] selftests: kselftest_harness: support using xfail selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,09/11] selftests: kselftest_harness: let PASS / FAIL provide diagnostic selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,08/11] selftests: kselftest_harness: separate diagnostic message with # in ksft_test_r… selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,07/11] selftests: kselftest_harness: print test name for SKIP selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,06/11] selftests: kselftest: add ksft_test_result_code(), handling all exit codes selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,05/11] selftests: kselftest_harness: use exit code to store skip selftests: kselftest_harness: support using xfail - 1 - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,04/11] selftests: kselftest_harness: save full exit code in metadata selftests: kselftest_harness: support using xfail - - - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,03/11] selftests: kselftest_harness: generate test name once selftests: kselftest_harness: support using xfail 1 - - --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,02/11] selftests: kselftest_harness: use KSFT_* exit codes selftests: kselftest_harness: support using xfail 1 - 1 --- 2024-02-20 Jakub Kicinski Handled Elsewhere
[net-next,v3,01/11] selftests: kselftest_harness: pass step via shared memory selftests: kselftest_harness: support using xfail 1 - 1 --- 2024-02-20 Jakub Kicinski Handled Elsewhere
landlock: Warn once if a Landlock action is requested while disabled landlock: Warn once if a Landlock action is requested while disabled - 2 - --- 2024-02-19 Mickaël Salaün Handled Elsewhere
landlock: Fix asymmetric private inodes referring landlock: Fix asymmetric private inodes referring - - - --- 2024-02-19 Mickaël Salaün Handled Elsewhere
[RFC] fs: Add vfs_masks_device_ioctl*() helpers [RFC] fs: Add vfs_masks_device_ioctl*() helpers - - - --- 2024-02-19 Mickaël Salaün Handled Elsewhere
LSM: Fix typos in security/security.c comment headers LSM: Fix typos in security/security.c comment headers - - - --- 2024-02-17 Pairman Guo pcmoore Accepted
[GIT,PULL] lsm/lsm-pr-20240215 [GIT,PULL] lsm/lsm-pr-20240215 - - - --- 2024-02-15 Paul Moore pcmoore Accepted
[v10,25/25] integrity: Remove LSM security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,24/25] ima: Make it independent from 'integrity' LSM security: Move IMA and EVM to the LSM infrastructure 1 3 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,23/25] evm: Make it independent from 'integrity' LSM security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,22/25] evm: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 3 3 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,21/25] ima: Move IMA-Appraisal to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 3 3 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,20/25] ima: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 5 2 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,19/25] integrity: Move integrity_kernel_module_request() to IMA security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,18/25] security: Introduce key_post_create_or_update hook security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,17/25] security: Introduce inode_post_remove_acl hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,16/25] security: Introduce inode_post_set_acl hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,15/25] security: Introduce inode_post_create_tmpfile hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,14/25] security: Introduce path_post_mknod hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,13/25] security: Introduce file_release hook security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,12/25] security: Introduce file_post_open hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,11/25] security: Introduce inode_post_removexattr hook security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,10/25] security: Introduce inode_post_setattr hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,09/25] security: Align inode_setattr hook definition with EVM security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 1 4 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,05/25] ima: Align ima_post_read_file() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 1 4 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,04/25] ima: Align ima_inode_removexattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,03/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,02/25] ima: Align ima_file_mprotect() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
[v10,01/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 1 4 - --- 2024-02-15 Roberto Sassu pcmoore Accepted
security: fix integer overflow in lsm_set_self_attr() syscall security: fix integer overflow in lsm_set_self_attr() syscall 1 1 - --- 2024-02-14 Jann Horn pcmoore Accepted
[RFC,8/8] ima: Detect if digest cache changed since last measurement/appraisal ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,7/8] ima: Use digest cache for appraisal ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,6/8] ima: Use digest cache for measurement ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,5/8] ima: Record IMA verification result of digest lists in digest cache ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,4/8] ima: Add digest_cache_measure and digest_cache_appraise boot-time policies ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,3/8] ima: Add digest_cache policy keyword ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,2/8] ima: Nest iint mutex for DIGEST_LIST_CHECK hook ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[RFC,1/8] ima: Introduce hook DIGEST_LIST_CHECK ima: Integrate with digest_cache LSM - - - --- 2024-02-14 Roberto Sassu Handled Elsewhere
[GIT,PULL] Landlock fixes for v6.8-rc5 [GIT,PULL] Landlock fixes for v6.8-rc5 - - - --- 2024-02-14 Mickaël Salaün Handled Elsewhere
[v9,8/8] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,7/8] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,6/8] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,5/8] selftests/landlock: Test IOCTLs on named pipes Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,4/8] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,3/8] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,2/8] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v9,1/8] landlock: Add IOCTL access right Landlock: IOCTL support - - - --- 2024-02-09 Günther Noack Handled Elsewhere
[v3,13/13] docs: Add documentation of the digest_cache LSM security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore Superseded
[v3,12/13] selftests/digest_cache: Add selftests for digest_cache LSM security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore Superseded
[v3,11/13] digest_cache: Reset digest cache on file/directory change security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore Superseded
[v3,10/13] digest cache: Prefetch digest lists if requested security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore Superseded
[v3,09/13] digest_cache: Add support for directories security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore Superseded
[v3,08/13] digest_cache: Add management of verification data security: digest_cache LSM - - - --- 2024-02-09 Roberto Sassu pcmoore Superseded
« 1 2 ... 17 18 1949 50 »