Toggle navigation
Patchwork
Security modules development
Patches
Bundles
About this project
Login
Register
Mail settings
Show patches with
: Archived =
No
| 4924 patches
Series
Submitter
State
any
Action Required
New
Under Review
Accepted
Rejected
RFC
Not Applicable
Changes Requested
Awaiting Upstream
Superseded
Deferred
Mainlined
Queued
Needs ACK
Handled Elsewhere
In Next
Search
Archived
No
Yes
Both
Delegate
------
Nobody
holtmann
holtmann
holtmann
agk
mchehab
mchehab
gregkh
gregkh
mtosatti
lethal
lethal
avi
cvaroqui
jbrassow
mikulas
dtor
bmarzins
tmlind
jmberg
jmberg
mcgrof
mcgrof
mcgrof
lenb
lenb
kyle
felipebalbi
varenet
helge
helge
khilman
khilman
khilman
khilman
jwoithe
mlin
Zhang Rui
Zhang Rui
iksaif
cjackiewicz
hmh
jbarnes
jbarnes
jbarnes
willy
snitzer
iwamatsu
dougsland
mjg59
rafael
rafael
rafael
ericvh@gmail.com
ykzhao
venkip
sandeen
pwsan
lucho@ionkov.net
rminnich
anholt
aystarik
roland
shefty
mason
glikely
krh
djbw
djbw
djbw
cmarinas
doyu
jrn
sage
tomba
mmarek
cjb
trondmy
jikos
bcousson
jic23
olof
olof
olof
nsekhar
weiny2
horms
horms
bwidawsk
bwidawsk
shemminger
eulfhan
josef
josef
josef
dianders
jpan9
hal
kdave
bleung
evalenti
jlbec
wsa
bhelgaas
vkoul
vkoul
szlin
davejiang
markgross
tagr
tiwai
vireshk
mmind
dledford
geert
geert
herbert
herbert
kvalo
kvalo
kvalo
bentiss
arend
rzwisler
stellarhopper
stellarhopper
jejb
matthias_bgg
dvhart
axboe
axboe
pcmoore
pcmoore
pcmoore
mkp
mkp
stefan_schmidt
leon
lucvoo
jsakkine
jsakkine
jsakkine
bamse
bamse
demarchi
krzk
groeck
groeck
sboyd
sboyd
mturquette
mturquette
0andriy
carlocaione
luca
dgc
kbingham
derosier
narmstrong
narmstrong
atull
tytso
tytso
djwong
bvanassche
omos
jpirko
jpirko
GustavoARSilva
pkshih
patersonc
brauner
shuahkh
shuahkh
shuahkh
palmer
palmer
jgg
Kishon
idosch
labbott
jsimmons
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
broonie
broonie
broonie
mricon
mricon
mricon
kees
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
arnd
linusw
perfinion
bbrezillon
bachradsusi
rostedt
rostedt
kholk
nbd
ebiggers
ebiggers
pavelm
sds
m0reeze
ganis
jwcart2
matttbe
andmur01
lorpie01
chanwoochoi
dlezcano
jhedberg
vudentz
robertfoss
bgix
tedd_an
tsbogend
wens
wcrobert
robher
kstewart
kwilczynski
hansg
bpf
netdev
dsa
ethtool
netdrv
martineau
abelloni
trix
pabeni
mani_sadhasivam
mlimonci
liusong6
mjp
tohojo
pmalani
prestwoj
prestwoj
dhowells
tzungbi
conchuod
paulmck
jes
mtkaczyk
colyli
cem
pateldipen1984
iweiny
iweiny
bjorn
mhiramat
JanKiszka
jaegeuk
mraynal
aring
konradybcio
ij
Hailan
jstitt007
denkenz
denkenz
mkorenbl
jjohnson
frank_li
geliang
mdraidci
mdraidci
peluse
joelgranados
Apply
«
1
2
...
17
18
19
…
49
50
»
Patch
Series
A/R/T
S/W/F
Date
Submitter
Delegate
State
[v3,04/10] evm: Use the metadata inode to calculate metadata hash
evm: Support signatures on stacked filesystem
1 - -
-
-
-
2024-02-23
Stefan Berger
pcmoore
Handled Elsewhere
[v3,03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr
evm: Support signatures on stacked filesystem
- - -
-
-
-
2024-02-23
Stefan Berger
pcmoore
Handled Elsewhere
[v3,02/10] security: allow finer granularity in permitting copy-up of security xattrs
evm: Support signatures on stacked filesystem
1 - -
-
-
-
2024-02-23
Stefan Berger
pcmoore
Handled Elsewhere
[v3,01/10] ima: Rename backing_inode to real_inode
evm: Support signatures on stacked filesystem
1 - -
-
-
-
2024-02-23
Stefan Berger
pcmoore
Handled Elsewhere
[RFC,5/5] apparmor: parse profiles in sandbox mode
PoC: convert AppArmor parser to SandBox Mode
- - -
-
-
-
2024-02-22
Petr Tesarik
RFC
[RFC,4/5] sbm: fix up calls to dynamic memory allocators
PoC: convert AppArmor parser to SandBox Mode
- - -
-
-
-
2024-02-22
Petr Tesarik
RFC
[RFC,3/5] sbm: x86: infrastructure to fix up sandbox faults
PoC: convert AppArmor parser to SandBox Mode
- - -
-
-
-
2024-02-22
Petr Tesarik
RFC
[RFC,2/5] sbm: enhance buffer mapping API
PoC: convert AppArmor parser to SandBox Mode
- - -
-
-
-
2024-02-22
Petr Tesarik
RFC
[RFC,1/5] sbm: x86: fix SBM error entry path
PoC: convert AppArmor parser to SandBox Mode
- - -
-
-
-
2024-02-22
Petr Tesarik
RFC
[v2,25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr()
fs: use type-safe uid representation for filesystem capabilities
- - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,24/25] commoncap: use vfs fscaps interfaces
fs: use type-safe uid representation for filesystem capabilities
- - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,23/25] commoncap: remove cap_inode_getsecurity()
fs: use type-safe uid representation for filesystem capabilities
1 - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,22/25] fs: use vfs interfaces for capabilities xattrs
fs: use type-safe uid representation for filesystem capabilities
- - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,21/25] ovl: use vfs_{get,set}_fscaps() for copy-up
fs: use type-safe uid representation for filesystem capabilities
- 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,20/25] ovl: add fscaps handlers
fs: use type-safe uid representation for filesystem capabilities
- - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,19/25] fs: add vfs_remove_fscaps()
fs: use type-safe uid representation for filesystem capabilities
- - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,18/25] fs: add vfs_set_fscaps()
fs: use type-safe uid representation for filesystem capabilities
- - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,17/25] fs: add vfs_get_fscaps()
fs: use type-safe uid representation for filesystem capabilities
- 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,16/25] fs: add inode operations to get/set/remove fscaps
fs: use type-safe uid representation for filesystem capabilities
- 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,15/25] security: call evm fscaps hooks from generic security hooks
fs: use type-safe uid representation for filesystem capabilities
- - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,14/25] evm: add support for fscaps security hooks
fs: use type-safe uid representation for filesystem capabilities
- - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,13/25] smack: add hooks for fscaps operations
fs: use type-safe uid representation for filesystem capabilities
- - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,12/25] selinux: add hooks for fscaps operations
fs: use type-safe uid representation for filesystem capabilities
- - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,11/25] security: add hooks for set/get/remove of fscaps
fs: use type-safe uid representation for filesystem capabilities
1 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,10/25] xattr: use is_fscaps_xattr()
fs: use type-safe uid representation for filesystem capabilities
- 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,09/25] commoncap: use is_fscaps_xattr()
fs: use type-safe uid representation for filesystem capabilities
- 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,08/25] xattr: add is_fscaps_xattr() helper
fs: use type-safe uid representation for filesystem capabilities
- 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,07/25] capability: provide a helper for converting vfs_caps to xattr for userspace
fs: use type-safe uid representation for filesystem capabilities
- 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,06/25] capability: provide helpers for converting between xattrs and vfs_caps
fs: use type-safe uid representation for filesystem capabilities
- - -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,05/25] capability: use vfsuid_t for vfs_caps rootids
fs: use type-safe uid representation for filesystem capabilities
1 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,04/25] capability: rename cpu_vfs_cap_data to vfs_caps
fs: use type-safe uid representation for filesystem capabilities
1 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data
fs: use type-safe uid representation for filesystem capabilities
- 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,02/25] mnt_idmapping: include cred.h
fs: use type-safe uid representation for filesystem capabilities
- 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
[v2,01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h
fs: use type-safe uid representation for filesystem capabilities
- 1 -
-
-
-
2024-02-21
Seth Forshee (DigitalOcean)
pcmoore
Changes Requested
proc: allow restricting /proc/pid/mem writes
proc: allow restricting /proc/pid/mem writes
- - -
-
-
-
2024-02-21
Adrian Ratiu
Superseded
[net-next,v3,11/11] selftests: ip_local_port_range: use XFAIL instead of SKIP
selftests: kselftest_harness: support using xfail
- 1 1
-
-
-
2024-02-20
Jakub Kicinski
Handled Elsewhere
[net-next,v3,10/11] selftests: kselftest_harness: support using xfail
selftests: kselftest_harness: support using xfail
- 1 -
-
-
-
2024-02-20
Jakub Kicinski
Handled Elsewhere
[net-next,v3,09/11] selftests: kselftest_harness: let PASS / FAIL provide diagnostic
selftests: kselftest_harness: support using xfail
- 1 -
-
-
-
2024-02-20
Jakub Kicinski
Handled Elsewhere
[net-next,v3,08/11] selftests: kselftest_harness: separate diagnostic message with # in ksft_test_r…
selftests: kselftest_harness: support using xfail
- 1 -
-
-
-
2024-02-20
Jakub Kicinski
Handled Elsewhere
[net-next,v3,07/11] selftests: kselftest_harness: print test name for SKIP
selftests: kselftest_harness: support using xfail
- 1 -
-
-
-
2024-02-20
Jakub Kicinski
Handled Elsewhere
[net-next,v3,06/11] selftests: kselftest: add ksft_test_result_code(), handling all exit codes
selftests: kselftest_harness: support using xfail
- 1 -
-
-
-
2024-02-20
Jakub Kicinski
Handled Elsewhere
[net-next,v3,05/11] selftests: kselftest_harness: use exit code to store skip
selftests: kselftest_harness: support using xfail
- 1 -
-
-
-
2024-02-20
Jakub Kicinski
Handled Elsewhere
[net-next,v3,04/11] selftests: kselftest_harness: save full exit code in metadata
selftests: kselftest_harness: support using xfail
- - -
-
-
-
2024-02-20
Jakub Kicinski
Handled Elsewhere
[net-next,v3,03/11] selftests: kselftest_harness: generate test name once
selftests: kselftest_harness: support using xfail
1 - -
-
-
-
2024-02-20
Jakub Kicinski
Handled Elsewhere
[net-next,v3,02/11] selftests: kselftest_harness: use KSFT_* exit codes
selftests: kselftest_harness: support using xfail
1 - 1
-
-
-
2024-02-20
Jakub Kicinski
Handled Elsewhere
[net-next,v3,01/11] selftests: kselftest_harness: pass step via shared memory
selftests: kselftest_harness: support using xfail
1 - 1
-
-
-
2024-02-20
Jakub Kicinski
Handled Elsewhere
landlock: Warn once if a Landlock action is requested while disabled
landlock: Warn once if a Landlock action is requested while disabled
- 2 -
-
-
-
2024-02-19
Mickaël Salaün
Handled Elsewhere
landlock: Fix asymmetric private inodes referring
landlock: Fix asymmetric private inodes referring
- - -
-
-
-
2024-02-19
Mickaël Salaün
Handled Elsewhere
[RFC] fs: Add vfs_masks_device_ioctl*() helpers
[RFC] fs: Add vfs_masks_device_ioctl*() helpers
- - -
-
-
-
2024-02-19
Mickaël Salaün
Handled Elsewhere
LSM: Fix typos in security/security.c comment headers
LSM: Fix typos in security/security.c comment headers
- - -
-
-
-
2024-02-17
Pairman Guo
pcmoore
Accepted
[GIT,PULL] lsm/lsm-pr-20240215
[GIT,PULL] lsm/lsm-pr-20240215
- - -
-
-
-
2024-02-15
Paul Moore
pcmoore
Accepted
[v10,25/25] integrity: Remove LSM
security: Move IMA and EVM to the LSM infrastructure
2 3 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,24/25] ima: Make it independent from 'integrity' LSM
security: Move IMA and EVM to the LSM infrastructure
1 3 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,23/25] evm: Make it independent from 'integrity' LSM
security: Move IMA and EVM to the LSM infrastructure
2 3 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,22/25] evm: Move to LSM infrastructure
security: Move IMA and EVM to the LSM infrastructure
3 3 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,21/25] ima: Move IMA-Appraisal to LSM infrastructure
security: Move IMA and EVM to the LSM infrastructure
3 3 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,20/25] ima: Move to LSM infrastructure
security: Move IMA and EVM to the LSM infrastructure
5 2 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,19/25] integrity: Move integrity_kernel_module_request() to IMA
security: Move IMA and EVM to the LSM infrastructure
2 2 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,18/25] security: Introduce key_post_create_or_update hook
security: Move IMA and EVM to the LSM infrastructure
2 2 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,17/25] security: Introduce inode_post_remove_acl hook
security: Move IMA and EVM to the LSM infrastructure
3 2 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,16/25] security: Introduce inode_post_set_acl hook
security: Move IMA and EVM to the LSM infrastructure
3 2 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,15/25] security: Introduce inode_post_create_tmpfile hook
security: Move IMA and EVM to the LSM infrastructure
3 2 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,14/25] security: Introduce path_post_mknod hook
security: Move IMA and EVM to the LSM infrastructure
3 2 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,13/25] security: Introduce file_release hook
security: Move IMA and EVM to the LSM infrastructure
2 2 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,12/25] security: Introduce file_post_open hook
security: Move IMA and EVM to the LSM infrastructure
3 2 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,11/25] security: Introduce inode_post_removexattr hook
security: Move IMA and EVM to the LSM infrastructure
2 3 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,10/25] security: Introduce inode_post_setattr hook
security: Move IMA and EVM to the LSM infrastructure
3 2 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,09/25] security: Align inode_setattr hook definition with EVM
security: Move IMA and EVM to the LSM infrastructure
2 2 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure
security: Move IMA and EVM to the LSM infrastructure
2 3 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure
security: Move IMA and EVM to the LSM infrastructure
2 3 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure
security: Move IMA and EVM to the LSM infrastructure
1 4 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,05/25] ima: Align ima_post_read_file() definition with LSM infrastructure
security: Move IMA and EVM to the LSM infrastructure
1 4 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,04/25] ima: Align ima_inode_removexattr() definition with LSM infrastructure
security: Move IMA and EVM to the LSM infrastructure
2 3 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,03/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure
security: Move IMA and EVM to the LSM infrastructure
2 3 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,02/25] ima: Align ima_file_mprotect() definition with LSM infrastructure
security: Move IMA and EVM to the LSM infrastructure
2 3 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
[v10,01/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure
security: Move IMA and EVM to the LSM infrastructure
1 4 -
-
-
-
2024-02-15
Roberto Sassu
pcmoore
Accepted
security: fix integer overflow in lsm_set_self_attr() syscall
security: fix integer overflow in lsm_set_self_attr() syscall
1 1 -
-
-
-
2024-02-14
Jann Horn
pcmoore
Accepted
[RFC,8/8] ima: Detect if digest cache changed since last measurement/appraisal
ima: Integrate with digest_cache LSM
- - -
-
-
-
2024-02-14
Roberto Sassu
Handled Elsewhere
[RFC,7/8] ima: Use digest cache for appraisal
ima: Integrate with digest_cache LSM
- - -
-
-
-
2024-02-14
Roberto Sassu
Handled Elsewhere
[RFC,6/8] ima: Use digest cache for measurement
ima: Integrate with digest_cache LSM
- - -
-
-
-
2024-02-14
Roberto Sassu
Handled Elsewhere
[RFC,5/8] ima: Record IMA verification result of digest lists in digest cache
ima: Integrate with digest_cache LSM
- - -
-
-
-
2024-02-14
Roberto Sassu
Handled Elsewhere
[RFC,4/8] ima: Add digest_cache_measure and digest_cache_appraise boot-time policies
ima: Integrate with digest_cache LSM
- - -
-
-
-
2024-02-14
Roberto Sassu
Handled Elsewhere
[RFC,3/8] ima: Add digest_cache policy keyword
ima: Integrate with digest_cache LSM
- - -
-
-
-
2024-02-14
Roberto Sassu
Handled Elsewhere
[RFC,2/8] ima: Nest iint mutex for DIGEST_LIST_CHECK hook
ima: Integrate with digest_cache LSM
- - -
-
-
-
2024-02-14
Roberto Sassu
Handled Elsewhere
[RFC,1/8] ima: Introduce hook DIGEST_LIST_CHECK
ima: Integrate with digest_cache LSM
- - -
-
-
-
2024-02-14
Roberto Sassu
Handled Elsewhere
[GIT,PULL] Landlock fixes for v6.8-rc5
[GIT,PULL] Landlock fixes for v6.8-rc5
- - -
-
-
-
2024-02-14
Mickaël Salaün
Handled Elsewhere
[v9,8/8] landlock: Document IOCTL support
Landlock: IOCTL support
- - -
-
-
-
2024-02-09
Günther Noack
Handled Elsewhere
[v9,7/8] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL
Landlock: IOCTL support
- - -
-
-
-
2024-02-09
Günther Noack
Handled Elsewhere
[v9,6/8] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets
Landlock: IOCTL support
- - -
-
-
-
2024-02-09
Günther Noack
Handled Elsewhere
[v9,5/8] selftests/landlock: Test IOCTLs on named pipes
Landlock: IOCTL support
- - -
-
-
-
2024-02-09
Günther Noack
Handled Elsewhere
[v9,4/8] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH)
Landlock: IOCTL support
- - -
-
-
-
2024-02-09
Günther Noack
Handled Elsewhere
[v9,3/8] selftests/landlock: Test IOCTL with memfds
Landlock: IOCTL support
- - -
-
-
-
2024-02-09
Günther Noack
Handled Elsewhere
[v9,2/8] selftests/landlock: Test IOCTL support
Landlock: IOCTL support
- - -
-
-
-
2024-02-09
Günther Noack
Handled Elsewhere
[v9,1/8] landlock: Add IOCTL access right
Landlock: IOCTL support
- - -
-
-
-
2024-02-09
Günther Noack
Handled Elsewhere
[v3,13/13] docs: Add documentation of the digest_cache LSM
security: digest_cache LSM
- - -
-
-
-
2024-02-09
Roberto Sassu
pcmoore
Superseded
[v3,12/13] selftests/digest_cache: Add selftests for digest_cache LSM
security: digest_cache LSM
- - -
-
-
-
2024-02-09
Roberto Sassu
pcmoore
Superseded
[v3,11/13] digest_cache: Reset digest cache on file/directory change
security: digest_cache LSM
- - -
-
-
-
2024-02-09
Roberto Sassu
pcmoore
Superseded
[v3,10/13] digest cache: Prefetch digest lists if requested
security: digest_cache LSM
- - -
-
-
-
2024-02-09
Roberto Sassu
pcmoore
Superseded
[v3,09/13] digest_cache: Add support for directories
security: digest_cache LSM
- - -
-
-
-
2024-02-09
Roberto Sassu
pcmoore
Superseded
[v3,08/13] digest_cache: Add management of verification data
security: digest_cache LSM
- - -
-
-
-
2024-02-09
Roberto Sassu
pcmoore
Superseded
«
1
2
...
17
18
19
…
49
50
»