Show patches with: Archived = No       |   5476 patches
« 1 2 3 454 55 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v5,14/24] landlock: Log TCP bind and connect denials Landlock audit support - - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,13/24] landlock: Log truncate and IOCTL denials Landlock audit support - - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,12/24] landlock: Log file-related denials Landlock audit support - - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,11/24] landlock: Log mount-related denials Landlock audit support - - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,10/24] landlock: Add AUDIT_LANDLOCK_DOMAIN and log domain status Landlock audit support 1 - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,09/24] landlock: Add AUDIT_LANDLOCK_ACCESS and log ptrace denials Landlock audit support 1 - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,08/24] landlock: Identify domain execution crossing Landlock audit support - - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,07/24] landlock: Prepare to use credential instead of domain for fowner Landlock audit support - - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,06/24] landlock: Prepare to use credential instead of domain for scope Landlock audit support - - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,05/24] landlock: Prepare to use credential instead of domain for network Landlock audit support - - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,04/24] landlock: Prepare to use credential instead of domain for filesystem Landlock audit support - - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,03/24] landlock: Move domain hierarchy management Landlock audit support - - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,02/24] landlock: Add unique ID generator Landlock audit support - - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
[v5,01/24] lsm: Add audit_log_lsm_data() helper Landlock audit support 1 - - --- 2025-01-31 Mickaël Salaün Handled Elsewhere
tomoyo: use better patterns for procfs in learning mode tomoyo: use better patterns for procfs in learning mode - - - --- 2025-01-31 Tetsuo Handa Handled Elsewhere
[v12,bpf-next,5/5] selftests/bpf: Test kfuncs that set and remove xattr from BPF programs Enable writing xattr from BPF programs - - - --- 2025-01-30 Song Liu Handled Elsewhere
[v12,bpf-next,4/5] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs Enable writing xattr from BPF programs 1 1 - --- 2025-01-30 Song Liu Handled Elsewhere
[v12,bpf-next,3/5] bpf: lsm: Add two more sleepable hooks Enable writing xattr from BPF programs - 1 - --- 2025-01-30 Song Liu Handled Elsewhere
[v12,bpf-next,2/5] selftests/bpf: Extend test fs_kfuncs to cover security.bpf. xattr names Enable writing xattr from BPF programs - - - --- 2025-01-30 Song Liu Handled Elsewhere
[v12,bpf-next,1/5] fs/xattr: bpf: Introduce security.bpf. xattr name prefix Enable writing xattr from BPF programs 1 2 - --- 2025-01-30 Song Liu Handled Elsewhere
[v11,bpf-next,7/7] selftests/bpf: Test kfuncs that set and remove xattr from BPF programs Enable writing xattr from BPF programs - - - --- 2025-01-29 Song Liu Handled Elsewhere
[v11,bpf-next,6/7] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs Enable writing xattr from BPF programs 1 - - --- 2025-01-29 Song Liu Handled Elsewhere
[v11,bpf-next,5/7] bpf: Use btf_kfunc_id_set.remap logic for bpf_dynptr_from_skb Enable writing xattr from BPF programs - - - --- 2025-01-29 Song Liu Handled Elsewhere
[v11,bpf-next,4/7] bpf: Extend btf_kfunc_id_set to handle kfunc polymorphism Enable writing xattr from BPF programs - - - --- 2025-01-29 Song Liu Handled Elsewhere
[v11,bpf-next,3/7] bpf: lsm: Add two more sleepable hooks Enable writing xattr from BPF programs - - - --- 2025-01-29 Song Liu Handled Elsewhere
[v11,bpf-next,2/7] selftests/bpf: Extend test fs_kfuncs to cover security.bpf. xattr names Enable writing xattr from BPF programs - - - --- 2025-01-29 Song Liu Handled Elsewhere
[v11,bpf-next,1/7] fs/xattr: bpf: Introduce security.bpf. xattr name prefix Enable writing xattr from BPF programs 1 2 - --- 2025-01-29 Song Liu Handled Elsewhere
[RFC,v2,2/2] ipe: add 'anonymous_memory' property for policy decisions ipe support for anonymous memory and memfd - - - --- 2025-01-29 Fan Wu Handled Elsewhere
[RFC,v2,1/2] memfd,lsm: add a security hook to memfd_create() ipe support for anonymous memory and memfd - - - --- 2025-01-29 Fan Wu Handled Elsewhere
[v5,3/3] vfs: add notifications for mount attach and detach mount notification - 1 - --- 2025-01-29 Miklos Szeredi Handled Elsewhere
[v5,2/3] fanotify: notify on mount attach and detach mount notification - 1 - --- 2025-01-29 Miklos Szeredi Handled Elsewhere
[v5,1/3] fsnotify: add mount notification infrastructure mount notification - 1 - --- 2025-01-29 Miklos Szeredi Handled Elsewhere
[V3] audit: Initialize lsmctx to avoid memory allocation error [V3] audit: Initialize lsmctx to avoid memory allocation error - - - --- 2025-01-29 Huacai Chen pcmoore Handled Elsewhere
apparmor: use the condition in AA_BUG_FMT even with debug disabled apparmor: use the condition in AA_BUG_FMT even with debug disabled 1 - - --- 2025-01-27 Mateusz Guzik Handled Elsewhere
[v3,2/2] lsm,io_uring: add LSM hooks for io_uring_setup() [v3,1/2] io_uring: refactor io_uring_allowed() - - - --- 2025-01-27 Hamza Mahfooz pcmoore Accepted
[v3,1/2] io_uring: refactor io_uring_allowed() [v3,1/2] io_uring: refactor io_uring_allowed() - - - --- 2025-01-27 Hamza Mahfooz pcmoore Accepted
smack: ipv4/ipv6: tcp/dccp/sctp: fix incorrect child socket label smack: ipv4/ipv6: tcp/dccp/sctp: fix incorrect child socket label - - - --- 2025-01-26 Konstantin Andreev Handled Elsewhere
[V2] audit: Initialize lsmctx to avoid memory allocation error [V2] audit: Initialize lsmctx to avoid memory allocation error - - - --- 2025-01-25 Huacai Chen pcmoore Changes Requested
[7/7] ima: measure kexec load and exec events as critical data ima: kexec: measure events between kexec load and excute - 1 - --- 2025-01-24 steven chen Handled Elsewhere
[v6,6/7] ima: make the kexec extra memory configurable ima: kexec: measure events between kexec load and excute - 1 - --- 2025-01-24 steven chen Handled Elsewhere
[v6,5/7] ima: kexec: move IMA log copy from kexec load to execute ima: kexec: measure events between kexec load and excute - 1 - --- 2025-01-24 steven chen Handled Elsewhere
[v6,4/7] ima: kexec: define functions to copy IMA log at soft boot ima: kexec: measure events between kexec load and excute - 2 - --- 2025-01-24 steven chen Handled Elsewhere
[v6,3/7] ima: kexec: skip IMA segment validation after kexec soft reboot ima: kexec: measure events between kexec load and excute - 1 - --- 2025-01-24 steven chen Handled Elsewhere
[v6,2/7] kexec: define functions to map and unmap segments ima: kexec: measure events between kexec load and excute - 2 - --- 2025-01-24 steven chen Handled Elsewhere
[v6,1/7] ima: define and call ima_alloc_kexec_file_buf ima: kexec: measure events between kexec load and excute - 1 - --- 2025-01-24 steven chen Handled Elsewhere
[7/7] ima: measure kexec load and exec events as critical data *** SUBJECT HERE *** - 1 - --- 2025-01-24 steven chen Superseded
[v6,6/7] ima: make the kexec extra memory configurable *** SUBJECT HERE *** - - - --- 2025-01-24 steven chen Superseded
[v6,5/7] ima: kexec: move IMA log copy from kexec load to execute *** SUBJECT HERE *** - 1 - --- 2025-01-24 steven chen Superseded
[v6,4/7] ima: kexec: define functions to copy IMA log at soft boot *** SUBJECT HERE *** - 2 - --- 2025-01-24 steven chen Superseded
[v6,3/7] ima: kexec: skip IMA segment validation after kexec soft reboot *** SUBJECT HERE *** - - - --- 2025-01-24 steven chen Superseded
[v6,2/7] kexec: define functions to map and unmap segments *** SUBJECT HERE *** - 2 - --- 2025-01-24 steven chen Superseded
[v6,1/7] ima: define and call ima_alloc_kexec_file_buf *** SUBJECT HERE *** - 1 - --- 2025-01-24 steven chen Superseded
[v10,bpf-next,7/7] selftests/bpf: Test kfuncs that set and remove xattr from BPF programs Enable writing xattr from BPF programs - - - --- 2025-01-24 Song Liu Handled Elsewhere
[v10,bpf-next,6/7] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs Enable writing xattr from BPF programs 1 - - --- 2025-01-24 Song Liu Handled Elsewhere
[v10,bpf-next,5/7] bpf: Use btf_kfunc_id_set.remap logic for bpf_dynptr_from_skb Enable writing xattr from BPF programs - - - --- 2025-01-24 Song Liu Handled Elsewhere
[v10,bpf-next,4/7] bpf: Extend btf_kfunc_id_set to handle kfunc polymorphism Enable writing xattr from BPF programs - - - --- 2025-01-24 Song Liu Handled Elsewhere
[v10,bpf-next,3/7] bpf: lsm: Add two more sleepable hooks Enable writing xattr from BPF programs - - - --- 2025-01-24 Song Liu Handled Elsewhere
[v10,bpf-next,2/7] selftests/bpf: Extend test fs_kfuncs to cover security.bpf. xattr names Enable writing xattr from BPF programs - - - --- 2025-01-24 Song Liu Handled Elsewhere
[v10,bpf-next,1/7] fs/xattr: bpf: Introduce security.bpf. xattr name prefix Enable writing xattr from BPF programs 1 1 - --- 2025-01-24 Song Liu Handled Elsewhere
[man,3/3] landlock.7: Update wording in line with kernel side proposal [1/2] landlock: Minor typo and grammar fixes in IPC scoping documentation - - - --- 2025-01-24 Günther Noack Handled Elsewhere
[man,2/3] landlock.7: Move over documentation for ABI version 6 Untitled series #928192 - - - --- 2025-01-24 Günther Noack Handled Elsewhere
[man,1/3] landlock.7: Update description of Landlock rules [man,1/3] landlock.7: Update description of Landlock rules - - - --- 2025-01-24 Günther Noack Handled Elsewhere
[2/2] landlock: Clarify IPC scoping documentation [1/2] landlock: Minor typo and grammar fixes in IPC scoping documentation - - - --- 2025-01-24 Günther Noack Handled Elsewhere
[1/2] landlock: Minor typo and grammar fixes in IPC scoping documentation [1/2] landlock: Minor typo and grammar fixes in IPC scoping documentation - - - --- 2025-01-24 Günther Noack Handled Elsewhere
apparmor: Make sysctl table const apparmor: Make sysctl table const - - - --- 2025-01-23 Ricardo B. Marlière Handled Elsewhere
security: keys: Make sysctl table const security: keys: Make sysctl table const - 2 - --- 2025-01-23 Ricardo B. Marlière pcmoore Under Review
tomoyo: fix spelling error tomoyo: fix spelling error - 1 - --- 2025-01-23 Tanya Agarwal Handled Elsewhere
security: smack: fix typos and spelling errors security: smack: fix typos and spelling errors - 1 - --- 2025-01-23 Tanya Agarwal Handled Elsewhere
landlock: fix grammar and spelling error landlock: fix grammar and spelling error - 2 - --- 2025-01-23 Tanya Agarwal Handled Elsewhere
[v4,4/4] vfs: add notifications for mount attribute change mount notification - - - --- 2025-01-23 Miklos Szeredi pcmoore Handled Elsewhere
[v4,3/4] vfs: add notifications for mount attach and detach mount notification - - - --- 2025-01-23 Miklos Szeredi pcmoore Handled Elsewhere
[v4,2/4] fanotify: notify on mount attach and detach mount notification - - - --- 2025-01-23 Miklos Szeredi pcmoore Handled Elsewhere
[v4,1/4] fsnotify: add mount notification infrastructure mount notification - - - --- 2025-01-23 Miklos Szeredi pcmoore Handled Elsewhere
integrity: fix typos and spelling errors integrity: fix typos and spelling errors - 1 - --- 2025-01-23 Tanya Agarwal Handled Elsewhere
[2/2] LoadPin: Make sysctl table const security: Constify sysctl tables - 1 - --- 2025-01-23 Ricardo B. Marlière Handled Elsewhere
[1/2] yama: Make sysctl table const security: Constify sysctl tables - 1 - --- 2025-01-23 Ricardo B. Marlière Handled Elsewhere
apparmor: fix typos and spelling errors apparmor: fix typos and spelling errors 1 2 - --- 2025-01-23 Tanya Agarwal Handled Elsewhere
[v3,6/6] ima: Reset IMA_NONACTION_RULE_FLAGS after post_setattr ima: Remove unnecessary inode locks - 1 - --- 2025-01-22 Roberto Sassu Handled Elsewhere
[v3,5/6] ima: Defer fixing security.ima to __fput() ima: Remove unnecessary inode locks - - - --- 2025-01-22 Roberto Sassu Handled Elsewhere
[v3,4/6] ima: Mark concurrent accesses to the iint pointer in the inode security blob ima: Remove unnecessary inode locks - 2 - --- 2025-01-22 Roberto Sassu Handled Elsewhere
[v3,3/6] ima: Detect if lock is held when iint pointer is set in inode security blob ima: Remove unnecessary inode locks - 1 - --- 2025-01-22 Roberto Sassu Handled Elsewhere
[v3,2/6] ima: Remove inode lock ima: Remove unnecessary inode locks - 2 - --- 2025-01-22 Roberto Sassu Handled Elsewhere
[v3,1/6] fs: ima: Remove S_IMA and IS_IMA() ima: Remove unnecessary inode locks 1 1 - --- 2025-01-22 Roberto Sassu Handled Elsewhere
[GIT,PULL] Landlock updates for v6.14 [GIT,PULL] Landlock updates for v6.14 - - - --- 2025-01-22 Mickaël Salaün Handled Elsewhere
[v2] fs: introduce getfsxattrat and setfsxattrat syscalls [v2] fs: introduce getfsxattrat and setfsxattrat syscalls - - - --- 2025-01-22 Andrey Albershteyn pcmoore Superseded
ipe: Search for the boot policy file in the source tree ipe: Search for the boot policy file in the source tree - - - --- 2025-01-22 Tyler Hicks Handled Elsewhere
apparmor: remove unused variable apparmor: remove unused variable 1 - - --- 2025-01-22 Arnd Bergmann Handled Elsewhere
[GIT,PULL] selinux/selinux-pr-20250121 [GIT,PULL] selinux/selinux-pr-20250121 - - - --- 2025-01-21 Paul Moore Handled Elsewhere
[GIT,PULL] lsm/lsm-pr-20250121 [GIT,PULL] lsm/lsm-pr-20250121 - - - --- 2025-01-21 Paul Moore pcmoore Accepted
[GIT,PULL] Smack patches for 6.14 [GIT,PULL] Smack patches for 6.14 - - - --- 2025-01-21 Casey Schaufler Handled Elsewhere
[security] apparmor: fix logical error in signal range validation [security] apparmor: fix logical error in signal range validation - - - --- 2025-01-21 Dheeraj Reddy Jonnalagadda Handled Elsewhere
[-next,1/2] apparmor: Modify mismatched function name [-next,1/2] apparmor: Modify mismatched function name 1 - - --- 2025-01-21 Jiapeng Chong Handled Elsewhere
[-next,2/2] apparmor: Modify mismatched function name [-next,1/2] apparmor: Modify mismatched function name 1 - - --- 2025-01-21 Jiapeng Chong Handled Elsewhere
[GIT,PULL] capabilities changes for 6.14-rc1 [GIT,PULL] capabilities changes for 6.14-rc1 - - - --- 2025-01-20 Serge E. Hallyn Handled Elsewhere
[v2,6/6] module: Introduce hash-based integrity checking module: Introduce hash-based integrity checking - - - --- 2025-01-20 Thomas Weißschuh Handled Elsewhere
[v2,5/6] lockdown: Make the relationship to MODULE_SIG a dependency module: Introduce hash-based integrity checking - - - --- 2025-01-20 Thomas Weißschuh Handled Elsewhere
[v2,4/6] module: Move lockdown check into generic module loader module: Introduce hash-based integrity checking - - - --- 2025-01-20 Thomas Weißschuh Handled Elsewhere
[v2,3/6] module: Move integrity checks into dedicated function module: Introduce hash-based integrity checking - - - --- 2025-01-20 Thomas Weißschuh Handled Elsewhere
[v2,2/6] module: Make module loading policy usable without MODULE_SIG module: Introduce hash-based integrity checking - - - --- 2025-01-20 Thomas Weißschuh Handled Elsewhere
[v2,1/6] kbuild: add stamp file for vmlinux BTF data module: Introduce hash-based integrity checking - - - --- 2025-01-20 Thomas Weißschuh Handled Elsewhere
« 1 2 3 454 55 »