Show patches with: Archived = No       |   4908 patches
« 1 2 ... 4 5 649 50 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v4,5/6] sample/landlock: Support sample for signal scoping restriction landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi Handled Elsewhere
[v4,4/6] selftest/landlock: Test file_send_sigiotask by sending out-of-bound message landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi Handled Elsewhere
[v4,3/6] selftest/landlock: Add signal_scoping_threads test landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi Handled Elsewhere
[v4,2/6] selftest/landlock: Signal restriction tests landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi Handled Elsewhere
[v4,1/6] landlock: Add signal scoping control landlock: Signal scoping support - - - --- 2024-09-06 Tahera Fahimi Handled Elsewhere
[RFC,v3,10/10] ima: Use digest caches for appraisal ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,09/10] ima: Use digest caches for measurement ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,08/10] ima: Load verified usage from digest cache found from query ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,07/10] ima: Store verified usage in digest cache based on integrity metadata flags ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,06/10] ima: Retrieve digest cache and check if changed ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,05/10] ima: Modify existing boot-time built-in policies with digest cache policies ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,04/10] ima: Add digest_cache_measure/appraise boot-time built-in policies ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,03/10] ima: Add digest_cache policy keyword ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,02/10] ima: Nest iint mutex for DIGEST_LIST_CHECK hook ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[RFC,v3,01/10] ima: Introduce hook DIGEST_LIST_CHECK ima: Integrate with Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,14/14] docs: Add documentation of the Integrity Digest Cache integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,13/14] selftests/digest_cache: Add selftests for the Integrity Digest Cache integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,12/14] digest_cache: Reset digest cache on file/directory change integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,11/14] digest cache: Prefetch digest lists if requested integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,10/14] digest_cache: Add support for directories integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,09/14] digest_cache: Add management of verification data integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,08/14] digest_cache: Parse rpm digest lists integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,07/14] digest_cache: Parse tlv digest lists integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,06/14] digest_cache: Populate the digest cache from a digest list integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,05/14] digest_cache: Add hash tables and operations integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,04/14] digest_cache: Add securityfs interface integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,03/14] digest_cache: Initialize digest caches integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,02/14] integrity: Introduce the Integrity Digest Cache integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v5,01/14] lib: Add TLV parser integrity: Introduce the Integrity Digest Cache - - - --- 2024-09-05 Roberto Sassu Handled Elsewhere
[v11,8/8] Landlock: Document LANDLOCK_SCOPED_ABSTRACT_UNIX_SOCKET and ABI version Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,7/8] sample/landlock: Add support abstract UNIX socket restriction Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,6/8] selftests/landlock: Restrict inherited datagram UNIX socket to connect Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,5/8] selftests/landlock: Test connected vs non-connected datagram UNIX socket Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,4/8] selftests/landlock: Add tests for UNIX sockets with any address formats Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,3/8] selftests/landlock: Add abstract UNIX socket restriction tests Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,2/8] selftests/landlock: Add test for handling unknown scope Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[v11,1/8] Landlock: Add abstract UNIX socket restriction Landlock: Add abstract UNIX socket restriction - - - --- 2024-09-05 Tahera Fahimi Handled Elsewhere
[RFC,v3,19/19] landlock: Document socket rule type support Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,18/19] samples/landlock: Support socket protocol restrictions Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,17/19] samples/landlock: Replace atoi() with strtoull() in populate_ruleset_net() Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,16/19] selftests/landlock: Test that accept(2) is not restricted Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,15/19] selftests/landlock: Test SCTP peeloff restriction Support socket access-control - 1 - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,14/19] selftests/landlock: Test socketpair(2) restriction Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,13/19] selftests/landlock: Test packet protocol alias Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,12/19] selftests/landlock: Test that kernel space sockets are not restricted Support socket access-control - 1 - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,11/19] selftests/landlock: Test unsupported protocol restriction Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,10/19] selftests/landlock: Test adding a rule with family and type outside the range Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,09/19] selftests/landlock: Test creating a ruleset with unknown access Support socket access-control - 1 - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,08/19] selftests/landlock: Test overlapped restriction Support socket access-control - 1 - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,07/19] selftests/landlock: Test adding a rule for empty access Support socket access-control - 1 - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,06/19] selftests/landlock: Test adding a rule for unhandled access Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,05/19] selftests/landlock: Test adding a rule for each unknown access Support socket access-control - 1 - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,04/19] selftests/landlock: Test adding a rule with each supported access Support socket access-control - 1 - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,03/19] selftests/landlock: Test basic socket restriction Support socket access-control - 1 - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,02/19] landlock: Add hook on socket creation Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
[RFC,v3,01/19] landlock: Support socket access-control Support socket access-control - - - --- 2024-09-04 Mikhail Ivanov Handled Elsewhere
LSM: allow loadable kernel module based LSM modules LSM: allow loadable kernel module based LSM modules - - - --- 2024-09-04 Tetsuo Handa pcmoore Rejected
[v2,-next,15/15] sysctl: remove unneeded include sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,14/15] sh: vdso: move the sysctl into its own file sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,13/15] x86: vdso: move the sysctl into its own file sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,12/15] fs: dcache: move the sysctl into its own file sysctl: move sysctls from vm_table into its own files - 3 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,11/15] sunrpc: use vfs_pressure_ratio() helper sysctl: move sysctls from vm_table into its own files 1 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,10/15] fs: drop_caches: move sysctl to its own file sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,09/15] fs: fs-writeback: move sysctl to its own file sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,08/15] mm: nommu: move sysctl to its own file sysctl: move sysctls from vm_table into its own files - - - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,07/15] security: min_addr: move sysctl into its own file sysctl: move sysctls from vm_table into its own files 1 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,06/15] mm: mmap: move sysctl into its own file sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,05/15] mm: util: move sysctls into it own files sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,04/15] mm: vmscan: move vmscan sysctls to its own file sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,03/15] mm: swap: move sysctl to its own file sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,02/15] mm: filemap: move sysctl to its own file sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[v2,-next,01/15] mm: vmstat: move sysctls to its own files sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-09-03 yukaixiong pcmoore Handled Elsewhere
[2/2] Revert "mm: introduce PF_MEMALLOC_NORECLAIM, PF_MEMALLOC_NOWARN" remove PF_MEMALLOC_NORECLAIM - 4 - --- 2024-09-02 Michal Hocko Handled Elsewhere
[1/2] bcachefs: do not use PF_MEMALLOC_NORECLAIM remove PF_MEMALLOC_NORECLAIM - 3 - --- 2024-09-02 Michal Hocko Handled Elsewhere
smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipso smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipso - - - --- 2024-09-02 Jiawei Ye Handled Elsewhere
[-next] apparmor: Remove unused parameter L1 in macro next_comb [-next] apparmor: Remove unused parameter L1 in macro next_comb 1 - - --- 2024-09-02 Jinjie Ruan Handled Elsewhere
[GIT,PULL] lsm/lsm-pr-20240830 [GIT,PULL] lsm/lsm-pr-20240830 - - - --- 2024-08-30 Paul Moore pcmoore Accepted
[v8,17/21] mm/mmap: Use vms accounted pages in mmap_region() Untitled series #885001 1 3 - --- 2024-08-30 Liam R. Howlett Handled Elsewhere
[v2,13/13] LSM: Remove lsmblob scaffolding LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,12/13] Netlabel: Use lsmblob for audit data LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,11/13] Audit: Change context data from secid to lsmblob LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,10/13] LSM: Create new security_cred_getlsmblob LSM hook LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,09/13] Audit: use an lsmblob in audit_names LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,08/13] LSM: Use lsmblob in security_inode_getsecid LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,07/13] LSM: Use lsmblob in security_current_getsecid LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,06/13] Audit: Update shutdown LSM data LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,05/13] LSM: Use lsmblob in security_ipc_getsecid LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,04/13] Audit: maintain an lsmblob in audit_context LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,03/13] LSM: Add lsmblob_to_secctx hook LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,02/13] LSM: Use lsmblob in security_audit_rule_match LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[v2,01/13] LSM: Add the lsmblob data structure. LSM: Move away from secids - - - --- 2024-08-30 Casey Schaufler pcmoore Changes Requested
[1/1] selinux,smack: don't bypass permissions check in inode_setsecctx hook selinux,smack: don't bypass permissions check in inode_setsecctx hook 1 3 1 --- 2024-08-28 Scott Mayhew pcmoore Accepted
[-next] apparmor: Use IS_ERR_OR_NULL() helper function [-next] apparmor: Use IS_ERR_OR_NULL() helper function 1 - - --- 2024-08-28 Hongbo Li pcmoore Handled Elsewhere
[-next] lsm: Use IS_ERR_OR_NULL() helper function [-next] lsm: Use IS_ERR_OR_NULL() helper function - - - --- 2024-08-28 Hongbo Li pcmoore Accepted
[v8,8/8] drm: Replace strcpy() with strscpy() Improve the copy of task comm 1 1 - --- 2024-08-28 Yafang Shao pcmoore Handled Elsewhere
[v8,7/8] net: Replace strcpy() with strscpy() Improve the copy of task comm - 1 - --- 2024-08-28 Yafang Shao pcmoore Handled Elsewhere
[v8,6/8] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul} Improve the copy of task comm - 1 - --- 2024-08-28 Yafang Shao pcmoore Handled Elsewhere
[v8,5/8] mm/util: Fix possible race condition in kstrdup() Improve the copy of task comm - - - --- 2024-08-28 Yafang Shao pcmoore Handled Elsewhere
[v8,4/8] bpftool: Ensure task comm is always NUL-terminated Improve the copy of task comm - 1 - --- 2024-08-28 Yafang Shao pcmoore Handled Elsewhere
[v8,3/8] security: Replace memcpy() with get_task_comm() Improve the copy of task comm 1 - - --- 2024-08-28 Yafang Shao pcmoore Handled Elsewhere
« 1 2 ... 4 5 649 50 »