Security modules development

Show patches with: Archived = No | 4908 patches

« 1 2 ... 4 5 6 … 49 50 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[v4,5/6] sample/landlock: Support sample for signal scoping restriction	landlock: Signal scoping support	- - -	---	2024-09-06	Tahera Fahimi		Handled Elsewhere
[v4,4/6] selftest/landlock: Test file_send_sigiotask by sending out-of-bound message	landlock: Signal scoping support	- - -	---	2024-09-06	Tahera Fahimi		Handled Elsewhere
[v4,3/6] selftest/landlock: Add signal_scoping_threads test	landlock: Signal scoping support	- - -	---	2024-09-06	Tahera Fahimi		Handled Elsewhere
[v4,2/6] selftest/landlock: Signal restriction tests	landlock: Signal scoping support	- - -	---	2024-09-06	Tahera Fahimi		Handled Elsewhere
[v4,1/6] landlock: Add signal scoping control	landlock: Signal scoping support	- - -	---	2024-09-06	Tahera Fahimi		Handled Elsewhere
[RFC,v3,10/10] ima: Use digest caches for appraisal	ima: Integrate with Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[RFC,v3,09/10] ima: Use digest caches for measurement	ima: Integrate with Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[RFC,v3,08/10] ima: Load verified usage from digest cache found from query	ima: Integrate with Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[RFC,v3,07/10] ima: Store verified usage in digest cache based on integrity metadata flags	ima: Integrate with Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[RFC,v3,06/10] ima: Retrieve digest cache and check if changed	ima: Integrate with Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[RFC,v3,05/10] ima: Modify existing boot-time built-in policies with digest cache policies	ima: Integrate with Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[RFC,v3,04/10] ima: Add digest_cache_measure/appraise boot-time built-in policies	ima: Integrate with Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[RFC,v3,03/10] ima: Add digest_cache policy keyword	ima: Integrate with Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[RFC,v3,02/10] ima: Nest iint mutex for DIGEST_LIST_CHECK hook	ima: Integrate with Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[RFC,v3,01/10] ima: Introduce hook DIGEST_LIST_CHECK	ima: Integrate with Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,14/14] docs: Add documentation of the Integrity Digest Cache	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,13/14] selftests/digest_cache: Add selftests for the Integrity Digest Cache	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,12/14] digest_cache: Reset digest cache on file/directory change	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,11/14] digest cache: Prefetch digest lists if requested	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,10/14] digest_cache: Add support for directories	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,09/14] digest_cache: Add management of verification data	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,08/14] digest_cache: Parse rpm digest lists	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,07/14] digest_cache: Parse tlv digest lists	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,06/14] digest_cache: Populate the digest cache from a digest list	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,05/14] digest_cache: Add hash tables and operations	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,04/14] digest_cache: Add securityfs interface	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,03/14] digest_cache: Initialize digest caches	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,02/14] integrity: Introduce the Integrity Digest Cache	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v5,01/14] lib: Add TLV parser	integrity: Introduce the Integrity Digest Cache	- - -	---	2024-09-05	Roberto Sassu		Handled Elsewhere
[v11,8/8] Landlock: Document LANDLOCK_SCOPED_ABSTRACT_UNIX_SOCKET and ABI version	Landlock: Add abstract UNIX socket restriction	- - -	---	2024-09-05	Tahera Fahimi		Handled Elsewhere
[v11,7/8] sample/landlock: Add support abstract UNIX socket restriction	Landlock: Add abstract UNIX socket restriction	- - -	---	2024-09-05	Tahera Fahimi		Handled Elsewhere
[v11,6/8] selftests/landlock: Restrict inherited datagram UNIX socket to connect	Landlock: Add abstract UNIX socket restriction	- - -	---	2024-09-05	Tahera Fahimi		Handled Elsewhere
[v11,5/8] selftests/landlock: Test connected vs non-connected datagram UNIX socket	Landlock: Add abstract UNIX socket restriction	- - -	---	2024-09-05	Tahera Fahimi		Handled Elsewhere
[v11,4/8] selftests/landlock: Add tests for UNIX sockets with any address formats	Landlock: Add abstract UNIX socket restriction	- - -	---	2024-09-05	Tahera Fahimi		Handled Elsewhere
[v11,3/8] selftests/landlock: Add abstract UNIX socket restriction tests	Landlock: Add abstract UNIX socket restriction	- - -	---	2024-09-05	Tahera Fahimi		Handled Elsewhere
[v11,2/8] selftests/landlock: Add test for handling unknown scope	Landlock: Add abstract UNIX socket restriction	- - -	---	2024-09-05	Tahera Fahimi		Handled Elsewhere
[v11,1/8] Landlock: Add abstract UNIX socket restriction	Landlock: Add abstract UNIX socket restriction	- - -	---	2024-09-05	Tahera Fahimi		Handled Elsewhere
[RFC,v3,19/19] landlock: Document socket rule type support	Support socket access-control	- - -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,18/19] samples/landlock: Support socket protocol restrictions	Support socket access-control	- - -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,17/19] samples/landlock: Replace atoi() with strtoull() in populate_ruleset_net()	Support socket access-control	- - -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,16/19] selftests/landlock: Test that accept(2) is not restricted	Support socket access-control	- - -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,15/19] selftests/landlock: Test SCTP peeloff restriction	Support socket access-control	- 1 -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,14/19] selftests/landlock: Test socketpair(2) restriction	Support socket access-control	- - -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,13/19] selftests/landlock: Test packet protocol alias	Support socket access-control	- - -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,12/19] selftests/landlock: Test that kernel space sockets are not restricted	Support socket access-control	- 1 -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,11/19] selftests/landlock: Test unsupported protocol restriction	Support socket access-control	- - -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,10/19] selftests/landlock: Test adding a rule with family and type outside the range	Support socket access-control	- - -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,09/19] selftests/landlock: Test creating a ruleset with unknown access	Support socket access-control	- 1 -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,08/19] selftests/landlock: Test overlapped restriction	Support socket access-control	- 1 -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,07/19] selftests/landlock: Test adding a rule for empty access	Support socket access-control	- 1 -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,06/19] selftests/landlock: Test adding a rule for unhandled access	Support socket access-control	- - -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,05/19] selftests/landlock: Test adding a rule for each unknown access	Support socket access-control	- 1 -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,04/19] selftests/landlock: Test adding a rule with each supported access	Support socket access-control	- 1 -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,03/19] selftests/landlock: Test basic socket restriction	Support socket access-control	- 1 -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,02/19] landlock: Add hook on socket creation	Support socket access-control	- - -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
[RFC,v3,01/19] landlock: Support socket access-control	Support socket access-control	- - -	---	2024-09-04	Mikhail Ivanov		Handled Elsewhere
LSM: allow loadable kernel module based LSM modules	LSM: allow loadable kernel module based LSM modules	- - -	---	2024-09-04	Tetsuo Handa	pcmoore	Rejected
[v2,-next,15/15] sysctl: remove unneeded include	sysctl: move sysctls from vm_table into its own files	- 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,14/15] sh: vdso: move the sysctl into its own file	sysctl: move sysctls from vm_table into its own files	- 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,13/15] x86: vdso: move the sysctl into its own file	sysctl: move sysctls from vm_table into its own files	- 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,12/15] fs: dcache: move the sysctl into its own file	sysctl: move sysctls from vm_table into its own files	- 3 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,11/15] sunrpc: use vfs_pressure_ratio() helper	sysctl: move sysctls from vm_table into its own files	1 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,10/15] fs: drop_caches: move sysctl to its own file	sysctl: move sysctls from vm_table into its own files	- 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,09/15] fs: fs-writeback: move sysctl to its own file	sysctl: move sysctls from vm_table into its own files	- 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,08/15] mm: nommu: move sysctl to its own file	sysctl: move sysctls from vm_table into its own files	- - -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,07/15] security: min_addr: move sysctl into its own file	sysctl: move sysctls from vm_table into its own files	1 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,06/15] mm: mmap: move sysctl into its own file	sysctl: move sysctls from vm_table into its own files	- 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,05/15] mm: util: move sysctls into it own files	sysctl: move sysctls from vm_table into its own files	- 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,04/15] mm: vmscan: move vmscan sysctls to its own file	sysctl: move sysctls from vm_table into its own files	- 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,03/15] mm: swap: move sysctl to its own file	sysctl: move sysctls from vm_table into its own files	- 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,02/15] mm: filemap: move sysctl to its own file	sysctl: move sysctls from vm_table into its own files	- 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[v2,-next,01/15] mm: vmstat: move sysctls to its own files	sysctl: move sysctls from vm_table into its own files	- 1 -	---	2024-09-03	yukaixiong	pcmoore	Handled Elsewhere
[2/2] Revert "mm: introduce PF_MEMALLOC_NORECLAIM, PF_MEMALLOC_NOWARN"	remove PF_MEMALLOC_NORECLAIM	- 4 -	---	2024-09-02	Michal Hocko		Handled Elsewhere
[1/2] bcachefs: do not use PF_MEMALLOC_NORECLAIM	remove PF_MEMALLOC_NORECLAIM	- 3 -	---	2024-09-02	Michal Hocko		Handled Elsewhere
smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipso	smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipso	- - -	---	2024-09-02	Jiawei Ye		Handled Elsewhere
[-next] apparmor: Remove unused parameter L1 in macro next_comb	[-next] apparmor: Remove unused parameter L1 in macro next_comb	1 - -	---	2024-09-02	Jinjie Ruan		Handled Elsewhere
[GIT,PULL] lsm/lsm-pr-20240830	[GIT,PULL] lsm/lsm-pr-20240830	- - -	---	2024-08-30	Paul Moore	pcmoore	Accepted
[v8,17/21] mm/mmap: Use vms accounted pages in mmap_region()	Untitled series #885001	1 3 -	---	2024-08-30	Liam R. Howlett		Handled Elsewhere
[v2,13/13] LSM: Remove lsmblob scaffolding	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,12/13] Netlabel: Use lsmblob for audit data	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,11/13] Audit: Change context data from secid to lsmblob	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,10/13] LSM: Create new security_cred_getlsmblob LSM hook	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,09/13] Audit: use an lsmblob in audit_names	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,08/13] LSM: Use lsmblob in security_inode_getsecid	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,07/13] LSM: Use lsmblob in security_current_getsecid	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,06/13] Audit: Update shutdown LSM data	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,05/13] LSM: Use lsmblob in security_ipc_getsecid	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,04/13] Audit: maintain an lsmblob in audit_context	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,03/13] LSM: Add lsmblob_to_secctx hook	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,02/13] LSM: Use lsmblob in security_audit_rule_match	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[v2,01/13] LSM: Add the lsmblob data structure.	LSM: Move away from secids	- - -	---	2024-08-30	Casey Schaufler	pcmoore	Changes Requested
[1/1] selinux,smack: don't bypass permissions check in inode_setsecctx hook	selinux,smack: don't bypass permissions check in inode_setsecctx hook	1 3 1	---	2024-08-28	Scott Mayhew	pcmoore	Accepted
[-next] apparmor: Use IS_ERR_OR_NULL() helper function	[-next] apparmor: Use IS_ERR_OR_NULL() helper function	1 - -	---	2024-08-28	Hongbo Li	pcmoore	Handled Elsewhere
[-next] lsm: Use IS_ERR_OR_NULL() helper function	[-next] lsm: Use IS_ERR_OR_NULL() helper function	- - -	---	2024-08-28	Hongbo Li	pcmoore	Accepted
[v8,8/8] drm: Replace strcpy() with strscpy()	Improve the copy of task comm	1 1 -	---	2024-08-28	Yafang Shao	pcmoore	Handled Elsewhere
[v8,7/8] net: Replace strcpy() with strscpy()	Improve the copy of task comm	- 1 -	---	2024-08-28	Yafang Shao	pcmoore	Handled Elsewhere
[v8,6/8] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul}	Improve the copy of task comm	- 1 -	---	2024-08-28	Yafang Shao	pcmoore	Handled Elsewhere
[v8,5/8] mm/util: Fix possible race condition in kstrdup()	Improve the copy of task comm	- - -	---	2024-08-28	Yafang Shao	pcmoore	Handled Elsewhere
[v8,4/8] bpftool: Ensure task comm is always NUL-terminated	Improve the copy of task comm	- 1 -	---	2024-08-28	Yafang Shao	pcmoore	Handled Elsewhere
[v8,3/8] security: Replace memcpy() with get_task_comm()	Improve the copy of task comm	1 - -	---	2024-08-28	Yafang Shao	pcmoore	Handled Elsewhere

« 1 2 ... 4 5 6 … 49 50 »