Show patches with: Archived = No       |   4760 patches
« 1 2 3 447 48 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[next] scripts: ipe: polgen: remove redundant close and error exit path [next] scripts: ipe: polgen: remove redundant close and error exit path 1 - - --- 2024-10-31 Colin Ian King Handled Elsewhere
[v4] security: add trace event for cap_capable [v4] security: add trace event for cap_capable - 1 - --- 2024-10-30 Jordan Rome Handled Elsewhere
KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation - 2 - --- 2024-10-29 David Gstir Handled Elsewhere
[v3] security: add trace event for cap_capable [v3] security: add trace event for cap_capable 1 1 - --- 2024-10-29 Jordan Rome Handled Elsewhere
[net-next,v2] netlabel: document doi_remove field of struct netlbl_calipso_ops [net-next,v2] netlabel: document doi_remove field of struct netlbl_calipso_ops 1 - - --- 2024-10-28 George Guo Handled Elsewhere
[v8,3/3] tpm: Lazily flush the auth session Lazy flush for the auth session - 1 2 --- 2024-10-28 Jarkko Sakkinen Handled Elsewhere
[v8,2/3] tpm: Rollback tpm2_load_null() Lazy flush for the auth session - 1 - --- 2024-10-28 Jarkko Sakkinen Handled Elsewhere
[v8,1/3] tpm: Return tpm2_sessions_init() when null key creation fails Lazy flush for the auth session - 1 - --- 2024-10-28 Jarkko Sakkinen Handled Elsewhere
[v2] security: add trace event for cap_capable [v2] security: add trace event for cap_capable 1 1 - --- 2024-10-25 Jordan Rome Handled Elsewhere
[1/1] netlabel: Add missing comment to struct field [1/1] netlabel: Add missing comment to struct field - - - --- 2024-10-25 George Guo Handled Elsewhere
[1/1] add comment for doi_remove in struct netlbl_lsm_secattr [1/1] add comment for doi_remove in struct netlbl_lsm_secattr - - - --- 2024-10-25 George Guo Handled Elsewhere
[1/1] add comment for doi_remove in struct netlbl_lsm_secattr [1/1] add comment for doi_remove in struct netlbl_lsm_secattr - - - --- 2024-10-25 George Guo Handled Elsewhere
[v1] security: add trace event for cap_capable [v1] security: add trace event for cap_capable - - - --- 2024-10-24 Jordan Rome pcmoore Under Review
[v3,5/5] LSM: secctx provider check on release LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-23 Casey Schaufler pcmoore Accepted
[v3,4/5] LSM: lsm_context in security_dentry_init_security LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-23 Casey Schaufler pcmoore Accepted
[v3,3/5] LSM: Use lsm_context in security_inode_getsecctx LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-23 Casey Schaufler pcmoore Accepted
[v3,2/5] LSM: Replace context+len with lsm_context LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-23 Casey Schaufler pcmoore Accepted
[v3,1/5] LSM: Ensure the correct LSM context releaser LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-23 Casey Schaufler pcmoore Accepted
[RFC,v2,14/14] landlock: Control log events with LANDLOCK_RESTRICT_SELF_LOGLESS Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,13/14] landlock: Log scoped denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,12/14] landlock: Log TCP bind and connect denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,11/14] landlock: Log truncate and ioctl denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,10/14] landlock: Log file-related denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,09/14] landlock: Log mount-related denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,08/14] landlock: Log domain properties and release Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,07/14] landlock: Log ptrace denials Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,06/14] landlock: Move domain hierarchy management Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,05/14] landlock: Move access types Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,04/14] landlock: Add unique ID generator Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,03/14] landlock: Factor out check_access_path() Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore New
[RFC,v2,02/14] lsm: Add audit_log_lsm_data() helper Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore Accepted
[RFC,v2,01/14] lsm: Only build lsm_audit.c if CONFIG_AUDIT is set Landlock audit support - - - --- 2024-10-22 Mickaël Salaün pcmoore Accepted
[v3,3/3] landlock: Optimize scope enforcement Refactor Landlock access mask management - - - --- 2024-10-22 Mickaël Salaün Handled Elsewhere
[v3,2/3] landlock: Refactor network access mask management Refactor Landlock access mask management - - - --- 2024-10-22 Mickaël Salaün Handled Elsewhere
[v3,1/3] landlock: Refactor filesystem access mask management Refactor Landlock access mask management - - - --- 2024-10-22 Mickaël Salaün Handled Elsewhere
[v3,3/3] samples/landlock: Clarify option parsing behaviour samples/landlock: Fix port parsing in sandboxer - - - --- 2024-10-19 Matthieu Buffet Handled Elsewhere
[v3,2/3] samples/landlock: Refactor help message samples/landlock: Fix port parsing in sandboxer - - - --- 2024-10-19 Matthieu Buffet Handled Elsewhere
[v3,1/3] samples/landlock: Fix port parsing in sandboxer samples/landlock: Fix port parsing in sandboxer - - - --- 2024-10-19 Matthieu Buffet Handled Elsewhere
[RESEND] apparmor: Remove unnecessary NULL check before kvfree() [RESEND] apparmor: Remove unnecessary NULL check before kvfree() - - - --- 2024-10-18 Thorsten Blum Handled Elsewhere
[GIT,PULL] IPE fixes for 6.12-rc4 [GIT,PULL] IPE fixes for 6.12-rc4 - - - --- 2024-10-18 Fan Wu Handled Elsewhere
[v2] mm: Split critical region in remap_file_pages() and invoke LSMs in between [v2] mm: Split critical region in remap_file_pages() and invoke LSMs in between - 5 2 --- 2024-10-18 Roberto Sassu pcmoore Under Review
[RFC] mm: Split locks in remap_file_pages() [RFC] mm: Split locks in remap_file_pages() - 3 - --- 2024-10-18 Roberto Sassu Superseded
[RFC,v3,13/13] clavis: Kunit support Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,12/13] clavis: Add function redirection for Kunit support Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,11/13] clavis: Prevent boot param change during kexec Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,10/13] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,09/13] clavis: Allow user to define acl at build time Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,08/13] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,07/13] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,06/13] clavis: Populate clavis keyring acl with kernel module signature Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,05/13] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,04/13] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,03/13] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,02/13] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,01/13] certs: Remove CONFIG_INTEGRITY_PLATFORM_KEYRING check Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v2,8/8] selftests/landlock: Test that SCTP actions are not restricted Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,7/8] landlock: Add note about errors consistency in documentation Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,6/8] selftests/landlock: Test consistency of errors for TCP actions Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,5/8] selftests/landlock: Test that MPTCP actions are not restricted Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,4/8] selftests/landlock: Test TCP accesses with protocol=IPPROTO_TCP Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,3/8] landlock: Fix inconsistency of errors for TCP actions Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,2/8] landlock: Make network stack layer checks explicit for each TCP action Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
[RFC,v2,1/8] landlock: Fix non-TCP sockets restriction Fix non-TCP restriction and inconsistency of TCP errors - - - --- 2024-10-17 Mikhail Ivanov Handled Elsewhere
Landlock: fix grammar issues in docs Landlock: fix grammar issues in docs - - - --- 2024-10-15 Daniel Burgener Handled Elsewhere
[v2,6/6] LSM: Use lsm_context in security_inode_notifysecctx LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-14 Casey Schaufler pcmoore Changes Requested
[v2,5/6] LSM: secctx provider check on release LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-14 Casey Schaufler pcmoore Changes Requested
[v2,4/6] LSM: lsm_context in security_dentry_init_security LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-14 Casey Schaufler pcmoore Changes Requested
[v2,3/6] LSM: Use lsm_context in security_inode_getsecctx LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-14 Casey Schaufler pcmoore Changes Requested
[v2,2/6] LSM: Replace context+len with lsm_context LSM: Replace secctx/len pairs with lsm_context - - - --- 2024-10-14 Casey Schaufler pcmoore Changes Requested
[v2,1/6] LSM: Ensure the correct LSM context releaser LSM: Replace secctx/len pairs with lsm_context - 1 - --- 2024-10-14 Casey Schaufler pcmoore Changes Requested
[v2,3/3] landlock: Optimize scope enforcement Refactor Landlock access mask management - - - --- 2024-10-14 Mickaël Salaün Handled Elsewhere
[v2,2/3] landlock: Refactor network access mask management Refactor Landlock access mask management - - - --- 2024-10-14 Mickaël Salaün Handled Elsewhere
[v2,1/3] landlock: Refactor filesystem access mask management Refactor Landlock access mask management - - - --- 2024-10-14 Mickaël Salaün Handled Elsewhere
[v2] fsnotify, lsm: Decouple fsnotify from lsm [v2] fsnotify, lsm: Decouple fsnotify from lsm 1 - - --- 2024-10-13 Song Liu New
tomoyo: use u64 for handling numeric values tomoyo: use u64 for handling numeric values - - - --- 2024-10-12 Tetsuo Handa New
fsnotify, lsm: Separate fsnotify_open_perm() and security_file_open() fsnotify, lsm: Separate fsnotify_open_perm() and security_file_open() 1 - - --- 2024-10-11 Song Liu pcmoore Under Review
[v20,6/6] samples/check-exec: Add an enlighten "inc" interpreter and 28 tests Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün Under Review
[v20,5/6] samples/check-exec: Add set-exec Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün Under Review
[v20,4/6] selftests/landlock: Add tests for execveat + AT_CHECK Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün Under Review
[v20,3/6] selftests/exec: Add 32 tests for AT_CHECK and exec securebits Script execution control (was O_MAYEXEC) - - - --- 2024-10-11 Mickaël Salaün Under Review
[v20,2/6] security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits Script execution control (was O_MAYEXEC) - 1 - --- 2024-10-11 Mickaël Salaün Under Review
[v20,1/6] exec: Add a new AT_CHECK flag to execveat(2) Script execution control (was O_MAYEXEC) - 1 - --- 2024-10-11 Mickaël Salaün Under Review
ima: Suspend PCR extends and log appends when rebooting ima: Suspend PCR extends and log appends when rebooting - - - --- 2024-10-11 Stefan Berger pcmoore New
apparmor: test: Fix memory leak for aa_unpack_strdup() apparmor: test: Fix memory leak for aa_unpack_strdup() - - - --- 2024-10-11 Jinjie Ruan Handled Elsewhere
[v1] ipe: add 'anonymous_memory' property for policy decisions [v1] ipe: add 'anonymous_memory' property for policy decisions - - - --- 2024-10-10 Fan Wu New
[RFC,v1,7/7] tomoyo: Fix inode numbers in logs [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS - - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,6/7] smack: Fix inode numbers in logs [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS 1 - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,5/7] ipe: Fix inode numbers in audit records [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS 1 - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,4/7] integrity: Fix inode numbers in audit records [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS - - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,3/7] selinux: Fix inode numbers in error messages [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS 1 - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,2/7] audit: Fix inode numbers [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS 1 - - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS [RFC,v1,1/7] fs: Add inode_get_ino() and implement get_ino() for NFS - 1 - --- 2024-10-10 Mickaël Salaün pcmoore Under Review
[v3,-next,15/15] sysctl: remove unneeded include sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,14/15] sh: vdso: move the sysctl to arch/sh/kernel/vsyscall/vsyscall.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,13/15] x86: vdso: move the sysctl to arch/x86/entry/vdso/vdso32-setup.c sysctl: move sysctls from vm_table into its own files - 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,12/15] fs: dcache: move the sysctl to fs/dcache.c sysctl: move sysctls from vm_table into its own files - 3 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,11/15] sunrpc: use vfs_pressure_ratio() helper sysctl: move sysctls from vm_table into its own files 2 1 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,10/15] fs: drop_caches: move sysctl to fs/drop_caches.c sysctl: move sysctls from vm_table into its own files - 3 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,09/15] fs: fs-writeback: move sysctl to fs/fs-writeback.c sysctl: move sysctls from vm_table into its own files - 2 - --- 2024-10-10 yukaixiong Handled Elsewhere
[v3,-next,08/15] mm: nommu: move sysctl to mm/nommu.c sysctl: move sysctls from vm_table into its own files - - - --- 2024-10-10 yukaixiong Handled Elsewhere
« 1 2 3 447 48 »