security subsystem · Supported

Maintainers

• M Paul Moore <paul@paul-moore.com>
• M James Morris <jmorris@namei.org>
• M "Serge E. Hallyn" <serge@hallyn.com>

Paths

• F include/linux/lsm/
• F include/linux/lsm_audit.h
• F include/linux/lsm_hook_defs.h
• F include/linux/lsm_hooks.h
• F include/linux/security.h
• F include/uapi/linux/lsm.h
• F security/
• F tools/testing/selftests/lsm/
• F rust/kernel/security.rs
• X security/selinux/

Last 30 days

Most active threads (last 7 days)

• WARM1d [PATCH v7 00/12] ima: Exporting and deleting IMA measurement records from kernel memory
  2026-06-05 17:25 · 11 replies in 7d · Roberto Sassu <hidden>
• WARM1d [PATCH v6 0/4] introduce IMA_INIT_LATE_SYNC option
  2026-06-05 14:43 · 3 replies in 7d · Yeoreum Yun <hidden>
• DORMANTno replies [PATCH next] keys: Replace strcpy(derived_buf, "AUTH_KEY") with strscpy(..., HASH_SIZE)
  2026-06-06 20:27 · 0 replies in 7d · <hidden>
• WARM1d [PATCH v6 00/12] ima: Exporting and deleting IMA measurement records from kernel memory
  2026-06-02 11:17 · 11 replies in 7d · Roberto Sassu <hidden>
• COOLING4d [PATCH v5 0/4] introduce IMA_INIT_LATE_SYNC option
  2026-06-01 14:28 · 3 replies in 7d · Yeoreum Yun <hidden>

Active reviewers (last 30 days)

• Mimi Zohar <zohar@linux.ibm.com>
  14 attestations (11 Reviewed-by, 3 Suggested-by) · last on 2026-06-05
• Stefan Berger <stefanb@linux.ibm.com>
  5 attestations (3 Reviewed-by, 2 Tested-by) · last on 2026-06-05
• Steven Chen <hidden>
  2 attestations (2 Co-developed-by) · last on 2026-06-05
• Roberto Sassu <roberto.sassu@huawei.com>
  2 attestations (1 Co-developed-by, 1 Suggested-by) · last on 2026-06-02
• Ross Philipson <hidden>
  1 attestation (1 Co-developed-by) · last on 2026-05-15
• Jonathan McDowell <hidden>
  1 attestation (1 Reviewed-by) · last on 2026-05-15
• Daniel P. Smith <hidden>
  1 attestation (1 Co-developed-by) · last on 2026-05-15
• Alec Brown <hidden>
  1 attestation (1 Co-developed-by) · last on 2026-05-15

Recent patches

Most-recent 30 patches in this subsystem on linux-integrity (capped at 30), ordered by date desc.

• DORMANTno replies [PATCH next] keys: Replace strcpy(derived_buf, "AUTH_KEY") with strscpy(..., HASH_SIZE)
  2026-06-06 · <hidden>
• WARM1d [PATCH v7 11/12] ima: Support staging and deleting N measurements records
  2026-06-05 · Roberto Sassu <hidden>
• WARM1d [PATCH v7 10/12] ima: Add support for flushing the hash table when staging measurements
  2026-06-05 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 1 (1M) [PATCH v7 09/12] ima: Add support for staging measurements with prompt
  2026-06-05 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 5 (5M) [PATCH v7 08/12] ima: Introduce ima_dump_measurement()
  2026-06-05 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 5 (5M) [PATCH v7 07/12] ima: Use snprintf() in create_securityfs_measurement_lists
  2026-06-05 · Roberto Sassu <hidden>
• WARM1d [PATCH v7 06/12] ima: Mediate open/release method of the measurements list
  2026-06-05 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 5 (5M) [PATCH v7 05/12] ima: Introduce _ima_measurements_start() and _ima_measurements_next()
  2026-06-05 · Roberto Sassu <hidden>
• WARM1d [PATCH v7 04/12] ima: Introduce per binary measurements list type binary_runtime_size value
  2026-06-05 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 5 (5M) [PATCH v7 03/12] ima: Introduce per binary measurements list type ima_num_records counter
  2026-06-05 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 5 (5M) [PATCH v7 02/12] ima: Replace static htable queue with dynamically allocated array
  2026-06-05 · Roberto Sassu <hidden>
• WARM1d [PATCH v7 01/12] ima: Remove ima_h_table structure
  2026-06-05 · Roberto Sassu <hidden>
• WARM1d [PATCH v6 3/4] security: ima: rename boot_aggregate when ima is initialised at late_sync
  2026-06-05 · Yeoreum Yun <hidden>
• WARM1d REVIEWED: 5 (5M) [PATCH v6 2/4] security: ima: introduce IMA_INIT_LATE_SYNC option
  2026-06-05 · Yeoreum Yun <hidden>
• WARM1d [PATCH v6 1/4] security: lsm: allow LSMs to register for late_initcall_sync init
  2026-06-05 · Yeoreum Yun <hidden>
• WARM1d [PATCH v6 11/12] ima: Support staging and deleting N measurements records
  2026-06-02 · Roberto Sassu <hidden>
• WARM1d [PATCH v6 10/12] ima: Add support for flushing the hash table when staging measurements
  2026-06-02 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 1 (1M) [PATCH v6 09/12] ima: Add support for staging measurements with prompt
  2026-06-02 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 5 (5M) [PATCH v6 08/12] ima: Introduce ima_dump_measurement()
  2026-06-02 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 5 (5M) [PATCH v6 07/12] ima: Use snprintf() in create_securityfs_measurement_lists
  2026-06-02 · Roberto Sassu <hidden>
• WARM1d [PATCH v6 06/12] ima: Mediate open/release method of the measurements list
  2026-06-02 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 5 (5M) [PATCH v6 05/12] ima: Introduce _ima_measurements_start() and _ima_measurements_next()
  2026-06-02 · Roberto Sassu <hidden>
• WARM1d [PATCH v6 04/12] ima: Introduce per binary measurements list type binary_runtime_size value
  2026-06-02 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 5 (5M) [PATCH v6 03/12] ima: Introduce per binary measurements list type ima_num_records counter
  2026-06-02 · Roberto Sassu <hidden>
• WARM1d REVIEWED: 5 (5M) [PATCH v6 02/12] ima: Replace static htable queue with dynamically allocated array
  2026-06-02 · Roberto Sassu <hidden>
• WARM1d [PATCH v6 01/12] ima: Remove ima_h_table structure
  2026-06-02 · Roberto Sassu <hidden>
• COOLING4d [PATCH v5 3/4] security: ima: rename boot_aggregate when ima is initialised at late_sync
  2026-06-01 · Yeoreum Yun <hidden>
• COOLING4d [PATCH v5 2/4] security: ima: introduce IMA_INIT_LATE_SYNC option
  2026-06-01 · Yeoreum Yun <hidden>
• COOLING4d [PATCH v5 1/4] security: lsm: allow LSMs to register for late_initcall_sync init
  2026-06-01 · Yeoreum Yun <hidden>
• DORMANTno replies [RFC][PATCH v3 2/2] ima: measure buffer sent to securityfs policy file
  2026-05-26 · Enrico Bravi <hidden>

Needs attention (review trailers in, no pickup)

Patches with review trailers that haven't landed in mainline and haven't been Acked by a maintainer. Oldest first.

• STALE186d REVIEWED: 1 (0M) [PATCH v7 07/11] tpm2-sessions: Unmask tpm_buf_append_hmac_session()
  2025-11-27 · Jarkko Sakkinen <jarkko@kernel.org> · 1 Reviewed-by
• STALE186d REVIEWED: 1 (0M) [PATCH v7 08/11] KEYS: trusted: Open code tpm2_buf_append()
  2025-11-27 · Jarkko Sakkinen <jarkko@kernel.org> · 1 Reviewed-by
• STALE186d REVIEWED: 1 (0M) [PATCH v7 09/11] tpm-buf: unify TPM_BUF_BOUNDARY_ERROR and TPM_BUF_OVERFLOW
  2025-11-27 · Jarkko Sakkinen <jarkko@kernel.org> · 1 Reviewed-by
• STALE186d REVIEWED: 1 (1M) [PATCH v7 11/11] tpm-buf: Enable managed and stack allocations.
  2025-11-27 · Jarkko Sakkinen <jarkko@kernel.org> · 1 Reviewed-by
• STALE191d REVIEWED: 1 (0M) [PATCH v8 07/11] tpm2-sessions: Unmask tpm_buf_append_hmac_session()
  2025-11-27 · Jarkko Sakkinen <jarkko@kernel.org> · 1 Reviewed-by
• STALE191d REVIEWED: 1 (0M) [PATCH v8 08/11] KEYS: trusted: Open code tpm2_buf_append()
  2025-11-27 · Jarkko Sakkinen <jarkko@kernel.org> · 1 Reviewed-by
• STALE191d REVIEWED: 1 (0M) [PATCH v8 09/11] tpm-buf: unify TPM_BUF_BOUNDARY_ERROR and TPM_BUF_OVERFLOW
  2025-11-27 · Jarkko Sakkinen <jarkko@kernel.org> · 1 Reviewed-by
• DORMANTno replies REVIEWED: 1 (1M) [PATCH v8 11/11] tpm-buf: Enable managed and stack allocations.
  2025-11-27 · Jarkko Sakkinen <jarkko@kernel.org> · 1 Reviewed-by
• STALE190d REVIEWED: 1 (0M) [PATCH v9 2/8] tpm2-sessions: Open code tpm_buf_append_hmac_session()
  2025-11-28 · Jarkko Sakkinen <jarkko@kernel.org> · 1 Reviewed-by
• STALE190d REVIEWED: 1 (0M) [PATCH v9 5/8] KEYS: trusted: Open code tpm2_buf_append()
  2025-11-28 · Jarkko Sakkinen <jarkko@kernel.org> · 1 Reviewed-by

Quiet for 30+ days

Patches with no review trailers and no replies. Either the author is heads-down elsewhere or these slipped through. Oldest first.

• STALE187d [RFC v1 1/1] ima: Implement IMA event log trimming
  2025-11-19 · Anirudh Venkataramanan <hidden>
• STALE186d [PATCH v7 04/11] KEYS: trusted: Fix memory leak in tpm2_load()
  2025-11-27 · Jarkko Sakkinen <jarkko@kernel.org>
• STALE191d [PATCH v8 03/11] KEYS: trusted: remove redundant instance of tpm2_hash_map
  2025-11-27 · Jarkko Sakkinen <jarkko@kernel.org>
• STALE191d [PATCH v8 04/11] KEYS: trusted: Fix memory leak in tpm2_load()
  2025-11-27 · Jarkko Sakkinen <jarkko@kernel.org>
• STALE190d [PATCH v9 4/8] KEYS: trusted: Fix a memory leak in tpm2_load_cmd
  2025-11-28 · Jarkko Sakkinen <jarkko@kernel.org>
• DORMANTno replies [PATCH] tpm2-sessions: address out-of-range indexing
  2025-11-30 · Jarkko Sakkinen <jarkko@kernel.org>
• DORMANTno replies [PATCH v2] tpm2-sessions: address out-of-range indexing
  2025-11-30 · Jarkko Sakkinen <jarkko@kernel.org>
• STALE187d [PATCH 1/4] tpm2-sessions: address out-of-range indexing
  2025-12-01 · Jarkko Sakkinen <jarkko@kernel.org>
• STALE187d [PATCH v3] tpm2-sessions: address out-of-range indexing
  2025-12-01 · Jarkko Sakkinen <jarkko@kernel.org>
• STALE184d [PATCH v2 1/2] KEYS: trusted: Re-orchestrate tpm2_read_public() calls
  2025-12-05 · Jarkko Sakkinen <jarkko@kernel.org>