security subsystem · Supported
Maintainers
- M Paul Moore <paul@paul-moore.com>
- M James Morris <jmorris@namei.org>
- M "Serge E. Hallyn" <serge@hallyn.com>
Paths
- F
include/linux/lsm/ - F
include/linux/lsm_audit.h - F
include/linux/lsm_hook_defs.h - F
include/linux/lsm_hooks.h - F
include/linux/security.h - F
include/uapi/linux/lsm.h - F
security/ - F
tools/testing/selftests/lsm/ - F
rust/kernel/security.rs - X
security/selinux/
Last 30 days
Most active threads (last 7 days)
-
HOTtoday
[PATCH net 0/4] rxrpc: Fix CHALLENGE packet handling
2026-07-02 14:49 · 1 reply in 7d · David Howells <dhowells@redhat.com> -
HOTtoday
Landlock: LANDLOCK_ACCESS_NET_CONNECT_TCP bypass via TCP Fast Open
2026-07-01 21:46 · 1 reply in 7d · Bryam Vargas <hidden> -
HOTtoday
[PATCH v4 bpf-next 0/3] bpf: add bpf_init_inode_xattr kfunc for atomic inode labeling
2026-06-30 18:40 · 2 replies in 7d · David Windsor <hidden> -
WARM2d
[PATCH stable/linux-5.10.y 0/7] Backport Fix incorrect overlayfs mmap() and mprotect() LSM access controls
2026-06-29 06:41 · 2 replies in 7d · Cai Xinchen <hidden> -
WARM1d
[PATCH v3 stable/linux-6.12.y 0/3] Backport Fix incorrect overlayfs mmap() and mprotect() LSM access controls
2026-06-29 06:52 · 1 reply in 7d · Cai Xinchen <hidden> -
COOLING4d
[PATCH v2 stable/linux-6.6.y 0/3] Backport Fix incorrect overlayfs mmap() and mprotect() LSM access controls
2026-06-27 06:29 · 1 reply in 7d · Cai Xinchen <hidden> -
COOLING5d
[PATCH v2 stable/linux-6.12.y 0/2] Backport Fix incorrect overlayfs mmap() and mprotect() LSM access controls
2026-06-27 04:00 · 1 reply in 7d · Cai Xinchen <hidden> -
COOLING6d
[PATCH -next 0/2] Fix call security_backing_file_free second time
2026-06-26 01:34 · 2 replies in 7d · Cai Xinchen <hidden> -
COOLING5d
[PATCH v2 stable/linux-6.18.y 0/2] Backport Fix incorrect overlayfs mmap() and mprotect() LSM access controls
2026-06-26 07:22 · 1 reply in 7d · Cai Xinchen <hidden> -
COOLING6d
[PATCH v2 stable/linux-6.18.y 0/2] Backport Fix incorrect overlayfs mmap() and mprotect() LSM access controls
2026-06-26 02:12 · 1 reply in 7d · Cai Xinchen <hidden>
Active reviewers (last 30 days)
-
Amir Goldstein <amir73il@gmail.com>
9 attestations (9 Reviewed-by) · last on 2026-06-29 -
Serge Hallyn <serge@hallyn.com>
9 attestations (9 Reviewed-by) · last on 2026-06-29 -
Christian Brauner <brauner@kernel.org>
9 attestations (9 Reviewed-by) · last on 2026-06-29 -
Mimi Zohar <zohar@linux.ibm.com>
8 attestations (7 Reviewed-by, 1 Suggested-by) · last on 2026-06-05 -
<hidden>
2 attestations (2 Reported-by) · last on 2026-06-14 -
Tingmao Wang <hidden>
2 attestations (1 Reported-by, 1 Reviewed-by) · last on 2026-06-04 -
k2ci <hidden>
1 attestation (1 Reported-by) · last on 2026-06-23 -
Song Liu <song@kernel.org>
1 attestation (1 Suggested-by) · last on 2026-06-18 -
Vlastimil Babka (SUSE) <vbabka@kernel.org>
1 attestation (1 Acked-by) · last on 2026-06-10 -
Steven Chen <hidden>
1 attestation (1 Co-developed-by) · last on 2026-06-05
Recent patches
Most-recent 30 patches in this subsystem on lkml (capped at 30), ordered by date desc.
-
DORMANTno replies
[PATCH net 4/4] rxrpc: Fix CHALLENGE packet overqueuing and simplify RESPONSE generation
2026-07-02 · David Howells <dhowells@redhat.com> -
HOTtoday
[PATCH v2 1/2] landlock: fix TCP Fast Open connection bypass
2026-07-01 · Matthieu Buffet <hidden> -
HOTtoday
[PATCH v4 bpf-next 2/3] bpf: add bpf_init_inode_xattr kfunc for atomic inode labeling
2026-06-30 · David Windsor <hidden> -
HOTtoday
[PATCH v4 bpf-next 1/3] security: pass inode_init_security xattrs via struct lsm_xattrs
2026-06-30 · David Windsor <hidden> -
WARM1d
REVIEWED: 13 (13M) [PATCH v3 stable/linux-6.12.y 2/3] lsm: add backing_file LSM hooks
2026-06-29 · Cai Xinchen <hidden> -
WARM2d
[PATCH stable/linux-5.10.y 4/7] lsm: constify the 'file' parameter in security_binder_transfer_file()
2026-06-29 · Cai Xinchen <hidden> -
WARM2d
REVIEWED: 13 (13M) [PATCH stable/linux-5.10.y 6/7] lsm: add backing_file LSM hooks
2026-06-29 · Cai Xinchen <hidden> -
COOLING4d
REVIEWED: 13 (13M) [PATCH v2 stable/linux-6.6.y 2/3] lsm: add backing_file LSM hooks
2026-06-27 · Cai Xinchen <hidden> -
COOLING5d
REVIEWED: 13 (13M) [PATCH v2 stable/linux-6.12.y 1/2] lsm: add backing_file LSM hooks
2026-06-27 · Cai Xinchen <hidden> -
COOLING5d
REVIEWED: 13 (13M) [PATCH v2 stable/linux-6.18.y 1/2] lsm: add backing_file LSM hooks
2026-06-26 · Cai Xinchen <hidden> -
COOLING6d
REVIEWED: 13 (13M) [PATCH v2 stable/linux-6.18.y 1/2] lsm: add backing_file LSM hooks
2026-06-26 · Cai Xinchen <hidden> -
COOLING6d
[PATCH -next 2/2] security: Fix call security_backing_file_free second time
2026-06-26 · Cai Xinchen <hidden> -
COOLING6d
[PATCH -next 1/2] security: Some cleanup code
2026-06-26 · Cai Xinchen <hidden> -
COOLING9d
[PATCH] apparmor: mv get_loaddata_common_ref() into CONFIG_SECURITY_APPARMOR_EXPORT_BINARY block
2026-06-23 · <hidden> -
COOLING9d
[PATCH] apparmor: mediate the implicit connect of TCP fast open sendmsg
2026-06-22 · Bryam Vargas via B4 Relay <devnull+hexlabsecurity.proton.me@kernel.org> -
COOLING10d
REVIEWED: 13 (13M) [stable/linux-6.6.y 2/3] lsm: add backing_file LSM hooks
2026-06-22 · Cai Xinchen <hidden> -
COOLING7d
REVIEWED: 13 (13M) [stable/linux-6.12.y 1/2] lsm: add backing_file LSM hooks
2026-06-22 · Cai Xinchen <hidden> -
COOLING7d
REVIEWED: 13 (13M) [stable/linux-6.18.y 1/2] lsm: add backing_file LSM hooks
2026-06-22 · Cai Xinchen <hidden> -
COOLING9d
[PATCH 2/2] lsm: fix size queries for getselfattr with NULL buffer
2026-06-19 · Bradley Morgan <hidden> -
DORMANTno replies
Re: Linux 6.6.143
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
DORMANTno replies
Re: Linux 6.12.94
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
COOLING13d
Re: Linux 6.1.176
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
DORMANTno replies
Re: Linux 5.15.210
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
DORMANTno replies
Re: Linux 5.10.259
2026-06-19 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> -
DORMANTno replies
[PATCH] landlock: work around gcc-16 -Wuninitialized warning
2026-06-19 · Arnd Bergmann <arnd@kernel.org> -
COOLING6d
[PATCH bpf-next v3 1/2] bpf: add bpf_init_inode_xattr kfunc for atomic inode labeling
2026-06-18 · David Windsor <hidden> -
HOTtoday
[RFC PATCH 1/2] landlock: fix TCP Fast Open connection bypass
2026-06-17 · Matthieu Buffet <hidden> -
COLD16d
[PATCH] security: clarify task_prctl hook documentation
2026-06-15 · Bill Roberts <hidden> -
COOLING13d
Re: [PATCH] KEYS: avoid filesystem reclaim while holding keyring->sem
2026-06-14 · Hillf Danton <hidden> -
COOLING13d
[PATCH] KEYS: avoid filesystem reclaim while holding keyring->sem
2026-06-14 · Mohammed EL Kadiri <hidden>
Needs attention (review trailers in, no pickup)
Patches with review trailers that haven't landed in mainline and haven't been Acked by a maintainer. Oldest first.
-
STALE101d
REVIEWED: 1 (1M) [PATCH v9 11/11] tpm-buf: Implement managed allocations
2026-01-25 · Jarkko Sakkinen <jarkko@kernel.org> · 1 Reviewed-by -
STALE147d
REVIEWED: 4 (4M) [PATCH v4] ima: Fallback to ctime check for FS without kstat.change_cookie
2026-01-29 · Frederick Lawler <hidden> · 1 Reviewed-by -
STALE101d
REVIEWED: 1 (1M) [PATCH v2 2/2] keys/trusted_keys: move TPM-specific fields into trusted_tpm_options
2026-02-20 · Srish Srinivasan <ssrish@linux.ibm.com> · 1 Reviewed-by -
STALE124d
REVIEWED: 8 (8M) [PATCH 1/2] ima: efi: Drop unnecessary check for CONFIG_MODULE_SIG/CONFIG_KEXEC_SIG
2026-02-26 · Thomas Weißschuh <linux@weissschuh.net> · 3 Reviewed-by -
STALE119d
REVIEWED: 1 (1M) [PATCH v2 4/8] module: Give MODULE_SIG_STRING a more descriptive name
2026-03-05 · Thomas Weißschuh <hidden> · 1 Reviewed-by -
STALE97d
REVIEWED: 1 (1M) [PATCH v3 4/8] module: Give MODULE_SIG_STRING a more descriptive name
2026-03-05 · Thomas Weißschuh <hidden> · 1 Reviewed-by -
STALE106d
REVIEWED: 2 (2M) [PATCH RESEND] apparmor: Replace memcpy + NUL termination with kmemdup_nul in do_setattr
2026-03-09 · Thorsten Blum <thorsten.blum@linux.dev> · 1 Reviewed-by -
STALE107d
REVIEWED: 5 (5M) [PATCH v3 1/2] EVM: add comment describing why ino field is still unsigned long
2026-03-16 · Jeff Layton <jlayton@kernel.org> · 1 Reviewed-by -
STALE102d
REVIEWED: 1 (0M) [PATCH] ima: abort file hash computation on fatal signal
2026-03-22 · Shigeru Yoshida <hidden> · 1 Tested-by -
STALE91d
REVIEWED: 3 (1M) [PATCH v6.1] apparmor: fix unprivileged local user can do privileged policy management
2026-04-02 · Keerthana K <hidden> · 2 Reviewed-by, 1 Tested-by
Quiet for 30+ days
Patches with no review trailers and no replies. Either the author is heads-down elsewhere or these slipped through. Oldest first.
-
STALE209d
[PATCH v2 1/2] KEYS: trusted: Re-orchestrate tpm2_read_public() calls
2025-12-05 · Jarkko Sakkinen <jarkko@kernel.org> -
STALE209d
[PATCH v3 1/2] KEYS: trusted: Re-orchestrate tpm2_read_public() calls
2025-12-05 · Jarkko Sakkinen <jarkko@kernel.org> -
DORMANTno replies
[PATCH v3 2/2] KEYS: trusted: Store parent's name to the encoded keys
2025-12-05 · Jarkko Sakkinen <jarkko@kernel.org> -
STALE209d
[PATCH v4 1/4] KEYS: trusted: Re-orchestrate tpm2_read_public() calls
2025-12-05 · Jarkko Sakkinen <jarkko@kernel.org> -
STALE209d
[PATCH v4 2/4] KEYS: trusted: Store parent's name to the encoded keys
2025-12-05 · Jarkko Sakkinen <jarkko@kernel.org> -
STALE208d
[PATCH v5 1/2] KEYS: trusted: Re-orchestrate tpm2_read_public() calls
2025-12-06 · Jarkko Sakkinen <jarkko@kernel.org> -
DORMANTno replies
[PATCH v5 2/2] KEYS: trusted: Store parent's name to the encoded keys
2025-12-06 · Jarkko Sakkinen <jarkko@kernel.org> -
STALE206d
[PATCH v6 1/2] KEYS: trusted: Re-orchestrate tpm2_read_public() calls
2025-12-07 · Jarkko Sakkinen <jarkko@kernel.org> -
STALE206d
[PATCH v7 2/3] KEYS: trusted: Re-orchestrate tpm2_read_public() calls
2025-12-08 · Jarkko Sakkinen <jarkko@kernel.org> -
STALE205d
[PATCH 2/4] KEYS: trusted: Re-orchestrate tpm2_read_public() calls
2025-12-09 · Jarkko Sakkinen <jarkko@kernel.org>