Kernel-hardening Archive on lore.kernel.org
 help / color / Atom feed
[PATCH v4 0/8] Fork brute force attack mitigation
 2021-02-27 18:46 UTC  (2+ messages) - mbox.gz / Atom

[PATCH v5 0/8] Fork brute force attack mitigation
 2021-02-27 18:44 UTC  (10+ messages) - mbox.gz / Atom
` [PATCH v5 1/8] security: Add LSM hook at the point where a task gets a fatal signal
` [PATCH v5 2/8] security/brute: Define a LSM and manage statistical data
` [PATCH v5 3/8] securtiy/brute: Detect a brute force attack
` [PATCH v5 4/8] security/brute: Fine tuning the attack detection
` [PATCH v5 5/8] security/brute: Mitigate a brute force attack
` [PATCH v5 6/8] selftests/brute: Add tests for the Brute LSM
` [PATCH v5 7/8] Documentation: Add documentation "
` [PATCH v5 8/8] MAINTAINERS: Add a new entry "

[PATCH 00/20] Manual replacement of all strlcpy in favor of strscpy
 2021-02-26 15:09 UTC  (38+ messages) - mbox.gz / Atom
` [PATCH 01/20] cgroup: Manual replacement of the deprecated strlcpy() with return values
` [PATCH 02/20] crypto: "
` [PATCH 03/20] devlink: "
` [PATCH 04/20] dma-buf: "
` [PATCH 05/20] kobject: "
` [PATCH 06/20] ima: "
` [PATCH 07/20] SUNRPC: "
` [PATCH 08/20] kernfs: "
` [PATCH 09/20] m68k/atari: "
` [PATCH 10/20] module: "
` [PATCH 11/20] hwmon: "
` [PATCH 12/20] s390/hmcdrv: "
` [PATCH 13/20] scsi: zfcp: "
` [PATCH 14/20] target: "
` [PATCH 15/20] ALSA: usb-audio: "
` [PATCH 16/20] tracing/probe: "
` [PATCH 17/20] vt: "
` [PATCH 18/20] usb: gadget: f_midi: "
` [PATCH 19/20] usbip: usbip_host: "
` [PATCH 20/20] s390/watchdog: "

[PATCH v7 0/7] Count rlimits in each user namespace
 2021-02-25 20:36 UTC  (14+ messages) - mbox.gz / Atom
` [PATCH v7 1/7] Increase size of ucounts to atomic_long_t
` [PATCH v7 2/7] Add a reference to ucounts for each cred
` [PATCH v7 3/7] Reimplement RLIMIT_NPROC on top of ucounts
` [PATCH v7 4/7] Reimplement RLIMIT_MSGQUEUE "
` [PATCH v7 5/7] Reimplement RLIMIT_SIGPENDING "
  ` d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression
` [PATCH v7 6/7] Reimplement RLIMIT_MEMLOCK on top of ucounts
` [PATCH v7 7/7] kselftests: Add test to check for rlimit changes in different user namespaces

[PATCH v29 00/12] Landlock LSM
 2021-02-25 19:06 UTC  (13+ messages) - mbox.gz / Atom
` [PATCH v29 01/12] landlock: Add object management
` [PATCH v29 02/12] landlock: Add ruleset and domain management
` [PATCH v29 03/12] landlock: Set up the security framework and manage credentials
` [PATCH v29 04/12] landlock: Add ptrace restrictions
` [PATCH v29 05/12] LSM: Infrastructure management of the superblock
` [PATCH v29 06/12] fs,security: Add sb_delete hook
` [PATCH v29 07/12] landlock: Support filesystem access-control
` [PATCH v29 08/12] landlock: Add syscall implementations
` [PATCH v29 09/12] arch: Wire up Landlock syscalls
` [PATCH v29 10/12] selftests/landlock: Add user space tests
` [PATCH v29 11/12] samples/landlock: Add a sandbox manager example
` [PATCH v29 12/12] landlock: Add user and kernel documentation

[PATCH v1 1/1] Kernel Config to make randomize_va_space read-only
 2021-02-25 11:40 UTC  (2+ messages) - mbox.gz / Atom

[PATCH v9 00/16] Add support for Clang LTO
 2021-02-24 22:42 UTC  (10+ messages) - mbox.gz / Atom
` [PATCH v9 01/16] tracing: move function tracer options to Kconfig
  ` [PATCH v9 01/16] tracing: move function tracer options to Kconfig (causing parisc build failures)
` [PATCH v9 05/16] kbuild: lto: merge module sections

[PATCH v1 1/1] Kernel Config to make randomize_va_space read-only
 2021-02-24 14:11 UTC  (2+ messages) - mbox.gz / Atom

[PATCH v6 0/7] Count rlimits in each user namespace
 2021-02-23  5:30 UTC  (18+ messages) - mbox.gz / Atom
` [PATCH v6 1/7] Increase size of ucounts to atomic_long_t
` [PATCH v6 2/7] Add a reference to ucounts for each cred
` [PATCH v6 3/7] Reimplement RLIMIT_NPROC on top of ucounts
` [PATCH v6 4/7] Reimplement RLIMIT_MSGQUEUE "
` [PATCH v6 5/7] Reimplement RLIMIT_SIGPENDING "
` [PATCH v6 6/7] Reimplement RLIMIT_MEMLOCK "
  ` [PATCH v7 "
  ` f009495a8d: BUG:KASAN:use-after-free_in_user_shm_unlock
` [PATCH v6 7/7] kselftests: Add test to check for rlimit changes in different user namespaces

[PATCH v28 00/12] Landlock LSM
 2021-02-19 15:34 UTC  (28+ messages) - mbox.gz / Atom
` [PATCH v28 01/12] landlock: Add object management
` [PATCH v28 02/12] landlock: Add ruleset and domain management
` [PATCH v28 03/12] landlock: Set up the security framework and manage credentials
` [PATCH v28 04/12] landlock: Add ptrace restrictions
` [PATCH v28 05/12] LSM: Infrastructure management of the superblock
` [PATCH v28 06/12] fs,security: Add sb_delete hook
` [PATCH v28 07/12] landlock: Support filesystem access-control
` [PATCH v28 08/12] landlock: Add syscall implementations
` [PATCH v28 09/12] arch: Wire up Landlock syscalls
` [PATCH v28 10/12] selftests/landlock: Add user space tests
` [PATCH v28 11/12] samples/landlock: Add a sandbox manager example
` [PATCH v28 12/12] landlock: Add user and kernel documentation

Fine-grained Forward CFI on top of Intel CET / IBT
 2021-02-11  5:51 UTC  - mbox.gz / Atom

[ANNOUNCE][CFP] Linux Security Summit 2021
 2021-02-08 19:59 UTC  - mbox.gz / Atom

[PATCH v3 0/2] arm64/acpi: restrict AML opregion memory access
 2021-02-06 10:45 UTC  (6+ messages) - mbox.gz / Atom
` [PATCH v3 2/2] arm64/acpi: disallow writeable AML opregion mapping for EFI code regions

Joining the general Linux kernel hardening mailing list
 2021-02-05 17:31 UTC  - mbox.gz / Atom

[PATCH v5 0/7] Count rlimits in each user namespace
 2021-02-05  2:55 UTC  (10+ messages) - mbox.gz / Atom
` [PATCH v5 1/7] Increase size of ucounts to atomic_long_t
` [PATCH v5 2/7] Add a reference to ucounts for each cred
` [PATCH v5 3/7] Reimplement RLIMIT_NPROC on top of ucounts
  ` c632dadc10: BUG:KASAN:null-ptr-deref_in_is_ucounts_overlimit
` [PATCH v5 4/7] Reimplement RLIMIT_MSGQUEUE on top of ucounts
` [PATCH v5 5/7] Reimplement RLIMIT_SIGPENDING "
` [PATCH v5 6/7] Reimplement RLIMIT_MEMLOCK "
  ` 0ac0c30c8f: WARNING:at_kernel/ucount.c:#dec_rlimit_ucounts
` [PATCH v5 7/7] kselftests: Add test to check for rlimit changes in different user namespaces

forkat(int pidfd), execveat(int pidfd), other awful things?
 2021-02-02  9:23 UTC  (6+ messages) - mbox.gz / Atom

[PATCH v27 00/12] Landlock LSM
 2021-01-27 19:57 UTC  (17+ messages) - mbox.gz / Atom
` [PATCH v27 01/12] landlock: Add object management
` [PATCH v27 02/12] landlock: Add ruleset and domain management
` [PATCH v27 03/12] landlock: Set up the security framework and manage credentials
` [PATCH v27 04/12] landlock: Add ptrace restrictions
` [PATCH v27 05/12] LSM: Infrastructure management of the superblock
` [PATCH v27 06/12] fs,security: Add sb_delete hook
` [PATCH v27 07/12] landlock: Support filesystem access-control
` [PATCH v27 08/12] landlock: Add syscall implementations
` [PATCH v27 09/12] arch: Wire up Landlock syscalls
` [PATCH v27 10/12] selftests/landlock: Add user space tests
` [PATCH v27 11/12] samples/landlock: Add a sandbox manager example
` [PATCH v27 12/12] landlock: Add user and kernel documentation

[PATCH v4 00/10] Function Granular KASLR
 2021-01-25 17:21 UTC  (12+ messages) - mbox.gz / Atom

[PATCH kspp-next] kbuild: prevent CC_FLAGS_LTO self-bloating on recursive rebuilds
 2021-01-22 19:33 UTC  (2+ messages) - mbox.gz / Atom

[PATCH v4 0/7] Count rlimits in each user namespace
 2021-01-22 13:00 UTC  (8+ messages) - mbox.gz / Atom
` [PATCH v4 1/7] Add a reference to ucounts for each cred
` [PATCH v4 2/7] Move RLIMIT_NPROC counter to ucounts
` [PATCH v4 3/7] Move RLIMIT_MSGQUEUE "
` [PATCH v4 4/7] Move RLIMIT_SIGPENDING "
` [PATCH v4 5/7] Move RLIMIT_MEMLOCK "
` [PATCH v4 6/7] Move RLIMIT_NPROC check to the place where we increment the counter
` [PATCH v4 7/7] kselftests: Add test to check for rlimit changes in different user namespaces

[RFC PATCH v3 0/8] Count rlimits in each user namespace
 2021-01-21 16:07 UTC  (13+ messages) - mbox.gz / Atom
` [RFC PATCH v3 1/8] Use refcount_t for ucounts reference counting
  ` c25050162e: WARNING:at_lib/refcount.c:#refcount_warn_saturate

[RFC PATCH v3 2/8] Add a reference to ucounts for each cred
 2021-01-18  8:31 UTC  (3+ messages) - mbox.gz / Atom
` 14c3c8a27f: kernel_BUG_at_kernel/cred.c
` [PATCH v4 2/8] Add a reference to ucounts for each cred

[PATCH v26 00/12] Landlock LSM
 2021-01-16 17:16 UTC  (8+ messages) - mbox.gz / Atom
` [PATCH v26 07/12] landlock: Support filesystem access-control

page: 

Kernel-hardening Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/kernel-hardening/0 kernel-hardening/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 kernel-hardening kernel-hardening/ https://lore.kernel.org/kernel-hardening \
		kernel-hardening@lists.openwall.com
	public-inbox-index kernel-hardening

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.openwall.lists.kernel-hardening


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git