Linux-Security-Module Archive on lore.kernel.org
 help / color / Atom feed
[PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
 2019-08-23 23:09 UTC  (54+ messages) - mbox.gz / Atom
                          ` RFC: very rough draft of a bpf permission model

[PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
 2019-08-23 21:41 UTC  (8+ messages) - mbox.gz / Atom

New skb extension for use by LSMs (skb "security blob")?
 2019-08-23 18:56 UTC  (17+ messages) - mbox.gz / Atom

[PATCH 2/2] selinux: use netlink_receive hook
 2019-08-23  1:54 UTC  (3+ messages) - mbox.gz / Atom

possible deadlock in ext4_evict_inode
 2019-08-22 16:44 UTC  (3+ messages) - mbox.gz / Atom
` [PATCH] smack: use GFP_NOFS while holding inode_smack::smk_lock

KASAN: use-after-free Read in tomoyo_realpath_from_path
 2019-08-22 15:47 UTC  (11+ messages) - mbox.gz / Atom
  ` [PATCH] tomoyo: Don't check open/getattr permission on sockets
        ` [PATCH v2] "

[PATCH 02/10] vfs: syscall: Add move_mount(2) to move mounts around
 2019-08-22  3:51 UTC  (11+ messages) - mbox.gz / Atom
                  ` [RFC][PATCH] fix d_absolute_path() interplay with fsmount()

[GIT PULL] Keys: Set 4 - Key ACLs for 5.3
 2019-08-21 19:22 UTC  (10+ messages) - mbox.gz / Atom

[PATCH v5 0/4] Create and consolidate trusted keys subsystem
 2019-08-21 19:20 UTC  (6+ messages) - mbox.gz / Atom
` [PATCH v5 1/4] tpm: move tpm_buf code to include/linux/
` [PATCH v5 2/4] KEYS: trusted: use common tpm_buf for TPM1.x code
` [PATCH v5 3/4] KEYS: trusted: create trusted keys subsystem
` [PATCH v5 4/4] KEYS: trusted: move tpm2 trusted keys code

[PATCH] tpm_tis: Fix interrupt probing
 2019-08-21 19:15 UTC  (2+ messages) - mbox.gz / Atom

[RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem
 2019-08-21 19:13 UTC  (22+ messages) - mbox.gz / Atom
` [RFC/RFT v4 1/5] tpm: move tpm_buf code to include/linux/
` [RFC/RFT v4 2/5] KEYS: trusted: use common tpm_buf for TPM1.x code
` [RFC/RFT v4 3/5] KEYS: trusted: create trusted keys subsystem
` [RFC/RFT v4 4/5] KEYS: trusted: move tpm2 trusted keys code
` [RFC/RFT v4 5/5] KEYS: trusted: Add generic trusted keys framework

[PATCH V40 00/29] Add kernel lockdown functionality
 2019-08-20 22:08 UTC  (38+ messages) - mbox.gz / Atom
` [PATCH V40 01/29] security: Support early LSMs
` [PATCH V40 02/29] security: Add a "locked down" LSM hook
` [PATCH V40 03/29] security: Add a static lockdown policy LSM
` [PATCH V40 04/29] lockdown: Enforce module signatures if the kernel is locked down
` [PATCH V40 05/29] lockdown: Restrict /dev/{mem,kmem,port} when "
` [PATCH V40 06/29] kexec_load: Disable at runtime if "
` [PATCH V40 07/29] lockdown: Copy secure_boot flag in boot params across kexec reboot
` [PATCH V40 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
` [PATCH V40 09/29] kexec_file: Restrict at runtime if the kernel is locked down
` [PATCH V40 10/29] hibernate: Disable when "
` [PATCH V40 11/29] PCI: Lock down BAR access "
` [PATCH V40 12/29] x86: Lock down IO port "
` [PATCH V40 13/29] x86/msr: Restrict MSR "
` [PATCH V40 14/29] ACPI: Limit access to custom_method "
` [PATCH V40 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been "
` [PATCH V40 16/29] acpi: Disable ACPI table override if the kernel is "
` [PATCH V40 17/29] lockdown: Prohibit PCMCIA CIS storage when "
` [PATCH V40 18/29] lockdown: Lock down TIOCSSERIAL
` [PATCH V40 19/29] lockdown: Lock down module params that specify hardware parameters (eg. ioport)
` [PATCH V40 20/29] x86/mmiotrace: Lock down the testmmiotrace module
` [PATCH V40 21/29] lockdown: Lock down /proc/kcore
` [PATCH V40 22/29] lockdown: Lock down tracing and perf kprobes when in confidentiality mode
` [PATCH V40 23/29] bpf: Restrict bpf when kernel lockdown is "
` [PATCH V40 24/29] lockdown: Lock down perf when "
` [PATCH V40 25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down
` [PATCH V40 26/29] debugfs: Restrict debugfs when the kernel is "
` [PATCH V40 27/29] tracefs: Restrict tracefs "
` [PATCH V40 28/29] efi: Restrict efivar_ssdt_load "
` [PATCH V40 29/29] lockdown: Print current->comm in restriction messages

[PATCH] keys: Fix description size
 2019-08-19 16:44 UTC  (2+ messages) - mbox.gz / Atom

[WIP][RFC][PATCH 0/3] Introduce Infoflow LSM
 2019-08-19 14:52 UTC  (5+ messages) - mbox.gz / Atom
` [WIP][RFC][PATCH 1/3] security: introduce call_int_hook_and() macro
` [WIP][RFC][PATCH 2/3] lsm notifier: distinguish between state change and policy change
` [WIP][RFC][PATCH 3/3] security: add infoflow LSM

[RFC PATCH v3] security,capability: pass object information to security_capable
 2019-08-16 16:36 UTC  (4+ messages) - mbox.gz / Atom
  ` [RFC PATCH v3] security, capability: "

[RFC PATCH v2] security,capability: pass object information to security_capable
 2019-08-16 16:29 UTC  (9+ messages) - mbox.gz / Atom
  ` [Non-DoD Source] Re: [RFC PATCH v2] security, capability: "
        `  "

[RFC PATCH] audit, security: allow LSMs to selectively enable audit collection
 2019-08-15 17:41 UTC  - mbox.gz / Atom

[PATCH 0/2] keys: ACLs
 2019-08-14 22:41 UTC  (7+ messages) - mbox.gz / Atom
` [PATCH 1/2] KEYS: Replace uid/gid/perm permissions checking with an ACL

[PATCH 0/6] lockdown fixups
 2019-08-14 18:26 UTC  (14+ messages) - mbox.gz / Atom
` [PATCH 1/6] tracefs: Fix potential null dereference in default_file_open()
` [PATCH 2/6] early_security_init() needs a stub got !CONFIG_SECURITY
` [PATCH 3/6] Avoid build warning when !CONFIG_KEXEC_SIG
` [PATCH 4/6] security: fix ptr_ret.cocci warnings
` [PATCH 5/6] kexec: s/KEXEC_VERIFY_SIG/KEXEC_SIG/ for consistency
` [PATCH 6/6] Document locked_down LSM hook

[PATCH V38 00/29] security: Add support for locking down the kernel
 2019-08-14 18:02 UTC  (12+ messages) - mbox.gz / Atom
` [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down

[PATCH V37 00/29] security: Add support for locking down the kernel
 2019-08-14  6:12 UTC  (5+ messages) - mbox.gz / Atom
` [PATCH V37 27/29] tracefs: Restrict tracefs when the kernel is locked down
            ` [PATCH] tracefs: Fix NULL pointer dereference when no lockdown is used

[RFC PATCH v5 0/1] Add dm verity root hash pkcs7 sig validation
 2019-08-13 18:49 UTC  (4+ messages) - mbox.gz / Atom
` [RFC PATCH v5 1/1] "

[PATCH] Add flags option to get xattr method paired to __vfs_getxattr
 2019-08-13 14:44 UTC  - mbox.gz / Atom

[RFC/RFT v3 0/3] KEYS: trusted: Add generic trusted keys framework
 2019-08-13  7:59 UTC  (6+ messages) - mbox.gz / Atom
` [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code

[PATCH v3] fanotify, inotify, dnotify, security: add security hook for fs notifications
 2019-08-12 22:04 UTC  (2+ messages) - mbox.gz / Atom

[security:next-lockdown 3/29] security/lockdown/lockdown.c:157:1-3: WARNING: PTR_ERR_OR_ZERO can be used
 2019-08-12 18:00 UTC  (3+ messages) - mbox.gz / Atom
` [PATCH] security: fix ptr_ret.cocci warnings

page: 

Linux-Security-Module Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-security-module/0 linux-security-module/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-security-module linux-security-module/ https://lore.kernel.org/linux-security-module \
		linux-security-module@vger.kernel.org linux-security-module@archiver.kernel.org
	public-inbox-index linux-security-module


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-security-module


AGPL code for this site: git clone https://public-inbox.org/ public-inbox