linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
[PATCH v5 0/6] DCP as trusted keys backend
 2024-02-25 22:20 UTC  (4+ messages)

[PATCH net-next v3 00/11] selftests: kselftest_harness: support using xfail
 2024-02-24  0:02 UTC  (21+ messages)
` [PATCH net-next v3 01/11] selftests: kselftest_harness: pass step via shared memory
` [PATCH net-next v3 02/11] selftests: kselftest_harness: use KSFT_* exit codes
` [PATCH net-next v3 03/11] selftests: kselftest_harness: generate test name once
` [PATCH net-next v3 04/11] selftests: kselftest_harness: save full exit code in metadata
` [PATCH net-next v3 05/11] selftests: kselftest_harness: use exit code to store skip
` [PATCH net-next v3 06/11] selftests: kselftest: add ksft_test_result_code(), handling all exit codes
` [PATCH net-next v3 07/11] selftests: kselftest_harness: print test name for SKIP
` [PATCH net-next v3 08/11] selftests: kselftest_harness: separate diagnostic message with # in ksft_test_result_code()
` [PATCH net-next v3 09/11] selftests: kselftest_harness: let PASS / FAIL provide diagnostic
` [PATCH net-next v3 10/11] selftests: kselftest_harness: support using xfail
` [PATCH net-next v3 11/11] selftests: ip_local_port_range: use XFAIL instead of SKIP

[PATCH 1/2] SELinux: Fix lsm_get_self_attr()
 2024-02-23 22:21 UTC  (10+ messages)
` [PATCH 2/2] AppArmor: "

[PATCH v3 00/10] evm: Support signatures on stacked filesystem
 2024-02-23 17:25 UTC  (11+ messages)
` [PATCH v3 01/10] ima: Rename backing_inode to real_inode
` [PATCH v3 02/10] security: allow finer granularity in permitting copy-up of security xattrs
` [PATCH v3 03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr
` [PATCH v3 04/10] evm: Use the metadata inode to calculate metadata hash
` [PATCH v3 05/10] ima: Move file-change detection variables into new structure
` [PATCH v3 06/10] evm: Store and detect metadata inode attributes changes
` [PATCH v3 07/10] ima: re-evaluate file integrity on file metadata change
` [PATCH v3 08/10] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509
` [PATCH v3 09/10] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED
` [PATCH v3 10/10] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs

[PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities
 2024-02-23  9:04 UTC  (56+ messages)
` [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h
` [PATCH v2 02/25] mnt_idmapping: include cred.h
` [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data
` [PATCH v2 04/25] capability: rename cpu_vfs_cap_data to vfs_caps
` [PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids
` [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps
` [PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace
` [PATCH v2 08/25] xattr: add is_fscaps_xattr() helper
` [PATCH v2 09/25] commoncap: use is_fscaps_xattr()
` [PATCH v2 10/25] xattr: "
` [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps
` [PATCH v2 12/25] selinux: add hooks for fscaps operations
` [PATCH v2 13/25] smack: "
` [PATCH v2 14/25] evm: add support for fscaps security hooks
` [PATCH v2 15/25] security: call evm fscaps hooks from generic "
` [PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps
` [PATCH v2 17/25] fs: add vfs_get_fscaps()
` [PATCH v2 18/25] fs: add vfs_set_fscaps()
` [PATCH v2 19/25] fs: add vfs_remove_fscaps()
` [PATCH v2 20/25] ovl: add fscaps handlers
` [PATCH v2 21/25] ovl: use vfs_{get,set}_fscaps() for copy-up
` [PATCH v2 22/25] fs: use vfs interfaces for capabilities xattrs
` [PATCH v2 23/25] commoncap: remove cap_inode_getsecurity()
` [PATCH v2 24/25] commoncap: use vfs fscaps interfaces
` [PATCH v2 25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr()

[PATCH] security: use default hook return value in call_int_hook()
 2024-02-22 21:52 UTC  (2+ messages)

[RFC 0/8] PGP key parser using SandBox Mode
 2024-02-22 18:03 UTC  (10+ messages)
` [RFC 0/5] PoC: convert AppArmor parser to "
  ` [RFC 1/5] sbm: x86: fix SBM error entry path
  ` [RFC 2/5] sbm: enhance buffer mapping API
  ` [RFC 3/5] sbm: x86: infrastructure to fix up sandbox faults
  ` [RFC 4/5] sbm: fix up calls to dynamic memory allocators
  ` [RFC 5/5] apparmor: parse profiles in sandbox mode

[syzbot] [keyrings?] [lsm?] KASAN: slab-out-of-bounds Read in key_task_permission (2)
 2024-02-22 10:40 UTC 

TOCTOU-free exec(), chdir(), open() with O_PATH sandbox emulation support?
 2024-02-22  6:41 UTC 

[PATCH] LSM: Fix typos in security/security.c comment headers
 2024-02-22  0:03 UTC  (2+ messages)

[PATCH] landlock: Warn once if a Landlock action is requested while disabled
 2024-02-21 21:35 UTC  (3+ messages)

[PATCH] proc: allow restricting /proc/pid/mem writes
 2024-02-21 21:06 UTC 

smack: Possible NULL pointer deref in cred_free hook
 2024-02-21 17:40 UTC  (13+ messages)

[PATCH 5.4,4.19] lsm: new security_file_ioctl_compat() hook
 2024-02-21 10:52 UTC  (2+ messages)

[PATCH v2 0/9] evm: Support signatures on stacked filesystem
 2024-02-20 22:57 UTC  (3+ messages)
` [PATCH v2 2/9] security: allow finer granularity in permitting copy-up of security xattrs

[syzbot] [integrity?] [lsm?] KMSAN: uninit-value in ima_add_template_entry
 2024-02-20 10:40 UTC  (2+ messages)

[syzbot] [apparmor?] [ext4?] general protection fault in common_perm_cond
 2024-02-20 10:00 UTC  (3+ messages)

memory leak in smack since de93 e515 db30 ("Smack: Improve mount process memory use")
 2024-02-20  7:40 UTC 

[PATCH v9 0/8] Landlock: IOCTL support
 2024-02-19 21:44 UTC  (10+ messages)
` [PATCH v9 1/8] landlock: Add IOCTL access right
    ` [RFC PATCH] fs: Add vfs_masks_device_ioctl*() helpers

[PATCH] landlock: Fix asymmetric private inodes referring
 2024-02-19 19:03 UTC 

[PATCH 02/13] Add TSEM specific documentation
 2024-02-19 11:16 UTC  (5+ messages)
` [PATCH 2/13] "

[PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure
 2024-02-16 22:34 UTC  (31+ messages)
` [PATCH v10 01/25] ima: Align ima_inode_post_setattr() definition with "
` [PATCH v10 02/25] ima: Align ima_file_mprotect() "
` [PATCH v10 03/25] ima: Align ima_inode_setxattr() "
` [PATCH v10 04/25] ima: Align ima_inode_removexattr() "
` [PATCH v10 05/25] ima: Align ima_post_read_file() "
` [PATCH v10 06/25] evm: Align evm_inode_post_setattr() "
` [PATCH v10 07/25] evm: Align evm_inode_setxattr() "
` [PATCH v10 08/25] evm: Align evm_inode_post_setxattr() "
` [PATCH v10 09/25] security: Align inode_setattr hook definition with EVM
` [PATCH v10 10/25] security: Introduce inode_post_setattr hook
` [PATCH v10 11/25] security: Introduce inode_post_removexattr hook
` [PATCH v10 12/25] security: Introduce file_post_open hook
` [PATCH v10 13/25] security: Introduce file_release hook
` [PATCH v10 14/25] security: Introduce path_post_mknod hook
` [PATCH v10 15/25] security: Introduce inode_post_create_tmpfile hook
` [PATCH v10 16/25] security: Introduce inode_post_set_acl hook
` [PATCH v10 17/25] security: Introduce inode_post_remove_acl hook
` [PATCH v10 18/25] security: Introduce key_post_create_or_update hook
` [PATCH v10 19/25] integrity: Move integrity_kernel_module_request() to IMA
` [PATCH v10 20/25] ima: Move to LSM infrastructure
` [PATCH v10 21/25] ima: Move IMA-Appraisal "
` [PATCH v10 22/25] evm: Move "
` [PATCH v10 23/25] evm: Make it independent from 'integrity' LSM
` [PATCH v10 24/25] ima: "
` [PATCH v10 25/25] integrity: Remove LSM
` [PATCH v10 0/25] security: Move IMA and EVM to the LSM infrastructure

[GIT PULL] lsm/lsm-pr-20240215
 2024-02-16 17:11 UTC  (2+ messages)

[PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
 2024-02-16 13:10 UTC  (4+ messages)
` [PATCH v2] integrity: eliminate unnecessary "Problem loading X.509 certificate" msg

[PATCH v3 1/3] LSM: add security_execve_abort() hook
 2024-02-15 23:47 UTC  (8+ messages)

[PATCH v9 00/25] security: Move IMA and EVM to the LSM infrastructure
 2024-02-15 15:02 UTC  (17+ messages)
` [PATCH v9 12/25] security: Introduce file_post_open hook
` [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA

[PATCH] security: fix integer overflow in lsm_set_self_attr() syscall
 2024-02-15 13:02 UTC  (6+ messages)

[PATCH v1 5/5] sbm: SandBox Mode documentation
 2024-02-15  8:52 UTC 

[GIT PULL] Landlock fixes for v6.8-rc5
 2024-02-15  0:12 UTC  (2+ messages)

[RFC][PATCH 0/8] ima: Integrate with digest_cache LSM
 2024-02-14 14:35 UTC  (6+ messages)
` [RFC][PATCH 4/8] ima: Add digest_cache_measure and digest_cache_appraise boot-time policies
` [RFC][PATCH 5/8] ima: Record IMA verification result of digest lists in digest cache
` [RFC][PATCH 6/8] ima: Use digest cache for measurement
` [RFC][PATCH 7/8] ima: Use digest cache for appraisal
` [RFC][PATCH 8/8] ima: Detect if digest cache changed since last measurement/appraisal


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).