Linux-Security-Module Archive on lore.kernel.org
 help / color / Atom feed
[PATCH v9 0/4] Introduce TEE based Trusted Keys support
 2021-04-20 23:16 UTC  (3+ messages) - mbox.gz / Atom
` [PATCH v9 1/4] KEYS: trusted: Add generic trusted keys framework

[PATCH 000/141] Fix fall-through warnings for Clang
 2021-04-20 22:17 UTC  (5+ messages) - mbox.gz / Atom
` [PATCH 010/141] ima: "

[PATCH v2 0/2] Add support for ECDSA-signed kernel modules
 2021-04-20 21:02 UTC  (9+ messages) - mbox.gz / Atom
` [PATCH v2 1/2] certs: Trigger creation of RSA module signing key if it's not an RSA key
` [PATCH v2 2/2] certs: Add support for using elliptic curve keys for signing modules

[PATCH 0/5] evm: Prepare for moving to the LSM infrastructure
 2021-04-20 16:09 UTC  (12+ messages) - mbox.gz / Atom
` [PATCH 1/5] xattr: Complete constify ->name member of "struct xattr"
` [PATCH 2/5] security: Support multiple LSMs implementing the inode_init_security hook
` [PATCH 3/5] security: Pass xattrs allocated by LSMs to "
` [PATCH 4/5] evm: Align evm_inode_init_security() definition with LSM infrastructure
` [PATCH 5/5] evm: Support multiple LSMs providing an xattr

[PATCH v3 18/18] keyctl_pkey: Add pkey parameters saltlen and mgfhash for PSS
 2021-04-20 13:27 UTC  (2+ messages) - mbox.gz / Atom

[PATCH v2 18/18] keyctl_pkey: Add pkey parameters slen and mgfhash for PSS
 2021-04-20 11:46 UTC  (4+ messages) - mbox.gz / Atom

[RFC PATCH] integrity: fix null ptr dereference in integrity_inode_free()
 2021-04-19 18:18 UTC  - mbox.gz / Atom

[PATCH] lsm:fix a missing-check bug in smack_sb_eat_lsm_opts()
 2021-04-19  2:58 UTC  (3+ messages) - mbox.gz / Atom

[PATCH v3] lsm:fix a missing-check bug in smack_sb_eat_lsm_opts()
 2021-04-19  2:55 UTC  - mbox.gz / Atom

[PATCH 0/3] LSM Documentation - Render lsm_hooks.h for kernel_docs
 2021-04-16 16:43 UTC  (5+ messages) - mbox.gz / Atom
` [PATCH 1/3] Documentation/security: Update LSM security hook text
` [PATCH 2/3] include/linux: Update LSM hook text part1
` [PATCH 3/3] include/linux: Update LSM hook text part2

Fix for CVE-2020-26541
 2021-04-16 15:14 UTC  - mbox.gz / Atom

[PATCH] KEYS: trusted: fix a couple error pointer dereferences
 2021-04-16 14:08 UTC  (5+ messages) - mbox.gz / Atom

[PATCH v2] lsm:fix a missing-check bug in smack_sb_eat_lsm_opts()
 2021-04-16 10:12 UTC  - mbox.gz / Atom

[PATCH RESEND v5] proc: Allow pid_revalidate() during LOOKUP_RCU
 2021-04-16  1:16 UTC  - mbox.gz / Atom

[PATCH] security: commoncap: clean up kernel-doc comments
 2021-04-15 16:19 UTC  (3+ messages) - mbox.gz / Atom

[RFC PATCH 0/3] LSM Documentation - Render lsm_hooks.h for kernel_docs
 2021-04-15 13:59 UTC  (5+ messages) - mbox.gz / Atom

null-ptr-deref in integrity_inode_free()
 2021-04-14 20:36 UTC  (4+ messages) - mbox.gz / Atom

[PATCH][next] KEYS: trusted: Fix missing null return from kzalloc call
 2021-04-14 11:07 UTC  (6+ messages) - mbox.gz / Atom

[syzbot] WARNING in unsafe_follow_pfn
 2021-04-14  4:37 UTC  (8+ messages) - mbox.gz / Atom

[PATCH] security: keys: trusted: prevent memory leak in error path
 2021-04-13 20:13 UTC  - mbox.gz / Atom

[PATCH v6 24/40] fs: make helpers idmap mount aware
 2021-04-13  8:26 UTC  (3+ messages) - mbox.gz / Atom

[PATCH 0/7 v2] tracing: Fix tracefs lockdown and various clean ups
 2021-04-13  8:13 UTC  (3+ messages) - mbox.gz / Atom
` [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect

[PATCH -next] KEYS: trusted: Switch to kmemdup_nul()
 2021-04-12 16:00 UTC  - mbox.gz / Atom

[syzbot] WARNING in smk_set_cipso (2)
 2021-04-12 13:28 UTC  (2+ messages) - mbox.gz / Atom

[PATCH] LoadPin: Allow filesystem switch when not enforcing
 2021-04-11  6:02 UTC  (3+ messages) - mbox.gz / Atom

[RFC] Tainting tasks after poking at them
 2021-04-10 20:22 UTC  - mbox.gz / Atom

[PATCH v2] integrity: Add declarations to init_once void arguments
 2021-04-10  3:19 UTC  (4+ messages) - mbox.gz / Atom

[GIT PULL] SELinux fixes for v5.12 (#2)
 2021-04-09 19:59 UTC  (2+ messages) - mbox.gz / Atom

[PATCH v2] ima: Fix function name error in comment
 2021-04-09 18:50 UTC  (3+ messages) - mbox.gz / Atom

[PATCH v4 0/3] ima: kernel build support for loading the kernel module signing key
 2021-04-09 18:48 UTC  (5+ messages) - mbox.gz / Atom
` [PATCH v4 1/3] keys: cleanup build time module signing keys
` [PATCH v4 2/3] ima: enable signing of modules with build time generated key
` [PATCH v4 3/3] ima: enable loading of build time generated key on .ima keyring

[PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
 2021-04-09 17:43 UTC  (7+ messages) - mbox.gz / Atom
` [PATCH 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag
` [PATCH 2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount

[PATCH v12 0/3] Add trusted_for(2) (was O_MAYEXEC)
 2021-04-09 17:15 UTC  (3+ messages) - mbox.gz / Atom

[PATCH v33 00/12] Landlock LSM
 2021-04-09 16:04 UTC  (15+ messages) - mbox.gz / Atom
` [PATCH v33 01/12] landlock: Add object management
` [PATCH v33 02/12] landlock: Add ruleset and domain management
` [PATCH v33 03/12] landlock: Set up the security framework and manage credentials
` [PATCH v33 04/12] landlock: Add ptrace restrictions
` [PATCH v33 05/12] LSM: Infrastructure management of the superblock
` [PATCH v33 06/12] fs,security: Add sb_delete hook
` [PATCH v33 07/12] landlock: Support filesystem access-control
` [PATCH v33 08/12] landlock: Add syscall implementations
` [PATCH v33 09/12] arch: Wire up Landlock syscalls
` [PATCH v33 11/12] samples/landlock: Add a sandbox manager example
` [PATCH v33 12/12] landlock: Add user and kernel documentation

[PATCH 0/7] ima/evm: Small enhancements
 2021-04-09 11:43 UTC  (8+ messages) - mbox.gz / Atom
` [PATCH 1/7] ima: Avoid measurement and audit if access to the file will be denied
` [PATCH 2/7] ima: Add meta_immutable appraisal type
` [PATCH 3/7] ima: Introduce exec_tcb and tmpfs policies
` [PATCH 4/7] ima: Introduce appraise_exec_tcb and appraise_tmpfs policies
` [PATCH 5/7] ima: Introduce appraise_exec_immutable policy
` [PATCH 6/7] evm: Allow choice of hash algorithm for HMAC
` [PATCH 7/7] evm: Extend evm= with allow_metadata_writes and complete values

[PATCH] fs_context: drop the unused lsm_flags member
 2021-04-09 11:12 UTC  - mbox.gz / Atom

[PATCH 2/2] selinux:Delete selinux_xfrm_policy_lookup() useless argument
 2021-04-09  5:48 UTC  - mbox.gz / Atom

[PATCH] selinux:Delete selinux_xfrm_policy_lookup() useless argument
 2021-04-08 16:18 UTC  (2+ messages) - mbox.gz / Atom

[PATCH] selinux:Delete selinux_xfrm_policy_lookup() useless argument
 2021-04-08  8:36 UTC  - mbox.gz / Atom

[PATCH 0/2] Add support for ECDSA-signed kernel modules
 2021-04-07 20:15 UTC  (7+ messages) - mbox.gz / Atom
` [PATCH 1/2] certs: Trigger recreation of module signing key if it's not an RSA key
` [PATCH 2/2] certs: Add support for using elliptic curve keys for signing modules

[PATCH v5 00/12] evm: Improve usability of portable signatures
 2021-04-07 19:28 UTC  (20+ messages) - mbox.gz / Atom
` [PATCH v5 01/12] evm: Execute evm_inode_init_security() only when an HMAC key is loaded
` [PATCH v5 02/12] evm: Load EVM key in ima_load_x509() to avoid appraisal
` [PATCH v5 03/12] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
` [PATCH v5 04/12] ima: Move ima_reset_appraise_flags() call to post hooks
` [PATCH v5 05/12] evm: Introduce evm_status_revalidate()
` [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe
` [PATCH v5 07/12] evm: Allow xattr/attr operations for portable signatures
` [PATCH v5 08/12] evm: Pass user namespace to set/remove xattr hooks
` [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata
    ` [RESEND][PATCH "
` [PATCH v5 10/12] ima: Allow imasig requirement to be satisfied by EVM portable signatures
` [PATCH v5 11/12] ima: Introduce template field evmsig and write to field sig as fallback
` [PATCH v5 12/12] ima: Don't remove security.ima if file must not be appraised

cert update procedure with insert-sys-cert
 2021-04-07 18:08 UTC  - mbox.gz / Atom

[PATCH v7 0/5] Enable root to update the blacklist keyring
 2021-04-07 17:21 UTC  (2+ messages) - mbox.gz / Atom

LSM and setxattr helpers
 2021-04-06 15:43 UTC  (5+ messages) - mbox.gz / Atom

[PATCH] integrity/ima: Add declarations to init_once void arguments
 2021-04-06 12:46 UTC  (5+ messages) - mbox.gz / Atom

[PATCH 00/11] treewide: address gcc-11 -Wstringop-overread warnings
 2021-04-06  4:53 UTC  (2+ messages) - mbox.gz / Atom

[PATCH -next] KEYS: trusted: Switch to kmemdup_nul()
 2021-04-04 16:01 UTC  (2+ messages) - mbox.gz / Atom

[PATCH] apparmor: avoid -Wempty-body warning
 2021-04-03 18:26 UTC  (2+ messages) - mbox.gz / Atom

[PATCH v3 0/3] ima: kernel build support for loading the kernel module signing key
 2021-04-02 11:29 UTC  (5+ messages) - mbox.gz / Atom
` [PATCH v3 2/3] ima: enable signing of modules with build time generated key
` [PATCH v3 3/3] ima: enable loading of build time generated key on .ima keyring

[PATCH v1 0/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys
 2021-04-02  1:49 UTC  (31+ messages) - mbox.gz / Atom
` [PATCH v1 3/3] "

[PATCH v32 00/12] Landlock LSM
 2021-04-01 20:52 UTC  (12+ messages) - mbox.gz / Atom
` [PATCH v32 01/12] landlock: Add object management
` [PATCH v32 02/12] landlock: Add ruleset and domain management
` [PATCH v32 03/12] landlock: Set up the security framework and manage credentials
` [PATCH v32 04/12] landlock: Add ptrace restrictions
` [PATCH v32 05/12] LSM: Infrastructure management of the superblock
` [PATCH v32 06/12] fs,security: Add sb_delete hook
` [PATCH v32 07/12] landlock: Support filesystem access-control
` [PATCH v32 08/12] landlock: Add syscall implementations
` [PATCH v32 09/12] arch: Wire up Landlock syscalls
` [PATCH v32 11/12] samples/landlock: Add a sandbox manager example
` [PATCH v32 12/12] landlock: Add user and kernel documentation

[PATCH v31 00/12] Landlock LSM
 2021-04-01 17:12 UTC  (5+ messages) - mbox.gz / Atom
` [PATCH v31 07/12] landlock: Support filesystem access-control

page: 

Linux-Security-Module Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-security-module/0 linux-security-module/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-security-module linux-security-module/ https://lore.kernel.org/linux-security-module \
		linux-security-module@vger.kernel.org
	public-inbox-index linux-security-module

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-security-module


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git