messages from 2019-02-28 22:20:24 to 2019-03-07 20:25:25 UTC [more...]
[PATCH v2 00/20] Merge text_poke fixes and executable lockdowns
2019-03-07 20:25 UTC (18+ messages)
` [PATCH v2 10/20] x86: avoid W^X being broken during modules loading
` [PATCH] x86/cpufeature: Remove __pure attribute to _static_cpu_has()
[PATCH 0/1] RFC: introduce CONFIG_INIT_ALL_MEMORY
2019-03-07 18:37 UTC (4+ messages)
` [PATCH 1/1] RFC: initmem: introduce CONFIG_INIT_ALL_MEMORY and CONFIG_INIT_ALL_STACK
[PULL REQUEST] Kernel lockdown patches for 5.2
2019-03-07 17:32 UTC (35+ messages)
` [PATCH 01/27] Add the ability to lock down access to the running kernel image
` [PATCH 02/27] Add a SysRq option to lift kernel lockdown
` [PATCH 03/27] Enforce module signatures if the kernel is locked down
` [PATCH 04/27] Restrict /dev/{mem,kmem,port} when "
` [PATCH 05/27] kexec_load: Disable at runtime if "
` [PATCH 06/27] Copy secure_boot flag in boot params across kexec reboot
` [PATCH 07/27] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
` [PATCH 08/27] kexec_file: Restrict at runtime if the kernel is locked down
` [PATCH 09/27] hibernate: Disable when "
` [PATCH 10/27] uswsusp: "
` [PATCH 11/27] PCI: Lock down BAR access "
` [PATCH 12/27] x86: Lock down IO port "
` [PATCH 13/27] x86/msr: Restrict MSR "
` [PATCH 14/27] ACPI: Limit access to custom_method "
` [PATCH 15/27] acpi: Ignore acpi_rsdp kernel param when the kernel has been "
` [PATCH 16/27] acpi: Disable ACPI table override if the kernel is "
` [PATCH 17/27] acpi: Disable APEI error injection "
` [PATCH 18/27] Prohibit PCMCIA CIS storage when "
` [PATCH 19/27] Lock down TIOCSSERIAL
` [PATCH 20/27] Lock down module params that specify hardware parameters (eg. ioport)
` [PATCH 21/27] x86/mmiotrace: Lock down the testmmiotrace module
` [PATCH 22/27] Lock down /proc/kcore
` [PATCH 23/27] Lock down kprobes
` [PATCH 24/27] bpf: Restrict kernel image access functions when the kernel is locked down
` [PATCH 25/27] Lock down perf
` [PATCH 26/27] debugfs: Restrict debugfs when the kernel is locked down
` [PATCH 27/27] lockdown: Print current->comm in restriction messages
[RFC PATCH 0/2] Create CAAM HW key in linux keyring and use in dmcrypt
2019-03-07 13:17 UTC (7+ messages)
` [RFC PATCH 1/2] drivers: crypto: caam: key: Add caam_tk key type
` [RFC PATCH 2/2] dm-crypt: Use any key type which is registered
[PATCH 1/1] smack: removal of global rule list
2019-03-07 11:25 UTC
[PATCH 1/1] Smack :- In this patch, global rule list has been removed. Now all smack rules will be read using "smack_known_list". This list contains all the smack labels and internally each smack label structure maintains the list of smack rules corresponding to that smack label. So there is no need to maintain extra list
2019-03-07 9:23 UTC
[PATCH v7 0/7] Allow initializing the kernfs node's secctx based on its parent
2019-03-07 9:01 UTC (6+ messages)
[PATCH] security: keys: Kconfig: pedantic cleanup
2019-03-06 18:57 UTC
[PATCH] vfs: Move kernel_read_file() to fs/read_write.c
2019-03-05 23:18 UTC
[GIT PULL] SELinux patches for v5.1
2019-03-05 22:17 UTC
[GIT PULL] security subsystem changes for v5.1
2019-03-05 18:57 UTC
[PATCH v5 1/2] LSM: SafeSetID: gate setgid transitions
2019-03-05 15:52 UTC (2+ messages)
` [PATCH v4 2/2] "
[PATCH v3 1/2] LSM: SafeSetID: gate setgid transitions
2019-03-05 15:46 UTC (8+ messages)
` [PATCH v4 2/2] "
` [PATCH v4 1/2] "
` [PATCH v5 "
[PATCH] keys: fix missing __user in KEYCTL_PKEY_QUERY
2019-03-05 7:41 UTC (4+ messages)
[PATCH] tomoyo: Add a kernel config option for fuzzing testing
2019-03-05 3:32 UTC (5+ messages)
[PULL REQUEST] Lock down patches
2019-03-04 22:10 UTC (44+ messages)
` [PATCH 01/27] Add the ability to lock down access to the running kernel image
` [PATCH 02/27] Add a SysRq option to lift kernel lockdown
` [PATCH 03/27] Enforce module signatures if the kernel is locked down
` [PATCH 04/27] Restrict /dev/{mem,kmem,port} when "
` [PATCH 05/27] kexec_load: Disable at runtime if "
` [PATCH 06/27] Copy secure_boot flag in boot params across kexec reboot
` [PATCH 07/27] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
` [PATCH 08/27] kexec_file: Restrict at runtime if the kernel is locked down
` [PATCH 09/27] hibernate: Disable when "
` [PATCH 10/27] uswsusp: "
` [PATCH 11/27] PCI: Lock down BAR access "
` [PATCH 12/27] x86: Lock down IO port "
` [PATCH 13/27] x86/msr: Restrict MSR "
` [PATCH 14/27] ACPI: Limit access to custom_method "
` [PATCH 15/27] acpi: Ignore acpi_rsdp kernel param when the kernel has been "
` [PATCH 16/27] acpi: Disable ACPI table override if the kernel is "
` [PATCH 17/27] acpi: Disable APEI error injection "
` [PATCH 18/27] Prohibit PCMCIA CIS storage when "
` [PATCH 19/27] Lock down TIOCSSERIAL
` [PATCH 20/27] Lock down module params that specify hardware parameters (eg. ioport)
` [PATCH 21/27] x86/mmiotrace: Lock down the testmmiotrace module
` [PATCH 22/27] Lock down /proc/kcore
` [PATCH 23/27] Lock down kprobes
` [PATCH 24/27] bpf: Restrict kernel image access functions when the kernel is locked down
` [PATCH 25/27] Lock down perf
` [PATCH 26/27] debugfs: Restrict debugfs when the kernel is locked down
` [PATCH 27/27] lockdown: Print current->comm in restriction messages
overlayfs access checks on underlying layers
2019-03-04 19:21 UTC (3+ messages)
[PATCH] vfs: Move kernel_read_file() to fs/read_write.c
2019-03-04 16:49 UTC (4+ messages)
[PATCH 00/43] VFS: Introduce filesystem context
2019-03-03 2:53 UTC (3+ messages)
` [PATCH 15/43] vfs: Add configuration parser helpers
[PATCH] LSM: Update list of SECURITYFS users in Kconfig
2019-03-01 17:54 UTC (2+ messages)
[PATCH 00/97] LSM: Complete module stacking
2019-03-01 17:06 UTC (42+ messages)
` [PATCH 01/97] LSM: Infrastructure management of the superblock
` [PATCH 05/97] LSM: Create an lsm_export data structure
` [PATCH 11/97] LSM: Use lsm_export in the kernel_ask_as hooks
` [PATCH 27/97] LSM: Use lsm_export in security_cred_getsecid
` [PATCH 30/97] Audit: Convert target_sid to an lsm_export structure
` [PATCH 32/97] IMA: Clean out lsm_export scaffolding
` [PATCH 33/97] NET: Store LSM access information in the socket blob for UDS
` [PATCH 35/97] NET: Remove scaffolding on new secmarks
` [PATCH 36/97] NET: Remove netfilter scaffolding for lsm_export
` [PATCH 39/97] IMA: FIXUP prototype using lsm_export
` [PATCH 41/97] AppArmor: Remove unnecessary hook stub
` [PATCH 46/97] LSM: Use lsm_context in inode_getsecctx hooks
` [PATCH 47/97] LSM: Use lsm_context in inode_notifysecctx hooks
` [PATCH 48/97] LSM: Use lsm_context in dentry_init_security hooks
` [PATCH 52/97] LSM: Use lsm_context in security_secctx_to_secid
` [PATCH 53/97] LSM: Use lsm_context in release_secctx hooks
` [PATCH 54/97] LSM: Use lsm_context in security_release_secctx
` [PATCH 55/97] LSM: Use lsm_context in security_secid_to_secctx
` [PATCH 56/97] fs: remove lsm_context scaffolding
` [PATCH 57/97] LSM: Add the release function to the lsm_context
` [PATCH 58/97] LSM: Use lsm_context in inode_setsecctx hooks
` [PATCH 59/97] LSM: Use lsm_context in security_inode_setsecctx
` [PATCH 60/97] kernfs: remove lsm_context scaffolding
` [PATCH 61/97] LSM: Remove unused macro
` [PATCH 62/97] LSM: Special handling for secctx lsm hooks
` [PATCH 63/97] SELinux: Use blob offset in current_sid
` [PATCH 64/97] LSM: Specify which LSM to display with /proc/self/attr/display
` [PATCH 65/97] AppArmor: Remove the exclusive flag
` [PATCH 66/97] LSM: Add secmark_relabel_packet to the set of one call hooks
` [PATCH 67/97] LSM: Make getting the secmark right cleaner with lsm_export_one_secid
` [PATCH 68/97] netfilter: Fix memory leak introduced with lsm_context
` [PATCH 69/97] Smack: Consolidate secmark conversions
` [PATCH 70/97] netfilter: Remove unnecessary NULL check in lsm_context
[PATCH 00/97] LSM: Complete module stacking
2019-02-28 22:43 UTC (28+ messages)
` [PATCH 71/97] LSM: Add secmark refcounting to call_one list
` [PATCH 72/97] LSM: Add secmark refcounting to call_one list - part 2
` [PATCH 73/97] LSM: refactor security_setprocattr
` [PATCH 74/97] Smack: Detect if secmarks can be safely used
` [PATCH 75/97] LSM: Support multiple LSMs using inode_init_security
` [PATCH 76/97] LSM: Use full security context in security_inode_setsecctx
` [PATCH 77/97] LSM: Correct handling of ENOSYS in inode_setxattr
` [PATCH 78/97] LSM: Infrastructure security blobs for mount options
` [PATCH 79/97] LSM: Fix for security_init_inode_security
` [PATCH 80/97] Smack: Advertise the secid to netlabel
` [PATCH 81/97] LSM: Change error detection for UDP peer security
` [PATCH 82/97] Smack: Fix setting of the CIPSO MLS_CAT flags
` [PATCH 83/97] Smack: Set netlabel flags properly on new label import
` [PATCH 84/97] Netlabel: Add a secattr comparison API function
` [PATCH 85/97] Smack: Let netlabel do the work on the ambient domain
` [PATCH 86/97] Smack: Don't set the socket label on each send
` [PATCH 87/97] Smack: Let netlabel do the work on connections
` [PATCH 88/97] Netlabel: Return the labeling type on socket
` [PATCH 89/97] "
` [PATCH 90/97] "
` [PATCH 91/97] "
` [PATCH 92/97] LSM: Remember the NLTYPE of netlabel sockets
` [PATCH 93/97] Smack: Use the NLTYPE on output
` [PATCH 94/97] LSM: Hook for netlabel reconciliation
` [PATCH 95/97] LSM: Avoid network conflicts in SELinux and Smack
` [PATCH 96/97] LSM: Apply Netlabel consitancy checks on send and connect
` [PATCH 97/97] Smack: Remove the exclusive bit
page: next (older) | prev (newer) | latest
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).