linux-security-module.vger.kernel.org archive mirror

 messages from 2019-06-09 02:29:49 to 2019-06-14 20:01:29 UTC [more...]

[RFC PATCH v2 0/5] security: x86/sgx: SGX vs. LSM
 2019-06-14 20:01 UTC  (60+ messages)
` [RFC PATCH v2 1/5] mm: Introduce vm_ops->may_mprotect()
` [RFC PATCH v2 2/5] x86/sgx: Require userspace to define enclave pages' protection bits
` [RFC PATCH v2 3/5] x86/sgx: Enforce noexec filesystem restriction for enclaves
` [RFC PATCH v2 4/5] LSM: x86/sgx: Introduce ->enclave_load() hook for Intel SGX
` [RFC PATCH v2 5/5] security/selinux: Add enclave_load() implementation
` [RFC PATCH v1 0/3] security/x86/sgx: SGX specific LSM hooks
  ` [RFC PATCH v1 1/3] LSM/x86/sgx: Add "
  ` [RFC PATCH v1 2/3] LSM/x86/sgx: Implement SGX specific hooks in SELinux
  ` [RFC PATCH v1 3/3] LSM/x86/sgx: Call new LSM hooks from SGX subsystem

[PATCH v4 00/14] ima: introduce IMA Digest Lists extension
 2019-06-14 17:55 UTC  (15+ messages)
` [PATCH v4 01/14] ima: read hash algorithm from security.ima even if appraisal is not enabled
` [PATCH v4 02/14] ima: generalize ima_read_policy()
` [PATCH v4 03/14] ima: generalize ima_write_policy() and raise uploaded data size limit
` [PATCH v4 04/14] ima: generalize policy file operations
` [PATCH v4 05/14] ima: use ima_show_htable_value to show violations and hash table data
` [PATCH v4 06/14] ima: add parser of compact digest list
` [PATCH v4 07/14] ima: restrict upload of converted digest lists
` [PATCH v4 08/14] ima: prevent usage of digest lists that are not measured/appraised
` [PATCH v4 09/14] ima: introduce new securityfs files
` [PATCH v4 10/14] ima: load parser digests and execute the parser at boot time
` [PATCH v4 11/14] ima: add support for measurement with digest lists
` [PATCH v4 12/14] ima: add support for appraisal "
` [PATCH v4 13/14] ima: introduce new policies initrd and appraise_initrd
` [PATCH v4 14/14] ima: add Documentation/security/IMA-digest-lists.txt

[PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load
 2019-06-14 17:52 UTC  (19+ messages)
` [PATCH V8 1/3] Define a new IMA hook to measure the boot command line arguments
` [PATCH V8 2/3] Define a new ima template field buf
` [PATCH V8 3/3] Call ima_kexec_cmdline to measure the cmdline args

[RFC 0/7] Introduce TEE based Trusted Keys support
 2019-06-14 15:36 UTC  (25+ messages)
` [RFC 1/7] tee: optee: allow kernel pages to register as shm
` [RFC 2/7] tee: enable support to register kernel memory
` [RFC 3/7] tee: add private login method for kernel clients
` [RFC 4/7] KEYS: trusted: Introduce TEE based Trusted Keys
` [RFC 5/7] KEYS: encrypted: Allow TEE based trusted master keys
` [RFC 6/7] doc: keys: Document usage of TEE based Trusted Keys
` [RFC 7/7] MAINTAINERS: Add entry for "

[RFC PATCH 0/9] security: x86/sgx: SGX vs. LSM
 2019-06-14 15:18 UTC  (12+ messages)
` [RFC PATCH 2/9] x86/sgx: Do not naturally align MAP_FIXED address

[RFC PATCH 0/1] security: add SECURE_KEEP_FSUID to preserve fsuid/fsgid across execve
 2019-06-14  5:09 UTC  (4+ messages)
` [RFC PATCH 1/1] "

[PATCH 02/13] uapi: General notification ring definitions [ver #4]
 2019-06-13 18:46 UTC  (30+ messages)
` [RFC][PATCH 00/13] Mount, FS, Block and Keyrings notifications "
  ` [PATCH 06/13] keys: Add a notification facility "
  ` What do LSMs *actually* need for checks on notifications?

[RFC PATCH v4 0/1] Add dm verity root hash pkcs7 sig validation
 2019-06-13  0:43 UTC  (2+ messages)
` [RFC PATCH v4 1/1] "

[RFC PATCH v4 0/1] Add dm verity root hash pkcs7 sig validation
 2019-06-13  1:06 UTC  (2+ messages)
` [RFC PATCH v4 1/1] "

[GIT PULL] SELinux fixes for v5.2 (#2)
 2019-06-13  3:15 UTC  (2+ messages)

[PATCH v3 0/2] ima/evm fixes for v5.2
 2019-06-13  8:51 UTC  (11+ messages)

[PATCH -next] ima: Make arch_policy_entry static
 2019-06-13 15:38 UTC  (2+ messages)

[PATCH v2 1/2] LSM: switch to blocking policy update notifiers
 2019-06-12 20:55 UTC  (6+ messages)
` [PATCH v2 1/2] ima: use the lsm policy update notifier

[PATCH v4 16/28] docs: netlabel: convert docs to ReST and rename to *.rst
 2019-06-12 17:52 UTC 

[PATCH v3 18/33] docs: netlabel: convert docs to ReST and rename to *.rst
 2019-06-12 14:48 UTC  (3+ messages)
  ` [PATCH v3 05/33] docs: cgroup-v1: "

[PATCH 09/10] usb: Add USB subsystem notifications [ver #3]
 2019-06-12  6:58 UTC  (4+ messages)

[PATCH -next] security: Make capability_hooks static
 2019-06-11 21:44 UTC  (2+ messages)

[PATCH v7 0/3] add new ima hook ima_kexec_cmdline to measure kexec boot cmdline args
 2019-06-11 18:48 UTC  (3+ messages)

[PATCH v11 00/13] Appended signatures support for IMA appraisal
 2019-06-11  6:28 UTC  (14+ messages)
` [PATCH v11 01/13] MODSIGN: Export module signature definitions
` [PATCH v11 02/13] PKCS#7: Refactor verify_pkcs7_signature()
` [PATCH v11 03/13] PKCS#7: Introduce pkcs7_get_digest()
` [PATCH v11 04/13] integrity: Introduce struct evm_xattr
` [PATCH v11 05/13] integrity: Select CONFIG_KEYS instead of depending on it
` [PATCH v11 06/13] ima: Use designated initializers for struct ima_event_data
` [PATCH v11 07/13] ima: Add modsig appraise_type option for module-style appended signatures
` [PATCH v11 08/13] ima: Factor xattr_verify() out of ima_appraise_measurement()
` [PATCH v11 09/13] ima: Implement support for module-style appended signatures
` [PATCH v11 10/13] ima: Collect modsig
` [PATCH v11 11/13] ima: Define ima-modsig template
` [PATCH v11 12/13] ima: Store the measurement again when appraising a modsig
` [PATCH v11 13/13] ima: Allow template= option for appraise rules as well

[RFC PATCH v3 0/1] Add dm verity root hash pkcs7 sig validation
 2019-06-11  5:31 UTC  (6+ messages)
` [RFC PATCH v3 1/1] "

possible deadlock in get_user_pages_unlocked (2)
 2019-06-10 19:06 UTC  (2+ messages)
` [IMA] "

[PATCH 00/58] LSM: Module stacking for AppArmor
 2019-06-10 10:20 UTC  (3+ messages)
` [PATCH 35/58] LSM: Limit calls to certain module hooks

[PATCH 1/2] LSM: switch to blocking policy update notifiers
 2019-06-09 17:06 UTC  (9+ messages)

KASAN: use-after-free Read in tomoyo_realpath_from_path
 2019-06-09  6:41 UTC  (3+ messages)
  ` [PATCH] tomoyo: Don't check open/getattr permission on sockets