messages from 2019-06-18 23:06:06 to 2019-06-22 00:06:52 UTC [more...]
[PATCH V34 00/29] Lockdown as an LSM
2019-06-22 0:03 UTC (29+ messages)
` [PATCH V34 02/29] security: Add a "locked down" LSM hook
` [PATCH V34 03/29] security: Add a static lockdown policy LSM
` [PATCH V34 04/29] Enforce module signatures if the kernel is locked down
` [PATCH V34 05/29] Restrict /dev/{mem,kmem,port} when "
` [PATCH V34 06/29] kexec_load: Disable at runtime if "
` [PATCH V34 07/29] Copy secure_boot flag in boot params across kexec reboot
` [PATCH V34 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
` [PATCH V34 09/29] kexec_file: Restrict at runtime if the kernel is locked down
` [PATCH V34 10/29] hibernate: Disable when "
` [PATCH V34 11/29] PCI: Lock down BAR access "
` [PATCH V34 12/29] x86: Lock down IO port "
` [PATCH V34 13/29] x86/msr: Restrict MSR "
` [PATCH V34 14/29] ACPI: Limit access to custom_method "
` [PATCH V34 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been "
` [PATCH V34 16/29] acpi: Disable ACPI table override if the kernel is "
` [PATCH V34 17/29] Prohibit PCMCIA CIS storage when "
` [PATCH V34 18/29] Lock down TIOCSSERIAL
` [PATCH V34 19/29] Lock down module params that specify hardware parameters (eg. ioport)
` [PATCH V34 20/29] x86/mmiotrace: Lock down the testmmiotrace module
` [PATCH V34 21/29] Lock down /proc/kcore
` [PATCH V34 22/29] Lock down tracing and perf kprobes when in confidentiality mode
` [PATCH V34 23/29] bpf: Restrict bpf when kernel lockdown is "
` [PATCH V34 24/29] Lock down perf when "
` [PATCH V34 25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down
` [PATCH V34 26/29] debugfs: Restrict debugfs when the kernel is "
` [PATCH V34 27/29] tracefs: Restrict tracefs "
` [PATCH V34 28/29] efi: Restrict efivar_ssdt_load "
` [PATCH V34 29/29] lockdown: Print current->comm in restriction messages
[RFC PATCH v4 00/12] security: x86/sgx: SGX vs. LSM
2019-06-21 21:22 UTC (29+ messages)
` [RFC PATCH v4 01/12] x86/sgx: Use mmu_notifier.release() instead of per-vma refcounting
` [RFC PATCH v4 02/12] x86/sgx: Do not naturally align MAP_FIXED address
` [RFC PATCH v4 03/12] selftests: x86/sgx: Mark the enclave loader as not needing an exec stack
` [RFC PATCH v4 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
` [RFC PATCH v4 05/12] x86/sgx: Enforce noexec filesystem restriction for enclaves
` [RFC PATCH v4 06/12] mm: Introduce vm_ops->may_mprotect()
` [RFC PATCH v4 07/12] LSM: x86/sgx: Introduce ->enclave_map() hook for Intel SGX
` [RFC PATCH v4 08/12] security/selinux: Require SGX_MAPWX to map enclave page WX
` [RFC PATCH v4 09/12] LSM: x86/sgx: Introduce ->enclave_load() hook for Intel SGX
` [RFC PATCH v4 10/12] security/selinux: Add enclave_load() implementation
` [RFC PATCH v4 11/12] security/apparmor: "
` [RFC PATCH v4 12/12] LSM: x86/sgx: Show line of sight to LSM support SGX2's EAUG
[PATCH V31 00/25] Add support for kernel lockdown
2019-06-21 20:18 UTC (8+ messages)
` [PATCH V31 06/25] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
` [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down
[PATCH v3 00/24] LSM: Module stacking for AppArmor
2019-06-21 18:52 UTC (25+ messages)
` [PATCH v3 01/24] LSM: Infrastructure management of the superblock
` [PATCH v3 02/24] LSM: Infrastructure management of the sock security
` [PATCH v3 03/24] LSM: Infrastructure management of the key blob
` [PATCH v3 04/24] LSM: Create and manage the lsmblob data structure
` [PATCH v3 05/24] Use lsmblob in security_audit_rule_match
` [PATCH v3 06/24] LSM: Use lsmblob in security_kernel_act_as
` [PATCH v3 07/24] net: Prepare UDS for secuirty module stacking
` [PATCH v3 08/24] LSM: Use lsmblob in security_secctx_to_secid
` [PATCH v3 09/24] LSM: Use lsmblob in security_secid_to_secctx
` [PATCH v3 10/24] Use lsmblob in security_ipc_getsecid
` [PATCH v3 11/24] LSM: Use lsmblob in security_task_getsecid
` [PATCH v3 12/24] LSM: Use lsmblob in security_inode_getsecid
` [PATCH v3 13/24] LSM: Use lsmblob in security_cred_getsecid
` [PATCH v3 14/24] IMA: Change internal interfaces to use lsmblobs
` [PATCH v3 15/24] LSM: Specify which LSM to display
` [PATCH v3 16/24] LSM: Ensure the correct LSM context releaser
` [PATCH v3 17/24] LSM: Use lsmcontext in security_secid_to_secctx
` [PATCH v3 18/24] LSM: Use lsmcontext in security_dentry_init_security
` [PATCH v3 19/24] LSM: Use lsmcontext in security_inode_getsecctx
` [PATCH v3 20/24] LSM: security_secid_to_secctx in netlink netfilter
` [PATCH v3 21/24] Audit: Store LSM audit information in an lsmblob
` [PATCH v3 22/24] LSM: Return the lsmblob slot on initialization
` [PATCH v3 23/24] NET: Store LSM netlabel data in a lsmblob
` [PATCH v3 24/24] AppArmor: Remove the exclusive flag
[PATCH v7 0/3] add init_on_alloc/init_on_free boot options
2019-06-21 15:54 UTC (13+ messages)
` [PATCH v7 1/2] mm: security: introduce init_on_alloc=1 and init_on_free=1 "
[PATCH] structleak: disable BYREF_ALL in combination with KASAN_STACK
2019-06-21 13:50 UTC (6+ messages)
[PATCH v6 1/3] mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options
2019-06-21 1:37 UTC (3+ messages)
[PATCH v2 00/25] LSM: Module stacking for AppArmor
2019-06-20 17:33 UTC (52+ messages)
` [PATCH v2 01/25] LSM: Infrastructure management of the superblock
` [PATCH v2 02/25] LSM: Infrastructure management of the sock security
` [PATCH v2 03/25] LSM: Infrastructure management of the key blob
` [PATCH v2 04/25] LSM: Create and manage the lsmblob data structure
` [PATCH v2 05/25] Use lsmblob in security_audit_rule_match
` [PATCH v2 06/25] LSM: Use lsmblob in security_kernel_act_as
` [PATCH v2 07/25] net: Prepare UDS for secuirty module stacking
` [PATCH v2 08/25] LSM: Use lsmblob in security_secctx_to_secid
` [PATCH v2 09/25] LSM: Use lsmblob in security_secid_to_secctx
` [PATCH v2 10/25] LSM: Use lsmblob in security_ipc_getsecid
` [PATCH v2 11/25] LSM: Use lsmblob in security_task_getsecid
` [PATCH v2 12/25] LSM: Use lsmblob in security_inode_getsecid
` [PATCH v2 13/25] LSM: Use lsmblob in security_cred_getsecid
` [PATCH v2 14/25] IMA: Change internal interfaces to use lsmblobs
` [PATCH v2 15/25] LSM: Specify which LSM to display
` [PATCH v2 16/25] LSM: Ensure the correct LSM context releaser
` [PATCH v2 17/25] LSM: Use lsmcontext in security_secid_to_secctx
` [PATCH v2 18/25] LSM: Use lsmcontext in security_dentry_init_security
` [PATCH v2 19/25] LSM: Use lsmcontext in security_inode_getsecctx
` [PATCH v2 20/25] LSM: security_secid_to_secctx in netlink netfilter
` [PATCH v2 21/25] Audit: Store LSM audit information in an lsmblob
` [PATCH v2 22/25] LSM: Return the lsmblob slot on initialization
` [PATCH v2 23/25] NET: Store LSM netlabel data in a lsmblob
` [PATCH v2 24/25] Fix slotted list and getpeersec_d
` [PATCH v2 25/25] AppArmor: Remove the exclusive flag
` Stacked LSMs (was Re: [PATCH v2 00/25] LSM: Module stacking for AppArmor)
[PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load
2019-06-19 19:21 UTC (7+ messages)
` [PATCH 1/3] IMA:Define a new hook to measure the kexec boot command line arguments
` [PATCH 2/3] IMA:Define a new template field buf
[RFC PATCH v5 0/1] Add dm verity root hash pkcs7 sig validation
2019-06-19 19:10 UTC (2+ messages)
` [RFC PATCH v5 1/1] "
[GIT PULL] apparmor bug fixes for v5.3-rc6
2019-06-19 19:00 UTC (2+ messages)
[PATCH V8 0/3] Add support for measuring the boot command line during kexec_file_load
2019-06-19 17:46 UTC (3+ messages)
` [PATCH V9 1/3] IMA:Define a new hook to measure the kexec boot command line arguments
[PATCH 0/9] keys: Namespacing [ver #4]
2019-06-19 16:48 UTC (10+ messages)
` [PATCH 1/9] keys: Simplify key description management "
` [PATCH 2/9] keys: Cache the hash value to avoid lots of recalculation "
` [PATCH 3/9] keys: Add a 'recurse' flag for keyring searches "
` [PATCH 4/9] keys: Namespace keyring names "
` [PATCH 5/9] keys: Move the user and user-session keyrings to the user_namespace "
` [PATCH 6/9] keys: Include target namespace in match criteria "
` [PATCH 7/9] keys: Garbage collect keys for which the domain has been removed "
` [PATCH 8/9] keys: Network namespace domain tag "
` [PATCH 9/9] keys: Pass the network namespace into request_key mechanism "
[PATCH 0/9] keys: Namespacing [ver #4]
2019-06-19 16:09 UTC (7+ messages)
` [PATCH 1/9] keys: Simplify key description management "
` [PATCH 2/9] keys: Cache the hash value to avoid lots of recalculation "
` [PATCH 3/9] keys: Add a 'recurse' flag for keyring searches "
` [PATCH 4/9] keys: Namespace keyring names "
` [PATCH 5/9] keys: Move the user and user-session keyrings to the user_namespace "
[PATCH 0/6] keys: request_key() improvements [ver #2]
2019-06-19 15:36 UTC (7+ messages)
` [PATCH 1/6] keys: Fix request_key() lack of Link perm check on found key "
` [PATCH 2/6] keys: Invalidate used request_key authentication keys "
` [PATCH 3/6] keys: Move the RCU locks outwards from the keyring search functions "
` [PATCH 4/6] keys: Provide request_key_rcu() "
` [PATCH 5/6] keys: Cache result of request_key*() temporarily in task_struct "
` [PATCH 6/6] keys: Kill off request_key_async{, _with_auxdata} "
[PATCH 00/10] keys: Miscellany [ver #3]
2019-06-19 13:20 UTC (11+ messages)
` [PATCH 01/10] keys: sparse: Fix key_fs[ug]id_changed() "
` [PATCH 02/10] keys: sparse: Fix incorrect RCU accesses "
` [PATCH 03/10] keys: sparse: Fix kdoc mismatches "
` [PATCH 04/10] keys: Change keyring_serialise_link_sem to a mutex "
` [PATCH 05/10] keys: Break bits out of key_unlink() "
` [PATCH 06/10] keys: Hoist locking out of __key_link_begin() "
` [PATCH 07/10] keys: Add a keyctl to move a key between keyrings "
` [PATCH 08/10] keys: Grant Link permission to possessers of request_key auth keys "
` [PATCH 09/10] keys: Reuse keyring_index_key::desc_len in lookup_user_key() "
` [PATCH 10/10] keys: Add capability-checking keyctl function "
page: next (older) | prev (newer) | latest
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).