linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

 messages from 2019-06-21 17:09:42 to 2019-06-25 21:58:11 UTC [more...]

[PATCH bpf-next v9 00/10] Landlock LSM: Toward unprivileged sandboxing
 2019-06-25 21:52 UTC  (10+ messages)
` [PATCH bpf-next v9 01/10] fs,security: Add a new file access type: MAY_CHROOT
` [PATCH bpf-next v9 02/10] bpf: Add eBPF program subtype and is_valid_subtype() verifier
` [PATCH bpf-next v9 03/10] bpf,landlock: Define an eBPF program type for Landlock hooks
` [PATCH bpf-next v9 04/10] seccomp,landlock: Enforce Landlock programs per process hierarchy
` [PATCH bpf-next v9 06/10] landlock: Handle filesystem access control
` [PATCH bpf-next v9 07/10] landlock: Add ptrace restrictions
` [PATCH bpf-next v9 08/10] bpf: Add a Landlock sandbox example
` [PATCH bpf-next v9 09/10] bpf,landlock: Add tests for Landlock
` [PATCH bpf-next v9 10/10] landlock: Add user and kernel documentation "

[RFC PATCH v4 00/12] security: x86/sgx: SGX vs. LSM
 2019-06-25 21:49 UTC  (18+ messages)
` [RFC PATCH v4 07/12] LSM: x86/sgx: Introduce ->enclave_map() hook for Intel SGX
` [RFC PATCH v4 08/12] security/selinux: Require SGX_MAPWX to map enclave page WX
` [RFC PATCH v4 09/12] LSM: x86/sgx: Introduce ->enclave_load() hook for Intel SGX
` [RFC PATCH v4 10/12] security/selinux: Add enclave_load() implementation
` [RFC PATCH v4 12/12] LSM: x86/sgx: Show line of sight to LSM support SGX2's EAUG

[RFC PATCH v5 0/1] Add dm verity root hash pkcs7 sig validation
 2019-06-25 18:20 UTC  (3+ messages)
` [RFC PATCH v5 1/1] "

[PATCH v4 00/14] ima: introduce IMA Digest Lists extension
 2019-06-25 17:35 UTC  (4+ messages)

[PATCH v6 1/3] mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options
 2019-06-25 15:42 UTC  (4+ messages)

[PATCH v3 00/24] LSM: Module stacking for AppArmor
 2019-06-25 15:30 UTC  (81+ messages)
` [PATCH v3 01/24] LSM: Infrastructure management of the superblock
` [PATCH v3 02/24] LSM: Infrastructure management of the sock security
` [PATCH v3 03/24] LSM: Infrastructure management of the key blob
` [PATCH v3 04/24] LSM: Create and manage the lsmblob data structure
` [PATCH v3 05/24] Use lsmblob in security_audit_rule_match
` [PATCH v3 06/24] LSM: Use lsmblob in security_kernel_act_as
` [PATCH v3 07/24] net: Prepare UDS for secuirty module stacking
` [PATCH v3 08/24] LSM: Use lsmblob in security_secctx_to_secid
` [PATCH v3 09/24] LSM: Use lsmblob in security_secid_to_secctx
` [PATCH v3 10/24] Use lsmblob in security_ipc_getsecid
` [PATCH v3 11/24] LSM: Use lsmblob in security_task_getsecid
` [PATCH v3 12/24] LSM: Use lsmblob in security_inode_getsecid
` [PATCH v3 13/24] LSM: Use lsmblob in security_cred_getsecid
` [PATCH v3 14/24] IMA: Change internal interfaces to use lsmblobs
` [PATCH v3 15/24] LSM: Specify which LSM to display
` [PATCH v3 16/24] LSM: Ensure the correct LSM context releaser
` [PATCH v3 17/24] LSM: Use lsmcontext in security_secid_to_secctx
` [PATCH v3 18/24] LSM: Use lsmcontext in security_dentry_init_security
` [PATCH v3 19/24] LSM: Use lsmcontext in security_inode_getsecctx
` [PATCH v3 20/24] LSM: security_secid_to_secctx in netlink netfilter
` [PATCH v3 21/24] Audit: Store LSM audit information in an lsmblob
` [PATCH v3 22/24] LSM: Return the lsmblob slot on initialization
` [PATCH v3 23/24] NET: Store LSM netlabel data in a lsmblob
` [PATCH v3 24/24] AppArmor: Remove the exclusive flag

[PATCH] structleak: disable BYREF_ALL in combination with KASAN_STACK
 2019-06-25 15:01 UTC  (8+ messages)

[PATCH V34 00/29] Lockdown as an LSM
 2019-06-25 15:00 UTC  (72+ messages)
` [PATCH V34 01/29] security: Support early LSMs
` [PATCH V34 02/29] security: Add a "locked down" LSM hook
` [PATCH V34 03/29] security: Add a static lockdown policy LSM
` [PATCH V34 04/29] Enforce module signatures if the kernel is locked down
` [PATCH V34 05/29] Restrict /dev/{mem,kmem,port} when "
` [PATCH V34 06/29] kexec_load: Disable at runtime if "
` [PATCH V34 07/29] Copy secure_boot flag in boot params across kexec reboot
` [PATCH V34 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
` [PATCH V34 09/29] kexec_file: Restrict at runtime if the kernel is locked down
` [PATCH V34 10/29] hibernate: Disable when "
` [PATCH V34 11/29] PCI: Lock down BAR access "
` [PATCH V34 12/29] x86: Lock down IO port "
` [PATCH V34 13/29] x86/msr: Restrict MSR "
` [PATCH V34 14/29] ACPI: Limit access to custom_method "
` [PATCH V34 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been "
` [PATCH V34 16/29] acpi: Disable ACPI table override if the kernel is "
` [PATCH V34 17/29] Prohibit PCMCIA CIS storage when "
` [PATCH V34 18/29] Lock down TIOCSSERIAL
` [PATCH V34 19/29] Lock down module params that specify hardware parameters (eg. ioport)
` [PATCH V34 20/29] x86/mmiotrace: Lock down the testmmiotrace module
` [PATCH V34 21/29] Lock down /proc/kcore
` [PATCH V34 22/29] Lock down tracing and perf kprobes when in confidentiality mode
` [PATCH V34 23/29] bpf: Restrict bpf when kernel lockdown is "
` [PATCH V34 24/29] Lock down perf when "
` [PATCH V34 25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down
` [PATCH V34 26/29] debugfs: Restrict debugfs when the kernel is "
` [PATCH V34 27/29] tracefs: Restrict tracefs "
` [PATCH V34 28/29] efi: Restrict efivar_ssdt_load "
` [PATCH V34 29/29] lockdown: Print current->comm in restriction messages

possible deadlock in console_trylock_spinning
 2019-06-25  8:55 UTC 

[PATCH V31 00/25] Add support for kernel lockdown
 2019-06-25  2:51 UTC  (14+ messages)
` [PATCH V31 06/25] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
` [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down

[PATCH V10 0/3] Add support for measuring the boot command line during kexec_file_load
 2019-06-24 22:03 UTC  (6+ messages)
` [PATCH V10 1/3] IMA: Define a new hook to measure the kexec boot command line arguments
` [PATCH V10 2/3] IMA: Define a new template field buf
` [PATCH V10 3/3] KEXEC: Call ima_kexec_cmdline to measure the boot command line args

[PATCH v11 00/13] Appended signatures support for IMA appraisal
 2019-06-24 19:56 UTC  (5+ messages)
` [PATCH v11 01/13] MODSIGN: Export module signature definitions
` [PATCH v11 02/13] PKCS#7: Refactor verify_pkcs7_signature()

[RFC PATCH v3 09/12] LSM: x86/sgx: Introduce ->enclave_load() hook for Intel SGX
 2019-06-23 17:16 UTC 

Stacked LSMs (was Re: [PATCH v2 00/25] LSM: Module stacking for AppArmor)
 2019-06-22 14:15 UTC  (2+ messages)

KASAN: use-after-free Read in tomoyo_realpath_from_path
 2019-06-22  4:45 UTC  (6+ messages)
  ` [PATCH] tomoyo: Don't check open/getattr permission on sockets
        ` [PATCH v2] "

page: next (older) | prev (newer) | latest

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).