messages from 2019-07-18 19:46:48 to 2019-08-01 17:49:35 UTC [more...]
[PATCH bpf-next v10 00/10] Landlock LSM: Toward unprivileged sandboxing
2019-08-01 17:49 UTC (19+ messages)
` [PATCH bpf-next v10 01/10] fs,security: Add a new file access type: MAY_CHROOT
` [PATCH bpf-next v10 02/10] bpf: Add expected_attach_triggers and a is_valid_triggers() verifier
` [PATCH bpf-next v10 03/10] bpf,landlock: Define an eBPF program type for Landlock hooks
` [PATCH bpf-next v10 04/10] seccomp,landlock: Enforce Landlock programs per process hierarchy
` [PATCH bpf-next v10 05/10] landlock: Handle filesystem access control
` [PATCH bpf-next v10 06/10] bpf,landlock: Add a new map type: inode
` [PATCH bpf-next v10 07/10] landlock: Add ptrace restrictions
` [PATCH bpf-next v10 08/10] bpf: Add a Landlock sandbox example
` [PATCH bpf-next v10 09/10] bpf,landlock: Add tests for Landlock
` [PATCH bpf-next v10 10/10] landlock: Add user and kernel documentation "
[RFC/RFT v2 0/2] KEYS: trusted: Add generic trusted keys framework
2019-08-01 17:24 UTC (3+ messages)
` [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem
[RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
2019-08-01 16:38 UTC (2+ messages)
[PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
2019-08-01 16:32 UTC (4+ messages)
[PATCH V37 00/29] security: Add support for locking down the kernel
2019-08-01 16:19 UTC (32+ messages)
` [PATCH V37 01/29] security: Support early LSMs
` [PATCH V37 02/29] security: Add a "locked down" LSM hook
` [PATCH V37 03/29] security: Add a static lockdown policy LSM
` [PATCH V37 04/29] Enforce module signatures if the kernel is locked down
` [PATCH V37 05/29] Restrict /dev/{mem,kmem,port} when "
` [PATCH V37 06/29] kexec_load: Disable at runtime if "
` [PATCH V37 07/29] Copy secure_boot flag in boot params across kexec reboot
` [PATCH V37 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
` [PATCH V37 09/29] kexec_file: Restrict at runtime if the kernel is locked down
` [PATCH V37 10/29] hibernate: Disable when "
` [PATCH V37 11/29] PCI: Lock down BAR access "
` [PATCH V37 12/29] x86: Lock down IO port "
` [PATCH V37 13/29] x86/msr: Restrict MSR "
` [PATCH V37 14/29] ACPI: Limit access to custom_method "
` [PATCH V37 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been "
` [PATCH V37 16/29] acpi: Disable ACPI table override if the kernel is "
` [PATCH V37 17/29] Prohibit PCMCIA CIS storage when "
` [PATCH V37 18/29] Lock down TIOCSSERIAL
` [PATCH V37 19/29] Lock down module params that specify hardware parameters (eg. ioport)
` [PATCH V37 20/29] x86/mmiotrace: Lock down the testmmiotrace module
` [PATCH V37 21/29] Lock down /proc/kcore
` [PATCH V37 22/29] Lock down tracing and perf kprobes when in confidentiality mode
` [PATCH V37 23/29] bpf: Restrict bpf when kernel lockdown is "
` [PATCH V37 24/29] Lock down perf when "
` [PATCH V37 25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down
` [PATCH V37 26/29] debugfs: Restrict debugfs when the kernel is "
` [PATCH V37 27/29] tracefs: Restrict tracefs "
` [PATCH V37 28/29] efi: Restrict efivar_ssdt_load "
` [PATCH V37 29/29] lockdown: Print current->comm in restriction messages
[RFC PATCH v2] security,capability: pass object information to security_capable
2019-08-01 14:43 UTC
[GIT PULL] SafeSetID MAINTAINERS file update for v5.3
2019-08-01 13:25 UTC (2+ messages)
[PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
2019-08-01 12:47 UTC (5+ messages)
[PATCH] tomoyo: Use error code from kern_path() rather than -ENOENT
2019-08-01 11:35 UTC
[PATCH] tomoyo: common: Fix potential Spectre v1 vulnerability
2019-08-01 11:02 UTC (2+ messages)
[RFC v2 0/6] Introduce TEE based Trusted Keys support
2019-08-01 10:40 UTC (24+ messages)
` [RFC v2 1/6] tee: optee: allow kernel pages to register as shm
` [RFC v2 2/6] tee: enable support to register kernel memory
` [RFC v2 3/6] tee: add private login method for kernel clients
` [RFC v2 4/6] KEYS: trusted: Introduce TEE based Trusted Keys
` [RFC v2 5/6] doc: keys: Document usage of "
` [RFC v2 6/6] MAINTAINERS: Add entry for "
` [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support
[PATCH] ima: Allow to import the blacklisted cert signed by secondary CA cert
2019-08-01 1:23 UTC
[PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
2019-07-31 19:09 UTC (3+ messages)
[PATCH V36 00/29] security: Add kernel lockdown functionality
2019-07-31 1:48 UTC (16+ messages)
` [PATCH V36 01/29] security: Support early LSMs
` [PATCH V36 02/29] security: Add a "locked down" LSM hook
` [PATCH V36 19/29] Lock down module params that specify hardware parameters (eg. ioport)
` [PATCH V36 20/29] x86/mmiotrace: Lock down the testmmiotrace module
` [PATCH V36 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode
` [PATCH V36 27/29] tracefs: Restrict tracefs when the kernel is locked down
` [PATCH] "
[PATCH 0/2] keys: ACLs
2019-07-31 1:16 UTC (5+ messages)
` [PATCH 1/2] KEYS: Replace uid/gid/perm permissions checking with an ACL
[PATCH v12 0/5] overlayfs override_creds=off
2019-07-30 21:37 UTC
[PATCH v5 00/27] LSM: Module stacking for AppArmor
2019-07-29 21:40 UTC (35+ messages)
` [PATCH 01/27] LSM: Infrastructure management of the sock security
` [PATCH 02/27] LSM: Infrastructure management of the key blob
` [PATCH 03/27] LSM: Create and manage the lsmblob data structure
` [PATCH 04/27] LSM: Use lsmblob in security_audit_rule_match
` [PATCH 05/27] LSM: Use lsmblob in security_kernel_act_as
` [PATCH 06/27] net: Prepare UDS for security module stacking
` [PATCH 07/27] LSM: Use lsmblob in security_secctx_to_secid
` [PATCH 08/27] LSM: Use lsmblob in security_secid_to_secctx
` [PATCH 09/27] LSM: Use lsmblob in security_ipc_getsecid
` [PATCH 10/27] LSM: Use lsmblob in security_task_getsecid
` [PATCH 11/27] LSM: Use lsmblob in security_inode_getsecid
` [PATCH 12/27] LSM: Use lsmblob in security_cred_getsecid
` [PATCH 13/27] IMA: Change internal interfaces to use lsmblobs
` [PATCH 14/27] LSM: Specify which LSM to display
` [PATCH 15/27] LSM: Ensure the correct LSM context releaser
` [PATCH 16/27] LSM: Use lsmcontext in security_secid_to_secctx
` [PATCH 17/27] LSM: Use lsmcontext in security_dentry_init_security
` [PATCH 18/27] LSM: Use lsmcontext in security_inode_getsecctx
` [PATCH 19/27] LSM: security_secid_to_secctx in netlink netfilter
` [PATCH 20/27] NET: Store LSM netlabel data in a lsmblob
` [PATCH 21/27] SELinux: Verify LSM display sanity in binder
` [PATCH 22/27] Audit: Add subj_LSM fields when necessary
` [PATCH 23/27] Audit: Include object data for all security modules
` [PATCH 24/27] LSM: Provide an user space interface for the default display
` [PATCH 25/27] NET: Add SO_PEERCONTEXT for multiple LSMs
` [PATCH 26/27] LSM: Add /proc attr entry for full LSM context
` [PATCH 27/27] AppArmor: Remove the exclusive flag
[RFC 0/7] Introduce TEE based Trusted Keys support
2019-07-29 13:13 UTC (8+ messages)
` [RFC 3/7] tee: add private login method for kernel clients
[GIT PULL] SELinux fixes for v5.3 (#1)
2019-07-27 3:05 UTC (2+ messages)
[PATCH] AppArmor: Remove semicolon
2019-07-26 13:32 UTC
[PATCH 0/5] security: integrity: Makefile cleanups
2019-07-26 7:04 UTC (8+ messages)
` [PATCH 1/5] integrity: remove unneeded, broken attempt to add -fshort-wchar
` [PATCH 2/5] integrity: remove pointless subdir-$(CONFIG_...)
` [PATCH 3/5] integrity: use obj-y for non-modular objects
` [PATCH 4/5] IMA: "
` [PATCH 5/5] EVM: "
[PATCH] test_meminit: use GFP_ATOMIC in RCU critical section
2019-07-25 12:17 UTC
[RFC PATCH] security,capability: pass object information to security_capable
2019-07-24 20:12 UTC (4+ messages)
` [RFC PATCH] security, capability: "
KASAN: use-after-free Read in keyring_compare_object
2019-07-24 15:46 UTC
[PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk
2019-07-24 15:34 UTC (9+ messages)
Reminder: 2 open syzbot bugs in "security/tomoyo" subsystem
2019-07-24 5:00 UTC (5+ messages)
Reminder: 1 open syzbot bug in "security/integrity" subsystem
2019-07-24 2:49 UTC
Reminder: 1 open syzbot bug in "security/smack" subsystem
2019-07-24 2:47 UTC
[PATCH 00/10] VFS: Provide new mount UAPI
2019-07-23 23:30 UTC (14+ messages)
` [PATCH 02/10] vfs: syscall: Add move_mount(2) to move mounts around
[PATCH v12 00/11] Appended signatures support for IMA appraisal
2019-07-23 22:39 UTC (8+ messages)
` [PATCH v12 01/11] MODSIGN: Export module signature definitions
Preferred subj= with multiple LSMs
2019-07-23 21:46 UTC (27+ messages)
` Dbus and multiple LSMs (was Preferred subj= with multiple LSMs)
[RFC PATCH v3] fanotify, inotify, dnotify, security: add security hook for fs notifications
2019-07-23 19:27 UTC
[RFC PATCH v2] fanotify, inotify, dnotify, security: add security hook for fs notifications
2019-07-23 18:49 UTC (4+ messages)
` [Non-DoD Source] "
[PATCH] security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb()
2019-07-23 10:00 UTC
[PATCH] selinux: check sidtab limit before adding a new entry
2019-07-23 6:48 UTC (3+ messages)
[PATCH] [RESEND v2] structleak: disable STRUCTLEAK_BYREF in combination with KASAN_STACK
2019-07-22 17:23 UTC (6+ messages)
[PATCH v5 00/23] LSM: Module stacking for AppArmor
2019-07-19 23:37 UTC (8+ messages)
` [PATCH v5 15/23] LSM: Specify which LSM to display
page: next (older) | prev (newer) | latest
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).