Linux-Security-Module Archive on lore.kernel.org
 help / color / Atom feed
[PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
 2019-08-05 21:25 UTC  (11+ messages) - mbox.gz / Atom

[RFC/RFT v2 0/2] KEYS: trusted: Add generic trusted keys framework
 2019-08-05 20:59 UTC  (7+ messages) - mbox.gz / Atom
` [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem

[RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
 2019-08-05 20:51 UTC  (4+ messages) - mbox.gz / Atom

[GIT PULL] SafeSetID MAINTAINERS file update for v5.3
 2019-08-05 19:27 UTC  (10+ messages) - mbox.gz / Atom

[PATCH] security/tomoyo: convert put_page() to put_user_page*()
 2019-08-05 17:48 UTC  (3+ messages) - mbox.gz / Atom

[PATCH v3] KEYS: trusted: allow module init if TPM is inactive or deactivated
 2019-08-05 17:20 UTC  (2+ messages) - mbox.gz / Atom

[PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
 2019-08-05 16:53 UTC  (22+ messages) - mbox.gz / Atom

[PATCH] ima: Allow to import the blacklisted cert signed by secondary CA cert
 2019-08-05 14:28 UTC  (4+ messages) - mbox.gz / Atom

[PATCH v12 00/11] Appended signatures support for IMA appraisal
 2019-08-05 14:25 UTC  (10+ messages) - mbox.gz / Atom
` [PATCH v12 01/11] MODSIGN: Export module signature definitions

[RFC PATCH v1 0/5] Add support for O_MAYEXEC
 2019-08-04 23:55 UTC  (4+ messages) - mbox.gz / Atom
` [RFC PATCH v1 1/5] fs: Add support for an O_MAYEXEC flag on sys_open()

[RFC v2 0/6] Introduce TEE based Trusted Keys support
 2019-08-04 20:48 UTC  (25+ messages) - mbox.gz / Atom
` [RFC v2 1/6] tee: optee: allow kernel pages to register as shm
` [RFC v2 2/6] tee: enable support to register kernel memory
` [RFC v2 3/6] tee: add private login method for kernel clients
` [RFC v2 4/6] KEYS: trusted: Introduce TEE based Trusted Keys
` [RFC v2 5/6] doc: keys: Document usage of "
` [RFC v2 6/6] MAINTAINERS: Add entry for "
          ` [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support

[GIT PULL] SELinux fixes for v5.3 (#2)
 2019-08-03 17:45 UTC  (2+ messages) - mbox.gz / Atom

[PATCH v2] KEYS: trusted: allow module init if TPM is inactive or deactivated
 2019-08-02 16:15 UTC  (5+ messages) - mbox.gz / Atom

Thank-You - Demmler Machinery
 2019-08-02 14:25 UTC  - mbox.gz / Atom

Security labeling in NFS4 - who owns it?
 2019-08-01 22:47 UTC  (3+ messages) - mbox.gz / Atom

[PATCH V37 00/29] security: Add support for locking down the kernel
 2019-08-01 20:44 UTC  (34+ messages) - mbox.gz / Atom
` [PATCH V37 01/29] security: Support early LSMs
` [PATCH V37 02/29] security: Add a "locked down" LSM hook
` [PATCH V37 03/29] security: Add a static lockdown policy LSM
` [PATCH V37 04/29] Enforce module signatures if the kernel is locked down
` [PATCH V37 05/29] Restrict /dev/{mem,kmem,port} when "
` [PATCH V37 06/29] kexec_load: Disable at runtime if "
` [PATCH V37 07/29] Copy secure_boot flag in boot params across kexec reboot
` [PATCH V37 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
` [PATCH V37 09/29] kexec_file: Restrict at runtime if the kernel is locked down
` [PATCH V37 10/29] hibernate: Disable when "
` [PATCH V37 11/29] PCI: Lock down BAR access "
` [PATCH V37 12/29] x86: Lock down IO port "
` [PATCH V37 13/29] x86/msr: Restrict MSR "
` [PATCH V37 14/29] ACPI: Limit access to custom_method "
` [PATCH V37 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been "
` [PATCH V37 16/29] acpi: Disable ACPI table override if the kernel is "
` [PATCH V37 17/29] Prohibit PCMCIA CIS storage when "
` [PATCH V37 18/29] Lock down TIOCSSERIAL
` [PATCH V37 19/29] Lock down module params that specify hardware parameters (eg. ioport)
` [PATCH V37 20/29] x86/mmiotrace: Lock down the testmmiotrace module
` [PATCH V37 21/29] Lock down /proc/kcore
` [PATCH V37 22/29] Lock down tracing and perf kprobes when in confidentiality mode
` [PATCH V37 23/29] bpf: Restrict bpf when kernel lockdown is "
` [PATCH V37 24/29] Lock down perf when "
` [PATCH V37 25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down
` [PATCH V37 26/29] debugfs: Restrict debugfs when the kernel is "
` [PATCH V37 27/29] tracefs: Restrict tracefs "
` [PATCH V37 28/29] efi: Restrict efivar_ssdt_load "
` [PATCH V37 29/29] lockdown: Print current->comm in restriction messages

[PATCH bpf-next v10 00/10] Landlock LSM: Toward unprivileged sandboxing
 2019-08-01 17:49 UTC  (11+ messages) - mbox.gz / Atom
` [PATCH bpf-next v10 06/10] bpf,landlock: Add a new map type: inode
` [PATCH bpf-next v10 10/10] landlock: Add user and kernel documentation for Landlock

[RFC PATCH v2] security,capability: pass object information to security_capable
 2019-08-01 14:43 UTC  - mbox.gz / Atom

[PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
 2019-08-01 12:47 UTC  (5+ messages) - mbox.gz / Atom

[PATCH] tomoyo: Use error code from kern_path() rather than -ENOENT
 2019-08-01 11:35 UTC  - mbox.gz / Atom

[PATCH] tomoyo: common: Fix potential Spectre v1 vulnerability
 2019-08-01 11:02 UTC  (2+ messages) - mbox.gz / Atom

[PATCH V36 27/29] tracefs: Restrict tracefs when the kernel is locked down
 2019-07-31  1:48 UTC  (3+ messages) - mbox.gz / Atom
` [PATCH] "

[PATCH 0/2] keys: ACLs
 2019-07-31  1:16 UTC  (5+ messages) - mbox.gz / Atom
` [PATCH 1/2] KEYS: Replace uid/gid/perm permissions checking with an ACL

[PATCH v12 0/5] overlayfs override_creds=off
 2019-07-30 21:37 UTC  - mbox.gz / Atom

[PATCH V36 00/29] security: Add kernel lockdown functionality
 2019-07-29 21:47 UTC  (5+ messages) - mbox.gz / Atom
` [PATCH V36 19/29] Lock down module params that specify hardware parameters (eg. ioport)
` [PATCH V36 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode

[PATCH v5 00/27] LSM: Module stacking for AppArmor
 2019-07-29 21:40 UTC  (35+ messages) - mbox.gz / Atom
` [PATCH 01/27] LSM: Infrastructure management of the sock security
` [PATCH 02/27] LSM: Infrastructure management of the key blob
` [PATCH 03/27] LSM: Create and manage the lsmblob data structure
` [PATCH 04/27] LSM: Use lsmblob in security_audit_rule_match
` [PATCH 05/27] LSM: Use lsmblob in security_kernel_act_as
` [PATCH 06/27] net: Prepare UDS for security module stacking
` [PATCH 07/27] LSM: Use lsmblob in security_secctx_to_secid
` [PATCH 08/27] LSM: Use lsmblob in security_secid_to_secctx
` [PATCH 09/27] LSM: Use lsmblob in security_ipc_getsecid
` [PATCH 10/27] LSM: Use lsmblob in security_task_getsecid
` [PATCH 11/27] LSM: Use lsmblob in security_inode_getsecid
` [PATCH 12/27] LSM: Use lsmblob in security_cred_getsecid
` [PATCH 13/27] IMA: Change internal interfaces to use lsmblobs
` [PATCH 14/27] LSM: Specify which LSM to display
` [PATCH 15/27] LSM: Ensure the correct LSM context releaser
` [PATCH 16/27] LSM: Use lsmcontext in security_secid_to_secctx
` [PATCH 17/27] LSM: Use lsmcontext in security_dentry_init_security
` [PATCH 18/27] LSM: Use lsmcontext in security_inode_getsecctx
` [PATCH 19/27] LSM: security_secid_to_secctx in netlink netfilter
` [PATCH 20/27] NET: Store LSM netlabel data in a lsmblob
` [PATCH 21/27] SELinux: Verify LSM display sanity in binder
` [PATCH 22/27] Audit: Add subj_LSM fields when necessary
` [PATCH 23/27] Audit: Include object data for all security modules
` [PATCH 24/27] LSM: Provide an user space interface for the default display
` [PATCH 25/27] NET: Add SO_PEERCONTEXT for multiple LSMs
` [PATCH 26/27] LSM: Add /proc attr entry for full LSM context
` [PATCH 27/27] AppArmor: Remove the exclusive flag

[RFC 0/7] Introduce TEE based Trusted Keys support
 2019-07-29 13:13 UTC  (8+ messages) - mbox.gz / Atom
` [RFC 3/7] tee: add private login method for kernel clients

[GIT PULL] SELinux fixes for v5.3 (#1)
 2019-07-27  3:05 UTC  (2+ messages) - mbox.gz / Atom

[PATCH] AppArmor: Remove semicolon
 2019-07-26 13:32 UTC  - mbox.gz / Atom

[PATCH 0/5] security: integrity: Makefile cleanups
 2019-07-26  7:04 UTC  (8+ messages) - mbox.gz / Atom
` [PATCH 1/5] integrity: remove unneeded, broken attempt to add -fshort-wchar
` [PATCH 2/5] integrity: remove pointless subdir-$(CONFIG_...)
` [PATCH 3/5] integrity: use obj-y for non-modular objects
` [PATCH 4/5] IMA: "
` [PATCH 5/5] EVM: "

[PATCH] test_meminit: use GFP_ATOMIC in RCU critical section
 2019-07-25 12:17 UTC  - mbox.gz / Atom

page:   latest

Linux-Security-Module Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-security-module/0 linux-security-module/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-security-module linux-security-module/ https://lore.kernel.org/linux-security-module \
		linux-security-module@vger.kernel.org linux-security-module@archiver.kernel.org
	public-inbox-index linux-security-module


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-security-module


AGPL code for this site: git clone https://public-inbox.org/ public-inbox