Linux-Security-Module Archive on lore.kernel.org
 help / color / Atom feed
[PATCH v3 00/19] Introduce partial kernel_read_file() support
 2020-07-24 21:36 UTC  (18+ messages) - mbox.gz / Atom
` [PATCH v3 01/19] test_firmware: Test platform fw loading on non-EFI systems
` [PATCH v3 02/19] selftest/firmware: Add selftest timeout in settings
` [PATCH v3 03/19] firmware_loader: EFI firmware loader must handle pre-allocated buffer
` [PATCH v3 04/19] fs/kernel_read_file: Remove FIRMWARE_PREALLOC_BUFFER enum
` [PATCH v3 05/19] fs/kernel_read_file: Remove FIRMWARE_EFI_EMBEDDED enum
` [PATCH v3 06/19] fs/kernel_read_file: Split into separate include file
` [PATCH v3 07/19] fs/kernel_read_file: Split into separate source file
` [PATCH v3 08/19] fs/kernel_read_file: Remove redundant size argument
` [PATCH v3 09/19] fs/kernel_read_file: Switch buffer size arg to size_t
` [PATCH v3 10/19] fs/kernel_read_file: Add file_size output argument
` [PATCH v3 11/19] LSM: Introduce kernel_post_load_data() hook
` [PATCH v3 12/19] firmware_loader: Use security_post_load_data()
` [PATCH v3 13/19] module: Call security_kernel_post_load_data()
` [PATCH v3 14/19] LSM: Add "contents" flag to kernel_read_file hook
` [PATCH v3 15/19] IMA: Add support for file reads without contents
` [PATCH v3 18/19] firmware: Add request_partial_firmware_into_buf()
` [PATCH v3 19/19] test_firmware: Test partial read support

[PATCH 0/4] Mount notifications
 2020-07-24 20:45 UTC  (9+ messages) - mbox.gz / Atom
` [PATCH 1/4] watch_queue: Make watch_sizeof() check record size
` [PATCH 2/4] watch_queue: Add security hooks to rule on setting mount watches
` [PATCH 3/4] watch_queue: Implement mount topology and attribute change notifications
` [PATCH 4/4] watch_queue: sample: Display mount tree "

[PATCH v19 00/23] LSM: Module stacking for AppArmor
 2020-07-24 20:32 UTC  (24+ messages) - mbox.gz / Atom
  ` [PATCH v19 01/23] LSM: Infrastructure management of the sock security
  ` [PATCH v19 02/23] LSM: Create and manage the lsmblob data structure
  ` [PATCH v19 03/23] LSM: Use lsmblob in security_audit_rule_match
  ` [PATCH v19 04/23] LSM: Use lsmblob in security_kernel_act_as
  ` [PATCH v19 05/23] net: Prepare UDS for security module stacking
  ` [PATCH v19 06/23] LSM: Use lsmblob in security_secctx_to_secid
  ` [PATCH v19 07/23] LSM: Use lsmblob in security_secid_to_secctx
  ` [PATCH v19 08/23] LSM: Use lsmblob in security_ipc_getsecid
  ` [PATCH v19 09/23] LSM: Use lsmblob in security_task_getsecid
  ` [PATCH v19 10/23] LSM: Use lsmblob in security_inode_getsecid
  ` [PATCH v19 11/23] LSM: Use lsmblob in security_cred_getsecid
  ` [PATCH v19 12/23] IMA: Change internal interfaces to use lsmblobs
  ` [PATCH v19 13/23] LSM: Specify which LSM to display
  ` [PATCH v19 14/23] LSM: Ensure the correct LSM context releaser
  ` [PATCH v19 15/23] LSM: Use lsmcontext in security_secid_to_secctx
  ` [PATCH v19 16/23] LSM: Use lsmcontext in security_inode_getsecctx
  ` [PATCH v19 17/23] LSM: security_secid_to_secctx in netlink netfilter
  ` [PATCH v19 18/23] NET: Store LSM netlabel data in a lsmblob
  ` [PATCH v19 19/23] LSM: Verify LSM display sanity in binder
  ` [PATCH v19 20/23] Audit: Add new record for multiple process LSM attributes
  ` [PATCH v19 21/23] Audit: Add a new record for multiple object "
  ` [PATCH v19 22/23] LSM: Add /proc attr entry for full LSM context
  ` [PATCH v19 23/23] AppArmor: Remove the exclusive flag

[PATCH v7 0/7] Add support for O_MAYEXEC
 2020-07-24 19:06 UTC  (14+ messages) - mbox.gz / Atom
` [PATCH v7 1/7] exec: Change uselib(2) IS_SREG() failure to EACCES
` [PATCH v7 2/7] exec: Move S_ISREG() check earlier
` [PATCH v7 3/7] exec: Move path_noexec() "
` [PATCH v7 4/7] fs: Introduce O_MAYEXEC flag for openat2(2)
` [PATCH v7 5/7] fs,doc: Enable to enforce noexec mounts or file exec through O_MAYEXEC
` [PATCH v7 6/7] selftest/openat2: Add tests for O_MAYEXEC enforcing
` [PATCH v7 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

[PATCH bpf-next v6 0/7] Generalizing bpf_local_storage
 2020-07-24 15:44 UTC  (10+ messages) - mbox.gz / Atom
` [PATCH bpf-next v6 1/7] bpf: Renames to prepare for generalizing sk_storage
` [PATCH bpf-next v6 2/7] bpf: Generalize caching for sk_storage
` [PATCH bpf-next v6 3/7] bpf: Generalize bpf_sk_storage
` [PATCH bpf-next v6 4/7] bpf: Split bpf_local_storage to bpf_sk_storage
` [PATCH bpf-next v6 5/7] bpf: Implement bpf_local_storage for inodes
` [PATCH bpf-next v6 6/7] bpf: Allow local storage to be used from LSM programs
` [PATCH bpf-next v6 7/7] bpf: Add selftests for local_storage

[PATCH 00/17] VFS: Filesystem information [ver #20]
 2020-07-24 13:37 UTC  (18+ messages) - mbox.gz / Atom
` [PATCH 01/17] fsinfo: Introduce a non-repeating system-unique superblock ID "
` [PATCH 02/17] fsinfo: Add fsinfo() syscall to query filesystem information "
` [PATCH 03/17] fsinfo: Provide a bitmap of the features a filesystem supports "
` [PATCH 04/17] fsinfo: Allow retrieval of superblock devname, options and stats "
` [PATCH 05/17] fsinfo: Allow fsinfo() to look up a mount object by ID "
` [PATCH 06/17] fsinfo: Add a uniquifier ID to struct mount "
` [PATCH 07/17] fsinfo: Allow mount information to be queried "
` [PATCH 08/17] fsinfo: Allow mount topology and propagation info to be retrieved "
` [PATCH 09/17] fsinfo: Provide notification overrun handling support "
` [PATCH 10/17] fsinfo: sample: Mount listing program "
` [PATCH 11/17] fsinfo: Add API documentation "
` [PATCH 12/17] fsinfo: Add support for AFS "
` [PATCH 13/17] fsinfo: Add support to ext4 "
` [PATCH 14/17] fsinfo: Add an attribute that lists all the visible mounts in a namespace "
` [PATCH 15/17] errseq: add a new errseq_scrape function "
` [PATCH 16/17] vfs: allow fsinfo to fetch the current state of s_wb_err "
` [PATCH 17/17] samples: add error state information to test-fsinfo.c "

[PATCH 13/17] watch_queue: Implement mount topology and attribute change notifications [ver #5]
 2020-07-24 11:36 UTC  (7+ messages) - mbox.gz / Atom
` [PATCH 00/17] pipe: Keyrings, mount and superblock "

[PATCH] keys: asymmetric: fix error return code in software_key_query()
 2020-07-24  7:16 UTC  (6+ messages) - mbox.gz / Atom

[PATCH] Manual pages: use "root user ID" rather than "rootid"
 2020-07-24  3:31 UTC  (2+ messages) - mbox.gz / Atom

[PATCH v18 00/23] LSM: Module stacking for AppArmor
 2020-07-24  1:08 UTC  (4+ messages) - mbox.gz / Atom
` [PATCH v18 22/23] LSM: Add /proc attr entry for full LSM context

KASAN: slab-out-of-bounds Read in vsscanf (2)
 2020-07-23 16:38 UTC  (4+ messages) - mbox.gz / Atom
` [PATCH 1/2] Smack: fix another vsscanf out of bounds
` [PATCH 2/2] Smack: prevent underflow in smk_set_cipso()

[PATCH bpf-next v5 0/7] Generalizing bpf_local_storage
 2020-07-23 11:52 UTC  (11+ messages) - mbox.gz / Atom
` [PATCH bpf-next v5 1/7] bpf: Renames to prepare for generalizing sk_storage
` [PATCH bpf-next v5 2/7] bpf: Generalize caching for sk_storage
` [PATCH bpf-next v5 3/7] bpf: Generalize bpf_sk_storage
` [PATCH bpf-next v5 4/7] bpf: Split bpf_local_storage to bpf_sk_storage
` [PATCH bpf-next v5 5/7] bpf: Implement bpf_local_storage for inodes
` [PATCH bpf-next v5 6/7] bpf: Allow local storage to be used from LSM programs
` [PATCH bpf-next v5 7/7] bpf: Add selftests for local_storage

[PATCH v2] KEYS: remove redundant memset
 2020-07-23  2:39 UTC  (5+ messages) - mbox.gz / Atom

[PATCH] Manual pages: cap_from_text.3: Clarify a detail of cap_from_text() action list
 2020-07-22 21:00 UTC  - mbox.gz / Atom

[PATCH v6 0/7] Add support for O_MAYEXEC
 2020-07-22 19:40 UTC  (7+ messages) - mbox.gz / Atom
` [PATCH v6 5/7] fs,doc: Enable to enforce noexec mounts or file exec through O_MAYEXEC

[PATCH v8 00/12] Introduce CAP_PERFMON to secure system performance monitoring and observability
 2020-07-22 11:30 UTC  (10+ messages) - mbox.gz / Atom

[PATCH] KEYS: remove redundant memsets
 2020-07-22  8:01 UTC  (3+ messages) - mbox.gz / Atom

[PATCH 00/13] Introduce partial kernel_read_file() support
 2020-07-21 21:50 UTC  (6+ messages) - mbox.gz / Atom
` [PATCH 06/13] fs/kernel_read_file: Remove redundant size argument
` [PATCH 07/13] fs/kernel_read_file: Switch buffer size arg to size_t

[PATCH ghak84 v4] audit: purge audit_log_string from the intra-kernel audit API
 2020-07-21 21:16 UTC  (8+ messages) - mbox.gz / Atom

[PATCH 2/2] LSM: SafeSetID: Add GID security policy handling
 2020-07-21 17:05 UTC  (4+ messages) - mbox.gz / Atom

[PATCH 1/2] LSM: Signal to SafeSetID when in set*gid syscall
 2020-07-21  2:11 UTC  (2+ messages) - mbox.gz / Atom

KASAN: use-after-free Read in smk_write_relabel_self
 2020-07-21  0:57 UTC  (4+ messages) - mbox.gz / Atom
` [PATCH] Smack: fix use-after-free in smk_write_relabel_self()

[PATCH bpf-next v4 0/4] Generalizing bpf_local_storage
 2020-07-20 22:44 UTC  (5+ messages) - mbox.gz / Atom
` [PATCH bpf-next v4 2/4] bpf: Implement bpf_local_storage for inodes

[PATCH v3 00/12] ima: Fix rule parsing bugs and extend KEXEC_CMDLINE rule support
 2020-07-20 21:38 UTC  (9+ messages) - mbox.gz / Atom
` [PATCH v3 01/12] ima: Have the LSM free its audit rule
` [PATCH v3 07/12] ima: Fail rule parsing when appraise_flag=blacklist is unsupportable

[PATCH 00/15] [libcap] Manual pages: various fixes
 2020-07-20 20:21 UTC  (18+ messages) - mbox.gz / Atom
` [PATCH 01/15] Manual pages: various pages: Use "\-" for real minus signs
` [PATCH 02/15] Manual pages: cap_init.3: Formatting fix
` [PATCH 03/15] Manual pages: capsh.1: Various minor wording and formatting fixes
` [PATCH 04/15] Manual pages: cap_copy_ext.3: Typo fix
` [PATCH 05/15] Manual pages; cap_get_file.3: Fix some clumsily worded text
` [PATCH 06/15] Manual pages: getcap.8: Add missing word
` [PATCH 07/15] Manual pages: getcap.8: Fix a clumsily worded sentence
` [PATCH 08/15] Manual pages: getpcaps.8: Format options as a hanging list
` [PATCH 09/15] Manual pages: getpcaps.8: Remove a stray .br macro
` [PATCH 10/15] Manual pages: getpcaps.8: SEE ALSO: fix section number for capsh
` [PATCH 11/15] Manual pages: setcap.8: Typo fix
` [PATCH 12/15] Manual pages: cap_get_file.3: NOTES: note the effect of the Ambient set
` [PATCH 13/15] Manual pages: cap_get_proc.3: Update description of capsetp()
` [PATCH 14/15] Manual pages: cap_get_proc.3, capsh.1: Use "UID" and "GID" consistently
` [PATCH 15/15] Manual pages: capsh.1: Change .TP indent to the default

ANN: libseccomp v2.5.0 released
 2020-07-20 19:49 UTC  - mbox.gz / Atom

[PATCH v3 0/5] LSM: Measure security module state
 2020-07-20 18:59 UTC  (14+ messages) - mbox.gz / Atom
` [PATCH v3 4/5] LSM: Define SELinux function to measure security state

[RFC PATCH v4 00/12] Integrity Policy Enforcement LSM (IPE)
 2020-07-20 16:44 UTC  (7+ messages) - mbox.gz / Atom
` [RFC PATCH v4 02/12] security: add ipe lsm evaluation loop and audit system
` [RFC PATCH v4 05/12] fs: add security blob and hooks for block_device

[PATCH v6 0/7] capabilities: Introduce CAP_CHECKPOINT_RESTORE
 2020-07-20 12:58 UTC  (14+ messages) - mbox.gz / Atom
` [PATCH v6 1/7] "
` [PATCH v6 2/7] pid: use checkpoint_restore_ns_capable() for set_tid
` [PATCH v6 3/7] pid_namespace: use checkpoint_restore_ns_capable() for ns_last_pid
` [PATCH v6 4/7] proc: allow access in init userns for map_files with CAP_CHECKPOINT_RESTORE
` [PATCH v6 5/7] prctl: Allow local CAP_CHECKPOINT_RESTORE to change /proc/self/exe
` [PATCH v6 6/7] prctl: exe link permission error changed from -EINVAL to -EPERM
` [PATCH v6 7/7] selftests: add clone3() CAP_CHECKPOINT_RESTORE test

[PATCH bpf-next v4 1/4] bpf: Generalize bpf_sk_storage
 2020-07-20 11:18 UTC  (2+ messages) - mbox.gz / Atom

[RFC PATCH 0/5] keys: Security changes, ACLs and Container keyring
 2020-07-19 18:10 UTC  (2+ messages) - mbox.gz / Atom

[PATCH for v5.9] netfilter: xtables: Replace HTTP links with HTTPS ones
 2020-07-19 12:02 UTC  - mbox.gz / Atom

page:   latest

Linux-Security-Module Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-security-module/0 linux-security-module/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-security-module linux-security-module/ https://lore.kernel.org/linux-security-module \
		linux-security-module@vger.kernel.org
	public-inbox-index linux-security-module

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-security-module


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git