linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
 messages from 2021-05-12 17:07:31 to 2021-05-26 15:17:51 UTC [more...]

[RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
 2021-05-26 15:17 UTC  (26+ messages)
` [RFC PATCH 1/9] audit: prepare audit_context for use in calling contexts beyond syscalls
` [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
` [RFC PATCH 3/9] audit: dev/test patch to force io_uring auditing
` [RFC PATCH 4/9] audit: add filtering for io_uring records
` [RFC PATCH 5/9] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure()
` [RFC PATCH 6/9] io_uring: convert io_uring to the secure anon inode interface
` [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring
` [RFC PATCH 8/9] selinux: add support for the io_uring access controls
` [RFC PATCH 9/9] Smack: Brutalist io_uring support with debug

[PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
 2021-05-26 11:44 UTC  (3+ messages)

[PATCH v26 00/25] LSM: Module stacking for AppArmor
 2021-05-26  9:53 UTC  (49+ messages)
  ` [PATCH v26 01/25] LSM: Infrastructure management of the sock security
  ` [PATCH v26 02/25] LSM: Add the lsmblob data structure
  ` [PATCH v26 03/25] LSM: provide lsm name and id slot mappings
  ` [PATCH v26 04/25] IMA: avoid label collisions with stacked LSMs
  ` [PATCH v26 05/25] LSM: Use lsmblob in security_audit_rule_match
  ` [PATCH v26 06/25] LSM: Use lsmblob in security_kernel_act_as
  ` [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid
  ` [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx
  ` [PATCH v26 09/25] LSM: Use lsmblob in security_ipc_getsecid
  ` [PATCH v26 10/25] LSM: Use lsmblob in security_task_getsecid
  ` [PATCH v26 11/25] LSM: Use lsmblob in security_inode_getsecid
  ` [PATCH v26 12/25] LSM: Use lsmblob in security_cred_getsecid
  ` [PATCH v26 13/25] IMA: Change internal interfaces to use lsmblobs
  ` [PATCH v26 14/25] LSM: Specify which LSM to display
  ` [PATCH v26 15/25] LSM: Ensure the correct LSM context releaser
  ` [PATCH v26 16/25] LSM: Use lsmcontext in security_secid_to_secctx
  ` [PATCH v26 17/25] LSM: Use lsmcontext in security_inode_getsecctx
  ` [PATCH v26 18/25] LSM: security_secid_to_secctx in netlink netfilter
  ` [PATCH v26 19/25] NET: Store LSM netlabel data in a lsmblob
  ` [PATCH v26 20/25] LSM: Verify LSM display sanity in binder
  ` [PATCH v26 21/25] audit: add support for non-syscall auxiliary records
  ` [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  ` [PATCH v26 23/25] Audit: Add a new record for multiple object "
  ` [PATCH v26 24/25] LSM: Add /proc attr entry for full LSM context
  ` [PATCH v26 25/25] AppArmor: Remove the exclusive flag

[PATCH] proc: Check /proc/$pid/attr/ writes against file opener
 2021-05-25 21:24 UTC  (3+ messages)

[ANNOUNCE][CFP] Linux Security Summit 2021
 2021-05-25 16:24 UTC  (2+ messages)

[RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
 2021-05-24 18:55 UTC  (26+ messages)
` [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory
` [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader

[PATCH 0/7] ima: Add template fields to verify EVM portable signatures
 2021-05-24 18:31 UTC  (13+ messages)
` [PATCH 1/7] ima: Add ima_show_template_uint() template library function
` [PATCH 2/7] ima: Introduce template fields iuid and igid
` [PATCH 3/7] ima: Introduce template fields mntuidmap and mntgidmap
` [PATCH 4/7] ima: Introduce template field imode
` [PATCH 5/7] evm: Verify portable signatures against all protected xattrs
` [PATCH 6/7] ima: Introduce template field evmxattrs
` [PATCH 7/7] evm: Don't return an error in evm_write_xattrs() if audit is not enabled

[RFC PATCH 0/3] Allow access to confidential computing secret area
 2021-05-24 17:12 UTC  (14+ messages)
` [RFC PATCH 3/3] virt: Add sev_secret module to expose confidential computing secrets

[RFC PATCH 0/3] Add additional MOK vars
 2021-05-24 11:12 UTC  (14+ messages)
` [RFC PATCH 1/3] keys: Add ability to trust the platform keyring
` [RFC PATCH 2/3] keys: Trust platform keyring if MokTrustPlatform found
` [RFC PATCH 3/3] ima: Enable IMA SB Policy if MokIMAPolicy found

[PATCH v7 0/7] Fork brute force attack mitigation
 2021-05-23 15:47 UTC  (12+ messages)
` [PATCH v7 1/7] security: Add LSM hook at the point where a task gets a fatal signal
` [PATCH v7 2/7] security/brute: Define a LSM and add sysctl attributes
` [PATCH v7 3/7] security/brute: Detect a brute force attack
` [PATCH v7 4/7] security/brute: Mitigate "
` [PATCH v7 5/7] selftests/brute: Add tests for the Brute LSM
` [PATCH v7 6/7] Documentation: Add documentation "
` [PATCH v7 7/7] MAINTAINERS: Add a new entry "

[PATCH v7 00/12] evm: Improve usability of portable signatures
 2021-05-21 17:31 UTC  (18+ messages)
` [PATCH v7 01/12] evm: Execute evm_inode_init_security() only when an HMAC key is loaded
` [PATCH v7 02/12] evm: Load EVM key in ima_load_x509() to avoid appraisal
` [PATCH v7 03/12] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
` [PATCH v7 04/12] evm: Introduce evm_revalidate_status()
` [PATCH v7 05/12] evm: Introduce evm_hmac_disabled() to safely ignore verification errors
  ` [RESEND][PATCH "
` [PATCH v7 06/12] evm: Allow xattr/attr operations for portable signatures
` [PATCH v7 07/12] evm: Pass user namespace to set/remove xattr hooks
` [PATCH v7 08/12] evm: Allow setxattr() and setattr() for unmodified metadata
` [PATCH v7 09/12] evm: Deprecate EVM_ALLOW_METADATA_WRITES
` [PATCH v7 10/12] ima: Allow imasig requirement to be satisfied by EVM portable signatures
` [PATCH v7 11/12] ima: Introduce template field evmsig and write to field sig as fallback
` [PATCH v7 12/12] ima: Don't remove security.ima if file must not be appraised

[PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down
 2021-05-20  8:38 UTC  (3+ messages)

[PATCH RESEND v5] proc: Allow pid_revalidate() during LOOKUP_RCU
 2021-05-19 20:31 UTC  (2+ messages)

[PATCH v2 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
 2021-05-19 17:07 UTC  (4+ messages)
` [PATCH v2 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag
` [PATCH v2 2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount

[PATCH] Revert "Smack: Handle io_uring kernel thread privileges"
 2021-05-18 17:40 UTC  (2+ messages)

[PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
 2021-05-17 13:46 UTC  (4+ messages)

[syzbot] general protection fault in tomoyo_check_acl (2)
 2021-05-17 11:07 UTC 

[PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
 2021-05-17  8:34 UTC  (9+ messages)

[PATCH v2 00/13] Unify asm/unaligned.h around struct helper
 2021-05-14 20:19 UTC  (8+ messages)
` [PATCH v2 09/13] apparmor: use get_unaligned() only for multi-byte words

[RFC] [PATCH bpf-next 0/1] Implement getting cgroup path bpf helper
 2021-05-14 11:21 UTC  (8+ messages)
` [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task

[PATCH v2 09/10] apparmor: test: Remove some casts which are no-longer required
 2021-05-13 19:32 UTC 

Fwd: A missing check bug in __sys_accept4_file()
 2021-05-12 16:23 UTC  (2+ messages)
`  "


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).