linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

 messages from 2021-11-17 01:58:35 to 2021-12-02 07:21:23 UTC [more...]

[RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE)
 2021-12-02  7:20 UTC  (7+ messages)
` [RFC PATCH v7 11/16] ipe: add support for dm-verity as a trust provider
      ` [RFC][PATCH] device mapper: Add builtin function dm_get_status()

[RFC 00/20] ima: Namespace IMA with audit support in IMA-ns
 2021-12-02  7:16 UTC  (38+ messages)
` [RFC 01/20] ima: Add IMA namespace support
` [RFC 02/20] ima: Define ns_status for storing namespaced iint data
` [RFC 03/20] ima: Namespace audit status flags
` [RFC 04/20] ima: Move delayed work queue and variables into ima_namespace
` [RFC 05/20] ima: Move IMA's keys queue related "
` [RFC 06/20] ima: Move policy "
` [RFC 07/20] ima: Move ima_htable "
` [RFC 08/20] ima: Move measurement list related variables "
` [RFC 09/20] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now
` [RFC 10/20] ima: Implement hierarchical processing of file accesses
` [RFC 11/20] securityfs: Prefix global variables with securityfs_
` [RFC 12/20] securityfs: Pass static variables as parameters from top level functions
` [RFC 13/20] securityfs: Build securityfs_ns for namespacing support
` [RFC 14/20] ima: Move some IMA policy and filesystem related variables into ima_namespace
` [RFC 15/20] capabilities: Introduce CAP_INTEGRITY_ADMIN
` [RFC 16/20] ima: Use ns_capable() for namespace policy access
` [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability
` [RFC 18/20] userns: Introduce a refcount variable for calling early teardown function
` [RFC 19/20] ima/userns: Define early teardown function for IMA namespace
` [RFC 20/20] ima: Setup securityfs_ns "

[PATCH] Add GlowSlayer Explicit Access Control from Cory Craig <gs.cory.craig@gmail.com>
 2021-12-02  1:39 UTC  (2+ messages)

[PATCH v17 0/3] Add trusted_for(2) (was O_MAYEXEC)
 2021-12-01 16:40 UTC  (6+ messages)

[PATCH v8 00/17] Enroll kernel keys thru MOK
 2021-12-01 13:46 UTC  (29+ messages)
` [PATCH v8 01/17] KEYS: Create static version of public_key_verify_signature
` [PATCH v8 02/17] integrity: Fix warning about missing prototypes
` [PATCH v8 03/17] integrity: Introduce a Linux keyring called machine
` [PATCH v8 04/17] integrity: Do not allow machine keyring updates following init
` [PATCH v8 05/17] X.509: Parse Basic Constraints for CA
` [PATCH v8 06/17] KEYS: CA link restriction
` [PATCH v8 07/17] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca
` [PATCH v8 08/17] integrity: add new keyring handler for mok keys
` [PATCH v8 09/17] KEYS: Rename get_builtin_and_secondary_restriction
` [PATCH v8 10/17] KEYS: add a reference to machine keyring
` [PATCH v8 11/17] KEYS: Introduce link restriction for machine keys
` [PATCH v8 12/17] KEYS: integrity: change link restriction to trust the machine keyring
` [PATCH v8 13/17] integrity: store reference to "
` [PATCH v8 14/17] KEYS: link machine trusted keys to secondary_trusted_keys
` [PATCH v8 15/17] efi/mokvar: move up init order
` [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found
` [PATCH v8 17/17] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true

[PATCH v2 0/6] KEXEC_SIG with appended signature
 2021-12-01 11:48 UTC  (10+ messages)
` [PATCH v2 1/6] s390/kexec_file: Don't opencode appended signature check
` [PATCH v2 2/6] powerpc/kexec_file: Add KEXEC_SIG support
` [PATCH v2 3/6] kexec_file: Don't opencode appended signature verification
` [PATCH v2 4/6] module: strip the signature marker in the verification function
` [PATCH v2 5/6] module: Use key_being_used_for for log messages in verify_appended_signature
` [PATCH v2 6/6] module: Move duplicate mod_check_sig users code to mod_parse_sig

[PATCH v4] KEYS: trusted: Fix trusted key backends when building as module
 2021-12-01 10:47 UTC  (3+ messages)

[PATCH v3 0/2] use SM3 instead of SM3_256
 2021-11-29 13:01 UTC  (3+ messages)

[PATCH v6 0/5] Allow guest access to EFI confidential computing secret area
 2021-11-29 11:42 UTC  (6+ messages)
` [PATCH v6 1/5] efi: Save location of EFI confidential computing area
` [PATCH v6 2/5] efi/libstub: Reserve confidential computing secret area
` [PATCH v6 3/5] virt: Add efi_secret module to expose confidential computing secrets
` [PATCH v6 4/5] efi: Load efi_secret module if EFI secret area is populated
` [PATCH v6 5/5] docs: security: Add coco/efi_secret documentation

[PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
 2021-11-24 23:30 UTC  (8+ messages)

[PATCH] ima: Fix trivial typos in the comments
 2021-11-24 21:44 UTC 

[PATCH v5 0/2] integrity: support including firmware ".platform" keys at build time
 2021-11-24 20:47 UTC  (3+ messages)
` [PATCH v5 1/2] certs: export load_certificate_list() to be used outside certs/
` [PATCH v5 2/2] integrity: support including firmware ".platform" keys at build time

[PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode()
 2021-11-24 16:43 UTC 

[PATCH 5.15 222/279] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
 2021-11-24 11:58 UTC 

[PATCH v30 00/28] LSM: Module stacking for AppArmor
 2021-11-24 13:40 UTC  (32+ messages)
  ` [PATCH v30 01/28] integrity: disassociate ima_filter_rule from security_audit_rule
  ` [PATCH v30 02/28] LSM: Infrastructure management of the sock security
  ` [PATCH v30 03/28] LSM: Add the lsmblob data structure
  ` [PATCH v30 04/28] LSM: provide lsm name and id slot mappings
  ` [PATCH v30 05/28] IMA: avoid label collisions with stacked LSMs
  ` [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match
  ` [PATCH v30 07/28] LSM: Use lsmblob in security_kernel_act_as
  ` [PATCH v30 08/28] LSM: Use lsmblob in security_secctx_to_secid
  ` [PATCH v30 09/28] LSM: Use lsmblob in security_secid_to_secctx
  ` [PATCH v30 10/28] LSM: Use lsmblob in security_ipc_getsecid
  ` [PATCH v30 11/28] LSM: Use lsmblob in security_task_getsecid
  ` [PATCH v30 12/28] LSM: Use lsmblob in security_inode_getsecid
  ` [PATCH v30 13/28] LSM: Use lsmblob in security_cred_getsecid
  ` [PATCH v30 14/28] LSM: Specify which LSM to display
  ` [PATCH v30 15/28] LSM: Ensure the correct LSM context releaser
  ` [PATCH v30 16/28] LSM: Use lsmcontext in security_secid_to_secctx
  ` [PATCH v30 17/28] LSM: Use lsmcontext in security_inode_getsecctx
  ` [PATCH v30 18/28] LSM: security_secid_to_secctx in netlink netfilter
  ` [PATCH v30 19/28] NET: Store LSM netlabel data in a lsmblob
  ` [PATCH v30 20/28] binder: Pass LSM identifier for confirmation
  ` [PATCH v30 21/28] LSM: Extend security_secid_to_secctx to include module selection
  ` [PATCH v30 22/28] Audit: Keep multiple LSM data in audit_names
  ` [PATCH v30 23/28] Audit: Create audit_stamp structure
  ` [PATCH v30 24/28] Audit: Add framework for auxiliary records
  ` [PATCH v30 25/28] Audit: Add record for multiple task security contexts
  ` [PATCH v30 26/28] Audit: Add record for multiple object "
  ` [PATCH v30 27/28] LSM: Add /proc attr entry for full LSM context
  ` [PATCH v30 28/28] AppArmor: Remove the exclusive flag

[PATCH] binder: fix test regression due to sender_euid change
 2021-11-24  9:57 UTC  (4+ messages)

[PATCH v4 0/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys
 2021-11-24  7:53 UTC  (6+ messages)
` [PATCH v4 4/5] crypto: caam - add in-kernel interface for blob generator
` [PATCH v4 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys

[GIT PULL] SELinux fixes for v5.16 (#2)
 2021-11-23 22:05 UTC  (2+ messages)

[PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
 2021-11-23  3:14 UTC  (12+ messages)

[PATCH v4 0/2] integrity: support including firmware ".platform" keys at build time
 2021-11-22 15:36 UTC  (3+ messages)
` [PATCH v4 2/2] "

[PATCH v7 00/17] Enroll kernel keys thru MOK
 2021-11-19  2:50 UTC  (34+ messages)
` [PATCH v7 01/17] integrity: Introduce a Linux keyring called machine
` [PATCH v7 02/17] integrity: Do not allow machine keyring updates following init
` [PATCH v7 03/17] KEYS: Create static version of public_key_verify_signature
` [PATCH v7 04/17] X.509: Parse Basic Constraints for CA
` [PATCH v7 07/17] integrity: Fix warning about missing prototypes
` [PATCH v7 08/17] integrity: add new keyring handler for mok keys
` [PATCH v7 09/17] KEYS: Rename get_builtin_and_secondary_restriction
` [PATCH v7 11/17] KEYS: Introduce link restriction for machine keys
` [PATCH v7 12/17] KEYS: integrity: change link restriction to trust the machine keyring
` [PATCH v7 13/17] KEYS: link secondary_trusted_keys to machine trusted keys

[PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
 2021-11-18 20:32 UTC  (11+ messages)
` [PATCH v19 2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method
` [PATCH v19 3/4] overlayfs: override_creds=off option bypass creator_cred
` [PATCH v19 4/4] overlayfs: inode_owner_or_capable called during execv

[PATCH v5 0/4] Allow guest access to EFI confidential computing secret area
 2021-11-18 12:43 UTC  (6+ messages)
` [PATCH v5 1/4] efi: Save location of EFI confidential computing area
` [PATCH v5 2/4] efi/libstub: Reserve confidential computing secret area
` [PATCH v5 3/4] virt: Add efi_secret module to expose confidential computing secrets
` [PATCH v5 4/4] docs: security: Add coco/efi_secret documentation

[PATCH -next] apparmor: Fix kernel-doc
 2021-11-17  7:37 UTC 

page: next (older) | prev (newer) | latest

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).