April 2018 Archives by author
Starting: Sun Apr 1 05:15:39 UTC 2018
Ending: Mon Apr 30 21:35:38 UTC 2018
Messages: 459
- [manpages PATCH] capabilities.7: describe namespaced file capabilities
Michael Kerrisk (man-pages)
- [manpages PATCH] capabilities.7: describe namespaced file capabilities
Michael Kerrisk (man-pages)
- [manpages PATCH] capabilities.7: describe namespaced file capabilities
Michael Kerrisk (man-pages)
- [PATCH bpf-next v8 00/11] Landlock LSM: Toward unprivileged sandboxing
Tycho Andersen
- [PATCH 1/3] big key: get rid of stack array allocation
Tycho Andersen
- [PATCH 2/3] dh key: get rid of stack allocated array
Tycho Andersen
- [PATCH 3/3] dh key: get rid of stack allocated array for zeroes
Tycho Andersen
- [PATCH 3/3] dh key: get rid of stack allocated array for zeroes
Tycho Andersen
- [PATCH 1/3] big key: get rid of stack array allocation
Tycho Andersen
- [PATCH 1/3] big key: get rid of stack array allocation
Tycho Andersen
- [PATCH v3 1/3] big key: get rid of stack array allocation
Tycho Andersen
- [PATCH v3 2/3] dh key: get rid of stack allocated array
Tycho Andersen
- [PATCH v3 3/3] dh key: get rid of stack allocated array for zeroes
Tycho Andersen
- [PATCH 1/3] big key: get rid of stack array allocation
Tycho Andersen
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
Stefan Berger
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
Stefan Berger
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
Stefan Berger
- [GIT PULL] Kernel lockdown for secure boot
Eric W. Biederman
- KASAN: null-ptr-deref Read in xattr_getsecurity
Eric W. Biederman
- [PATCH 24/24] debugfs: Restrict debugfs when the kernel is locked down
Eric W. Biederman
- [PATCH 06/24] kexec_load: Disable at runtime if the kernel is locked down
Eric W. Biederman
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
Eric W. Biederman
- [manpages PATCH] capabilities.7: describe namespaced file capabilities
Eric W. Biederman
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
Eric W. Biederman
- [GIT PULL] Kernel lockdown for secure boot
Ard Biesheuvel
- [PATCH 1/3] big key: get rid of stack array allocation
Eric Biggers
- [PATCH 1/3] big key: get rid of stack array allocation
Eric Biggers
- [GIT PULL] Kernel lockdown for secure boot
Daniel Borkmann
- [PATCH ghak46 V1] audit: normalize MAC_STATUS record
Richard Guy Briggs
- [PATCH ghak47 V1] audit: normalize MAC_POLICY_LOAD record
Richard Guy Briggs
- [PATCH ghak46 V1] audit: normalize MAC_STATUS record
Richard Guy Briggs
- [PATCH ghak46 V1] audit: normalize MAC_STATUS record
Richard Guy Briggs
- Extracting written string from the write syscall
Richard Guy Briggs
- [GIT PULL] Kernel lockdown for secure boot
Kees Cook
- [GIT PULL] Kernel lockdown for secure boot
Kees Cook
- [GIT PULL] Kernel lockdown for secure boot
Kees Cook
- [PATCH 1/3] big key: get rid of stack array allocation
Kees Cook
- [GIT PULL] Kernel lockdown for secure boot
Alan Cox
- [GIT PULL] Kernel lockdown for secure boot
Alan Cox
- [GIT PULL] Kernel lockdown for secure boot
Alan Cox
- [PATCH] security: Split out hook definitions into lsm_hook_types.h
Sargun Dhillon
- [PATCH v4 0/1] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [PATCH v4 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Sargun Dhillon
- [PATCH] security: remove security_settime
Sargun Dhillon
- [PATCH 0/4] security: Split out hook definitions into lsm_hook_types.h
Sargun Dhillon
- [PATCH 2/4] security: Refactor security hooks into structured hooks
Sargun Dhillon
- [PATCH 3/4] security: Make security_hook_heads use definitions in lsm_hook_types.h
Sargun Dhillon
- [PATCH 4/4] security: generated security hook initialization based on lsm_hook_types.h
Sargun Dhillon
- [PATCH 0/4] security: Split out hook definitions into lsm_hook_types.h
Sargun Dhillon
- [PATCH v4 0/1] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [PATCH] security: remove security_settime
Sargun Dhillon
- [PATCH v5 0/1] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [PATCH v5 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Sargun Dhillon
- [PATCH v5 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Sargun Dhillon
- [PATCH v5 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Sargun Dhillon
- [PATCH] security: Remove unused field from security_hook_list
Sargun Dhillon
- [PATCH v6 0/1] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [PATCH v6 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Sargun Dhillon
- [PATCH v6 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Sargun Dhillon
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [PATCH v7 1/6] security: Move LSM registration arguments to struct lsm_info
Sargun Dhillon
- [PATCH v7 2/6] security: Make security_hook_heads private
Sargun Dhillon
- [PATCH v7 3/6] security: Introduce mutable (RW) hooks
Sargun Dhillon
- [PATCH v7 4/6] security: Expose security_add_hooks externally and add error handling
Sargun Dhillon
- [PATCH v7 5/6] security: Panic on forced unloading of security module
Sargun Dhillon
- [PATCH v7 6/6] security: Add SECURITY_UNREGISTRABLE_HOOKS to allow for hook removal
Sargun Dhillon
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- Extracting written string from the write syscall
Sargun Dhillon
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Sargun Dhillon
- [GIT PULL] Kernel lockdown for secure boot
Peter Dolding
- [GIT PULL] Kernel lockdown for secure boot
Peter Dolding
- [GIT PULL] Kernel lockdown for secure boot
Peter Dolding
- [PATCH v4 0/1] Safe LSM (un)loading, and immutable hooks
Peter Dolding
- [PATCH v4 0/1] Safe LSM (un)loading, and immutable hooks
Peter Dolding
- [PATCH v4 0/1] Safe LSM (un)loading, and immutable hooks
Peter Dolding
- [GIT PULL] Kernel lockdown for secure boot
Peter Dolding
- [PATCH v4 0/1] Safe LSM (un)loading, and immutable hooks
Peter Dolding
- [PATCH] uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name
Randy Dunlap
- [PATCH 18/24] Lock down module params that specify hardware parameters (eg. ioport)
Randy Dunlap
- [PATCH 24/24] debugfs: Restrict debugfs when the kernel is locked down
Randy Dunlap
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
Randy Dunlap
- [PATCH 03/24] VFS: Introduce the structs and doc for a filesystem context [ver #7]
Randy Dunlap
- [PATCH 3/3] genalloc: selftest
Randy Dunlap
- Proposal
MS Zeliha Omer Faruk
- [GIT PULL] Kernel lockdown for secure boot
Justin Forbes
- [GIT PULL] Kernel lockdown for secure boot
Justin Forbes
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
Justin Forbes
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
Justin Forbes
- [GIT PULL] Kernel lockdown for secure boot
Mike Galbraith
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Matthew Garrett
- [GIT PULL] Kernel lockdown for secure boot
Thomas Gleixner
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
Jordan Glover
- [PATCH 0/5 V2] tpm: timeouts revamp
Ken Goldman
- [PATCH ghak46 V1] audit: normalize MAC_STATUS record
Steve Grubb
- [GIT PULL] SELinux patches for v4.17
Richard Haines
- [GIT PULL] SELinux patches for v4.17
Richard Haines
- [GIT PULL] SELinux patches for v4.17
Richard Haines
- [GIT PULL] SELinux patches for v4.17
Richard Haines
- [RFC v3 0/2] WhiteEgret LSM module
Serge E. Hallyn
- [RFC v3 0/2] WhiteEgret LSM module
Serge E. Hallyn
- KASAN: null-ptr-deref Read in xattr_getsecurity
Serge E. Hallyn
- [manpages PATCH] capabilities.7: describe namespaced file capabilities
Serge E. Hallyn
- [manpages PATCH] capabilities.7: describe namespaced file capabilities
Serge E. Hallyn
- [manpages PATCH] capabilities.7: describe namespaced file capabilities
Serge E. Hallyn
- [PATCH 0/3] Introduce LSM-hook for socketpair(2)
Serge E. Hallyn
- [manpages PATCH] capabilities.7: describe namespaced file capabilities
Serge E. Hallyn
- [PATCH 1/3] big key: get rid of stack array allocation
Serge E. Hallyn
- [PATCH v3 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Tetsuo Handa
- [PATCH v5 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Tetsuo Handa
- [PATCH v5 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Tetsuo Handa
- KASAN: null-ptr-deref Read in xattr_getsecurity
Tetsuo Handa
- [PATCH] security: Remove unused field from security_hook_list
Tetsuo Handa
- [PATCH v6 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Tetsuo Handa
- [PATCH v6 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Tetsuo Handa
- [PATCH 1/3] big key: get rid of stack array allocation
Tetsuo Handa
- [PATCH 1/3] big key: get rid of stack array allocation
Tetsuo Handa
- KASAN: null-ptr-deref Read in xattr_getsecurity
Tetsuo Handa
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Tetsuo Handa
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Tetsuo Handa
- Security tree merge to v4.17-rc2
Tetsuo Handa
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Tetsuo Handa
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Tetsuo Handa
- [PATCH 0/3] Introduce LSM-hook for socketpair(2)
David Herrmann
- [PATCH 1/3] security: add hook for socketpair(AF_UNIX, ...)
David Herrmann
- [PATCH 2/3] net/unix: hook unix_socketpair() into LSM
David Herrmann
- [PATCH 3/3] selinux: provide unix_stream_socketpair callback
David Herrmann
- [PATCH 0/3] Better integrate seccomp logging and auditing
Tyler Hicks
- [PATCH 1/3] seccomp: Separate read and write code for actions_logged sysctl
Tyler Hicks
- [PATCH 2/3] seccomp: Audit attempts to modify the actions_logged sysctl
Tyler Hicks
- [PATCH 3/3] seccomp: Don't special case audited processes when logging
Tyler Hicks
- [GIT PULL] Kernel lockdown for secure boot
Jann Horn
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
Jann Horn
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
Jann Horn
- [PATCH 02/24] Add a SysRq option to lift kernel lockdown
Jann Horn
- [manpages PATCH] capabilities.7: describe namespaced file capabilities
Jann Horn
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- [GIT PULL] Kernel lockdown for secure boot
David Howells
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
David Howells
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
David Howells
- [PATCH] uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name
David Howells
- [PATCH 00/24] security: Add kernel lockdown
David Howells
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
David Howells
- [PATCH 02/24] Add a SysRq option to lift kernel lockdown
David Howells
- [PATCH 03/24] ima: require secure_boot rules in lockdown mode
David Howells
- [PATCH 04/24] Enforce module signatures if the kernel is locked down
David Howells
- [PATCH 05/24] Restrict /dev/{mem, kmem, port} when the kernel is locked down
David Howells
- [PATCH 06/24] kexec_load: Disable at runtime if the kernel is locked down
David Howells
- [PATCH 07/24] hibernate: Disable when the kernel is locked down
David Howells
- [PATCH 08/24] uswsusp: Disable when the kernel is locked down
David Howells
- [PATCH 09/24] PCI: Lock down BAR access when the kernel is locked down
David Howells
- [PATCH 10/24] x86: Lock down IO port access when the kernel is locked down
David Howells
- [PATCH 11/24] x86/msr: Restrict MSR access when the kernel is locked down
David Howells
- [PATCH 12/24] ACPI: Limit access to custom_method when the kernel is locked down
David Howells
- [PATCH 13/24] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
David Howells
- [PATCH 14/24] acpi: Disable ACPI table override if the kernel is locked down
David Howells
- [PATCH 15/24] acpi: Disable APEI error injection if the kernel is locked down
David Howells
- [PATCH 16/24] Prohibit PCMCIA CIS storage when the kernel is locked down
David Howells
- [PATCH 17/24] Lock down TIOCSSERIAL
David Howells
- [PATCH 18/24] Lock down module params that specify hardware parameters (eg. ioport)
David Howells
- [PATCH 19/24] x86/mmiotrace: Lock down the testmmiotrace module
David Howells
- [PATCH 20/24] Lock down /proc/kcore
David Howells
- [PATCH 21/24] Lock down kprobes
David Howells
- [PATCH 22/24] bpf: Restrict kernel image access functions when the kernel is locked down
David Howells
- [PATCH 23/24] Lock down perf
David Howells
- [PATCH 24/24] debugfs: Restrict debugfs when the kernel is locked down
David Howells
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
David Howells
- [PATCH 06/24] kexec_load: Disable at runtime if the kernel is locked down
David Howells
- [PATCH 24/24] debugfs: Restrict debugfs when the kernel is locked down
David Howells
- [PATCH 24/24] debugfs: Restrict debugfs when the kernel is locked down
David Howells
- [PATCH 00/24] VFS: Introduce filesystem context [ver #7]
David Howells
- [PATCH 01/24] vfs: Undo an overly zealous MS_RDONLY -> SB_RDONLY conversion [ver #7]
David Howells
- [PATCH 02/24] VFS: Suppress MS_* flag defs within the kernel unless explicitly enabled [ver #7]
David Howells
- [PATCH 03/24] VFS: Introduce the structs and doc for a filesystem context [ver #7]
David Howells
- [PATCH 04/24] VFS: Add LSM hooks for filesystem context [ver #7]
David Howells
- [PATCH 05/24] apparmor: Implement security hooks for the new mount API [ver #7]
David Howells
- [PATCH 06/24] tomoyo: Implement security hooks for the new mount API [ver #7]
David Howells
- [PATCH 07/24] smack: Implement filesystem context security hooks [ver #7]
David Howells
- [PATCH 09/24] VFS: Implement a filesystem superblock creation/configuration context [ver #7]
David Howells
- [PATCH 10/24] VFS: Remove unused code after filesystem context changes [ver #7]
David Howells
- [PATCH 11/24] procfs: Move proc_fill_super() to fs/proc/root.c [ver #7]
David Howells
- [PATCH 12/24] proc: Add fs_context support to procfs [ver #7]
David Howells
- [PATCH 13/24] ipc: Convert mqueue fs to fs_context [ver #7]
David Howells
- [PATCH 14/24] cpuset: Use fs_context [ver #7]
David Howells
- [PATCH 15/24] kernfs, sysfs, cgroup, intel_rdt: Support fs_context [ver #7]
David Howells
- [PATCH 16/24] hugetlbfs: Convert to fs_context [ver #7]
David Howells
- [PATCH 17/24] VFS: Remove kern_mount_data() [ver #7]
David Howells
- [PATCH 18/24] VFS: Implement fsopen() to prepare for a mount [ver #7]
David Howells
- [PATCH 19/24] VFS: Implement fsmount() to effect a pre-configured mount [ver #7]
David Howells
- [PATCH 20/24] afs: Fix server record deletion [ver #7]
David Howells
- [PATCH 21/24] net: Export get_proc_net() [ver #7]
David Howells
- [PATCH 22/24] afs: Add fs_context support [ver #7]
David Howells
- [PATCH 23/24] afs: Implement namespacing [ver #7]
David Howells
- [PATCH 24/24] afs: Use fs_context to pass parameters over automount [ver #7]
David Howells
- [PATCH 24/24] debugfs: Restrict debugfs when the kernel is locked down
David Howells
- [PATCH 07/24] hibernate: Disable when the kernel is locked down
David Howells
- [PATCH 04/24] VFS: Add LSM hooks for filesystem context [ver #7]
David Howells
- [PATCH 04/24] VFS: Add LSM hooks for filesystem context [ver #7]
David Howells
- [PATCH] tpm: moves the delay_msec increment after sleep in tpm_transmit()
Nayna Jain
- [PATCH] tpm: moves the delay_msec increment after sleep in tpm_transmit()
Nayna Jain
- [PATCH v2 0/2] tpm: improving granularity in poll sleep times
Nayna Jain
- [PATCH v2 1/2] tpm: reduce poll sleep time in tpm_transmit()
Nayna Jain
- [PATCH v2 2/2] tpm: reduce polling time to usecs for even finer granularity
Nayna Jain
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
John Johansen
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
John Johansen
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
John Johansen
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
John Johansen
- [GIT PULL] Kernel lockdown for secure boot
Peter Jones
- [PATCH 24/24] debugfs: Restrict debugfs when the kernel is locked down
Greg KH
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
Greg KH
- [PATCH 24/24] debugfs: Restrict debugfs when the kernel is locked down
Greg KH
- [PATCH 24/24] debugfs: Restrict debugfs when the kernel is locked down
Greg KH
- [PATCH v2] X.509: unpack RSA signatureValue field from BIT STRING
Kamil Konieczny
- [PATCH 07/24] hibernate: Disable when the kernel is locked down
Jiri Kosina
- [GIT PULL] Kernel lockdown for secure boot
Greg Kroah-Hartman
- [GIT PULL] Kernel lockdown for secure boot
Greg Kroah-Hartman
- [GIT PULL] Kernel lockdown for secure boot
Greg Kroah-Hartman
- [PATCH] uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name
Sasha Levin
- [GIT PULL] SELinux patches for v4.17
Xin Long
- [GIT PULL] SELinux patches for v4.17
Xin Long
- [GIT PULL] SELinux patches for v4.17
Xin Long
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [RFC PATCH v1] fw_lockdown: new micro LSM module to prevent loading unsigned firmware
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
Andy Lutomirski
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [GIT PULL] Kernel lockdown for secure boot
Andy Lutomirski
- [PATCH bpf-next v8 05/11] seccomp,landlock: Enforce Landlock programs per process hierarchy
Andy Lutomirski
- [PATCH 24/24] debugfs: Restrict debugfs when the kernel is locked down
Andy Lutomirski
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
Andy Lutomirski
- [PATCH 24/24] debugfs: Restrict debugfs when the kernel is locked down
Andy Lutomirski
- [PATCH 07/24] hibernate: Disable when the kernel is locked down
Andy Lutomirski
- [PATCH] uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name
Mat Martineau
- [PATCH 2/3] net/unix: hook unix_socketpair() into LSM
David Miller
- [PATCH 0/3] Introduce LSM-hook for socketpair(2)
David Miller
- [PATCH v2 1/5] selinux:Remove direct references to policydb.
Paul Moore
- [GIT PULL] SELinux patches for v4.17
Paul Moore
- [GIT PULL] SELinux patches for v4.17
Paul Moore
- [GIT PULL] SELinux patches for v4.17
Paul Moore
- [PATCH ghak46 V1] audit: normalize MAC_STATUS record
Paul Moore
- [PATCH ghak47 V1] audit: normalize MAC_POLICY_LOAD record
Paul Moore
- [PATCH v5 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Paul Moore
- [PATCH ghak47 V1] audit: normalize MAC_POLICY_LOAD record
Paul Moore
- [PATCH ghak46 V1] audit: normalize MAC_STATUS record
Paul Moore
- [PATCH ghak46 V1] audit: normalize MAC_STATUS record
Paul Moore
- [PATCH 04/24] VFS: Add LSM hooks for filesystem context [ver #7]
Paul Moore
- [PATCH 2/3] net/unix: hook unix_socketpair() into LSM
Paul Moore
- [PATCH 2/3] net/unix: hook unix_socketpair() into LSM
Paul Moore
- [PATCH 0/3] Introduce LSM-hook for socketpair(2)
Paul Moore
- [GIT PULL][SECURITY] general changes for v4.17
James Morris
- [GIT PULL] Kernel lockdown for secure boot
James Morris
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
James Morris
- [GIT PULL][SECURITY] Smack updates for v4.17
James Morris
- [GIT PULL][SECURITY] TPM updates for v4.17
James Morris
- [GIT PULL][SECURITY] Integrity updates for v4.17
James Morris
- [PATCH] security: remove security_settime
James Morris
- [ANNOUNCE] Linux Security Summit North America 2018 - CFP
James Morris
- KASAN: null-ptr-deref Read in xattr_getsecurity
James Morris
- [PATCH] security: remove security_settime
James Morris
- Security tree merge to v4.17-rc2
James Morris
- [PATCH 0/3] Introduce LSM-hook for socketpair(2)
James Morris
- [PATCH 0/3] Introduce LSM-hook for socketpair(2)
James Morris
- Security tree merge to v4.17-rc2
James Morris
- Security tree merge to v4.17-rc2
James Morris
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
James Morris
- [PATCH ghak46 V1] audit: normalize MAC_STATUS record
Ondrej Mosnacek
- [PATCH ghak46 V1] audit: normalize MAC_STATUS record
Ondrej Mosnacek
- Representative Needed.
PPMC OFFSHORE
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
Miguel Ojeda
- [RFC PATCH v1] fw_lockdown: new micro LSM module to prevent loading unsigned firmware
Luis R. Rodriguez
- [RFC PATCH v1] fw_lockdown: new micro LSM module to prevent loading unsigned firmware
Luis R. Rodriguez
- [PATCH v3 2/5] efi: Add embedded peripheral firmware support
Luis R. Rodriguez
- [PATCH v3 2/5] efi: Add embedded peripheral firmware support
Luis R. Rodriguez
- [PATCH] tpm: moves the delay_msec increment after sleep in tpm_transmit()
Jarkko Sakkinen
- [PATCH v4 0/4] Migrate all TPM 2.0 commands to use struct tpm_buf
Jarkko Sakkinen
- [PATCH] tpm: moves the delay_msec increment after sleep in tpm_transmit()
Jarkko Sakkinen
- [PATCH] tpm: tpm_crb: relinquish locality on error path.
Jarkko Sakkinen
- [PATCH] tpm: moves the delay_msec increment after sleep in tpm_transmit()
Jarkko Sakkinen
- [PATCH] tpm: tpm_crb: relinquish locality on error path.
Jarkko Sakkinen
- [PATCH] tpm: moves the delay_msec increment after sleep in tpm_transmit()
Jarkko Sakkinen
- [PATCH] tpm: tpm_crb: relinquish locality on error path.
Jarkko Sakkinen
- [PATCH v2 1/2] tpm: reduce poll sleep time in tpm_transmit()
Jarkko Sakkinen
- [PATCH v2 2/2] tpm: reduce polling time to usecs for even finer granularity
Jarkko Sakkinen
- [PATCH] tpm: tpm_crb: relinquish locality on error path.
Jarkko Sakkinen
- Updates on ima digest list feature
Roberto Sassu
- [PATCH 0/4] security: Split out hook definitions into lsm_hook_types.h
Casey Schaufler
- [PATCH v4 0/1] Safe LSM (un)loading, and immutable hooks
Casey Schaufler
- [PATCH v4 0/1] Safe LSM (un)loading, and immutable hooks
Casey Schaufler
- [PATCH] security: Remove unused field from security_hook_list
Casey Schaufler
- [PATCH 0/3] Introduce LSM-hook for socketpair(2)
Casey Schaufler
- Security tree merge to v4.17-rc2
Casey Schaufler
- Extracting written string from the write syscall
Casey Schaufler
- Extracting written string from the write syscall
Casey Schaufler
- Security tree merge to v4.17-rc2
Casey Schaufler
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Casey Schaufler
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Casey Schaufler
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Casey Schaufler
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Casey Schaufler
- [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Casey Schaufler
- Security tree merge to v4.17-rc2
Casey Schaufler
- [PATCH v5 1/1] security: Add mechanism to safely (un)load LSMs after boot time
Stephen Smalley
- [PATCH 04/24] VFS: Add LSM hooks for filesystem context [ver #7]
Stephen Smalley
- [PATCH 3/3] selinux: provide unix_stream_socketpair callback
Stephen Smalley
- [PATCH 9/9] Protect SELinux initialized state with pmalloc
Stephen Smalley
- [PATCH 04/24] VFS: Add LSM hooks for filesystem context [ver #7]
Stephen Smalley
- [REVIEW][PATCH 11/11] ipc/sem: Fix semctl(..., GETPID, ...) between pid namespaces
Manfred Spraul
- [GIT PULL] Kernel lockdown for secure boot
Alexei Starovoitov
- [GIT PULL] Kernel lockdown for secure boot
Alexei Starovoitov
- [GIT PULL] Kernel lockdown for secure boot
Alexei Starovoitov
- [PATCH bpf-next v8 05/11] seccomp,landlock: Enforce Landlock programs per process hierarchy
Alexei Starovoitov
- [PATCH v4 0/1] Safe LSM (un)loading, and immutable hooks
Igor Stoppa
- [PATCH v4 0/1] Safe LSM (un)loading, and immutable hooks
Igor Stoppa
- [RFC PATCH v22 0/6] mm: security: ro protection for dynamic data
Igor Stoppa
- [PATCH 1/6] struct page: add field for vm_struct
Igor Stoppa
- [PATCH 2/6] vmalloc: rename llist field in vmap_area
Igor Stoppa
- [PATCH 3/6] Protectable Memory
Igor Stoppa
- [PATCH 4/6] Documentation for Pmalloc
Igor Stoppa
- [PATCH 5/6] Pmalloc selftest
Igor Stoppa
- [PATCH 6/6] lkdtm: crash on overwriting protected pmalloc var
Igor Stoppa
- [PATCH 7/9] Pmalloc Rare Write: modify selected pools
Igor Stoppa
- [PATCH 7/9] Pmalloc Rare Write: modify selected pools
Igor Stoppa
- [PATCH 9/9] Protect SELinux initialized state with pmalloc
Igor Stoppa
- [PATCH 7/9] Pmalloc Rare Write: modify selected pools
Igor Stoppa
- [PATCH 7/9] Pmalloc Rare Write: modify selected pools
Igor Stoppa
- [PATCH 0/3] linux-next: mm: hardening: Track genalloc allocations
Igor Stoppa
- [PATCH 1/3] genalloc: track beginning of allocations
Igor Stoppa
- [PATCH 2/3] Add label and license to genalloc.rst
Igor Stoppa
- [PATCH 3/3] genalloc: selftest
Igor Stoppa
- [PATCH 0/3] linux-next: mm: hardening: Track genalloc allocations
Igor Stoppa
- [PATCH 0/3] linux-next: mm: hardening: Track genalloc allocations
Igor Stoppa
- [PATCH 3/3] genalloc: selftest
Igor Stoppa
- [PATCH v2] X.509: unpack RSA signatureValue field from BIT STRING
Maciej S. Szmigiero
- [PATCH v2] X.509: unpack RSA signatureValue field from BIT STRING
Maciej S. Szmigiero
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Linus Torvalds
- [GIT PULL] SELinux patches for v4.17
Linus Torvalds
- [GIT PULL] SELinux patches for v4.17
Linus Torvalds
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
Linus Torvalds
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
Linus Torvalds
- [PATCH 01/24] Add the ability to lock down access to the running kernel image
Linus Torvalds
- [GIT PULL] Kernel lockdown for secure boot
Theodore Y. Ts'o
- [GIT PULL] Kernel lockdown for secure boot
Theodore Y. Ts'o
- [GIT PULL] Kernel lockdown for secure boot
Theodore Y. Ts'o
- [GIT PULL] Kernel lockdown for secure boot
Al Viro
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
Dr. Greg Wettstein
- [PATCH 0/3] linux-next: mm: hardening: Track genalloc allocations
Matthew Wilcox
- [PATCH] tpm: tpm_crb: relinquish locality on error path.
Tomas Winkler
- [PATCH] tpm: tpm_crb: relinquish locality on error path.
Winkler, Tomas
- [PATCH] tpm: tpm_crb: relinquish locality on error path.
Winkler, Tomas
- [PATCH] tpm: tpm_crb: relinquish locality on error path.
Winkler, Tomas
- [PATCH] tpm: tpm_crb: relinquish locality on error path.
Winkler, Tomas
- [PATCH] tpm: tpm_crb: relinquish locality on error path.
Winkler, Tomas
- [PATCH 07/24] hibernate: Disable when the kernel is locked down
Rafael J. Wysocki
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
Mimi Zohar
- [PATCH] tpm: moves the delay_msec increment after sleep in tpm_transmit()
Mimi Zohar
- [PATCH 06/24] kexec_load: Disable at runtime if the kernel is locked down
Mimi Zohar
- [PATCH 06/24] kexec_load: Disable at runtime if the kernel is locked down
Mimi Zohar
- [PATCH 0/3] kexec: limit kexec_load syscall
Mimi Zohar
- [PATCH 1/3] ima: based on the "secure_boot" policy limit syscalls
Mimi Zohar
- [PATCH 2/3] kexec: call LSM hook for kexec_load syscall
Mimi Zohar
- [PATCH 3/3] ima: based on policy require signed kexec kernel images
Mimi Zohar
- [PATCH] lockdown: fix coordination of kernel module signature verification
Mimi Zohar
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
Mimi Zohar
- [RFC PATCH] rootfs: force mounting rootfs as tmpfs
Mimi Zohar
- [PATCH v2 1/2] tpm: reduce poll sleep time in tpm_transmit()
Mimi Zohar
- [PATCH v2 2/2] tpm: reduce polling time to usecs for even finer granularity
Mimi Zohar
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
Mimi Zohar
- [RFC PATCH v3 1/3] ima: extend clone() with IMA namespace support
Mimi Zohar
- [PATCH v3 2/5] efi: Add embedded peripheral firmware support
Mimi Zohar
- [PATCH v2 1/5] selinux:Remove direct references to policydb.
peter enderborg
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
joeyli
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
joeyli
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
joeyli
- [GIT PULL] Kernel lockdown for secure boot
joeyli
- [GIT PULL] Kernel lockdown for secure boot
joeyli
- [GIT PULL] Kernel lockdown for secure boot
joeyli
- [PATCH 3/3] genalloc: selftest
kbuild test robot
- [PATCH 3/3] genalloc: selftest
kbuild test robot
- An actual suggestion (Re: [GIT PULL] Kernel lockdown for secure boot)
jlee at suse.com
- [RFC v3 0/2] WhiteEgret LSM module
shinya1.takumi at toshiba.co.jp
- [RFC v3 0/2] WhiteEgret LSM module
shinya1.takumi at toshiba.co.jp
Last message date:
Mon Apr 30 21:35:38 UTC 2018
Archived on: Mon Apr 30 21:35:48 UTC 2018
This archive was generated by
Pipermail 0.09 (Mailman edition).