August 2019 Archives by date
Starting: Thu Aug 1 00:27:53 UTC 2019
Ending: Fri Aug 30 22:09:17 UTC 2019
Messages: 597
- [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Paul Moore
- [PATCH] ima: Allow to import the blacklisted cert signed by secondary CA cert
Jia Zhang
- [RFC v2 0/6] Introduce TEE based Trusted Keys support
Janne Karhunen
- [RFC v2 0/6] Introduce TEE based Trusted Keys support
Janne Karhunen
- [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support
Rouven Czerwinski
- [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support
Janne Karhunen
- [RFC v2 0/6] Introduce TEE based Trusted Keys support
Sumit Garg
- [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support
Sumit Garg
- [RFC v2 0/6] Introduce TEE based Trusted Keys support
Janne Karhunen
- [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support
Janne Karhunen
- [RFC v2 0/6] Introduce TEE based Trusted Keys support
Sumit Garg
- [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support
Sumit Garg
- [RFC v2 0/6] Introduce TEE based Trusted Keys support
Janne Karhunen
- [PATCH] tomoyo: common: Fix potential Spectre v1 vulnerability
Tetsuo Handa
- [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Stephen Smalley
- [PATCH] tomoyo: Use error code from kern_path() rather than -ENOENT.
Tetsuo Handa
- [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Paul Moore
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Linus Torvalds
- [PATCH V37 04/29] Enforce module signatures if the kernel is locked down
Jessica Yu
- [RFC PATCH v2] security, capability: pass object information to security_capable
Aaron Goidel
- [PATCH V37 19/29] Lock down module params that specify hardware parameters (eg. ioport)
Jessica Yu
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Jarkko Sakkinen
- [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
Jarkko Sakkinen
- [PATCH bpf-next v10 10/10] landlock: Add user and kernel documentation for Landlock
Mickaël Salaün
- [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem
Jarkko Sakkinen
- [PATCH bpf-next v10 06/10] bpf,landlock: Add a new map type: inode
Alexei Starovoitov
- [PATCH bpf-next v10 10/10] landlock: Add user and kernel documentation for Landlock
Randy Dunlap
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Micah Morton
- Security labeling in NFS4 - who owns it?
Casey Schaufler
- [PATCH V37 04/29] Enforce module signatures if the kernel is locked down
Matthew Garrett
- [PATCH V37 19/29] Lock down module params that specify hardware parameters (eg. ioport)
Matthew Garrett
- Security labeling in NFS4 - who owns it?
Paul Moore
- Security labeling in NFS4 - who owns it?
Casey Schaufler
- [PATCH] ima: Allow to import the blacklisted cert signed by secondary CA cert
Mimi Zohar
- [GIT PULL] SELinux fixes for v5.3 (#2)
Paul Moore
- [PATCH] ima: Allow to import the blacklisted cert signed by secondary CA cert
Jia Zhang
- [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem
Sumit Garg
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Song Liu
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Roberto Sassu
- Thank-You - Demmler Machinery
sales at demmlermachinery.com
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Tyler Hicks
- [PATCH v2] KEYS: trusted: allow module init if TPM is inactive or deactivated
Roberto Sassu
- [PATCH v2] KEYS: trusted: allow module init if TPM is inactive or deactivated
Tyler Hicks
- [PATCH v2] KEYS: trusted: allow module init if TPM is inactive or deactivated
Roberto Sassu
- [PATCH v2] KEYS: trusted: allow module init if TPM is inactive or deactivated
Roberto Sassu
- [PATCH v2] KEYS: trusted: allow module init if TPM is inactive or deactivated
Tyler Hicks
- [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem
Jarkko Sakkinen
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Jarkko Sakkinen
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Jarkko Sakkinen
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Tyler Hicks
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Tyler Hicks
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Tyler Hicks
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Jarkko Sakkinen
- [GIT PULL] SELinux fixes for v5.3 (#2)
pr-tracker-bot at kernel.org
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Mimi Zohar
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Linus Torvalds
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Linus Torvalds
- [RFC v2 0/6] Introduce TEE based Trusted Keys support
Jarkko Sakkinen
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
Andy Lutomirski
- [RFC PATCH v1 1/5] fs: Add support for an O_MAYEXEC flag on sys_open()
Andy Lutomirski
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH] security/tomoyo: convert put_page() to put_user_page*()
john.hubbard at gmail.com
- [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem
Sumit Garg
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Song Liu
- [PATCH] security/tomoyo: convert put_page() to put_user_page*()
Tetsuo Handa
- [PATCH v12 01/11] MODSIGN: Export module signature definitions
Philipp Rudo
- [PATCH v12 01/11] MODSIGN: Export module signature definitions
Mimi Zohar
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Konstantin Ryabitsev
- [PATCH] ima: Allow to import the blacklisted cert signed by secondary CA cert
Mimi Zohar
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Roberto Sassu
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Mimi Zohar
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Roberto Sassu
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Tyler Hicks
- [PATCH v3] KEYS: trusted: allow module init if TPM is inactive or deactivated
Roberto Sassu
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Roberto Sassu
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Tyler Hicks
- [PATCH v3] KEYS: trusted: allow module init if TPM is inactive or deactivated
Tyler Hicks
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH] security/tomoyo: convert put_page() to put_user_page*()
John Hubbard
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Linus Torvalds
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Konstantin Ryabitsev
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Linus Torvalds
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Konstantin Ryabitsev
- [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
Jarkko Sakkinen
- [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem
Jarkko Sakkinen
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [WIP 0/4] bpf: A bit of progress toward unprivileged use
Andy Lutomirski
- [WIP 1/4] bpf: Respect persistent map and prog access modes
Andy Lutomirski
- [WIP 2/4] bpf: Don't require mknod() permission to pin an object
Andy Lutomirski
- [WIP 3/4] bpf: Add a way to mark functions as requiring privilege
Andy Lutomirski
- [WIP 4/4] bpf: Allow creating all program types without privilege
Andy Lutomirski
- [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
Andy Lutomirski
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Jarkko Sakkinen
- [PATCH v3] KEYS: trusted: allow module init if TPM is inactive or deactivated
Jarkko Sakkinen
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH 02/10] vfs: syscall: Add move_mount(2) to move mounts around
Tetsuo Handa
- [RFC/RFT v3 0/3] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [RFC/RFT v3 1/3] KEYS: trusted: create trusted keys subsystem
Sumit Garg
- [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code
Sumit Garg
- [RFC/RFT v3 3/3] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code
Greg KH
- [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code
Sumit Garg
- [PATCH bpf-next v10 06/10] bpf,landlock: Add a new map type: inode
Mickaël Salaün
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Micah Morton
- [RFC PATCH v1 1/5] fs: Add support for an O_MAYEXEC flag on sys_open()
Mickaël Salaün
- [PATCH v3 37/41] security/tomoyo: convert put_page() to put_user_page*()
john.hubbard at gmail.com
- [PATCH 1/2] KEYS: Replace uid/gid/perm permissions checking with an ACL
Eric Biggers
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Lorenz Bauer
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
Jarkko Sakkinen
- [RFC/RFT v3 1/3] KEYS: trusted: create trusted keys subsystem
Jarkko Sakkinen
- [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code
Jarkko Sakkinen
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Linus Torvalds
- [PATCH v7 00/28] LSM: Module stacking for AppArmor
Casey Schaufler
- [PATCH v7 01/28] LSM: Infrastructure management of the superblock
Casey Schaufler
- [PATCH v7 02/28] LSM: Infrastructure management of the sock security
Casey Schaufler
- [PATCH v7 03/28] LSM: Infrastructure management of the key blob
Casey Schaufler
- [PATCH v7 04/28] LSM: Create and manage the lsmblob data structure.
Casey Schaufler
- [PATCH v7 05/28] LSM: Use lsmblob in security_audit_rule_match
Casey Schaufler
- [PATCH v7 06/28] LSM: Use lsmblob in security_kernel_act_as
Casey Schaufler
- [PATCH v7 07/28] net: Prepare UDS for security module stacking
Casey Schaufler
- [PATCH v7 08/28] LSM: Use lsmblob in security_secctx_to_secid
Casey Schaufler
- [PATCH v7 09/28] LSM: Use lsmblob in security_secid_to_secctx
Casey Schaufler
- [PATCH v7 10/28] LSM: Use lsmblob in security_ipc_getsecid
Casey Schaufler
- [PATCH v7 11/28] LSM: Use lsmblob in security_task_getsecid
Casey Schaufler
- [PATCH v7 12/28] LSM: Use lsmblob in security_inode_getsecid
Casey Schaufler
- [PATCH v7 13/28] LSM: Use lsmblob in security_cred_getsecid
Casey Schaufler
- [PATCH v7 14/28] IMA: Change internal interfaces to use lsmblobs
Casey Schaufler
- [PATCH v7 15/28] LSM: Specify which LSM to display
Casey Schaufler
- [PATCH v7 16/28] LSM: Ensure the correct LSM context releaser
Casey Schaufler
- [PATCH v7 17/28] LSM: Use lsmcontext in security_secid_to_secctx
Casey Schaufler
- [PATCH v7 18/28] LSM: Use lsmcontext in security_dentry_init_security
Casey Schaufler
- [PATCH v7 19/28] LSM: Use lsmcontext in security_inode_getsecctx
Casey Schaufler
- [PATCH v7 20/28] LSM: security_secid_to_secctx in netlink netfilter
Casey Schaufler
- [PATCH v7 21/28] NET: Store LSM netlabel data in a lsmblob
Casey Schaufler
- [PATCH v7 22/28] SELinux: Verify LSM display sanity in binder
Casey Schaufler
- [PATCH v7 23/28] Audit: Add subj_LSM fields when necessary
Casey Schaufler
- [PATCH v7 24/28] Audit: Include object data for all security modules
Casey Schaufler
- [PATCH v7 25/28] LSM: Provide an user space interface for the default display
Casey Schaufler
- [PATCH v7 26/28] NET: Add SO_PEERCONTEXT for multiple LSMs
Casey Schaufler
- [PATCH v7 27/28] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH v7 28/28] AppArmor: Remove the exclusive flag
Casey Schaufler
- [PATCH v7 00/16] LSM: Full module stacking
Casey Schaufler
- [PATCH v7 00/16] LSM: Full module stacking
Casey Schaufler
- [PATCH v7 01/16] LSM: Single hook called in secmark refcounting
Casey Schaufler
- [PATCH v7 02/16] Smack: Detect if secmarks can be safely used
Casey Schaufler
- [PATCH v7 03/16] LSM: Support multiple LSMs using inode_init_security
Casey Schaufler
- [PATCH v7 04/16] LSM: List multiple security attributes in security_inode_listsecurity
Casey Schaufler
- [PATCH v7 05/16] LSM: Multiple modules using security_ismaclabel
Casey Schaufler
- [PATCH v7 06/16] LSM: Make multiple MAC modules safe in nfs and kernfs
Casey Schaufler
- [PATCH v7 07/16] LSM: Correct handling of ENOSYS in inode_setxattr
Casey Schaufler
- [PATCH v7 08/16] LSM: Infrastructure security blobs for mount options
Casey Schaufler
- [PATCH v7 09/16] LSM: Fix for security_init_inode_security
Casey Schaufler
- [PATCH v7 10/16] LSM: Change error detection for UDP peer security
Casey Schaufler
- [PATCH v7 11/16] Netlabel: Add a secattr comparison API function
Casey Schaufler
- [PATCH v7 12/16] Netlabel: Provide labeling type to security modules
Casey Schaufler
- [PATCH v7 13/16] LSM: Remember the NLTYPE of netlabel sockets
Casey Schaufler
- [PATCH v7 14/16] LSM: Hook for netlabel reconciliation
Casey Schaufler
- [PATCH v7 15/16] LSM: Avoid network conflicts in SELinux and Smack
Casey Schaufler
- [PATCH v7 16/16] Smack: Remove the exclusive flag
Casey Schaufler
- [PATCH V38 00/29] security: Add support for locking down the kernel
Matthew Garrett
- [PATCH V38 01/29] security: Support early LSMs
Matthew Garrett
- [PATCH V38 02/29] security: Add a "locked down" LSM hook
Matthew Garrett
- [PATCH V38 03/29] security: Add a static lockdown policy LSM
Matthew Garrett
- [PATCH V38 04/29] Enforce module signatures if the kernel is locked down
Matthew Garrett
- [PATCH V38 05/29] Restrict /dev/{mem,kmem,port} when the kernel is locked down
Matthew Garrett
- [PATCH V38 06/29] kexec_load: Disable at runtime if the kernel is locked down
Matthew Garrett
- [PATCH V38 07/29] Copy secure_boot flag in boot params across kexec reboot
Matthew Garrett
- [PATCH V38 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
Matthew Garrett
- [PATCH V38 09/29] kexec_file: Restrict at runtime if the kernel is locked down
Matthew Garrett
- [PATCH V38 10/29] hibernate: Disable when the kernel is locked down
Matthew Garrett
- [PATCH V38 11/29] PCI: Lock down BAR access when the kernel is locked down
Matthew Garrett
- [PATCH V38 12/29] x86: Lock down IO port access when the kernel is locked down
Matthew Garrett
- [PATCH V38 13/29] x86/msr: Restrict MSR access when the kernel is locked down
Matthew Garrett
- [PATCH V38 14/29] ACPI: Limit access to custom_method when the kernel is locked down
Matthew Garrett
- [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Matthew Garrett
- [PATCH V38 16/29] acpi: Disable ACPI table override if the kernel is locked down
Matthew Garrett
- [PATCH V38 17/29] Prohibit PCMCIA CIS storage when the kernel is locked down
Matthew Garrett
- [PATCH V38 18/29] Lock down TIOCSSERIAL
Matthew Garrett
- [PATCH V38 19/29] Lock down module params that specify hardware parameters (eg. ioport)
Matthew Garrett
- [PATCH V38 20/29] x86/mmiotrace: Lock down the testmmiotrace module
Matthew Garrett
- [PATCH V38 21/29] Lock down /proc/kcore
Matthew Garrett
- [PATCH V38 22/29] Lock down tracing and perf kprobes when in confidentiality mode
Matthew Garrett
- [PATCH V38 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode
Matthew Garrett
- [PATCH V38 24/29] Lock down perf when in confidentiality mode
Matthew Garrett
- [PATCH V38 25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down
Matthew Garrett
- [PATCH V38 26/29] debugfs: Restrict debugfs when the kernel is locked down
Matthew Garrett
- [PATCH V38 27/29] tracefs: Restrict tracefs when the kernel is locked down
Matthew Garrett
- [PATCH V38 28/29] efi: Restrict efivar_ssdt_load when the kernel is locked down
Matthew Garrett
- [PATCH V38 29/29] lockdown: Print current->comm in restriction messages
Matthew Garrett
- [PATCH V37 04/29] Enforce module signatures if the kernel is locked down
Jessica Yu
- [PATCH] ima: Fix a use after free in ima_read_modsig()
Dan Carpenter
- [PATCH V38 19/29] Lock down module params that specify hardware parameters (eg. ioport)
Jessica Yu
- [PATCH] ima: Fix a use after free in ima_read_modsig()
Mimi Zohar
- [PATCH] ima: Fix a use after free in ima_read_modsig()
Dan Carpenter
- [PATCH] ima: Fix a use after free in ima_read_modsig()
Mimi Zohar
- [RFC/RFT v3 1/3] KEYS: trusted: create trusted keys subsystem
Sumit Garg
- [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code
Sumit Garg
- [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code
Jarkko Sakkinen
- [PATCH v13 2/5] Add flags option to get xattr method paired to __vfs_getxattr
Mark Salyzyn
- [RFC PATCH v2] security, capability: pass object information to security_capable
Paul Moore
- [PATCH V38 19/29] Lock down module params that specify hardware parameters (eg. ioport)
James Morris
- KASAN: use-after-free Read in tomoyo_socket_sendmsg_permission
syzbot
- [PATCH V37 04/29] Enforce module signatures if the kernel is locked down
Matthew Garrett
- [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Paul Moore
- [PATCH v7 15/28] LSM: Specify which LSM to display
Kees Cook
- [PATCH v7 22/28] SELinux: Verify LSM display sanity in binder
Kees Cook
- KASAN: use-after-free Read in tomoyo_socket_sendmsg_permission
Tetsuo Handa
- [PATCH v7 26/28] NET: Add SO_PEERCONTEXT for multiple LSMs
Kees Cook
- [PATCH v7 27/28] LSM: Add /proc attr entry for full LSM context
Kees Cook
- [Tee-dev] [RFC v2 2/6] tee: enable support to register kernel memory
Stuart Yoder
- [PATCH V37 04/29] Enforce module signatures if the kernel is locked down
James Morris
- [PATCH v7 15/28] LSM: Specify which LSM to display
Casey Schaufler
- [PATCH v7 26/28] NET: Add SO_PEERCONTEXT for multiple LSMs
Casey Schaufler
- [PATCH v7 27/28] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH v7 22/28] SELinux: Verify LSM display sanity in binder
Casey Schaufler
- [Tee-dev] [RFC v2 2/6] tee: enable support to register kernel memory
Sumit Garg
- [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Amir Goldstein
- [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Paul Moore
- [Non-DoD Source] Re: [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Aaron Goidel
- [PATCH] LSM: Disable move_mount() syscall when TOMOYO or AppArmor is enabled.
Tetsuo Handa
- [PATCH v3] KEYS: trusted: allow module init if TPM is inactive or deactivated
Jarkko Sakkinen
- [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.
Tetsuo Handa
- [Non-DoD Source] Re: [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Aaron Goidel
- [Non-DoD Source] Re: [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Amir Goldstein
- [Non-DoD Source] Re: [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Amir Goldstein
- [PATCH v2] fanotify, inotify, dnotify, security: add security hook for fs notifications
Aaron Goidel
- [PATCH V39] Lock down module params that specify hardware parameters (eg. ioport)
Matthew Garrett
- [PATCH V39] Enforce module signatures if the kernel is locked down
Matthew Garrett
- [PATCH V38 00/29] security: Add support for locking down the kernel
James Morris
- [security:next-lockdown 1/29] init/main.c:572:2: error: implicit declaration of function 'early_security_init'; did you mean 'security_init'?
kbuild test robot
- [PATCH] security: fix ptr_ret.cocci warnings
kbuild test robot
- [security:next-lockdown 3/29] security/lockdown/lockdown.c:157:1-3: WARNING: PTR_ERR_OR_ZERO can be used
kbuild test robot
- [security:next-lockdown 2/29] htmldocs: include/linux/lsm_hooks.h:1812: warning: Function parameter or member 'locked_down' not described in 'security_list_options'
kbuild test robot
- [security:next-lockdown 8/29] arch/s390/kernel/kexec_elf.c:134:3: error: 'const struct kexec_file_ops' has no member named 'verify_sig'
kbuild test robot
- [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Amir Goldstein
- [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Paul Moore
- [PATCH][next] ima: ima_modsig: Fix use-after-free bug in ima_read_modsig
Gustavo A. R. Silva
- WARNING in aa_sock_msg_perm
syzbot
- [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Jan Kara
- [Non-DoD Source] Re: [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Aaron Goidel
- WARNING in aa_sock_msg_perm
Tetsuo Handa
- [PATCH v2] fanotify, inotify, dnotify, security: add security hook for fs notifications
Jan Kara
- [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Paul Moore
- [PATCH v2] fanotify, inotify, dnotify, security: add security hook for fs notifications
Paul Moore
- [Non-DoD Source] Re: [PATCH v2] fanotify, inotify, dnotify, security: add security hook for fs notifications
Aaron Goidel
- [PATCH v3] fanotify, inotify, dnotify, security: add security hook for fs notifications
Aaron Goidel
- [PATCH V38 00/29] security: Add support for locking down the kernel
Matthew Garrett
- [PATCH V38 00/29] security: Add support for locking down the kernel
James Morris
- [PATCH] security: fix ptr_ret.cocci warnings
Kees Cook
- [PATCH v3] fanotify, inotify, dnotify, security: add security hook for fs notifications
Paul Moore
- [PATCH V38 00/29] security: Add support for locking down the kernel
James Morris
- [PATCH V37 27/29] tracefs: Restrict tracefs when the kernel is locked down
Marek Szyprowski
- [PATCH V37 27/29] tracefs: Restrict tracefs when the kernel is locked down
Marek Szyprowski
- [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem
Sumit Garg
- [RFC/RFT v4 1/5] tpm: move tpm_buf code to include/linux/
Sumit Garg
- [RFC/RFT v4 2/5] KEYS: trusted: use common tpm_buf for TPM1.x code
Sumit Garg
- [RFC/RFT v4 3/5] KEYS: trusted: create trusted keys subsystem
Sumit Garg
- [RFC/RFT v4 4/5] KEYS: trusted: move tpm2 trusted keys code
Sumit Garg
- [RFC/RFT v4 5/5] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code
Sumit Garg
- [PATCH] Add flags option to get xattr method paired to __vfs_getxattr
Mark Salyzyn
- [Non-DoD Source] Re: [RFC PATCH v2] security, capability: pass object information to security_capable
Aaron Goidel
- [RFC PATCH v5 1/1] Add dm verity root hash pkcs7 sig validation.
Jaskaran Singh Khurana
- [PATCH 0/6] lockdown fixups
Matthew Garrett
- [PATCH 1/6] tracefs: Fix potential null dereference in default_file_open()
Matthew Garrett
- [PATCH 2/6] early_security_init() needs a stub got !CONFIG_SECURITY
Matthew Garrett
- [PATCH 3/6] Avoid build warning when !CONFIG_KEXEC_SIG
Matthew Garrett
- [PATCH 4/6] security: fix ptr_ret.cocci warnings
Matthew Garrett
- [PATCH 5/6] kexec: s/KEXEC_VERIFY_SIG/KEXEC_SIG/ for consistency
Matthew Garrett
- [PATCH 6/6] Document locked_down LSM hook
Matthew Garrett
- [Non-DoD Source] Re: [RFC PATCH v2] security, capability: pass object information to security_capable
Richard Guy Briggs
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Daniel Colascione
- [PATCH 0/6] lockdown fixups
James Morris
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Dave Young
- [PATCH 0/6] lockdown fixups
James Morris
- [PATCH 3/6] Avoid build warning when !CONFIG_KEXEC_SIG
Dave Young
- [PATCH] tracefs: Fix NULL pointer dereference when no lockdown is used
Marek Szyprowski
- [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Borislav Petkov
- [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Borislav Petkov
- PLEASE CONFIRM PURCHASE ORDER
Mr NARESH KUMAR
- [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem
Mimi Zohar
- [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Matthew Garrett
- [PATCH 3/6] Avoid build warning when !CONFIG_KEXEC_SIG
Matthew Garrett
- [PATCH 0/6] lockdown fixups
Matthew Garrett
- [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Borislav Petkov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Matthew Garrett
- [PATCH 0/6] lockdown fixups
James Morris
- [PATCH 0/6] lockdown fixups
Matthew Garrett
- [Non-DoD Source] Re: [RFC PATCH v2] security, capability: pass object information to security_capable
Paul Moore
- [RFC PATCH v2] security, capability: pass object information to security_capable
Stephen Smalley
- [RFC PATCH v2] security, capability: pass object information to security_capable
Paul Moore
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- TODAY, Wed, Aug 14, 2019 I AM READY FOR COMING TO YOUR ADDRESS WITH THIS ATM CARD
MS. MARYANNA B. THOMASON
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH 1/2] KEYS: Replace uid/gid/perm permissions checking with an ACL
Eric Biggers
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Jordan Glover
- [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem
Sumit Garg
- [Non-DoD Source] Re: [RFC PATCH v2] security, capability: pass object information to security_capable
Aaron Goidel
- [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem
Mimi Zohar
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [RFC PATCH] audit, security: allow LSMs to selectively enable audit collection
Aaron Goidel
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Jordan Glover
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Kees Cook
- [RFC PATCH v3] security, capability: pass object information to security_capable
Aaron Goidel
- [RFC PATCH v3] security,capability: pass object information to security_capable
James Morris
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem
Sumit Garg
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Song Liu
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Jordan Glover
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Thomas Gleixner
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Jordan Glover
- [GIT PULL] Keys: Set 4 - Key ACLs for 5.3
David Howells
- [RFC PATCH v3] security, capability: pass object information to security_capable
Stephen Smalley
- [Non-DoD Source] Re: [RFC PATCH v2] security, capability: pass object information to security_capable
Paul Moore
- [RFC PATCH v3] security, capability: pass object information to security_capable
Paul Moore
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Thomas Gleixner
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Christian Brauner
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Christian Brauner
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Christian Brauner
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [WIP][RFC][PATCH 0/3] Introduce Infoflow LSM
Roberto Sassu
- [WIP][RFC][PATCH 1/3] security: introduce call_int_hook_and() macro
Roberto Sassu
- [WIP][RFC][PATCH 2/3] lsm notifier: distinguish between state change and policy change
Roberto Sassu
- [WIP][RFC][PATCH 3/3] security: add infoflow LSM
Roberto Sassu
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Thomas Gleixner
- [WIP][RFC][PATCH 1/3] security: introduce call_int_hook_and() macro
Casey Schaufler
- [PATCH] keys: Fix description size
David Howells
- [PATCH] keys: Fix description size
Linus Torvalds
- [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem
Jarkko Sakkinen
- [RFC/RFT v4 1/5] tpm: move tpm_buf code to include/linux/
Jarkko Sakkinen
- [RFC/RFT v4 2/5] KEYS: trusted: use common tpm_buf for TPM1.x code
Jarkko Sakkinen
- [RFC/RFT v4 3/5] KEYS: trusted: create trusted keys subsystem
Jarkko Sakkinen
- [RFC/RFT v4 3/5] KEYS: trusted: create trusted keys subsystem
Jarkko Sakkinen
- [RFC/RFT v4 4/5] KEYS: trusted: move tpm2 trusted keys code
Jarkko Sakkinen
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH V40 00/29] Add kernel lockdown functionality
Matthew Garrett
- [PATCH V40 01/29] security: Support early LSMs
Matthew Garrett
- [PATCH V40 02/29] security: Add a "locked down" LSM hook
Matthew Garrett
- [PATCH V40 03/29] security: Add a static lockdown policy LSM
Matthew Garrett
- [PATCH V40 04/29] lockdown: Enforce module signatures if the kernel is locked down
Matthew Garrett
- [PATCH V40 05/29] lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked down
Matthew Garrett
- [PATCH V40 06/29] kexec_load: Disable at runtime if the kernel is locked down
Matthew Garrett
- [PATCH V40 07/29] lockdown: Copy secure_boot flag in boot params across kexec reboot
Matthew Garrett
- [PATCH V40 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
Matthew Garrett
- [PATCH V40 09/29] kexec_file: Restrict at runtime if the kernel is locked down
Matthew Garrett
- [PATCH V40 10/29] hibernate: Disable when the kernel is locked down
Matthew Garrett
- [PATCH V40 11/29] PCI: Lock down BAR access when the kernel is locked down
Matthew Garrett
- [PATCH V40 12/29] x86: Lock down IO port access when the kernel is locked down
Matthew Garrett
- [PATCH V40 13/29] x86/msr: Restrict MSR access when the kernel is locked down
Matthew Garrett
- [PATCH V40 14/29] ACPI: Limit access to custom_method when the kernel is locked down
Matthew Garrett
- [PATCH V40 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Matthew Garrett
- [PATCH V40 16/29] acpi: Disable ACPI table override if the kernel is locked down
Matthew Garrett
- [PATCH V40 17/29] lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down
Matthew Garrett
- [PATCH V40 18/29] lockdown: Lock down TIOCSSERIAL
Matthew Garrett
- [PATCH V40 19/29] lockdown: Lock down module params that specify hardware parameters (eg. ioport)
Matthew Garrett
- [PATCH V40 20/29] x86/mmiotrace: Lock down the testmmiotrace module
Matthew Garrett
- [PATCH V40 21/29] lockdown: Lock down /proc/kcore
Matthew Garrett
- [PATCH V40 22/29] lockdown: Lock down tracing and perf kprobes when in confidentiality mode
Matthew Garrett
- [PATCH V40 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode
Matthew Garrett
- [PATCH V40 24/29] lockdown: Lock down perf when in confidentiality mode
Matthew Garrett
- [PATCH V40 25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down
Matthew Garrett
- [PATCH V40 26/29] debugfs: Restrict debugfs when the kernel is locked down
Matthew Garrett
- [PATCH V40 27/29] tracefs: Restrict tracefs when the kernel is locked down
Matthew Garrett
- [PATCH V40 28/29] efi: Restrict efivar_ssdt_load when the kernel is locked down
Matthew Garrett
- [PATCH V40 29/29] lockdown: Print current->comm in restriction messages
Matthew Garrett
- [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem
Sumit Garg
- [RFC/RFT v4 1/5] tpm: move tpm_buf code to include/linux/
Sumit Garg
- [RFC/RFT v4 3/5] KEYS: trusted: create trusted keys subsystem
Sumit Garg
- [RFC/RFT v4 4/5] KEYS: trusted: move tpm2 trusted keys code
Sumit Garg
- [PATCH V40 00/29] Add kernel lockdown functionality
James Morris
- [PATCH] tpm_tis: Fix interrupt probing
Stefan Berger
- [PATCH V40 19/29] lockdown: Lock down module params that specify hardware parameters (eg. ioport)
Jessica Yu
- [PATCH V40 11/29] PCI: Lock down BAR access when the kernel is locked down
Bjorn Helgaas
- [PATCH V40 11/29] PCI: Lock down BAR access when the kernel is locked down
Matthew Garrett
- [PATCH V40 10/29] hibernate: Disable when the kernel is locked down
Rafael J. Wysocki
- [PATCH V40 14/29] ACPI: Limit access to custom_method when the kernel is locked down
Rafael J. Wysocki
- [PATCH V40 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Rafael J. Wysocki
- [PATCH V40 16/29] acpi: Disable ACPI table override if the kernel is locked down
Rafael J. Wysocki
- [PATCH v5 0/4] Create and consolidate trusted keys subsystem
Sumit Garg
- [PATCH v5 1/4] tpm: move tpm_buf code to include/linux/
Sumit Garg
- [PATCH v5 2/4] KEYS: trusted: use common tpm_buf for TPM1.x code
Sumit Garg
- [PATCH v5 3/4] KEYS: trusted: create trusted keys subsystem
Sumit Garg
- [PATCH v5 4/4] KEYS: trusted: move tpm2 trusted keys code
Sumit Garg
- [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
Jeff Vander Stoep
- [PATCH 2/2] selinux: use netlink_receive hook
Jeff Vander Stoep
- [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
Jeffrey Vander Stoep
- [GIT PULL] Keys: Set 4 - Key ACLs for 5.3
Mimi Zohar
- [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
Casey Schaufler
- [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
Jeffrey Vander Stoep
- [GIT PULL] Keys: Set 4 - Key ACLs for 5.3
Mimi Zohar
- [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem
Jarkko Sakkinen
- [RFC/RFT v4 1/5] tpm: move tpm_buf code to include/linux/
Jarkko Sakkinen
- [PATCH] tpm_tis: Fix interrupt probing
Jarkko Sakkinen
- [PATCH v5 0/4] Create and consolidate trusted keys subsystem
Jarkko Sakkinen
- [GIT PULL] Keys: Set 4 - Key ACLs for 5.3
David Howells
- New skb extension for use by LSMs (skb "security blob")?
Paul Moore
- New skb extension for use by LSMs (skb "security blob")?
David Miller
- New skb extension for use by LSMs (skb "security blob")?
Paul Moore
- [RFC][PATCH] fix d_absolute_path() interplay with fsmount()
Al Viro
- New skb extension for use by LSMs (skb "security blob")?
David Miller
- [PATCH] smack: use GFP_NOFS while holding inode_smack::smk_lock
Eric Biggers
- [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.
Eric Biggers
- [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.
Tetsuo Handa
- [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.
Eric Biggers
- New skb extension for use by LSMs (skb "security blob")?
Florian Westphal
- [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.
Tetsuo Handa
- MY $25,000,000.00 INVESTMENT PROPOSAL WITH YOU AND IN YOUR COUNTRY.
Law firm(Eku and Associates)
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Daniel Borkmann
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- RFC: very rough draft of a bpf permission model
Andy Lutomirski
- [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.
Eric Biggers
- New skb extension for use by LSMs (skb "security blob")?
Paul Moore
- [PATCH] smack: use GFP_NOFS while holding inode_smack::smk_lock
Casey Schaufler
- New skb extension for use by LSMs (skb "security blob")?
Casey Schaufler
- New skb extension for use by LSMs (skb "security blob")?
Casey Schaufler
- New skb extension for use by LSMs (skb "security blob")?
Florian Westphal
- New skb extension for use by LSMs (skb "security blob")?
Casey Schaufler
- New skb extension for use by LSMs (skb "security blob")?
David Miller
- New skb extension for use by LSMs (skb "security blob")?
David Miller
- New skb extension for use by LSMs (skb "security blob")?
Casey Schaufler
- New skb extension for use by LSMs (skb "security blob")?
David Miller
- New skb extension for use by LSMs (skb "security blob")?
Casey Schaufler
- New skb extension for use by LSMs (skb "security blob")?
David Miller
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Alexei Starovoitov
- [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
David Miller
- RFC: very rough draft of a bpf permission model
Alexei Starovoitov
- [PATCH 2/2] selinux: use netlink_receive hook
kbuild test robot
- [PATCH 2/2] selinux: use netlink_receive hook
kbuild test robot
- [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
kbuild test robot
- [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
Jeffrey Vander Stoep
- New skb extension for use by LSMs (skb "security blob")?
Casey Schaufler
- [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
David Miller
- RFC: very rough draft of a bpf permission model
Andy Lutomirski
- RFC: very rough draft of a bpf permission model
Alexei Starovoitov
- [PATCH v12 00/11] Appended signatures support for IMA appraisal
Jordan Hand
- RFC: very rough draft of a bpf permission model
Andy Lutomirski
- RFC: very rough draft of a bpf permission model
Alexei Starovoitov
- [PATCH v12 00/11] Appended signatures support for IMA appraisal
Thiago Jung Bauermann
- [PATCH] tpm_tis: Fix interrupt probing
Jarkko Sakkinen
- [PATCH v5 1/4] tpm: move tpm_buf code to include/linux/
Jarkko Sakkinen
- [PATCH v5 3/4] KEYS: trusted: create trusted keys subsystem
Jarkko Sakkinen
- [PATCH v5 4/4] KEYS: trusted: move tpm2 trusted keys code
Jarkko Sakkinen
- [PATCH] tpm_tis: Fix interrupt probing
Jarkko Sakkinen
- [PATCH keys-next] keys: Fix permissions assigned to anonymous session keyrings
Eric Biggers
- [PATCH] tpm_tis: Fix interrupt probing
Stefan Berger
- [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
Paul Moore
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Steven Rostedt
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Steven Rostedt
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Steven Rostedt
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Masami Hiramatsu
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
- [PATCH v5 4/4] KEYS: trusted: move tpm2 trusted keys code
Sumit Garg
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Peter Zijlstra
- [PATCH v12 00/11] Appended signatures support for IMA appraisal
Mimi Zohar
- [PATCH][next] ima: ima_modsig: Fix use-after-free bug in ima_read_modsig
Mimi Zohar
- [PATCH] ima: use struct_size() in kzalloc()
Gustavo A. R. Silva
- [PATCH] ima: use struct_size() in kzalloc()
Mimi Zohar
- [PATCH] ima: use struct_size() in kzalloc()
Gustavo A. R. Silva
- [PATCH][next] ima: ima_modsig: Fix use-after-free bug in ima_read_modsig
Gustavo A. R. Silva
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH] ima: use struct_size() in kzalloc()
Mimi Zohar
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
- [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
Michal Kubecek
- [PATCH] tpm_tis: Fix interrupt probing
Jarkko Sakkinen
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Steven Rostedt
- [WIP][RFC][PATCH 1/3] security: introduce call_int_hook_and() macro
Roberto Sassu
- [PATCH v5 4/4] KEYS: trusted: move tpm2 trusted keys code
Jarkko Sakkinen
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH] tpm_tis: Fix interrupt probing
Jarkko Sakkinen
- [PATCH] ima: use struct_size() in kzalloc()
Gustavo A. R. Silva
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
- [PATCH] ima: ima_api: Use struct_size() in kzalloc()
Gustavo A. R. Silva
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Andy Lutomirski
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Steven Rostedt
- [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Steven Rostedt
- [PATCH 00/11] Keyrings, Block and USB notifications [ver #6]
David Howells
- [PATCH 01/11] uapi: General notification ring definitions [ver #6]
David Howells
- [PATCH 02/11] security: Add hooks to rule on setting a watch [ver #6]
David Howells
- [PATCH] overlayfs: filter of trusted xattr results in audit.
Mark Salyzyn
- [PATCH 03/11] security: Add a hook for the point of notification insertion [ver #6]
David Howells
- [PATCH 04/11] General notification queue with user mmap()'able ring buffer [ver #6]
David Howells
- [PATCH 05/11] keys: Add a notification facility [ver #6]
David Howells
- [PATCH 06/11] Add a general, global device notification watch list [ver #6]
David Howells
- [PATCH 07/11] block: Add block layer notifications [ver #6]
David Howells
- [PATCH 08/11] usb: Add USB subsystem notifications [ver #6]
David Howells
- [PATCH 09/11] Add sample notification program [ver #6]
David Howells
- [PATCH 10/11] selinux: Implement the watch_key security hook [ver #6]
David Howells
- [PATCH 11/11] smack: Implement the watch_key and post_notification hooks [untested] [ver #6]
David Howells
- [PATCH 10/11] selinux: Implement the watch_key security hook [ver #6]
Stephen Smalley
- [PATCH 10/11] selinux: Implement the watch_key security hook [ver #6]
David Howells
- [PATCH v8 00/28] LSM: Module stacking for AppArmor
Casey Schaufler
- [PATCH v8 01/28] LSM: Infrastructure management of the superblock
Casey Schaufler
- [PATCH v8 02/28] LSM: Infrastructure management of the sock security
Casey Schaufler
- [PATCH v8 03/28] LSM: Infrastructure management of the key blob
Casey Schaufler
- [PATCH v8 04/28] LSM: Create and manage the lsmblob data structure.
Casey Schaufler
- [PATCH v8 05/28] LSM: Use lsmblob in security_audit_rule_match
Casey Schaufler
- [PATCH v8 06/28] LSM: Use lsmblob in security_kernel_act_as
Casey Schaufler
- [PATCH v8 07/28] net: Prepare UDS for security module stacking
Casey Schaufler
- [PATCH v8 08/28] LSM: Use lsmblob in security_secctx_to_secid
Casey Schaufler
- [PATCH v8 09/28] LSM: Use lsmblob in security_secid_to_secctx
Casey Schaufler
- [PATCH v8 10/28] LSM: Use lsmblob in security_ipc_getsecid
Casey Schaufler
- [PATCH v8 11/28] LSM: Use lsmblob in security_task_getsecid
Casey Schaufler
- [PATCH v8 12/28] LSM: Use lsmblob in security_inode_getsecid
Casey Schaufler
- [PATCH v8 13/28] LSM: Use lsmblob in security_cred_getsecid
Casey Schaufler
- [PATCH v8 14/28] IMA: Change internal interfaces to use lsmblobs
Casey Schaufler
- [PATCH v8 15/28] LSM: Specify which LSM to display
Casey Schaufler
- [PATCH v8 16/28] LSM: Ensure the correct LSM context releaser
Casey Schaufler
- [PATCH v8 17/28] LSM: Use lsmcontext in security_secid_to_secctx
Casey Schaufler
- [PATCH v8 18/28] LSM: Use lsmcontext in security_dentry_init_security
Casey Schaufler
- [PATCH v8 19/28] LSM: Use lsmcontext in security_inode_getsecctx
Casey Schaufler
- [PATCH v8 20/28] LSM: security_secid_to_secctx in netlink netfilter
Casey Schaufler
- [PATCH v8 21/28] NET: Store LSM netlabel data in a lsmblob
Casey Schaufler
- [PATCH v8 22/28] SELinux: Verify LSM display sanity in binder
Casey Schaufler
- [PATCH v8 23/28] Audit: Add subj_LSM fields when necessary
Casey Schaufler
- [PATCH v8 24/28] Audit: Include object data for all security modules
Casey Schaufler
- [PATCH v8 25/28] LSM: Provide an user space interface for the default display
Casey Schaufler
- [PATCH v8 26/28] NET: Add SO_PEERCONTEXT for multiple LSMs
Casey Schaufler
- [PATCH v8 27/28] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH v8 28/28] AppArmor: Remove the exclusive flag
Casey Schaufler
- [PATCH] tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts
Stefan Berger
- [PATCH] tpm_tis: Fix interrupt probing
Stefan Berger
- [RFC/RFT v4 5/5] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [RFC][PATCH] fix d_absolute_path() interplay with fsmount()
Tetsuo Handa
- [RFC PATCH] audit, security: allow LSMs to selectively enable audit collection
Stephen Smalley
- [PATCH 00/11] Keyrings, Block and USB notifications [ver #7]
David Howells
- [PATCH 01/11] uapi: General notification ring definitions [ver #7]
David Howells
- [PATCH 02/11] security: Add hooks to rule on setting a watch [ver #7]
David Howells
- [PATCH 03/11] security: Add a hook for the point of notification insertion [ver #7]
David Howells
- [PATCH 04/11] General notification queue with user mmap()'able ring buffer [ver #7]
David Howells
- [PATCH 05/11] keys: Add a notification facility [ver #7]
David Howells
- [PATCH 06/11] Add a general, global device notification watch list [ver #7]
David Howells
- [PATCH 07/11] block: Add block layer notifications [ver #7]
David Howells
- [PATCH 08/11] usb: Add USB subsystem notifications [ver #7]
David Howells
- [PATCH 09/11] Add sample notification program [ver #7]
David Howells
- [PATCH 10/11] selinux: Implement the watch_key security hook [ver #7]
David Howells
- [PATCH 11/11] smack: Implement the watch_key and post_notification hooks [untested] [ver #7]
David Howells
- [PATCH 10/11] selinux: Implement the watch_key security hook [ver #7]
Stephen Smalley
- watch_queue(7) manpage
David Howells
- watch_devices(2) manpage
David Howells
- keyctl_watch_key.3 manpage
David Howells
- [PATCH 10/11] selinux: Implement the watch_key security hook [ver #7]
David Howells
- [PATCH V40 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
Philipp Rudo
- [PATCH 10/11] selinux: Implement the watch_key security hook [ver #7]
David Howells
- [RFC PATCH] audit, security: allow LSMs to selectively enable audit collection
Casey Schaufler
- [PATCH 10/11] selinux: Implement the watch_key security hook [ver #7]
Stephen Smalley
- [PATCH] keys: ensure that ->match_free() is called in request_key_and_link()
David Howells
- [PATCH V40 03/29] security: Add a static lockdown policy LSM
David Howells
- [PATCH V40 04/29] lockdown: Enforce module signatures if the kernel is locked down
David Howells
- [PATCH V40 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode
David Howells
- [PATCH] tpm_tis: Fix interrupt probing
Jarkko Sakkinen
- [RFC/RFT v4 5/5] KEYS: trusted: Add generic trusted keys framework
Jarkko Sakkinen
- [RFC/RFT v4 5/5] KEYS: trusted: Add generic trusted keys framework
Jarkko Sakkinen
- [PATCH 1/2] staging: comedi: Restrict COMEDI_DEVCONFIG when the kernel is locked down
Ian Abbott
- general protection fault in smack_socket_sendmsg
syzbot
- [RFC PATCH] audit, security: allow LSMs to selectively enable audit collection
Paul Moore
- [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook
Paul Moore
- [PATCH 00/11] Keyrings, Block and USB notifications [ver #7]
Casey Schaufler
Last message date:
Fri Aug 30 22:09:17 UTC 2019
Archived on: Fri Aug 30 22:19:30 UTC 2019
This archive was generated by
Pipermail 0.09 (Mailman edition).