August 2019 Archives by thread

• Messages sorted by: [ subject ] [ author ] [ date ]
• More info on this list...

Starting: Thu Aug 1 00:27:53 UTC 2019
Ending: Fri Aug 30 22:09:17 UTC 2019
Messages: 597

• [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Paul Moore
  • [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Stephen Smalley
    • [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Paul Moore
• [PATCH] ima: Allow to import the blacklisted cert signed by secondary CA cert   Jia Zhang
  • [PATCH] ima: Allow to import the blacklisted cert signed by secondary CA cert   Mimi Zohar
    • [PATCH] ima: Allow to import the blacklisted cert signed by secondary CA cert   Jia Zhang
      • [PATCH] ima: Allow to import the blacklisted cert signed by secondary CA cert   Mimi Zohar
• [RFC v2 0/6] Introduce TEE based Trusted Keys support   Janne Karhunen
  • [RFC v2 0/6] Introduce TEE based Trusted Keys support   Sumit Garg
    • [RFC v2 0/6] Introduce TEE based Trusted Keys support   Janne Karhunen
      • [RFC v2 0/6] Introduce TEE based Trusted Keys support   Sumit Garg
      • [RFC v2 0/6] Introduce TEE based Trusted Keys support   Janne Karhunen
• [RFC v2 0/6] Introduce TEE based Trusted Keys support   Janne Karhunen
  • [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support   Rouven Czerwinski
    • [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support   Janne Karhunen
      • [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support   Sumit Garg
      • [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support   Janne Karhunen
      • [Tee-dev] [RFC v2 0/6] Introduce TEE based Trusted Keys support   Sumit Garg
• [PATCH] tomoyo: common: Fix potential Spectre v1 vulnerability   Tetsuo Handa
• [PATCH] tomoyo: Use error code from kern_path() rather than -ENOENT.   Tetsuo Handa
• [GIT PULL] SafeSetID MAINTAINERS file update for v5.3   Linus Torvalds
  • [GIT PULL] SafeSetID MAINTAINERS file update for v5.3   Micah Morton
    • [GIT PULL] SafeSetID MAINTAINERS file update for v5.3   Linus Torvalds
    • [GIT PULL] SafeSetID MAINTAINERS file update for v5.3   Linus Torvalds
      • [GIT PULL] SafeSetID MAINTAINERS file update for v5.3   Konstantin Ryabitsev
      • [GIT PULL] SafeSetID MAINTAINERS file update for v5.3   Linus Torvalds
      • [GIT PULL] SafeSetID MAINTAINERS file update for v5.3   Konstantin Ryabitsev
      • [GIT PULL] SafeSetID MAINTAINERS file update for v5.3   Linus Torvalds
      • [GIT PULL] SafeSetID MAINTAINERS file update for v5.3   Konstantin Ryabitsev
      • [GIT PULL] SafeSetID MAINTAINERS file update for v5.3   Micah Morton
      • [GIT PULL] SafeSetID MAINTAINERS file update for v5.3   Linus Torvalds
• [PATCH V37 04/29] Enforce module signatures if the kernel is locked down   Jessica Yu
  • [PATCH V37 04/29] Enforce module signatures if the kernel is locked down   Matthew Garrett
    • [PATCH V37 04/29] Enforce module signatures if the kernel is locked down   Jessica Yu
      • [PATCH V37 04/29] Enforce module signatures if the kernel is locked down   Matthew Garrett
      • [PATCH V37 04/29] Enforce module signatures if the kernel is locked down   James Morris
      • [PATCH V39] Enforce module signatures if the kernel is locked down   Matthew Garrett
• [RFC PATCH v2] security, capability: pass object information to security_capable   Aaron Goidel
  • [RFC PATCH v2] security, capability: pass object information to security_capable   Paul Moore
    • [Non-DoD Source] Re: [RFC PATCH v2] security, capability: pass object information to security_capable   Aaron Goidel
      • [Non-DoD Source] Re: [RFC PATCH v2] security, capability: pass object information to security_capable   Richard Guy Briggs
      • [Non-DoD Source] Re: [RFC PATCH v2] security, capability: pass object information to security_capable   Paul Moore
      • [RFC PATCH v2] security, capability: pass object information to security_capable   Stephen Smalley
      • [RFC PATCH v2] security, capability: pass object information to security_capable   Paul Moore
      • [Non-DoD Source] Re: [RFC PATCH v2] security, capability: pass object information to security_capable   Aaron Goidel
      • [Non-DoD Source] Re: [RFC PATCH v2] security, capability: pass object information to security_capable   Paul Moore
• [PATCH V37 19/29] Lock down module params that specify hardware parameters (eg. ioport)   Jessica Yu
  • [PATCH V37 19/29] Lock down module params that specify hardware parameters (eg. ioport)   Matthew Garrett
• [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Jarkko Sakkinen
  • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Roberto Sassu
    • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Tyler Hicks
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Jarkko Sakkinen
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Tyler Hicks
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Tyler Hicks
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Jarkko Sakkinen
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Mimi Zohar
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Roberto Sassu
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Mimi Zohar
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Roberto Sassu
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Tyler Hicks
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Roberto Sassu
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Tyler Hicks
      • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Jarkko Sakkinen
    • [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Jarkko Sakkinen
• [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits   Jarkko Sakkinen
  • [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits   Andy Lutomirski
    • [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits   Jarkko Sakkinen
      • [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits   Andy Lutomirski
      • [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits   Jarkko Sakkinen
• [PATCH bpf-next v10 10/10] landlock: Add user and kernel documentation for Landlock   Mickaël Salaün
  • [PATCH bpf-next v10 10/10] landlock: Add user and kernel documentation for Landlock   Randy Dunlap
• [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem   Jarkko Sakkinen
  • [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem   Sumit Garg
    • [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem   Jarkko Sakkinen
      • [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem   Sumit Garg
      • [RFC/RFT v2 1/2] KEYS: trusted: create trusted keys subsystem   Jarkko Sakkinen
• [PATCH bpf-next v10 06/10] bpf,landlock: Add a new map type: inode   Alexei Starovoitov
  • [PATCH bpf-next v10 06/10] bpf,landlock: Add a new map type: inode   Mickaël Salaün
• Security labeling in NFS4 - who owns it?   Casey Schaufler
  • Security labeling in NFS4 - who owns it?   Paul Moore
    • Security labeling in NFS4 - who owns it?   Casey Schaufler
• [GIT PULL] SELinux fixes for v5.3 (#2)   Paul Moore
  • [GIT PULL] SELinux fixes for v5.3 (#2)   pr-tracker-bot at kernel.org
• [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Song Liu
  • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
    • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Song Liu
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Lorenz Bauer
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Daniel Colascione
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Jordan Glover
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Jordan Glover
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Thomas Gleixner
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Jordan Glover
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Thomas Gleixner
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Thomas Gleixner
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Jordan Glover
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Kees Cook
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Song Liu
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Christian Brauner
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Christian Brauner
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Christian Brauner
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Daniel Borkmann
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Andy Lutomirski
      • RFC: very rough draft of a bpf permission model   Andy Lutomirski
      • RFC: very rough draft of a bpf permission model   Alexei Starovoitov
      • RFC: very rough draft of a bpf permission model   Andy Lutomirski
      • RFC: very rough draft of a bpf permission model   Alexei Starovoitov
      • RFC: very rough draft of a bpf permission model   Andy Lutomirski
      • RFC: very rough draft of a bpf permission model   Alexei Starovoitov
      • [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf   Alexei Starovoitov
• Thank-You - Demmler Machinery   sales at demmlermachinery.com
• [PATCH v2] KEYS: trusted: allow module init if TPM is inactive or deactivated   Roberto Sassu
  • [PATCH v2] KEYS: trusted: allow module init if TPM is inactive or deactivated   Tyler Hicks
    • [PATCH v2] KEYS: trusted: allow module init if TPM is inactive or deactivated   Roberto Sassu
      • [PATCH v2] KEYS: trusted: allow module init if TPM is inactive or deactivated   Roberto Sassu
      • [PATCH v2] KEYS: trusted: allow module init if TPM is inactive or deactivated   Tyler Hicks
• [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated   Tyler Hicks
• [RFC v2 0/6] Introduce TEE based Trusted Keys support   Jarkko Sakkinen
• [RFC PATCH v1 1/5] fs: Add support for an O_MAYEXEC flag on sys_open()   Andy Lutomirski
  • [RFC PATCH v1 1/5] fs: Add support for an O_MAYEXEC flag on sys_open()   Mickaël Salaün
• [PATCH] security/tomoyo: convert put_page() to put_user_page*()   john.hubbard at gmail.com
  • [PATCH] security/tomoyo: convert put_page() to put_user_page*()   Tetsuo Handa
    • [PATCH] security/tomoyo: convert put_page() to put_user_page*()   John Hubbard
• [PATCH v12 01/11] MODSIGN: Export module signature definitions   Philipp Rudo
  • [PATCH v12 01/11] MODSIGN: Export module signature definitions   Mimi Zohar
• [PATCH v3] KEYS: trusted: allow module init if TPM is inactive or deactivated   Roberto Sassu
  • [PATCH v3] KEYS: trusted: allow module init if TPM is inactive or deactivated   Tyler Hicks
  • [PATCH v3] KEYS: trusted: allow module init if TPM is inactive or deactivated   Jarkko Sakkinen
  • [PATCH v3] KEYS: trusted: allow module init if TPM is inactive or deactivated   Jarkko Sakkinen
• [WIP 0/4] bpf: A bit of progress toward unprivileged use   Andy Lutomirski
• [WIP 1/4] bpf: Respect persistent map and prog access modes   Andy Lutomirski
• [WIP 2/4] bpf: Don't require mknod() permission to pin an object   Andy Lutomirski
• [WIP 3/4] bpf: Add a way to mark functions as requiring privilege   Andy Lutomirski
• [WIP 4/4] bpf: Allow creating all program types without privilege   Andy Lutomirski
• [PATCH 02/10] vfs: syscall: Add move_mount(2) to move mounts around   Tetsuo Handa
  • [PATCH] LSM: Disable move_mount() syscall when TOMOYO or AppArmor is enabled.   Tetsuo Handa
  • [RFC][PATCH] fix d_absolute_path() interplay with fsmount()   Al Viro
    • [RFC][PATCH] fix d_absolute_path() interplay with fsmount()   Tetsuo Handa
• [RFC/RFT v3 0/3] KEYS: trusted: Add generic trusted keys framework   Sumit Garg
  • [RFC/RFT v3 1/3] KEYS: trusted: create trusted keys subsystem   Sumit Garg
    • [RFC/RFT v3 1/3] KEYS: trusted: create trusted keys subsystem   Jarkko Sakkinen
      • [RFC/RFT v3 1/3] KEYS: trusted: create trusted keys subsystem   Sumit Garg
  • [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code   Sumit Garg
    • [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code   Greg KH
      • [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code   Sumit Garg
    • [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code   Jarkko Sakkinen
      • [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code   Sumit Garg
      • [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code   Jarkko Sakkinen
      • [RFC/RFT v3 2/3] KEYS: trusted: move tpm2 trusted keys code   Sumit Garg
  • [RFC/RFT v3 3/3] KEYS: trusted: Add generic trusted keys framework   Sumit Garg
• [PATCH v3 37/41] security/tomoyo: convert put_page() to put_user_page*()   john.hubbard at gmail.com
• [PATCH 1/2] KEYS: Replace uid/gid/perm permissions checking with an ACL   Eric Biggers
  • [PATCH 1/2] KEYS: Replace uid/gid/perm permissions checking with an ACL   Eric Biggers
    • [PATCH keys-next] keys: Fix permissions assigned to anonymous session keyrings   Eric Biggers
• [PATCH v7 00/28] LSM: Module stacking for AppArmor   Casey Schaufler
  • [PATCH v7 01/28] LSM: Infrastructure management of the superblock   Casey Schaufler
  • [PATCH v7 02/28] LSM: Infrastructure management of the sock security   Casey Schaufler
  • [PATCH v7 03/28] LSM: Infrastructure management of the key blob   Casey Schaufler
  • [PATCH v7 04/28] LSM: Create and manage the lsmblob data structure.   Casey Schaufler
  • [PATCH v7 05/28] LSM: Use lsmblob in security_audit_rule_match   Casey Schaufler
  • [PATCH v7 06/28] LSM: Use lsmblob in security_kernel_act_as   Casey Schaufler
  • [PATCH v7 07/28] net: Prepare UDS for security module stacking   Casey Schaufler
  • [PATCH v7 08/28] LSM: Use lsmblob in security_secctx_to_secid   Casey Schaufler
  • [PATCH v7 09/28] LSM: Use lsmblob in security_secid_to_secctx   Casey Schaufler
  • [PATCH v7 10/28] LSM: Use lsmblob in security_ipc_getsecid   Casey Schaufler
  • [PATCH v7 11/28] LSM: Use lsmblob in security_task_getsecid   Casey Schaufler
  • [PATCH v7 12/28] LSM: Use lsmblob in security_inode_getsecid   Casey Schaufler
  • [PATCH v7 13/28] LSM: Use lsmblob in security_cred_getsecid   Casey Schaufler
  • [PATCH v7 14/28] IMA: Change internal interfaces to use lsmblobs   Casey Schaufler
  • [PATCH v7 15/28] LSM: Specify which LSM to display   Casey Schaufler
    • [PATCH v7 15/28] LSM: Specify which LSM to display   Kees Cook
      • [PATCH v7 15/28] LSM: Specify which LSM to display   Casey Schaufler
  • [PATCH v7 16/28] LSM: Ensure the correct LSM context releaser   Casey Schaufler
  • [PATCH v7 17/28] LSM: Use lsmcontext in security_secid_to_secctx   Casey Schaufler
  • [PATCH v7 18/28] LSM: Use lsmcontext in security_dentry_init_security   Casey Schaufler
  • [PATCH v7 19/28] LSM: Use lsmcontext in security_inode_getsecctx   Casey Schaufler
  • [PATCH v7 20/28] LSM: security_secid_to_secctx in netlink netfilter   Casey Schaufler
  • [PATCH v7 21/28] NET: Store LSM netlabel data in a lsmblob   Casey Schaufler
  • [PATCH v7 22/28] SELinux: Verify LSM display sanity in binder   Casey Schaufler
    • [PATCH v7 22/28] SELinux: Verify LSM display sanity in binder   Kees Cook
      • [PATCH v7 22/28] SELinux: Verify LSM display sanity in binder   Casey Schaufler
  • [PATCH v7 23/28] Audit: Add subj_LSM fields when necessary   Casey Schaufler
  • [PATCH v7 24/28] Audit: Include object data for all security modules   Casey Schaufler
  • [PATCH v7 25/28] LSM: Provide an user space interface for the default display   Casey Schaufler
  • [PATCH v7 26/28] NET: Add SO_PEERCONTEXT for multiple LSMs   Casey Schaufler
    • [PATCH v7 26/28] NET: Add SO_PEERCONTEXT for multiple LSMs   Kees Cook
      • [PATCH v7 26/28] NET: Add SO_PEERCONTEXT for multiple LSMs   Casey Schaufler
  • [PATCH v7 27/28] LSM: Add /proc attr entry for full LSM context   Casey Schaufler
    • [PATCH v7 27/28] LSM: Add /proc attr entry for full LSM context   Kees Cook
      • [PATCH v7 27/28] LSM: Add /proc attr entry for full LSM context   Casey Schaufler
  • [PATCH v7 28/28] AppArmor: Remove the exclusive flag   Casey Schaufler
• [PATCH v7 00/16] LSM: Full module stacking   Casey Schaufler
  • [PATCH v7 00/16] LSM: Full module stacking   Casey Schaufler
  • [PATCH v7 01/16] LSM: Single hook called in secmark refcounting   Casey Schaufler
  • [PATCH v7 02/16] Smack: Detect if secmarks can be safely used   Casey Schaufler
  • [PATCH v7 03/16] LSM: Support multiple LSMs using inode_init_security   Casey Schaufler
  • [PATCH v7 04/16] LSM: List multiple security attributes in security_inode_listsecurity   Casey Schaufler
  • [PATCH v7 05/16] LSM: Multiple modules using security_ismaclabel   Casey Schaufler
  • [PATCH v7 06/16] LSM: Make multiple MAC modules safe in nfs and kernfs   Casey Schaufler
  • [PATCH v7 07/16] LSM: Correct handling of ENOSYS in inode_setxattr   Casey Schaufler
  • [PATCH v7 08/16] LSM: Infrastructure security blobs for mount options   Casey Schaufler
  • [PATCH v7 09/16] LSM: Fix for security_init_inode_security   Casey Schaufler
  • [PATCH v7 10/16] LSM: Change error detection for UDP peer security   Casey Schaufler
  • [PATCH v7 11/16] Netlabel: Add a secattr comparison API function   Casey Schaufler
  • [PATCH v7 12/16] Netlabel: Provide labeling type to security modules   Casey Schaufler
  • [PATCH v7 13/16] LSM: Remember the NLTYPE of netlabel sockets   Casey Schaufler
  • [PATCH v7 14/16] LSM: Hook for netlabel reconciliation   Casey Schaufler
  • [PATCH v7 15/16] LSM: Avoid network conflicts in SELinux and Smack   Casey Schaufler
  • [PATCH v7 16/16] Smack: Remove the exclusive flag   Casey Schaufler
• [PATCH V38 00/29] security: Add support for locking down the kernel   Matthew Garrett
  • [PATCH V38 00/29] security: Add support for locking down the kernel   James Morris
    • [PATCH V38 00/29] security: Add support for locking down the kernel   Matthew Garrett
      • [PATCH V38 00/29] security: Add support for locking down the kernel   James Morris
      • [PATCH V38 00/29] security: Add support for locking down the kernel   James Morris
• [PATCH V38 01/29] security: Support early LSMs   Matthew Garrett
• [PATCH V38 02/29] security: Add a "locked down" LSM hook   Matthew Garrett
• [PATCH V38 03/29] security: Add a static lockdown policy LSM   Matthew Garrett
• [PATCH V38 04/29] Enforce module signatures if the kernel is locked down   Matthew Garrett
• [PATCH V38 05/29] Restrict /dev/{mem,kmem,port} when the kernel is locked down   Matthew Garrett
• [PATCH V38 06/29] kexec_load: Disable at runtime if the kernel is locked down   Matthew Garrett
• [PATCH V38 07/29] Copy secure_boot flag in boot params across kexec reboot   Matthew Garrett
• [PATCH V38 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE   Matthew Garrett
• [PATCH V38 09/29] kexec_file: Restrict at runtime if the kernel is locked down   Matthew Garrett
• [PATCH V38 10/29] hibernate: Disable when the kernel is locked down   Matthew Garrett
• [PATCH V38 11/29] PCI: Lock down BAR access when the kernel is locked down   Matthew Garrett
• [PATCH V38 12/29] x86: Lock down IO port access when the kernel is locked down   Matthew Garrett
• [PATCH V38 13/29] x86/msr: Restrict MSR access when the kernel is locked down   Matthew Garrett
• [PATCH V38 14/29] ACPI: Limit access to custom_method when the kernel is locked down   Matthew Garrett
• [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down   Matthew Garrett
  • [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down   Dave Young
  • [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down   Borislav Petkov
    • [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down   Matthew Garrett
      • [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down   Borislav Petkov
      • [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down   Matthew Garrett
  • [PATCH V38 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down   Borislav Petkov
• [PATCH V38 16/29] acpi: Disable ACPI table override if the kernel is locked down   Matthew Garrett
• [PATCH V38 17/29] Prohibit PCMCIA CIS storage when the kernel is locked down   Matthew Garrett
• [PATCH V38 18/29] Lock down TIOCSSERIAL   Matthew Garrett
• [PATCH V38 19/29] Lock down module params that specify hardware parameters (eg. ioport)   Matthew Garrett
  • [PATCH V38 19/29] Lock down module params that specify hardware parameters (eg. ioport)   Jessica Yu
    • [PATCH V38 19/29] Lock down module params that specify hardware parameters (eg. ioport)   James Morris
    • [PATCH V39] Lock down module params that specify hardware parameters (eg. ioport)   Matthew Garrett
• [PATCH V38 20/29] x86/mmiotrace: Lock down the testmmiotrace module   Matthew Garrett
• [PATCH V38 21/29] Lock down /proc/kcore   Matthew Garrett
• [PATCH V38 22/29] Lock down tracing and perf kprobes when in confidentiality mode   Matthew Garrett
• [PATCH V38 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode   Matthew Garrett
• [PATCH V38 24/29] Lock down perf when in confidentiality mode   Matthew Garrett
• [PATCH V38 25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down   Matthew Garrett
• [PATCH V38 26/29] debugfs: Restrict debugfs when the kernel is locked down   Matthew Garrett
• [PATCH V38 27/29] tracefs: Restrict tracefs when the kernel is locked down   Matthew Garrett
• [PATCH V38 28/29] efi: Restrict efivar_ssdt_load when the kernel is locked down   Matthew Garrett
• [PATCH V38 29/29] lockdown: Print current->comm in restriction messages   Matthew Garrett
• [PATCH] ima: Fix a use after free in ima_read_modsig()   Dan Carpenter
  • [PATCH] ima: Fix a use after free in ima_read_modsig()   Mimi Zohar
    • [PATCH] ima: Fix a use after free in ima_read_modsig()   Dan Carpenter
      • [PATCH] ima: Fix a use after free in ima_read_modsig()   Mimi Zohar
• [PATCH v13 2/5] Add flags option to get xattr method paired to __vfs_getxattr   Mark Salyzyn
• KASAN: use-after-free Read in tomoyo_socket_sendmsg_permission   syzbot
  • KASAN: use-after-free Read in tomoyo_socket_sendmsg_permission   Tetsuo Handa
• [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Paul Moore
  • [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Amir Goldstein
    • [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Paul Moore
      • [Non-DoD Source] Re: [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Aaron Goidel
      • [Non-DoD Source] Re: [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Amir Goldstein
      • [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Amir Goldstein
      • [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Paul Moore
      • [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Jan Kara
      • [Non-DoD Source] Re: [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Aaron Goidel
      • [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Paul Moore
    • [Non-DoD Source] Re: [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Aaron Goidel
      • [Non-DoD Source] Re: [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications   Amir Goldstein
• [Tee-dev] [RFC v2 2/6] tee: enable support to register kernel memory   Stuart Yoder
  • [Tee-dev] [RFC v2 2/6] tee: enable support to register kernel memory   Sumit Garg
• [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.   Tetsuo Handa
• [PATCH v2] fanotify, inotify, dnotify, security: add security hook for fs notifications   Aaron Goidel
  • [PATCH v2] fanotify, inotify, dnotify, security: add security hook for fs notifications   Jan Kara
  • [PATCH v2] fanotify, inotify, dnotify, security: add security hook for fs notifications   Paul Moore
    • [Non-DoD Source] Re: [PATCH v2] fanotify, inotify, dnotify, security: add security hook for fs notifications   Aaron Goidel
• [security:next-lockdown 1/29] init/main.c:572:2: error: implicit declaration of function 'early_security_init'; did you mean 'security_init'?   kbuild test robot
• [PATCH] security: fix ptr_ret.cocci warnings   kbuild test robot
• [security:next-lockdown 3/29] security/lockdown/lockdown.c:157:1-3: WARNING: PTR_ERR_OR_ZERO can be used   kbuild test robot
  • [PATCH] security: fix ptr_ret.cocci warnings   Kees Cook
• [security:next-lockdown 2/29] htmldocs: include/linux/lsm_hooks.h:1812: warning: Function parameter or member 'locked_down' not described in 'security_list_options'   kbuild test robot
• [security:next-lockdown 8/29] arch/s390/kernel/kexec_elf.c:134:3: error: 'const struct kexec_file_ops' has no member named 'verify_sig'   kbuild test robot
• [PATCH][next] ima: ima_modsig: Fix use-after-free bug in ima_read_modsig   Gustavo A. R. Silva
  • [PATCH][next] ima: ima_modsig: Fix use-after-free bug in ima_read_modsig   Mimi Zohar
    • [PATCH][next] ima: ima_modsig: Fix use-after-free bug in ima_read_modsig   Gustavo A. R. Silva
• WARNING in aa_sock_msg_perm   syzbot
  • WARNING in aa_sock_msg_perm   Tetsuo Handa
• [PATCH v3] fanotify, inotify, dnotify, security: add security hook for fs notifications   Aaron Goidel
  • [PATCH v3] fanotify, inotify, dnotify, security: add security hook for fs notifications   Paul Moore
• [PATCH V37 27/29] tracefs: Restrict tracefs when the kernel is locked down   Marek Szyprowski
  • [PATCH V37 27/29] tracefs: Restrict tracefs when the kernel is locked down   Marek Szyprowski
    • [PATCH] tracefs: Fix NULL pointer dereference when no lockdown is used   Marek Szyprowski
• [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem   Sumit Garg
  • [RFC/RFT v4 1/5] tpm: move tpm_buf code to include/linux/   Sumit Garg
    • [RFC/RFT v4 1/5] tpm: move tpm_buf code to include/linux/   Jarkko Sakkinen
      • [RFC/RFT v4 1/5] tpm: move tpm_buf code to include/linux/   Sumit Garg
      • [RFC/RFT v4 1/5] tpm: move tpm_buf code to include/linux/   Jarkko Sakkinen
  • [RFC/RFT v4 2/5] KEYS: trusted: use common tpm_buf for TPM1.x code   Sumit Garg
    • [RFC/RFT v4 2/5] KEYS: trusted: use common tpm_buf for TPM1.x code   Jarkko Sakkinen
  • [RFC/RFT v4 3/5] KEYS: trusted: create trusted keys subsystem   Sumit Garg
    • [RFC/RFT v4 3/5] KEYS: trusted: create trusted keys subsystem   Jarkko Sakkinen
      • [RFC/RFT v4 3/5] KEYS: trusted: create trusted keys subsystem   Jarkko Sakkinen
      • [RFC/RFT v4 3/5] KEYS: trusted: create trusted keys subsystem   Sumit Garg
  • [RFC/RFT v4 4/5] KEYS: trusted: move tpm2 trusted keys code   Sumit Garg
    • [RFC/RFT v4 4/5] KEYS: trusted: move tpm2 trusted keys code   Jarkko Sakkinen
      • [RFC/RFT v4 4/5] KEYS: trusted: move tpm2 trusted keys code   Sumit Garg
  • [RFC/RFT v4 5/5] KEYS: trusted: Add generic trusted keys framework   Sumit Garg
    • [RFC/RFT v4 5/5] KEYS: trusted: Add generic trusted keys framework   Sumit Garg
      • [RFC/RFT v4 5/5] KEYS: trusted: Add generic trusted keys framework   Jarkko Sakkinen
      • [RFC/RFT v4 5/5] KEYS: trusted: Add generic trusted keys framework   Jarkko Sakkinen
  • [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem   Mimi Zohar
    • [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem   Sumit Garg
      • [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem   Mimi Zohar
      • [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem   Sumit Garg
  • [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem   Jarkko Sakkinen
    • [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem   Sumit Garg
      • [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem   Jarkko Sakkinen
• [PATCH] Add flags option to get xattr method paired to __vfs_getxattr   Mark Salyzyn
• [RFC PATCH v5 1/1] Add dm verity root hash pkcs7 sig validation.   Jaskaran Singh Khurana
• [PATCH 0/6] lockdown fixups   Matthew Garrett
  • [PATCH 1/6] tracefs: Fix potential null dereference in default_file_open()   Matthew Garrett
  • [PATCH 2/6] early_security_init() needs a stub got !CONFIG_SECURITY   Matthew Garrett
  • [PATCH 3/6] Avoid build warning when !CONFIG_KEXEC_SIG   Matthew Garrett
    • [PATCH 3/6] Avoid build warning when !CONFIG_KEXEC_SIG   Dave Young
      • [PATCH 3/6] Avoid build warning when !CONFIG_KEXEC_SIG   Matthew Garrett
  • [PATCH 4/6] security: fix ptr_ret.cocci warnings   Matthew Garrett
  • [PATCH 5/6] kexec: s/KEXEC_VERIFY_SIG/KEXEC_SIG/ for consistency   Matthew Garrett
  • [PATCH 6/6] Document locked_down LSM hook   Matthew Garrett
  • [PATCH 0/6] lockdown fixups   James Morris
  • [PATCH 0/6] lockdown fixups   James Morris
    • [PATCH 0/6] lockdown fixups   Matthew Garrett
      • [PATCH 0/6] lockdown fixups   James Morris
      • [PATCH 0/6] lockdown fixups   Matthew Garrett
• PLEASE CONFIRM PURCHASE ORDER   Mr NARESH KUMAR
• TODAY, Wed, Aug 14, 2019 I AM READY FOR COMING TO YOUR ADDRESS WITH THIS ATM CARD   MS. MARYANNA B. THOMASON
• [RFC PATCH] audit, security: allow LSMs to selectively enable audit collection   Aaron Goidel
  • [RFC PATCH] audit, security: allow LSMs to selectively enable audit collection   Stephen Smalley
    • [RFC PATCH] audit, security: allow LSMs to selectively enable audit collection   Casey Schaufler
      • [RFC PATCH] audit, security: allow LSMs to selectively enable audit collection   Paul Moore
• [RFC PATCH v3] security, capability: pass object information to security_capable   Aaron Goidel
  • [RFC PATCH v3] security,capability: pass object information to security_capable   James Morris
    • [RFC PATCH v3] security, capability: pass object information to security_capable   Stephen Smalley
      • [RFC PATCH v3] security, capability: pass object information to security_capable   Paul Moore
• [GIT PULL] Keys: Set 4 - Key ACLs for 5.3   David Howells
  • [GIT PULL] Keys: Set 4 - Key ACLs for 5.3   Mimi Zohar
  • [GIT PULL] Keys: Set 4 - Key ACLs for 5.3   Mimi Zohar
    • [GIT PULL] Keys: Set 4 - Key ACLs for 5.3   David Howells
• [WIP][RFC][PATCH 0/3] Introduce Infoflow LSM   Roberto Sassu
  • [WIP][RFC][PATCH 1/3] security: introduce call_int_hook_and() macro   Roberto Sassu
    • [WIP][RFC][PATCH 1/3] security: introduce call_int_hook_and() macro   Casey Schaufler
      • [WIP][RFC][PATCH 1/3] security: introduce call_int_hook_and() macro   Roberto Sassu
  • [WIP][RFC][PATCH 2/3] lsm notifier: distinguish between state change and policy change   Roberto Sassu
  • [WIP][RFC][PATCH 3/3] security: add infoflow LSM   Roberto Sassu
• [PATCH] keys: Fix description size   David Howells
  • [PATCH] keys: Fix description size   Linus Torvalds
• [PATCH V40 00/29] Add kernel lockdown functionality   Matthew Garrett
  • [PATCH V40 01/29] security: Support early LSMs   Matthew Garrett
  • [PATCH V40 02/29] security: Add a "locked down" LSM hook   Matthew Garrett
  • [PATCH V40 03/29] security: Add a static lockdown policy LSM   Matthew Garrett
    • [PATCH V40 03/29] security: Add a static lockdown policy LSM   David Howells
  • [PATCH V40 04/29] lockdown: Enforce module signatures if the kernel is locked down   Matthew Garrett
    • [PATCH V40 04/29] lockdown: Enforce module signatures if the kernel is locked down   David Howells
  • [PATCH V40 05/29] lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked down   Matthew Garrett
  • [PATCH V40 06/29] kexec_load: Disable at runtime if the kernel is locked down   Matthew Garrett
  • [PATCH V40 07/29] lockdown: Copy secure_boot flag in boot params across kexec reboot   Matthew Garrett
  • [PATCH V40 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE   Matthew Garrett
    • [PATCH V40 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE   Philipp Rudo
  • [PATCH V40 09/29] kexec_file: Restrict at runtime if the kernel is locked down   Matthew Garrett
  • [PATCH V40 10/29] hibernate: Disable when the kernel is locked down   Matthew Garrett
    • [PATCH V40 10/29] hibernate: Disable when the kernel is locked down   Rafael J. Wysocki
  • [PATCH V40 11/29] PCI: Lock down BAR access when the kernel is locked down   Matthew Garrett
    • [PATCH V40 11/29] PCI: Lock down BAR access when the kernel is locked down   Bjorn Helgaas
      • [PATCH V40 11/29] PCI: Lock down BAR access when the kernel is locked down   Matthew Garrett
  • [PATCH V40 12/29] x86: Lock down IO port access when the kernel is locked down   Matthew Garrett
  • [PATCH V40 13/29] x86/msr: Restrict MSR access when the kernel is locked down   Matthew Garrett
  • [PATCH V40 14/29] ACPI: Limit access to custom_method when the kernel is locked down   Matthew Garrett
    • [PATCH V40 14/29] ACPI: Limit access to custom_method when the kernel is locked down   Rafael J. Wysocki
  • [PATCH V40 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down   Matthew Garrett
    • [PATCH V40 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down   Rafael J. Wysocki
  • [PATCH V40 16/29] acpi: Disable ACPI table override if the kernel is locked down   Matthew Garrett
    • [PATCH V40 16/29] acpi: Disable ACPI table override if the kernel is locked down   Rafael J. Wysocki
  • [PATCH V40 17/29] lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down   Matthew Garrett
  • [PATCH V40 18/29] lockdown: Lock down TIOCSSERIAL   Matthew Garrett
  • [PATCH V40 19/29] lockdown: Lock down module params that specify hardware parameters (eg. ioport)   Matthew Garrett
    • [PATCH V40 19/29] lockdown: Lock down module params that specify hardware parameters (eg. ioport)   Jessica Yu
  • [PATCH V40 20/29] x86/mmiotrace: Lock down the testmmiotrace module   Matthew Garrett
  • [PATCH V40 21/29] lockdown: Lock down /proc/kcore   Matthew Garrett
  • [PATCH V40 22/29] lockdown: Lock down tracing and perf kprobes when in confidentiality mode   Matthew Garrett
  • [PATCH V40 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode   Matthew Garrett
    • [PATCH V40 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode   David Howells
  • [PATCH V40 24/29] lockdown: Lock down perf when in confidentiality mode   Matthew Garrett
  • [PATCH V40 25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down   Matthew Garrett
  • [PATCH V40 26/29] debugfs: Restrict debugfs when the kernel is locked down   Matthew Garrett
  • [PATCH V40 27/29] tracefs: Restrict tracefs when the kernel is locked down   Matthew Garrett
  • [PATCH V40 28/29] efi: Restrict efivar_ssdt_load when the kernel is locked down   Matthew Garrett
  • [PATCH V40 29/29] lockdown: Print current->comm in restriction messages   Matthew Garrett
  • [PATCH V40 00/29] Add kernel lockdown functionality   James Morris
• [PATCH] tpm_tis: Fix interrupt probing   Stefan Berger
  • [PATCH] tpm_tis: Fix interrupt probing   Jarkko Sakkinen
  • [PATCH] tpm_tis: Fix interrupt probing   Jarkko Sakkinen
    • [PATCH] tpm_tis: Fix interrupt probing   Jarkko Sakkinen
      • [PATCH] tpm_tis: Fix interrupt probing   Stefan Berger
      • [PATCH] tpm_tis: Fix interrupt probing   Jarkko Sakkinen
      • [PATCH] tpm_tis: Fix interrupt probing   Jarkko Sakkinen
      • [PATCH] tpm_tis: Fix interrupt probing   Stefan Berger
      • [PATCH] tpm_tis: Fix interrupt probing   Jarkko Sakkinen
• [PATCH v5 0/4] Create and consolidate trusted keys subsystem   Sumit Garg
  • [PATCH v5 1/4] tpm: move tpm_buf code to include/linux/   Sumit Garg
    • [PATCH v5 1/4] tpm: move tpm_buf code to include/linux/   Jarkko Sakkinen
  • [PATCH v5 2/4] KEYS: trusted: use common tpm_buf for TPM1.x code   Sumit Garg
  • [PATCH v5 3/4] KEYS: trusted: create trusted keys subsystem   Sumit Garg
    • [PATCH v5 3/4] KEYS: trusted: create trusted keys subsystem   Jarkko Sakkinen
  • [PATCH v5 4/4] KEYS: trusted: move tpm2 trusted keys code   Sumit Garg
    • [PATCH v5 4/4] KEYS: trusted: move tpm2 trusted keys code   Jarkko Sakkinen
      • [PATCH v5 4/4] KEYS: trusted: move tpm2 trusted keys code   Sumit Garg
      • [PATCH v5 4/4] KEYS: trusted: move tpm2 trusted keys code   Jarkko Sakkinen
  • [PATCH v5 0/4] Create and consolidate trusted keys subsystem   Jarkko Sakkinen
• [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook   Jeff Vander Stoep
  • [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook   Jeffrey Vander Stoep
  • [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook   Casey Schaufler
    • [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook   Jeffrey Vander Stoep
  • [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook   David Miller
    • [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook   Jeffrey Vander Stoep
      • [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook   David Miller
      • [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook   Paul Moore
      • [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook   Michal Kubecek
      • [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook   Paul Moore
  • [PATCH 1/2] rtnetlink: gate MAC address with an LSM hook   kbuild test robot
• [PATCH 2/2] selinux: use netlink_receive hook   Jeff Vander Stoep
  • [PATCH 2/2] selinux: use netlink_receive hook   kbuild test robot
  • [PATCH 2/2] selinux: use netlink_receive hook   kbuild test robot
• New skb extension for use by LSMs (skb "security blob")?   Paul Moore
  • New skb extension for use by LSMs (skb "security blob")?   David Miller
    • New skb extension for use by LSMs (skb "security blob")?   Paul Moore
      • New skb extension for use by LSMs (skb "security blob")?   David Miller
      • New skb extension for use by LSMs (skb "security blob")?   Casey Schaufler
  • New skb extension for use by LSMs (skb "security blob")?   Florian Westphal
    • New skb extension for use by LSMs (skb "security blob")?   Paul Moore
      • New skb extension for use by LSMs (skb "security blob")?   Casey Schaufler
      • New skb extension for use by LSMs (skb "security blob")?   Florian Westphal
      • New skb extension for use by LSMs (skb "security blob")?   Casey Schaufler
      • New skb extension for use by LSMs (skb "security blob")?   David Miller
      • New skb extension for use by LSMs (skb "security blob")?   Casey Schaufler
      • New skb extension for use by LSMs (skb "security blob")?   David Miller
      • New skb extension for use by LSMs (skb "security blob")?   Casey Schaufler
      • New skb extension for use by LSMs (skb "security blob")?   David Miller
      • New skb extension for use by LSMs (skb "security blob")?   Casey Schaufler
      • New skb extension for use by LSMs (skb "security blob")?   David Miller
• [PATCH] smack: use GFP_NOFS while holding inode_smack::smk_lock   Eric Biggers
  • [PATCH] smack: use GFP_NOFS while holding inode_smack::smk_lock   Casey Schaufler
• [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.   Eric Biggers
  • [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.   Tetsuo Handa
    • [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.   Eric Biggers
      • [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.   Tetsuo Handa
      • [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.   Eric Biggers
• MY $25,000,000.00 INVESTMENT PROPOSAL WITH YOU AND IN YOUR COUNTRY.   Law firm(Eku and Associates)
• [PATCH v12 00/11] Appended signatures support for IMA appraisal   Jordan Hand
  • [PATCH v12 00/11] Appended signatures support for IMA appraisal   Thiago Jung Bauermann
  • [PATCH v12 00/11] Appended signatures support for IMA appraisal   Mimi Zohar
• [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
  • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Steven Rostedt
    • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Steven Rostedt
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Steven Rostedt
    • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Alexei Starovoitov
    • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Masami Hiramatsu
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Alexei Starovoitov
  • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Alexei Starovoitov
    • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Alexei Starovoitov
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Alexei Starovoitov
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Alexei Starovoitov
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Alexei Starovoitov
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Alexei Starovoitov
  • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Peter Zijlstra
    • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Alexei Starovoitov
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Steven Rostedt
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Alexei Starovoitov
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Andy Lutomirski
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Steven Rostedt
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Alexei Starovoitov
      • [PATCH bpf-next] bpf, capabilities: introduce CAP_BPF   Steven Rostedt
• [PATCH] ima: use struct_size() in kzalloc()   Gustavo A. R. Silva
  • [PATCH] ima: use struct_size() in kzalloc()   Mimi Zohar
    • [PATCH] ima: use struct_size() in kzalloc()   Gustavo A. R. Silva
• [PATCH] ima: use struct_size() in kzalloc()   Mimi Zohar
  • [PATCH] ima: use struct_size() in kzalloc()   Gustavo A. R. Silva
• [PATCH] ima: ima_api: Use struct_size() in kzalloc()   Gustavo A. R. Silva
• [PATCH 00/11] Keyrings, Block and USB notifications [ver #6]   David Howells
  • [PATCH 01/11] uapi: General notification ring definitions [ver #6]   David Howells
  • [PATCH 02/11] security: Add hooks to rule on setting a watch [ver #6]   David Howells
  • [PATCH 03/11] security: Add a hook for the point of notification insertion [ver #6]   David Howells
  • [PATCH 04/11] General notification queue with user mmap()'able ring buffer [ver #6]   David Howells
  • [PATCH 05/11] keys: Add a notification facility [ver #6]   David Howells
  • [PATCH 06/11] Add a general, global device notification watch list [ver #6]   David Howells
  • [PATCH 07/11] block: Add block layer notifications [ver #6]   David Howells
  • [PATCH 08/11] usb: Add USB subsystem notifications [ver #6]   David Howells
  • [PATCH 09/11] Add sample notification program [ver #6]   David Howells
  • [PATCH 10/11] selinux: Implement the watch_key security hook [ver #6]   David Howells
    • [PATCH 10/11] selinux: Implement the watch_key security hook [ver #6]   Stephen Smalley
      • [PATCH 10/11] selinux: Implement the watch_key security hook [ver #6]   David Howells
  • [PATCH 11/11] smack: Implement the watch_key and post_notification hooks [untested] [ver #6]   David Howells
• [PATCH] overlayfs: filter of trusted xattr results in audit.   Mark Salyzyn
• [PATCH v8 00/28] LSM: Module stacking for AppArmor   Casey Schaufler
  • [PATCH v8 02/28] LSM: Infrastructure management of the sock security   Casey Schaufler
  • [PATCH v8 03/28] LSM: Infrastructure management of the key blob   Casey Schaufler
  • [PATCH v8 04/28] LSM: Create and manage the lsmblob data structure.   Casey Schaufler
  • [PATCH v8 05/28] LSM: Use lsmblob in security_audit_rule_match   Casey Schaufler
  • [PATCH v8 06/28] LSM: Use lsmblob in security_kernel_act_as   Casey Schaufler
  • [PATCH v8 07/28] net: Prepare UDS for security module stacking   Casey Schaufler
  • [PATCH v8 08/28] LSM: Use lsmblob in security_secctx_to_secid   Casey Schaufler
  • [PATCH v8 09/28] LSM: Use lsmblob in security_secid_to_secctx   Casey Schaufler
  • [PATCH v8 10/28] LSM: Use lsmblob in security_ipc_getsecid   Casey Schaufler
  • [PATCH v8 11/28] LSM: Use lsmblob in security_task_getsecid   Casey Schaufler
  • [PATCH v8 12/28] LSM: Use lsmblob in security_inode_getsecid   Casey Schaufler
  • [PATCH v8 13/28] LSM: Use lsmblob in security_cred_getsecid   Casey Schaufler
  • [PATCH v8 14/28] IMA: Change internal interfaces to use lsmblobs   Casey Schaufler
  • [PATCH v8 15/28] LSM: Specify which LSM to display   Casey Schaufler
  • [PATCH v8 16/28] LSM: Ensure the correct LSM context releaser   Casey Schaufler
  • [PATCH v8 17/28] LSM: Use lsmcontext in security_secid_to_secctx   Casey Schaufler
  • [PATCH v8 18/28] LSM: Use lsmcontext in security_dentry_init_security   Casey Schaufler
  • [PATCH v8 19/28] LSM: Use lsmcontext in security_inode_getsecctx   Casey Schaufler
  • [PATCH v8 20/28] LSM: security_secid_to_secctx in netlink netfilter   Casey Schaufler
  • [PATCH v8 21/28] NET: Store LSM netlabel data in a lsmblob   Casey Schaufler
  • [PATCH v8 22/28] SELinux: Verify LSM display sanity in binder   Casey Schaufler
  • [PATCH v8 23/28] Audit: Add subj_LSM fields when necessary   Casey Schaufler
  • [PATCH v8 24/28] Audit: Include object data for all security modules   Casey Schaufler
  • [PATCH v8 25/28] LSM: Provide an user space interface for the default display   Casey Schaufler
  • [PATCH v8 26/28] NET: Add SO_PEERCONTEXT for multiple LSMs   Casey Schaufler
  • [PATCH v8 27/28] LSM: Add /proc attr entry for full LSM context   Casey Schaufler
  • [PATCH v8 28/28] AppArmor: Remove the exclusive flag   Casey Schaufler
• [PATCH v8 01/28] LSM: Infrastructure management of the superblock   Casey Schaufler
• [PATCH] tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts   Stefan Berger
• [PATCH 00/11] Keyrings, Block and USB notifications [ver #7]   David Howells
  • [PATCH 01/11] uapi: General notification ring definitions [ver #7]   David Howells
  • [PATCH 02/11] security: Add hooks to rule on setting a watch [ver #7]   David Howells
  • [PATCH 03/11] security: Add a hook for the point of notification insertion [ver #7]   David Howells
  • [PATCH 04/11] General notification queue with user mmap()'able ring buffer [ver #7]   David Howells
  • [PATCH 05/11] keys: Add a notification facility [ver #7]   David Howells
  • [PATCH 06/11] Add a general, global device notification watch list [ver #7]   David Howells
  • [PATCH 07/11] block: Add block layer notifications [ver #7]   David Howells
  • [PATCH 08/11] usb: Add USB subsystem notifications [ver #7]   David Howells
  • [PATCH 09/11] Add sample notification program [ver #7]   David Howells
  • [PATCH 10/11] selinux: Implement the watch_key security hook [ver #7]   David Howells
    • [PATCH 10/11] selinux: Implement the watch_key security hook [ver #7]   Stephen Smalley
      • [PATCH 10/11] selinux: Implement the watch_key security hook [ver #7]   David Howells
      • [PATCH 10/11] selinux: Implement the watch_key security hook [ver #7]   David Howells
      • [PATCH 10/11] selinux: Implement the watch_key security hook [ver #7]   Stephen Smalley
  • [PATCH 11/11] smack: Implement the watch_key and post_notification hooks [untested] [ver #7]   David Howells
  • watch_queue(7) manpage   David Howells
  • watch_devices(2) manpage   David Howells
  • keyctl_watch_key.3 manpage   David Howells
  • [PATCH 00/11] Keyrings, Block and USB notifications [ver #7]   Casey Schaufler
• [PATCH] keys: ensure that ->match_free() is called in request_key_and_link()   David Howells
• [PATCH 1/2] staging: comedi: Restrict COMEDI_DEVCONFIG when the kernel is locked down   Ian Abbott
• general protection fault in smack_socket_sendmsg   syzbot

Last message date: Fri Aug 30 22:09:17 UTC 2019
Archived on: Fri Aug 30 22:19:30 UTC 2019

• Messages sorted by: [ subject ] [ author ] [ date ]
• More info on this list...