July 2019 Archives by thread
Starting: Mon Jul 1 02:59:33 UTC 2019
Ending: Wed Jul 31 22:16:17 UTC 2019
Messages: 615
- [PATCH 2/6] Adjust watch_queue documentation to mention mount and superblock watches. [ver #5]
Randy Dunlap
- [RFC PATCH v5 0/1] Add dm verity root hash pkcs7 sig validation.
Milan Broz
- [PATCH v4 2/3] initramfs: read metadata from special file METADATA!!!
Mimi Zohar
- [PATCH] Revert "tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()"
Michal Suchanek
- [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk
Mimi Zohar
- [PATCH v4 0/3] initramfs: add support for xattrs in the initial ram disk
Roberto Sassu
- [PATCH v12 00/11] Appended signatures support for IMA appraisal
Mimi Zohar
- [PATCH v12 01/11] MODSIGN: Export module signature definitions
Jessica Yu
- [RFC PATCH v2 1/3] x86/sgx: Add SGX specific LSM hooks
Xing, Cedric
- [RFC PATCH v4 10/12] security/selinux: Add enclave_load() implementation
Xing, Cedric
- [RFC PATCH v2 1/3] x86/sgx: Add SGX specific LSM hooks
Xing, Cedric
- [RFC PATCH v4 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
Andy Lutomirski
- [RFC PATCH v2 1/3] x86/sgx: Add SGX specific LSM hooks
Xing, Cedric
- [RFC PATCH v4 10/12] security/selinux: Add enclave_load() implementation
Xing, Cedric
- [RFC PATCH v6 0/1] Add dm verity root hash pkcs7 sig validation.
Jaskaran Khurana
- [RFC PATCH v6 1/1] Add dm verity root hash pkcs7 sig validation.
Jaskaran Khurana
- Fwd: [PATCH v4 15/23] LSM: Specify which LSM to display
James Morris
- Reminder: 1 open syzbot bug in "security/smack" subsystem
Eric Biggers
- Reminder: 2 open syzbot bugs in "security/tomoyo" subsystem
Eric Biggers
- [GIT PULL] SELinux patches for v5.3
Paul Moore
- [PATCH] apparmor: Replace two seq_printf() calls by seq_puts() in aa_label_seq_xprint()
Markus Elfring
- [PATCH] ima: Replace two seq_printf() calls by seq_puts() in ima_show_template_data_ascii()
Markus Elfring
- [PATCH] ima: Replace two seq_printf() calls by seq_puts() in ima_show_template_data_ascii()
Markus Elfring
- [PATCH] ima: Replace two seq_printf() calls by seq_puts() in ima_show_template_data_ascii()
Markus Elfring
- [PATCH] ima: Replace two seq_printf() calls by seq_puts() in ima_show_template_data_ascii()
Markus Elfring
- [PATCH v10 1/2] mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options
Andrew Morton
- [RFC PATCH 0/1] security: add SECURE_KEEP_FSUID to preserve fsuid/fsgid across execve
Lubashev, Igor
- [PATCH -next] integrity: Remove set but not used variable 'acl'
YueHaibing
- [PATCH 8/9] usb: Add USB subsystem notifications [ver #5]
Greg Kroah-Hartman
- [PATCH 1/9] uapi: General notification ring definitions [ver #5]
Greg Kroah-Hartman
- [PATCH 4/9] General notification queue with user mmap()'able ring buffer [ver #5]
Greg Kroah-Hartman
- [PATCH 6/9] Add a general, global device notification watch list [ver #5]
Greg Kroah-Hartman
- [PATCH 6/9] Add a general, global device notification watch list [ver #5]
Greg Kroah-Hartman
- [PATCH v5 00/23] LSM: Module stacking for AppArmor
Casey Schaufler
- [PATCH v5 01/23] LSM: Infrastructure management of the superblock
Casey Schaufler
- [PATCH v5 03/23] LSM: Infrastructure management of the key blob
Casey Schaufler
- [PATCH v5 04/23] LSM: Create and manage the lsmblob data structure.
Casey Schaufler
- [RFC PATCH v2 0/3] security/x86/sgx: SGX specific LSM hooks
Jarkko Sakkinen
- [PATCH v2] Revert "tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()"
Jarkko Sakkinen
- [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.
Tetsuo Handa
- [PATCH] smack: fix some kernel-doc notations
luanshi
- [RFC/RFT] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [RFC PATCH v4 00/12] security: x86/sgx: SGX vs. LSM
Jarkko Sakkinen
- [PATCH] KEYS: trusted: allow module init if TPM is inactive or deactivated
Roberto Sassu
- [GIT PULL] Keys: Set 1 - Miscellany for 5.3
David Howells
- [GIT PULL] Keys: Set 2 - request_key() improvements for 5.3
David Howells
- [GIT PULL] Keys: Set 3 - Keyrings namespacing for 5.3
David Howells
- [GIT PULL] Keys: Set 4 - Key ACLs for 5.3
David Howells
- Quotes needed For July Shipments
Sales -Jpexcc.
- [PATCH v5 00/12] S.A.R.A. a new stacked LSM
Salvatore Mesoraca
- [PATCH] security/commoncap: Use xattr security prefix len
Carmeli Tamir
- [RFC PATCH v4 07/12] LSM: x86/sgx: Introduce ->enclave_map() hook for Intel SGX
Sean Christopherson
- [RFC PATCH v4 05/12] x86/sgx: Enforce noexec filesystem restriction for enclaves
Sean Christopherson
- [RFC PATCH v3 0/4] security/x86/sgx: SGX specific LSM hooks
Cedric Xing
- [RFC PATCH v3 1/4] x86/sgx: Add SGX specific LSM hooks
Cedric Xing
- [RFC PATCH v3 2/4] x86/64: Call LSM hooks from SGX subsystem/module
Cedric Xing
- [RFC PATCH v3 3/4] X86/sgx: Introduce EMA as a new LSM module
Cedric Xing
- [RFC PATCH v3 4/4] x86/sgx: Implement SGX specific hooks in SELinux
Cedric Xing
- [PATCH 02/10] vfs: syscall: Add move_mount(2) to move mounts around
Tetsuo Handa
- [RFC 0/7] Introduce TEE based Trusted Keys support
Sumit Garg
- [GIT PULL] integrity subsystem updates for v5.3
Mimi Zohar
- [RFC PATCH v4 12/12] LSM: x86/sgx: Show line of sight to LSM support SGX2's EAUG
Sean Christopherson
- [RFC PATCH v4 01/12] x86/sgx: Use mmu_notifier.release() instead of per-vma refcounting
Sean Christopherson
- [RFC 3/7] tee: add private login method for kernel clients
Jens Wiklander
- [RFC PATCH v4 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
Sean Christopherson
- [PATCH 2/9] security: Add hooks to rule on setting a watch [ver #5]
Stephen Smalley
- [PATCH 3/9] security: Add a hook for the point of notification insertion [ver #5]
Stephen Smalley
- [GIT PULL] tpmdd updates for Linux v5.3
pr-tracker-bot at kernel.org
- keyrings pull requests for the next merge window
Linus Torvalds
- [GIT PULL] LSM: capabilities updates for v5.3
James Morris
- RFC: BUG: overlayfs getxattr recursion leaves a poison sid.
Casey Schaufler
- [PATCH v1 01/22] docs: Documentation/*.txt: rename all ReST files to *.rst
Rob Herring
- Reminder: 2 open syzbot bugs in "security/integrity" subsystem
Eric Biggers
- [PATCH 2/2] KEYS: Provide KEYCTL_GRANT_PERMISSION
Eric Biggers
- [PATCH 1/2] KEYS: Replace uid/gid/perm permissions checking with an ACL
Eric Biggers
- Greetings!
fuqingzheng at asia.com
- [RFC PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Aaron Goidel
- [RFC PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Amir Goldstein
- [RFC PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Casey Schaufler
- [RFC PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Randy Dunlap
- [RFC PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Casey Schaufler
- [RFC PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Joe Perches
- [RFC PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Joe Perches
- [RFC PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Randy Dunlap
- [RFC PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Stephen Smalley
- [RFC PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
James Morris
- [PATCH V34 10/29] hibernate: Disable when the kernel is locked down
Joey Lee
- [RFC PATCH v3 4/4] x86/sgx: Implement SGX specific hooks in SELinux
Xing, Cedric
- [PATCH V34 10/29] hibernate: Disable when the kernel is locked down
joeyli
- possible deadlock in process_measurement
Mimi Zohar
- possible deadlock in process_measurement
Mimi Zohar
- Some LSM and SGX remarks before parting of for two weeks
Jarkko Sakkinen
- [PATCH 11/12] Documentation/x86: repointer docs to Documentation/arch/
Alex Shi
- [PATCH] LSM: Update MAINTAINERS file for SafeSetID LSM.
Micah Morton
- Preferred subj= with multiple LSMs
Casey Schaufler
- [RFC PATCH v6 0/1] Add dm verity root hash pkcs7 sig validation.
Jaskaran Singh Khurana
- [RFC PATCH] security, capability: pass object information to security_capable
Nicholas Franck
- [RFC PATCH] security,capability: pass object information to security_capable
James Morris
- [RFC PATCH] security,capability: pass object information to security_capable
Casey Schaufler
- [RFC PATCH] security, capability: pass object information to security_capable
Stephen Smalley
- [RFC PATCH] security, capability: pass object information to security_capable
Casey Schaufler
- [RFC PATCH] security, capability: pass object information to security_capable
Stephen Smalley
- [RFC PATCH] security, capability: pass object information to security_capable
Casey Schaufler
- [RFC PATCH] security, capability: pass object information to security_capable
James Morris
- [RFC PATCH] security, capability: pass object information to security_capable
Casey Schaufler
- [RFC PATCH] security, capability: pass object information to security_capable
James Morris
- [RFC PATCH] security, capability: pass object information to security_capable
Serge E. Hallyn
- [RFC PATCH] security, capability: pass object information to security_capable
Andy Lutomirski
- [RFC PATCH] security, capability: pass object information to security_capable
Casey Schaufler
- [RFC PATCH] security, capability: pass object information to security_capable
Stephen Smalley
- [RFC PATCH] security, capability: pass object information to security_capable
Casey Schaufler
- [RFC PATCH] security, capability: pass object information to security_capable
Paul Moore
- [RFC PATCH] security,capability: pass object information to security_capable
Serge E. Hallyn
- [PATCH 1/6] security: Add hooks to rule on setting a superblock or mount watch [ver #5]
James Morris
- [PATCH v21 17/28] x86/sgx: Add provisioning
Jarkko Sakkinen
- Loan offer !!
Smith Jerry
- Kindly Respond
Donald Douglas
- [PATCH AUTOSEL 5.2 116/249] integrity: Fix __integrity_init_keyring() section mismatch
Sasha Levin
- [PATCH AUTOSEL 5.1 102/219] integrity: Fix __integrity_init_keyring() section mismatch
Sasha Levin
- [GIT PULL] SafeSetID LSM changes for 5.3
Micah Morton
- [PATCH V35 00/29] Kernel lockdown functionality
Matthew Garrett
- [RFC PATCH v3 04/12] x86/sgx: Require userspace to define enclave pages' protection bits
Andy Lutomirski
- Preferred subj= with multiple LSMs
Casey Schaufler
- Preferred subj= with multiple LSMs
Casey Schaufler
- [RFC] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Matthew Garrett
- KASAN: use-after-free Write in check_noncircular
syzbot
- [RFC PATCH v7 0/1] Add dm verity root hash pkcs7 sig validation.
Jaskaran Khurana
- [RFC/RFT v2 0/2] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [RFC PATCH v2] fanotify, inotify, dnotify, security: add security hook for fs notifications
Aaron Goidel
- [PATCH V36 00/29] security: Add kernel lockdown functionality
Matthew Garrett
- [PATCH bpf-next v10 00/10] Landlock LSM: Toward unprivileged sandboxing
Mickaël Salaün
- [PATCH bpf-next v10 01/10] fs, security: Add a new file access type: MAY_CHROOT
Mickaël Salaün
- [PATCH bpf-next v10 07/10] landlock: Add ptrace restrictions
Mickaël Salaün
- [PATCH bpf-next v10 08/10] bpf: Add a Landlock sandbox example
Mickaël Salaün
- [PATCH bpf-next v10 10/10] landlock: Add user and kernel documentation for Landlock
Mickaël Salaün
- [PATCH] [RESEND v2] structleak: disable STRUCTLEAK_BYREF in combination with KASAN_STACK
Arnd Bergmann
- [PATCH] selinux: check sidtab limit before adding a new entry
Kees Cook
- [PATCH] security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb()
Jia-Ju Bai
- [RFC PATCH v3] fanotify, inotify, dnotify, security: add security hook for fs notifications
Aaron Goidel
- Reminder: 2 open syzbot bugs in "security/tomoyo" subsystem
Eric Biggers
- Reminder: 1 open syzbot bug in "security/smack" subsystem
Eric Biggers
- Reminder: 1 open syzbot bug in "security/integrity" subsystem
Eric Biggers
- KASAN: use-after-free Read in keyring_compare_object
syzbot
- [PATCH] test_meminit: use GFP_ATOMIC in RCU critical section
Alexander Potapenko
- [PATCH 0/5] security: integrity: Makefile cleanups
Masahiro Yamada
- [PATCH 1/5] integrity: remove unneeded, broken attempt to add -fshort-wchar
Masahiro Yamada
- [PATCH 2/5] integrity: remove pointless subdir-$(CONFIG_...)
Masahiro Yamada
- [PATCH 4/5] IMA: use obj-y for non-modular objects
Masahiro Yamada
- [PATCH 5/5] EVM: use obj-y for non-modular objects
Masahiro Yamada
- [PATCH] AppArmor: Remove semicolon
Vasyl Gomonovych
- [GIT PULL] SELinux fixes for v5.3 (#1)
Paul Moore
- [PATCH v5 00/27] LSM: Module stacking for AppArmor
Casey Schaufler
- [RFC v2 0/6] Introduce TEE based Trusted Keys support
Sumit Garg
- [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf
Andy Lutomirski
- [PATCH v12 0/5] overlayfs override_creds=off
Casey Schaufler
- [PATCH] fanotify, inotify, dnotify, security: add security hook for fs notifications
Aaron Goidel
- [PATCH] tomoyo: common: Fix potential Spectre v1 vulnerability
Gustavo A. R. Silva
- [GIT PULL] SafeSetID MAINTAINERS file update for v5.3
Micah Morton
- [PATCH V37 00/29] security: Add support for locking down the kernel
Matthew Garrett
- [PATCH V37 01/29] security: Support early LSMs
Matthew Garrett
- [PATCH V37 02/29] security: Add a "locked down" LSM hook
Matthew Garrett
- [PATCH V37 03/29] security: Add a static lockdown policy LSM
Matthew Garrett
- [PATCH V37 04/29] Enforce module signatures if the kernel is locked down
Matthew Garrett
- [PATCH V37 05/29] Restrict /dev/{mem,kmem,port} when the kernel is locked down
Matthew Garrett
- [PATCH V37 06/29] kexec_load: Disable at runtime if the kernel is locked down
Matthew Garrett
- [PATCH V37 07/29] Copy secure_boot flag in boot params across kexec reboot
Matthew Garrett
- [PATCH V37 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
Matthew Garrett
- [PATCH V37 09/29] kexec_file: Restrict at runtime if the kernel is locked down
Matthew Garrett
- [PATCH V37 10/29] hibernate: Disable when the kernel is locked down
Matthew Garrett
- [PATCH V37 11/29] PCI: Lock down BAR access when the kernel is locked down
Matthew Garrett
- [PATCH V37 12/29] x86: Lock down IO port access when the kernel is locked down
Matthew Garrett
- [PATCH V37 13/29] x86/msr: Restrict MSR access when the kernel is locked down
Matthew Garrett
- [PATCH V37 14/29] ACPI: Limit access to custom_method when the kernel is locked down
Matthew Garrett
- [PATCH V37 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Matthew Garrett
- [PATCH V37 16/29] acpi: Disable ACPI table override if the kernel is locked down
Matthew Garrett
- [PATCH V37 17/29] Prohibit PCMCIA CIS storage when the kernel is locked down
Matthew Garrett
- [PATCH V37 18/29] Lock down TIOCSSERIAL
Matthew Garrett
- [PATCH V37 19/29] Lock down module params that specify hardware parameters (eg. ioport)
Matthew Garrett
- [PATCH V37 20/29] x86/mmiotrace: Lock down the testmmiotrace module
Matthew Garrett
- [PATCH V37 21/29] Lock down /proc/kcore
Matthew Garrett
- [PATCH V37 22/29] Lock down tracing and perf kprobes when in confidentiality mode
Matthew Garrett
- [PATCH V37 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode
Matthew Garrett
- [PATCH V37 24/29] Lock down perf when in confidentiality mode
Matthew Garrett
- [PATCH V37 25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down
Matthew Garrett
- [PATCH V37 26/29] debugfs: Restrict debugfs when the kernel is locked down
Matthew Garrett
- [PATCH V37 27/29] tracefs: Restrict tracefs when the kernel is locked down
Matthew Garrett
- [PATCH V37 28/29] efi: Restrict efivar_ssdt_load when the kernel is locked down
Matthew Garrett
- [PATCH V37 29/29] lockdown: Print current->comm in restriction messages
Matthew Garrett
Last message date:
Wed Jul 31 22:16:17 UTC 2019
Archived on: Wed Jul 31 22:19:45 UTC 2019
This archive was generated by
Pipermail 0.09 (Mailman edition).