March 2019 Archives by author
Starting: Fri Mar 1 00:05:20 UTC 2019
Ending: Sat Mar 30 17:30:11 UTC 2019
Messages: 428
- [PATCH] tpm: turn on TPM on suspend for TPM 1.x
Domenico Andreoli
- [PATCH 2/2] efi: print appropriate status message when loading certificates
Ard Biesheuvel
- [PATCH 1/2] efi: add a function for transferring status to string
Ard Biesheuvel
- [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT
Eric Biggers
- crypto: Kernel memory overwrite attempt detected to spans multiple pages
Eric Biggers
- crypto: Kernel memory overwrite attempt detected to spans multiple pages
Eric Biggers
- crypto: Kernel memory overwrite attempt detected to spans multiple pages
Eric Biggers
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
Daniel Borkmann
- [PATCH ghak109 V1] audit: link integrity evm_write_xattrs record to syscall event
Richard Guy Briggs
- [PATCH ghak109 V1] audit: link integrity evm_write_xattrs record to syscall event
Richard Guy Briggs
- [PATCH ghak109 V1] audit: link integrity evm_write_xattrs record to syscall event
Richard Guy Briggs
- [PATCH ghak109 V1] audit: link integrity evm_write_xattrs record to syscall event
Richard Guy Briggs
- [PATCH ghak109 V2] audit: link integrity evm_write_xattrs record to syscall event
Richard Guy Briggs
- [PATCH v19 17/27] x86/sgx: Add provisioning
Sean Christopherson
- [PATCH v19 17/27] x86/sgx: Add provisioning
Sean Christopherson
- [PATCH 1/1] RFC: initmem: introduce CONFIG_INIT_ALL_MEMORY and CONFIG_INIT_ALL_STACK
Kees Cook
- mount.nfs: Protocol error after upgrade to linux/master
Kees Cook
- mount.nfs: Protocol error after upgrade to linux/master
Kees Cook
- what happened to SECURITY_DAC?
Kees Cook
- mount.nfs: Protocol error after upgrade to linux/master
Kees Cook
- crypto: Kernel memory overwrite attempt detected to spans multiple pages
Kees Cook
- [PATCH v2 1/2] initmem: introduce CONFIG_INIT_ALL_MEMORY and CONFIG_INIT_ALL_STACK
Kees Cook
- mount.nfs: Protocol error after upgrade to linux/master
Kees Cook
- Linux 5.1-rc2
Kees Cook
- Linux 5.1-rc2
Kees Cook
- Linux 5.1-rc2
Kees Cook
- [PATCH] LSM: Revive CONFIG_DEFAULT_SECURITY_* for "make oldconfig"
Kees Cook
- LoadPin old-api-denied
Kees Cook
- [PATCH v2 00/11] LSM documentation update
Jonathan Corbet
- [PATCH 09/27] hibernate: Disable when the kernel is locked down
Alan Cox
- [PATCH 09/27] hibernate: Disable when the kernel is locked down
Alan Cox
- Attention Dear,
Barr.Augusto Daniel.
- [PATCH 1/1] RFC: initmem: introduce CONFIG_INIT_ALL_MEMORY and CONFIG_INIT_ALL_STACK
Nick Desaulniers
- [PATCH] keys: fix missing __user in KEYCTL_PKEY_QUERY
Ben Dooks
- [PATCH 02/27] Add a SysRq option to lift kernel lockdown
Randy Dunlap
- Linux 5.1-rc2
Randy Dunlap
- Linux 5.1-rc2
Randy Dunlap
- [PATCH v2 00/11] LSM documentation update
Denis Efremov
- [PATCH] security: keys: Kconfig: pedantic cleanup
Enrico Weigelt, metux IT consult
- [PATCH] secuirty: integrity: ima: pedantic formatting
Enrico Weigelt, metux IT consult
- [PULL REQUEST] Lock down patches
Matthew Garrett
- [PULL REQUEST] Lock down patches
Matthew Garrett
- [PULL REQUEST] Lock down patches
Matthew Garrett
- [PULL REQUEST] Kernel lockdown patches for 5.2
Matthew Garrett
- [PATCH 01/27] Add the ability to lock down access to the running kernel image
Matthew Garrett
- [PATCH 02/27] Add a SysRq option to lift kernel lockdown
Matthew Garrett
- [PATCH 03/27] Enforce module signatures if the kernel is locked down
Matthew Garrett
- [PATCH 04/27] Restrict /dev/{mem, kmem, port} when the kernel is locked down
Matthew Garrett
- [PATCH 05/27] kexec_load: Disable at runtime if the kernel is locked down
Matthew Garrett
- [PATCH 06/27] Copy secure_boot flag in boot params across kexec reboot
Matthew Garrett
- [PATCH 07/27] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
Matthew Garrett
- [PATCH 08/27] kexec_file: Restrict at runtime if the kernel is locked down
Matthew Garrett
- [PATCH 09/27] hibernate: Disable when the kernel is locked down
Matthew Garrett
- [PATCH 10/27] uswsusp: Disable when the kernel is locked down
Matthew Garrett
- [PATCH 11/27] PCI: Lock down BAR access when the kernel is locked down
Matthew Garrett
- [PATCH 12/27] x86: Lock down IO port access when the kernel is locked down
Matthew Garrett
- [PATCH 13/27] x86/msr: Restrict MSR access when the kernel is locked down
Matthew Garrett
- [PATCH 14/27] ACPI: Limit access to custom_method when the kernel is locked down
Matthew Garrett
- [PATCH 15/27] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Matthew Garrett
- [PATCH 16/27] acpi: Disable ACPI table override if the kernel is locked down
Matthew Garrett
- [PATCH 17/27] acpi: Disable APEI error injection if the kernel is locked down
Matthew Garrett
- [PATCH 18/27] Prohibit PCMCIA CIS storage when the kernel is locked down
Matthew Garrett
- [PATCH 19/27] Lock down TIOCSSERIAL
Matthew Garrett
- [PATCH 20/27] Lock down module params that specify hardware parameters (eg. ioport)
Matthew Garrett
- [PATCH 21/27] x86/mmiotrace: Lock down the testmmiotrace module
Matthew Garrett
- [PATCH 22/27] Lock down /proc/kcore
Matthew Garrett
- [PATCH 23/27] Lock down kprobes
Matthew Garrett
- [PATCH 24/27] bpf: Restrict kernel image access functions when the kernel is locked down
Matthew Garrett
- [PATCH 25/27] Lock down perf
Matthew Garrett
- [PATCH 26/27] debugfs: Restrict debugfs when the kernel is locked down
Matthew Garrett
- [PATCH 27/27] lockdown: Print current->comm in restriction messages
Matthew Garrett
- [PATCH 02/27] Add a SysRq option to lift kernel lockdown
Matthew Garrett
- [PULL REQUEST] Kernel lockdown patches for 5.2
Matthew Garrett
- [PATCH 09/27] hibernate: Disable when the kernel is locked down
Matthew Garrett
- [PATCH v2] x86/ima: require signed kernel modules
Matthew Garrett
- [PATCH 3/3] x86/ima: retry detecting secure boot mode
Matthew Garrett
- [PATCH v2] x86/ima: require signed kernel modules
Matthew Garrett
- [PATCH 3/3] x86/ima: retry detecting secure boot mode
Matthew Garrett
- [PATCH v2] x86/ima: require signed kernel modules
Matthew Garrett
- [PATCH 3/3] x86/ima: retry detecting secure boot mode
Matthew Garrett
- [PATCH 3/3] x86/ima: retry detecting secure boot mode
Matthew Garrett
- [PATCH 3/3] x86/ima: retry detecting secure boot mode
Matthew Garrett
- [PATCH 03/27] Enforce module signatures if the kernel is locked down
Matthew Garrett
- [PATCH 3/3] x86/ima: retry detecting secure boot mode
Matthew Garrett
- [PULL REQUEST] Kernel lockdown patches for 5.2
Matthew Garrett
- Add support for TCG2 log format on UEFI systems
Matthew Garrett
- [PULL REQUEST] Lockdown patches for 5.2
Matthew Garrett
- [PATCH 01/27] Add the ability to lock down access to the running kernel image
Matthew Garrett
- [PATCH 02/27] Enforce module signatures if the kernel is locked down
Matthew Garrett
- [PATCH 03/27] Restrict /dev/{mem, kmem, port} when the kernel is locked down
Matthew Garrett
- [PATCH 04/27] kexec_load: Disable at runtime if the kernel is locked down
Matthew Garrett
- [PATCH 05/27] Copy secure_boot flag in boot params across kexec reboot
Matthew Garrett
- [PATCH 06/27] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
Matthew Garrett
- [PATCH 07/27] kexec_file: Restrict at runtime if the kernel is locked down
Matthew Garrett
- [PATCH 08/27] hibernate: Disable when the kernel is locked down
Matthew Garrett
- [PATCH 09/27] uswsusp: Disable when the kernel is locked down
Matthew Garrett
- [PATCH 10/27] PCI: Lock down BAR access when the kernel is locked down
Matthew Garrett
- [PATCH 11/27] x86: Lock down IO port access when the kernel is locked down
Matthew Garrett
- [PATCH 12/27] x86/msr: Restrict MSR access when the kernel is locked down
Matthew Garrett
- [PATCH 13/27] ACPI: Limit access to custom_method when the kernel is locked down
Matthew Garrett
- [PATCH 14/27] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Matthew Garrett
- [PATCH 15/27] acpi: Disable ACPI table override if the kernel is locked down
Matthew Garrett
- [PATCH 16/27] acpi: Disable APEI error injection if the kernel is locked down
Matthew Garrett
- [PATCH 17/27] Prohibit PCMCIA CIS storage when the kernel is locked down
Matthew Garrett
- [PATCH 18/27] Lock down TIOCSSERIAL
Matthew Garrett
- [PATCH 19/27] Lock down module params that specify hardware parameters (eg. ioport)
Matthew Garrett
- [PATCH 20/27] x86/mmiotrace: Lock down the testmmiotrace module
Matthew Garrett
- [PATCH 21/27] Lock down /proc/kcore
Matthew Garrett
- [PATCH 22/27] Lock down kprobes
Matthew Garrett
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
Matthew Garrett
- [PATCH 24/27] Lock down perf
Matthew Garrett
- [PATCH 25/27] debugfs: Restrict debugfs when the kernel is locked down
Matthew Garrett
- [PATCH 26/27] lockdown: Print current->comm in restriction messages
Matthew Garrett
- [PATCH 27/27] kexec: Allow kexec_file() with appropriate IMA policy when locked down
Matthew Garrett
- [PATCH 25/27] debugfs: Restrict debugfs when the kernel is locked down
Matthew Garrett
- [PATCH 01/27] Add the ability to lock down access to the running kernel image
Matthew Garrett
- [PATCH 22/27] Lock down kprobes
Matthew Garrett
- [PATCH ghak109 V1] audit: link integrity evm_write_xattrs record to syscall event
Matthew Garrett
- [PATCH V31 00/25] Add support for kernel lockdown
Matthew Garrett
- [PATCH V31 01/25] Add the ability to lock down access to the running kernel image
Matthew Garrett
- [PATCH V31 02/25] Enforce module signatures if the kernel is locked down
Matthew Garrett
- [PATCH V31 03/25] Restrict /dev/{mem,kmem,port} when the kernel is locked down
Matthew Garrett
- [PATCH V31 04/25] kexec_load: Disable at runtime if the kernel is locked down
Matthew Garrett
- [PATCH V31 05/25] Copy secure_boot flag in boot params across kexec reboot
Matthew Garrett
- [PATCH V31 06/25] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
Matthew Garrett
- [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down
Matthew Garrett
- [PATCH V31 08/25] hibernate: Disable when the kernel is locked down
Matthew Garrett
- [PATCH V31 09/25] uswsusp: Disable when the kernel is locked down
Matthew Garrett
- [PATCH V31 10/25] PCI: Lock down BAR access when the kernel is locked down
Matthew Garrett
- [PATCH V31 11/25] x86: Lock down IO port access when the kernel is locked down
Matthew Garrett
- [PATCH V31 12/25] x86/msr: Restrict MSR access when the kernel is locked down
Matthew Garrett
- [PATCH V31 13/25] ACPI: Limit access to custom_method when the kernel is locked down
Matthew Garrett
- [PATCH V31 14/25] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
Matthew Garrett
- [PATCH V31 15/25] acpi: Disable ACPI table override if the kernel is locked down
Matthew Garrett
- [PATCH V31 16/25] Prohibit PCMCIA CIS storage when the kernel is locked down
Matthew Garrett
- [PATCH V31 17/25] Lock down TIOCSSERIAL
Matthew Garrett
- [PATCH V31 18/25] Lock down module params that specify hardware parameters (eg. ioport)
Matthew Garrett
- [PATCH V31 19/25] x86/mmiotrace: Lock down the testmmiotrace module
Matthew Garrett
- [PATCH V31 20/25] Lock down /proc/kcore
Matthew Garrett
- [PATCH V31 21/25] Lock down kprobes when in confidentiality mode
Matthew Garrett
- [PATCH V31 22/25] bpf: Restrict bpf when kernel lockdown is in confidentiality mode
Matthew Garrett
- [PATCH V31 23/25] Lock down perf when in confidentiality mode
Matthew Garrett
- [PATCH V31 24/25] lockdown: Print current->comm in restriction messages
Matthew Garrett
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Matthew Garrett
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Matthew Garrett
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
Matthew Garrett
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Matthew Garrett
- [PATCH V31 19/25] x86/mmiotrace: Lock down the testmmiotrace module
Matthew Garrett
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Matthew Garrett
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
Matthew Garrett
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
Matthew Garrett
- [PATCH 12/27] x86/msr: Restrict MSR access when the kernel is locked down
Thomas Gleixner
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
Jordan Glover
- Should mprotect(..., PROT_EXEC) be checked by IMA?
Jordan Glover
- [PATCH 1/1] Smack :- In this patch, global rule list has been removed. Now all smack rules will be read using "smack_known_list". This list contains all the smack labels and internally each smack label structure maintains the list of smack rules corresponding to that smack label. So there is no need to maintain extra list.
Vishal Goel
- [PATCH 1/1] smack: removal of global rule list
Vishal Goel
- [PATCH 1/1] Smack: Create smack_rule cache to optimize memory usage
Vishal Goel
- overlayfs access checks on underlying layers
Amir Goldstein
- [PATCH ghak109 V1] audit: link integrity evm_write_xattrs record to syscall event
Steve Grubb
- [PATCH] keys: fix missing __user in KEYCTL_PKEY_QUERY
Serge E. Hallyn
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
Tetsuo Handa
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
Tetsuo Handa
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
Tetsuo Handa
- kernel panic: MAC Initialization failed. (3)
Tetsuo Handa
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
Tetsuo Handa
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
Tetsuo Handa
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
Tetsuo Handa
- [PATCH] security: inode: fix a missing check for securityfs_create_file
Tetsuo Handa
- mount.nfs: Protocol error after upgrade to linux/master
Tetsuo Handa
- mount.nfs: Protocol error after upgrade to linux/master
Tetsuo Handa
- mount.nfs: Protocol error after upgrade to linux/master
Tetsuo Handa
- mount.nfs: Protocol error after upgrade to linux/master
Tetsuo Handa
- Linux 5.1-rc2
Tetsuo Handa
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
Tetsuo Handa
- Linux 5.1-rc2
Tetsuo Handa
- Linux 5.1-rc2
Tetsuo Handa
- Linux 5.1-rc2
Tetsuo Handa
- [PATCH] LSM: Revive CONFIG_DEFAULT_SECURITY_* for "make oldconfig"
Tetsuo Handa
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
Stephen Hemminger
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
Stephen Hemminger
- [PATCH] device_cgroup: fix RCU imbalance in error case
Tejun Heo
- Hi
Sgt Clara B Herbert
- [PATCH 22/27] Lock down kprobes
Masami Hiramatsu
- [PATCH 22/27] Lock down kprobes
Masami Hiramatsu
- [PATCH] device_cgroup: fix RCU imbalance in error case
Michal Hocko
- [PATCH] device_cgroup: fix RCU imbalance in error case
Jann Horn
- [PATCH] Yama: mark local symbols as static
Jann Horn
- [PATCH] security: don't use RCU accessors for cred->session_keyring
Jann Horn
- [PATCH] keys: safe concurrent user->{session,uid}_keyring access
Jann Horn
- [PATCH] vfs: Move kernel_read_file() to fs/read_write.c
David Howells
- [PATCH] vfs: Move kernel_read_file() to fs/read_write.c
David Howells
- [PATCH] keys: fix missing __user in KEYCTL_PKEY_QUERY
David Howells
- [PATCH] vfs: Move kernel_read_file() to fs/read_write.c
David Howells
- [RFC PATCH 0/2] Create CAAM HW key in linux keyring and use in dmcrypt
David Howells
- [PATCH 02/27] Add a SysRq option to lift kernel lockdown
David Howells
- [PATCH 34/38] vfs: Convert apparmorfs to fs_context
David Howells
- [PATCH 35/38] vfs: Convert securityfs to fs_context
David Howells
- [PATCH 36/38] vfs: Convert selinuxfs to fs_context
David Howells
- [PATCH 37/38] vfs: Convert smackfs to fs_context
David Howells
- [PATCH 11/43] convert do_remount_sb() to fs_context
David Howells
- [RFC PATCH 37/68] vfs: Convert apparmorfs to use the new mount API
David Howells
- [RFC PATCH 38/68] vfs: Convert securityfs to use the new mount API
David Howells
- [RFC PATCH 39/68] vfs: Convert selinuxfs to use the new mount API
David Howells
- [RFC PATCH 40/68] vfs: Convert smackfs to use the new mount API
David Howells
- [PATCH v19 17/27] x86/sgx: Add provisioning
Huang, Kai
- [PATCH v19 17/27] x86/sgx: Add provisioning
Huang, Kai
- [GIT PULL] apparmor updates for v5.1
John Johansen
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Greg KH
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Greg KH
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Greg KH
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Greg KH
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Greg KH
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Greg KH
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Greg KH
- [PATCH 25/27] debugfs: Restrict debugfs when the kernel is locked down
Greg Kroah-Hartman
- [PATCH 25/27] debugfs: Restrict debugfs when the kernel is locked down
Greg Kroah-Hartman
- [RFC PATCH 0/2] Create CAAM HW key in linux keyring and use in dmcrypt
Franck LENORMAND
- [RFC PATCH 1/2] drivers: crypto: caam: key: Add caam_tk key type
Franck LENORMAND
- [RFC PATCH 2/2] dm-crypt: Use any key type which is registered
Franck LENORMAND
- [PATCH 1/2] efi: add a function for transferring status to string
Lee, Chun-Yi
- [PATCH 2/2] efi: print appropriate status message when loading certificates
Lee, Chun-Yi
- [PATCH 1/2] efi: add a function for transferring status to string
Lee, Chun-Yi
- [PATCH 1/2] efi: add a function for transferring status to string
Lee, Chun-Yi
- [PATCH 2/2 v2] efi: print appropriate status message when loading certificates
Lee, Chun-Yi
- [RFC PATCH 0/2] Create CAAM HW key in linux keyring and use in dmcrypt
Franck Lenormand
- [RFC PATCH 0/2] Create CAAM HW key in linux keyring and use in dmcrypt
Franck Lenormand
- [PATCH AUTOSEL 4.20 13/60] keys: Fix dependency loop between construction record and auth key
Sasha Levin
- [PATCH AUTOSEL 4.19 11/48] keys: Fix dependency loop between construction record and auth key
Sasha Levin
- [PATCH AUTOSEL 4.14 07/33] keys: Fix dependency loop between construction record and auth key
Sasha Levin
- [PATCH AUTOSEL 5.0 010/262] apparmor: fix double free when unpack of secmark rules fails
Sasha Levin
- [PATCH] security: inode: fix a missing check for securityfs_create_file
Kangjie Lu
- [PATCH] security: inode: fix a missing check for securityfs_create_file
Kangjie Lu
- [PATCH 1/1] RFC: security: add SECURE_KEEP_FSUID to preserve fsuid/fsgid across execve
Igor Lubashev
- [PATCH 0/1] RFC: security: add SECURE_KEEP_FSUID to preserve fsuid/fsgid across execve
Igor Lubashev
- [PATCH v2 10/20] x86: avoid W^X being broken during modules loading
Andy Lutomirski
- [PATCH v19 17/27] x86/sgx: Add provisioning
Andy Lutomirski
- [PATCH v19 17/27] x86/sgx: Add provisioning
Andy Lutomirski
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
Andy Lutomirski
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Andy Lutomirski
- [PATCH V31 22/25] bpf: Restrict bpf when kernel lockdown is in confidentiality mode
Andy Lutomirski
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
Andy Lutomirski
- [PATCH V31 10/25] PCI: Lock down BAR access when the kernel is locked down
Andy Lutomirski
- [PATCH V31 11/25] x86: Lock down IO port access when the kernel is locked down
Andy Lutomirski
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Andy Lutomirski
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Andy Lutomirski
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
Andy Lutomirski
- [RFC PATCH 0/2] Create CAAM HW key in linux keyring and use in dmcrypt
Jan Lübbe
- [PATCH AUTOSEL 5.0 010/262] apparmor: fix double free when unpack of secmark rules fails
Pavel Machek
- [PATCH v19 17/27] x86/sgx: Add provisioning
Nathaniel McCallum
- [GIT PULL] SELinux patches for v5.1
Paul Moore
- [PATCH v7 0/7] Allow initializing the kernfs node's secctx based on its parent
Paul Moore
- [GIT PULL] SELinux fixes for v5.1 (#1)
Paul Moore
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
Paul Moore
- [PATCH ghak109 V1] audit: link integrity evm_write_xattrs record to syscall event
Paul Moore
- [PATCH ghak109 V1] audit: link integrity evm_write_xattrs record to syscall event
Paul Moore
- [PATCH v7 0/7] Allow initializing the kernfs node's secctx based on its parent
Paul Moore
- [GIT PULL] SELinux fixes for v5.1 (#2)
Paul Moore
- [PATCH v7 0/7] Allow initializing the kernfs node's secctx based on its parent
Paul Moore
- [PATCH] LSM: lsm_hooks.h - fix missing colon in docstring
Paul Moore
- [PATCH ghak109 V2] audit: link integrity evm_write_xattrs record to syscall event
Paul Moore
- [PATCH ghak109 V2] audit: link integrity evm_write_xattrs record to syscall event
Paul Moore
- [PATCH] LSM: Update list of SECURITYFS users in Kconfig
James Morris
- [PATCH] keys: fix missing __user in KEYCTL_PKEY_QUERY
James Morris
- [PATCH v4 1/2] LSM: SafeSetID: gate setgid transitions
James Morris
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
James Morris
- [GIT PULL] security subsystem changes for v5.1
James Morris
- [GIT PULL] security: integrity subsystem updates for v5.1
James Morris
- [GIT PULL] security: tpm subsystem updates for v5.1
James Morris
- [PATCH 03/27] Enforce module signatures if the kernel is locked down
James Morris
- [PATCH 03/27] Enforce module signatures if the kernel is locked down
James Morris
- [PATCH v4 2/2] LSM: SafeSetID: gate setgid transitions
James Morris
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
James Morris
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
James Morris
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
James Morris
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
James Morris
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
James Morris
- [PATCH] security: inode: fix a missing check for securityfs_create_file
James Morris
- Linux 5.1-rc2
James Morris
- [PATCH v2 00/11] LSM documentation update
James Morris
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
James Morris
- Linux security subsystem tree sync to v5.1-rc2
James Morris
- [PATCH v2 00/11] LSM documentation update
James Morris
- [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down
James Morris
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
James Morris
- [PATCH 23/27] bpf: Restrict kernel image access functions when the kernel is locked down
James Morris
- [PATCH v5 1/2] LSM: SafeSetID: gate setgid transitions
James Morris
- Linux 5.1-rc2
James Morris
- [GIT PULL] security: yama fix for v5.1
James Morris
- [GIT PULL] tpmdd fixes for Linux v5.1
James Morris
- [GIT PULL][UPDATED] security: yama and LSM config fixes
James Morris
- [PATCH v4 1/2] LSM: SafeSetID: gate setgid transitions
Micah Morton
- [PATCH v4 1/2] LSM: SafeSetID: gate setgid transitions
Micah Morton
- [PATCH v4 2/2] LSM: SafeSetID: gate setgid transitions
Micah Morton
- [PATCH v7 0/7] Allow initializing the kernfs node's secctx based on its parent
Ondrej Mosnacek
- [PATCH v7 0/7] Allow initializing the kernfs node's secctx based on its parent
Ondrej Mosnacek
- [PATCH v7 0/7] Allow initializing the kernfs node's secctx based on its parent
Ondrej Mosnacek
- [PATCH v7 0/7] Allow initializing the kernfs node's secctx based on its parent
Ondrej Mosnacek
- [PATCH] LSM: lsm_hooks.h - fix missing colon in docstring
Ondrej Mosnacek
- Inquiry March-2019
Daniel Murray
- [PATCH] Yama: mark function as static
Mukesh Ojha
- [PATCH] Yama: mark local symbols as static
Mukesh Ojha
- [PATCH v2 10/20] x86: avoid W^X being broken during modules loading
Borislav Petkov
- [PATCH] x86/cpufeature: Remove __pure attribute to _static_cpu_has()
Borislav Petkov
- [PATCH] x86/cpufeature: Remove __pure attribute to _static_cpu_has()
Borislav Petkov
- [PATCH v2 10/20] x86: avoid W^X being broken during modules loading
Borislav Petkov
- [PATCH v2 10/20] x86: avoid W^X being broken during modules loading
Borislav Petkov
- [PATCH 0/1] RFC: introduce CONFIG_INIT_ALL_MEMORY
Alexander Potapenko
- [PATCH 1/1] RFC: initmem: introduce CONFIG_INIT_ALL_MEMORY and CONFIG_INIT_ALL_STACK
Alexander Potapenko
- [PATCH 1/1] RFC: initmem: introduce CONFIG_INIT_ALL_MEMORY and CONFIG_INIT_ALL_STACK
Alexander Potapenko
- [PATCH 1/1] RFC: initmem: introduce CONFIG_INIT_ALL_MEMORY and CONFIG_INIT_ALL_STACK
Alexander Potapenko
- [PATCH v2 0/2] RFC: introduce CONFIG_INIT_ALL_MEMORY
Alexander Potapenko
- [PATCH v2 1/2] initmem: introduce CONFIG_INIT_ALL_MEMORY and CONFIG_INIT_ALL_STACK
Alexander Potapenko
- [PATCH v2 2/2] initmem: introduce CONFIG_INIT_ALL_HEAP
Alexander Potapenko
- [PATCH 1/1] RFC: initmem: introduce CONFIG_INIT_ALL_MEMORY and CONFIG_INIT_ALL_STACK
Alexander Potapenko
- [PATCH v2 1/2] initmem: introduce CONFIG_INIT_ALL_MEMORY and CONFIG_INIT_ALL_STACK
Alexander Potapenko
- From Mrs. Elia Rodrigues,
Mrs. Elia Rodrigues
- [PATCH 20/27] x86/mmiotrace: Lock down the testmmiotrace module
Steven Rostedt
- [PATCH V31 19/25] x86/mmiotrace: Lock down the testmmiotrace module
Steven Rostedt
- Add support for TCG2 log format on UEFI systems
Jarkko Sakkinen
- Add support for TCG2 log format on UEFI systems
Jarkko Sakkinen
- [PATCH v19 17/27] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v19,RESEND 17/27] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v10, RESEND 5/6] KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()
Jarkko Sakkinen
- [PATCH v19 17/27] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v19 17/27] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH] tpm: turn on TPM on suspend for TPM 1.x
Jarkko Sakkinen
- [PATCH v19 17/27] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v19 17/27] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v19 17/27] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v19 17/27] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH] KEYS: trusted: allow trusted.ko to initialize w/o a TPM
Jarkko Sakkinen
- [PATCH v19 17/27] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH] KEYS: trusted: defer execution of TPM-specific code until key instantiate
Jarkko Sakkinen
- [PATCH] KEYS: trusted: allow trusted.ko to initialize w/o a TPM
Jarkko Sakkinen
- [PATCH] KEYS: trusted: allow trusted.ko to initialize w/o a TPM
Jarkko Sakkinen
- [PATCH v2] KEYS: trusted: allow trusted.ko to initialize w/o a TPM
Jarkko Sakkinen
- [PATCH v3] KEYS: trusted: allow trusted.ko to initialize w/o a TPM
Jarkko Sakkinen
- [PATCH v3] KEYS: trusted: allow trusted.ko to initialize w/o a TPM
Jarkko Sakkinen
- [PATCH] tpm: turn on TPM on suspend for TPM 1.x
Jarkko Sakkinen
- [GIT PULL] tpmdd fixes for Linux v5.1
Jarkko Sakkinen
- [PATCH v10, RESEND 5/6] KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()
Roberto Sassu
- [PATCH] KEYS: trusted: defer execution of TPM-specific code until key instantiate
Roberto Sassu
- [PATCH 05/97] LSM: Create an lsm_export data structure.
Casey Schaufler
- [PATCH 01/97] LSM: Infrastructure management of the superblock
Casey Schaufler
- [PATCH 11/97] LSM: Use lsm_export in the kernel_ask_as hooks
Casey Schaufler
- [PATCH 00/97] LSM: Complete module stacking
Casey Schaufler
- overlayfs access checks on underlying layers
Casey Schaufler
- [PATCH v7 0/7] Allow initializing the kernfs node's secctx based on its parent
Casey Schaufler
- [PATCH 1/1] smack: removal of global rule list
Casey Schaufler
- Replacing IPv6 port labeling with CALIPSO in Smack
Casey Schaufler
- [PATCH 1/1] Smack: Create smack_rule cache to optimize memory usage
Casey Schaufler
- mount.nfs: Protocol error after upgrade to linux/master
Casey Schaufler
- mount.nfs: Protocol error after upgrade to linux/master
Casey Schaufler
- Linux security subsystem tree sync to v5.1-rc2
Casey Schaufler
- Linux 5.1-rc2
Casey Schaufler
- Linux 5.1-rc2
Casey Schaufler
- [PATCH v5 1/2] LSM: SafeSetID: gate setgid transitions
Casey Schaufler
- [PATCH 11/43] convert do_remount_sb() to fs_context
Andreas Schwab
- [PATCH 11/43] convert do_remount_sb() to fs_context
Andreas Schwab
- [PATCH 11/43] convert do_remount_sb() to fs_context
Andreas Schwab
- Repost: Missing security_mmap_file() in remap_file_pages syscall
Kirill A. Shutemov
- [PATCH 05/97] LSM: Create an lsm_export data structure.
Stephen Smalley
- [PATCH 00/97] LSM: Complete module stacking
Stephen Smalley
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
Stephen Smalley
- overlayfs access checks on underlying layers
Stephen Smalley
- Repost: Missing security_mmap_file() in remap_file_pages syscall
Stephen Smalley
- Should mprotect(..., PROT_EXEC) be checked by IMA?
Stephen Smalley
- Repost: Missing security_mmap_file() in remap_file_pages syscall
TongZhang
- LoadPin old-api-denied
Martin Townsend
- LoadPin old-api-denied
Martin Townsend
- crypto: Kernel memory overwrite attempt detected to spans multiple pages
Geert Uytterhoeven
- INFO: task hung in process_measurement
Tomi Valkeinen
- [PATCH 15/43] vfs: Add configuration parser helpers
Al Viro
- [PATCH v10, RESEND 5/6] KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()
Dan Williams
- [PATCH] KEYS: trusted: defer execution of TPM-specific code until key instantiate
Dan Williams
- [PATCH] KEYS: trusted: allow trusted.ko to initialize w/o a TPM
Dan Williams
- [PATCH v3] KEYS: trusted: allow trusted.ko to initialize w/o a TPM
Dan Williams
- [PATCH V31 10/25] PCI: Lock down BAR access when the kernel is locked down
Alex Williamson
- Hello
Mr Wong
- Hello
Mr Wong
- [PATCH 2/3] scripts/ima: define a set of common functions
Dave Young
- Should mprotect(..., PROT_EXEC) be checked by IMA?
Igor Zhbanov
- [PATCH 01/97] LSM: Infrastructure management of the superblock
Edwin Zimmerman
- [PATCH 11/97] LSM: Use lsm_export in the kernel_ask_as hooks
Edwin Zimmerman
- [PATCH] tomoyo: Add a kernel config option for fuzzing testing.
Edwin Zimmerman
- [PULL REQUEST] Lock down patches
Mimi Zohar
- [PULL REQUEST] Lock down patches
Mimi Zohar
- [PATCH 08/27] kexec_file: Restrict at runtime if the kernel is locked down
Mimi Zohar
- [PULL REQUEST] Lock down patches
Mimi Zohar
- [PATCH] vfs: Move kernel_read_file() to fs/read_write.c
Mimi Zohar
- [PATCH] vfs: Move kernel_read_file() to fs/read_write.c
Mimi Zohar
- [PULL REQUEST] Kernel lockdown patches for 5.2
Mimi Zohar
- [PATCH v2] x86/ima: require signed kernel modules
Mimi Zohar
- [PATCH v2] x86/ima: require signed kernel modules
Mimi Zohar
- [PATCH 3/3] x86/ima: retry detecting secure boot mode
Mimi Zohar
- [PATCH 3/3] x86/ima: retry detecting secure boot mode
Mimi Zohar
- [PATCH 2/3] scripts/ima: define a set of common functions
Mimi Zohar
- [PATCH 3/3] x86/ima: retry detecting secure boot mode
Mimi Zohar
- [PATCH 3/3] x86/ima: retry detecting secure boot mode
Mimi Zohar
- [PULL REQUEST] Kernel lockdown patches for 5.2
Mimi Zohar
- [PATCH ghak109 V1] audit: link integrity evm_write_xattrs record to syscall event
Mimi Zohar
- [PATCH ghak109 V1] audit: link integrity evm_write_xattrs record to syscall event
Mimi Zohar
- [PATCH 27/27] kexec: Allow kexec_file() with appropriate IMA policy when locked down
Mimi Zohar
- [PATCH ghak109 V2] audit: link integrity evm_write_xattrs record to syscall event
Mimi Zohar
- [PATCH ghak109 V2] audit: link integrity evm_write_xattrs record to syscall event
Mimi Zohar
- [PATCH 1/2] efi: add a function for transferring status to string
Mimi Zohar
- [PATCH 2/2 v2] efi: print appropriate status message when loading certificates
Mimi Zohar
- Should mprotect(..., PROT_EXEC) be checked by IMA?
Mimi Zohar
- [PATCH v5 1/2] LSM: SafeSetID: gate setgid transitions
mortonm at chromium.org
- [PATCH v5 1/2] LSM: SafeSetID: gate setgid transitions
mortonm at chromium.org
- [PATCH v4 2/2] LSM: SafeSetID: gate setgid transitions
mortonm at chromium.org
- [PATCH 1/2] efi: add a function for transferring status to string
joeyli
- [PATCH 1/2] efi: add a function for transferring status to string
joeyli
- [GIT PULL] security subsystem changes for v5.1
pr-tracker-bot at kernel.org
- [GIT PULL] SELinux patches for v5.1
pr-tracker-bot at kernel.org
- [GIT PULL] security: tpm subsystem updates for v5.1
pr-tracker-bot at kernel.org
- [GIT PULL] apparmor updates for v5.1
pr-tracker-bot at kernel.org
- [GIT PULL] SELinux fixes for v5.1 (#1)
pr-tracker-bot at kernel.org
- [GIT PULL] SELinux fixes for v5.1 (#2)
pr-tracker-bot at kernel.org
- [GIT PULL] security: yama fix for v5.1
pr-tracker-bot at kernel.org
- [GIT PULL][UPDATED] security: yama and LSM config fixes
pr-tracker-bot at kernel.org
- PRIVATE...
daniele at mybusinessdriver.com
- [PATCH 2/2] efi: print appropriate status message when loading certificates
jlee at suse.com
- [PATCH 2/2 v2] efi: print appropriate status message when loading certificates
jlee at suse.com
- kernel panic: MAC Initialization failed. (3)
syzbot
- INFO: task hung in process_measurement
syzbot
- [PATCH] x86/cpufeature: Remove __pure attribute to _static_cpu_has()
hpa at zytor.com
- [PATCH v2 10/20] x86: avoid W^X being broken during modules loading
hpa at zytor.com
Last message date:
Sat Mar 30 17:30:11 UTC 2019
Archived on: Sat Mar 30 21:45:01 UTC 2019
This archive was generated by
Pipermail 0.09 (Mailman edition).