February 2020 Archives by date
Starting: Sat Feb 1 07:54:06 UTC 2020
Ending: Sat Feb 29 17:23:38 UTC 2020
Messages: 644
- [PATCH v2] keys: proc_keys_next should increase position index
Vasily Averin
- [PATCH 1/8] tpm: initialize crypto_id of allocated_banks to HASH_ALGO__LAST
Jarkko Sakkinen
- SELinux: How to split permissions for keys?
Richard Haines
- SELinux: How to split permissions for keys?
Stephen Smalley
- [PATCH] security/integrity: Include __func__ in messages for easier debug
Mimi Zohar
- SELinux: How to split permissions for keys?
Richard Haines
- SELinux: How to split permissions for keys?
Stephen Smalley
- [PATCH] security/integrity: Include __func__ in messages for easier debug
Nayna
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Stephen Smalley
- [PATCH] security/integrity: Include __func__ in messages for easier debug
Shuah Khan
- [PATCH] security/integrity: Include __func__ in messages for easier debug
Joe Perches
- [PATCH] security/integrity: Include __func__ in messages for easier debug
Joe Perches
- [PATCH] security/integrity: Include __func__ in messages for easier debug
Shuah Khan
- [PATCH] security/integrity: Include __func__ in messages for easier debug
Casey Schaufler
- [PATCH] security/integrity: Include __func__ in messages for easier debug
Joe Perches
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Stephen Smalley
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
John Johansen
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
John Johansen
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
John Johansen
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
John Johansen
- [ANNOUNCE][CFP] Linux Security Summit North America 2020
James Morris
- [PATCH SECOND RESEND] MAINTAINERS: fix style in SAFESETID SECURITY MODULE
Lukas Bulwahn
- kernel BUG at lib/assoc_array.c:LINE!
syzbot
- [PATCH v25 10/21] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v25 13/21] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v25 10/21] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Stephen Smalley
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH v2 0/8] ima: support stronger algorithms for attestation
Roberto Sassu
- [PATCH v2 1/8] tpm: Initialize crypto_id of allocated_banks to HASH_ALGO__LAST
Roberto Sassu
- [PATCH v2 2/8] ima: Switch to ima_hash_algo for boot aggregate
Roberto Sassu
- [PATCH v2 3/8] ima: Evaluate error in init_ima()
Roberto Sassu
- [PATCH v2 4/8] ima: Store template digest directly in ima_template_entry
Roberto Sassu
- [PATCH v2 5/8] ima: Switch to dynamically allocated buffer for template digests
Roberto Sassu
- [PATCH v2 6/8] ima: Allocate and initialize tfm for each PCR bank
Roberto Sassu
- [PATCH v2 7/8] ima: Calculate and extend PCR with digests in ima_template_entry
Roberto Sassu
- [PATCH v2 8/8] ima: Use ima_hash_algo for collision detection in the measurement list
Roberto Sassu
- [PATCH v2 3/8] ima: Evaluate error in init_ima()
Roberto Sassu
- [PATCH v25 10/21] x86/sgx: Linux Enclave Driver
Haitao Huang
- [PATCH v2 5/8] ima: Switch to dynamically allocated buffer for template digests
Roberto Sassu
- [PATCH v6 00/10] Introduce CAP_PERFMON to secure system performance monitoring and observability
Alexey Budankov
- [PATCH v6 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- [PATCH v6 02/10] perf/core: open access to the core for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v6 03/10] perf/core: open access to probes for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v6 04/10] perf tool: extend Perf tool with CAP_PERFMON capability support
Alexey Budankov
- [PATCH v6 05/10] drm/i915/perf: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v6 06/10] trace/bpf_trace: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v6 07/10] powerpc/perf: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v6 08/10] parisc/perf: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v6 09/10] drivers/perf: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v6 10/10] drivers/oprofile: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v2 2/8] ima: Switch to ima_hash_algo for boot aggregate
Mimi Zohar
- [PATCH v2 2/8] ima: Switch to ima_hash_algo for boot aggregate
Mimi Zohar
- [PATCH v2 1/8] tpm: Initialize crypto_id of allocated_banks to HASH_ALGO__LAST
Jarkko Sakkinen
- [PATCH v2 6/8] ima: Allocate and initialize tfm for each PCR bank
kbuild test robot
- [RFC PATCH] ima: ima_init_ima_crypto() can be static
kbuild test robot
- [GIT PULL] Smack patch for v5.6
Casey Schaufler
- [GIT PULL] Smack patch for v5.6
pr-tracker-bot at kernel.org
- [PATCH v2 2/8] ima: Switch to ima_hash_algo for boot aggregate
Roberto Sassu
- [PATCH v2 2/8] ima: Switch to ima_hash_algo for boot aggregate
Roberto Sassu
- [PATCH v2 2/8] ima: Switch to ima_hash_algo for boot aggregate
Mimi Zohar
- [PATCH v2 2/8] ima: Switch to ima_hash_algo for boot aggregate
Roberto Sassu
- [PATCH v2 2/8] ima: Switch to ima_hash_algo for boot aggregate
Mimi Zohar
- [PATCH v2] ima: export the measurement list when needed
Mimi Zohar
- [PATCH v2 5/8] ima: Switch to dynamically allocated buffer for template digests
Mimi Zohar
- [PATCH v2 5/8] ima: Switch to dynamically allocated buffer for template digests
Roberto Sassu
- [PATCH v2 5/8] ima: Switch to dynamically allocated buffer for template digests
Mimi Zohar
- [PATCH v2 5/8] ima: Switch to dynamically allocated buffer for template digests
Roberto Sassu
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Eric Snowberg
- [RFC PATCH 1/2] ima: Implement support for uncompressed module appended signatures
Eric Snowberg
- [RFC PATCH 2/2] ima: Change default secure_boot policy to include appended signatures
Eric Snowberg
- [RFC PATCH 1/2] ima: Implement support for uncompressed module appended signatures
Lakshmi Ramasubramanian
- [RFC PATCH 1/2] ima: Implement support for uncompressed module appended signatures
Eric Snowberg
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- [RFC PATCH 1/2] ima: Implement support for uncompressed module appended signatures
Mimi Zohar
- [PATCH v6 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Stephen Smalley
- [PATCH v6 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- [PATCH v6 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Stephen Smalley
- [PATCH v6 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- [RFC PATCH 1/2] ima: Implement support for uncompressed module appended signatures
Eric Snowberg
- [RFC PATCH 1/2] ima: Implement support for uncompressed module appended signatures
Mimi Zohar
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Nayna
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Eric Snowberg
- [PATCH] IMA hash algorithm supports sm3-256
Tianjia Zhang
- [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
Tianjia Zhang
- [PATCH 2/2] ima: add sm3-256 algorithm to hash algorithm configuration list
Tianjia Zhang
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Thomas Gleixner
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Mimi Zohar
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Eric Snowberg
- [PATCH v25 10/21] x86/sgx: Linux Enclave Driver
Haitao Huang
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Mimi Zohar
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Eric Snowberg
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Mimi Zohar
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Eric Snowberg
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Mimi Zohar
- LETTER OF INQUIRY
Mr. Theophilus Odadudu
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Eric Snowberg
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Mimi Zohar
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v26 13/22] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
Eric Biggers
- [PATCH v2] ima: export the measurement list when needed
Janne Karhunen
- [PATCH v3 0/8] ima: support stronger algorithms for attestation
Roberto Sassu
- [PATCH v3 1/8] tpm: Initialize crypto_id of allocated_banks to HASH_ALGO__LAST
Roberto Sassu
- [PATCH v3 2/8] ima: Switch to ima_hash_algo for boot aggregate
Roberto Sassu
- [PATCH v3 3/8] ima: Evaluate error in init_ima()
Roberto Sassu
- [PATCH v3 4/8] ima: Store template digest directly in ima_template_entry
Roberto Sassu
- [PATCH v3 5/8] ima: Switch to dynamically allocated buffer for template digests
Roberto Sassu
- [PATCH v3 6/8] ima: Allocate and initialize tfm for each PCR bank
Roberto Sassu
- [PATCH v3 7/8] ima: Calculate and extend PCR with digests in ima_template_entry
Roberto Sassu
- [PATCH v3 8/8] ima: Use ima_hash_algo for collision detection in the measurement list
Roberto Sassu
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Simon McVittie
- 回复:[PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
Tianjia Zhang
- [PATCH] IMA hash algorithm supports sm3
Tianjia Zhang
- [PATCH 1/2] crypto: rename sm3-256 to sm3 in hash_algo_name
Tianjia Zhang
- [PATCH 2/2] ima: add sm3 algorithm to hash algorithm configuration list
Tianjia Zhang
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Stephen Smalley
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Stephen Smalley
- [PATCH v8 00/11] proc: modernize proc to support multiple private instances
Alexey Gladkov
- [PATCH v8 01/11] proc: Rename struct proc_fs_info to proc_fs_opts
Alexey Gladkov
- [PATCH v8 02/11] proc: add proc_fs_info struct to store proc information
Alexey Gladkov
- [PATCH v8 03/11] proc: move /proc/{self|thread-self} dentries to proc_fs_info
Alexey Gladkov
- [PATCH v8 04/11] proc: move hide_pid, pid_gid from pid_namespace to proc_fs_info
Alexey Gladkov
- [PATCH v8 05/11] proc: add helpers to set and get proc hidepid and gid mount options
Alexey Gladkov
- [PATCH v8 06/11] proc: support mounting procfs instances inside same pid namespace
Alexey Gladkov
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Alexey Gladkov
- [PATCH v8 08/11] proc: instantiate only pids that we can ptrace on 'hidepid=4' mount option
Alexey Gladkov
- [PATCH v8 09/11] proc: add option to mount only a pids subset
Alexey Gladkov
- [PATCH v8 10/11] docs: proc: add documentation for "hidepid=4" and "subset=pidfs" options and new mount behavior
Alexey Gladkov
- [PATCH v8 11/11] proc: Move hidepid values to uapi as they are user interface to mount
Alexey Gladkov
- [PATCH v2] ima: export the measurement list when needed
Mimi Zohar
- [PATCH v3 1/8] tpm: Initialize crypto_id of allocated_banks to HASH_ALGO__LAST
Jarkko Sakkinen
- [PATCH v8 08/11] proc: instantiate only pids that we can ptrace on 'hidepid=4' mount option
Jordan Glover
- [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
Ken Goldman
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Eric Snowberg
- [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
James Bottomley
- [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
Van Leeuwen, Pascal
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Mimi Zohar
- [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
Mimi Zohar
- [PATCH 1/2] crypto: rename sm3-256 to sm3 in hash_algo_name
Mimi Zohar
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Linus Torvalds
- [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
Ken Goldman
- [PATCH v2] ima: export the measurement list when needed
david.safford at gmail.com
- [PATCH v8 03/11] proc: move /proc/{self|thread-self} dentries to proc_fs_info
Andy Lutomirski
- [PATCH v8 10/11] docs: proc: add documentation for "hidepid=4" and "subset=pidfs" options and new mount behavior
Andy Lutomirski
- [PATCH v8 05/11] proc: add helpers to set and get proc hidepid and gid mount options
Andy Lutomirski
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
Eric Biggers
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
John Johansen
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
John Johansen
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Al Viro
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Eric Snowberg
- [PATCH v2] ima: export the measurement list when needed
Mimi Zohar
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Mimi Zohar
- [GIT PULL] SELinux fixes for v5.6 (#1)
Paul Moore
- [PATCH v3 2/8] ima: Switch to ima_hash_algo for boot aggregate
Mimi Zohar
- [PATCH bpf-next v3 02/10] bpf: lsm: Add a skeleton and config options
Alexei Starovoitov
- [PATCH bpf-next v3 03/10] bpf: lsm: Introduce types for eBPF based LSM
Alexei Starovoitov
- [RFC PATCH 00/14] pipe: Keyrings, Block and USB notifications [ver #3]
Andres Freund
- [GIT PULL] SELinux fixes for v5.6 (#1)
pr-tracker-bot at kernel.org
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Eric W. Biederman
- [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM
Alexei Starovoitov
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Eric W. Biederman
- [PATCH 1/2] crypto: rename sm3-256 to sm3 in hash_algo_name
Van Leeuwen, Pascal
- [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256
Van Leeuwen, Pascal
- [PATCH v2] ima: export the measurement list when needed
Janne Karhunen
- [PATCH v3 2/8] ima: Switch to ima_hash_algo for boot aggregate
Roberto Sassu
- [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM
KP Singh
- [PATCH bpf-next v3 03/10] bpf: lsm: Introduce types for eBPF based LSM
KP Singh
- [PATCH bpf-next v3 02/10] bpf: lsm: Add a skeleton and config options
KP Singh
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Stephen Smalley
- [PATCH v2] ima: export the measurement list when needed
david.safford at gmail.com
- [PATCH 00/24] user_namespace: introduce fsid mappings
Christian Brauner
- [PATCH 01/24] user_namespace: introduce fsid mappings infrastructure
Christian Brauner
- [PATCH 02/24] proc: add /proc/<pid>/fsuid_map
Christian Brauner
- [PATCH 03/24] proc: add /proc/<pid>/fsgid_map
Christian Brauner
- [PATCH 04/24] fsuidgid: add fsid mapping helpers
Christian Brauner
- [PATCH 05/24] proc: task_state(): use from_kfs{g,u}id_munged
Christian Brauner
- [PATCH 06/24] fs: add is_userns_visible() helper
Christian Brauner
- [PATCH 07/24] namei: may_{o_}create(): handle fsid mappings
Christian Brauner
- [PATCH 08/24] inode: inode_owner_or_capable(): handle fsid mappings
Christian Brauner
- [PATCH 09/24] capability: privileged_wrt_inode_uidgid(): handle fsid mappings
Christian Brauner
- [PATCH 10/24] stat: handle fsid mappings
Christian Brauner
- [PATCH 11/24] open: chown_common(): handle fsid mappings
Christian Brauner
- [PATCH 12/24] posix_acl: handle fsid mappings
Christian Brauner
- [PATCH 13/24] attr: notify_change(): handle fsid mappings
Christian Brauner
- [PATCH 14/24] commoncap: cap_task_fix_setuid(): handle fsid mappings
Christian Brauner
- [PATCH 15/24] commoncap:cap_bprm_set_creds(): handle fsid mappings
Christian Brauner
- [PATCH 16/24] sys: __sys_setfsuid(): handle fsid mappings
Christian Brauner
- [PATCH 17/24] sys: __sys_setfsgid(): handle fsid mappings
Christian Brauner
- [PATCH 18/24] sys:__sys_setuid(): handle fsid mappings
Christian Brauner
- [PATCH 19/24] sys:__sys_setgid(): handle fsid mappings
Christian Brauner
- [PATCH 20/24] sys:__sys_setreuid(): handle fsid mappings
Christian Brauner
- [PATCH 21/24] sys:__sys_setregid(): handle fsid mappings
Christian Brauner
- [PATCH 22/24] sys:__sys_setresuid(): handle fsid mappings
Christian Brauner
- [PATCH 23/24] sys:__sys_setresgid(): handle fsid mappings
Christian Brauner
- [PATCH 24/24] devpts: handle fsid mappings
Christian Brauner
- [PATCH 01/24] user_namespace: introduce fsid mappings infrastructure
Randy Dunlap
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Eric Snowberg
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
John Johansen
- [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM
Alexei Starovoitov
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Jann Horn
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Alexei Starovoitov
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context
John Johansen
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Jann Horn
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Alexei Starovoitov
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Jann Horn
- [PATCH 00/24] user_namespace: introduce fsid mappings
Jann Horn
- [PATCH] apparmor: Replace zero-length array with flexible-array member
Gustavo A. R. Silva
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Jann Horn
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Alexei Starovoitov
- [PATCH 1/2] crypto: rename sm3-256 to sm3 in hash_algo_name
Mimi Zohar
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Al Viro
- [PATCH v2] ima: export the measurement list when needed
Mimi Zohar
- [PATCH 1/2] crypto: rename sm3-256 to sm3 in hash_algo_name
Mimi Zohar
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Alexei Starovoitov
- [PATCH v2 0/6] Harden userfaultfd
Daniel Colascione
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Daniel Borkmann
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Alexei Starovoitov
- [PATCH v2 0/6] Harden userfaultfd
Kees Cook
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Daniel Borkmann
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Stephen Smalley
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Nayna
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Alexey Gladkov
- [PATCH v8 08/11] proc: instantiate only pids that we can ptrace on 'hidepid=4' mount option
Alexey Gladkov
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Alexey Gladkov
- [PATCH 00/24] user_namespace: introduce fsid mappings
Christian Brauner
- [PATCH v8 05/11] proc: add helpers to set and get proc hidepid and gid mount options
Alexey Gladkov
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Eric W. Biederman
- [PATCH v8 03/11] proc: move /proc/{self|thread-self} dentries to proc_fs_info
Alexey Gladkov
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Stephen Smalley
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Stephen Smalley
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Casey Schaufler
- [PATCH v8 10/11] docs: proc: add documentation for "hidepid=4" and "subset=pidfs" options and new mount behavior
Alexey Gladkov
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
KP Singh
- [PATCH v2 0/6] Harden userfaultfd
Stephen Smalley
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
KP Singh
- [PATCH v2 0/6] Harden userfaultfd
Jann Horn
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Alexey Gladkov
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Stephen Smalley
- [PATCH v2 0/6] Harden userfaultfd
Daniel Colascione
- [PATCH v2 0/6] Harden userfaultfd
Peter Xu
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Linus Torvalds
- [PATCH 00/24] user_namespace: introduce fsid mappings
Jann Horn
- BPF LSM and fexit [was: [PATCH bpf-next v3 04/10] bpf: lsm: Add mutable hooks list for the BPF LSM]
Casey Schaufler
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Eric W. Biederman
- [PATCH v2 0/6] Harden userfaultfd
Andrea Arcangeli
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Al Viro
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Linus Torvalds
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Al Viro
- [PATCH v2 0/6] Harden userfaultfd
Daniel Colascione
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Linus Torvalds
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Al Viro
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Al Viro
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Linus Torvalds
- [PATCH v2] ima: export the measurement list when needed
david.safford at gmail.com
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Eric W. Biederman
- [PATCH v2 0/6] Harden userfaultfd
Andrea Arcangeli
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Linus Torvalds
- [PATCH v2] ima: export the measurement list when needed
Mimi Zohar
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Eric W. Biederman
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Al Viro
- [PATCH v2] ima: export the measurement list when needed
Janne Karhunen
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- [PATCH v26 13/22] x86/sgx: Add provisioning
Jethro Beekman
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Jethro Beekman
- [RFC PATCH 0/2] ima: uncompressed module appraisal support
Eric Snowberg
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [RFC PATCH] security, anon_inodes, kvm: enable security support for anon inodes
Stephen Smalley
- [RFC PATCH] security, anon_inodes, kvm: enable security support for anon inodes
Stephen Smalley
- [PATCH v2] ima: export the measurement list when needed
Ken Goldman
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Linus Torvalds
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Al Viro
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Linus Torvalds
- [PATCH 0/3] SELinux support for anonymous inodes and UFFD
Daniel Colascione
- [PATCH 1/3] Add a new LSM-supporting anonymous inode interface
Daniel Colascione
- [PATCH 2/3] Teach SELinux about anonymous inodes
Daniel Colascione
- [PATCH 3/3] Wire UFFD up to SELinux
Daniel Colascione
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Eric W. Biederman
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Eric W. Biederman
- [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Eric W. Biederman
- [PATCH AUTOSEL 5.5 201/542] IMA: Check IMA policy flag
Sasha Levin
- [PATCH 2/3] Teach SELinux about anonymous inodes
Stephen Smalley
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [PATCH 2/3] Teach SELinux about anonymous inodes
Daniel Colascione
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Andy Lutomirski
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [PATCH 2/3] Teach SELinux about anonymous inodes
Stephen Smalley
- [PATCH 2/3] Teach SELinux about anonymous inodes
Stephen Smalley
- [PATCH v2 00/28] user_namespace: introduce fsid mappings
Christian Brauner
- [PATCH v2 01/28] user_namespace: introduce fsid mappings infrastructure
Christian Brauner
- [PATCH v2 02/28] proc: add /proc/<pid>/fsuid_map
Christian Brauner
- [PATCH v2 03/28] proc: add /proc/<pid>/fsgid_map
Christian Brauner
- [PATCH v2 04/28] fsuidgid: add fsid mapping helpers
Christian Brauner
- [PATCH v2 05/28] proc: task_state(): use from_kfs{g,u}id_munged
Christian Brauner
- [PATCH v2 06/28] cred: add kfs{g,u}id
Christian Brauner
- [PATCH v2 07/28] sys: __sys_setfsuid(): handle fsid mappings
Christian Brauner
- [PATCH v2 08/28] sys: __sys_setfsgid(): handle fsid mappings
Christian Brauner
- [PATCH v2 09/28] sys:__sys_setuid(): handle fsid mappings
Christian Brauner
- [PATCH v2 10/28] sys:__sys_setgid(): handle fsid mappings
Christian Brauner
- [PATCH v2 11/28] sys:__sys_setreuid(): handle fsid mappings
Christian Brauner
- [PATCH v2 12/28] sys:__sys_setregid(): handle fsid mappings
Christian Brauner
- [PATCH v2 13/28] sys:__sys_setresuid(): handle fsid mappings
Christian Brauner
- [PATCH v2 14/28] sys:__sys_setresgid(): handle fsid mappings
Christian Brauner
- [PATCH v2 15/28] fs: add is_userns_visible() helper
Christian Brauner
- [PATCH v2 16/28] namei: may_{o_}create(): handle fsid mappings
Christian Brauner
- [PATCH v2 17/28] inode: inode_owner_or_capable(): handle fsid mappings
Christian Brauner
- [PATCH v2 18/28] capability: privileged_wrt_inode_uidgid(): handle fsid mappings
Christian Brauner
- [PATCH v2 19/28] stat: handle fsid mappings
Christian Brauner
- [PATCH v2 20/28] open: handle fsid mappings
Christian Brauner
- [PATCH v2 21/28] posix_acl: handle fsid mappings
Christian Brauner
- [PATCH v2 22/28] attr: notify_change(): handle fsid mappings
Christian Brauner
- [PATCH v2 23/28] commoncap: cap_bprm_set_creds(): handle fsid mappings
Christian Brauner
- [PATCH v2 24/28] commoncap: cap_task_fix_setuid(): handle fsid mappings
Christian Brauner
- [PATCH v2 25/28] commoncap: handle fsid mappings with vfs caps
Christian Brauner
- [PATCH v2 26/28] exec: bprm_fill_uid(): handle fsid mappings
Christian Brauner
- [PATCH v2 27/28] ptrace: adapt ptrace_may_access() to always uses unmapped fsids
Christian Brauner
- [PATCH v2 28/28] devpts: handle fsid mappings
Christian Brauner
- [PATCH v2 19/28] stat: handle fsid mappings
Tycho Andersen
- [PATCH v2 04/28] fsuidgid: add fsid mapping helpers
Jann Horn
- [PATCH 2/3] Teach SELinux about anonymous inodes
Stephen Smalley
- [PATCH v15 00/23] LSM: Module stacking for AppArmor
Casey Schaufler
- [PATCH v15 01/23] LSM: Infrastructure management of the sock security
Casey Schaufler
- [PATCH v15 02/23] LSM: Create and manage the lsmblob data structure.
Casey Schaufler
- [PATCH v15 03/23] LSM: Use lsmblob in security_audit_rule_match
Casey Schaufler
- [PATCH v15 04/23] LSM: Use lsmblob in security_kernel_act_as
Casey Schaufler
- [PATCH v15 05/23] net: Prepare UDS for security module stacking
Casey Schaufler
- [PATCH v15 06/23] Use lsmblob in security_secctx_to_secid
Casey Schaufler
- [PATCH v15 07/23] LSM: Use lsmblob in security_secid_to_secctx
Casey Schaufler
- [PATCH v15 08/23] LSM: Use lsmblob in security_ipc_getsecid
Casey Schaufler
- [PATCH v15 09/23] LSM: Use lsmblob in security_task_getsecid
Casey Schaufler
- [PATCH v15 10/23] LSM: Use lsmblob in security_inode_getsecid
Casey Schaufler
- [PATCH v15 11/23] LSM: Use lsmblob in security_cred_getsecid
Casey Schaufler
- [PATCH v15 12/23] IMA: Change internal interfaces to use lsmblobs
Casey Schaufler
- [PATCH v15 13/23] LSM: Specify which LSM to display
Casey Schaufler
- [PATCH v15 14/23] LSM: Ensure the correct LSM context releaser
Casey Schaufler
- [PATCH v15 15/23] LSM: Use lsmcontext in security_secid_to_secctx
Casey Schaufler
- [PATCH v15 16/23] LSM: Use lsmcontext in security_inode_getsecctx
Casey Schaufler
- [PATCH v15 17/23] LSM: security_secid_to_secctx in netlink netfilter
Casey Schaufler
- [PATCH v15 18/23] NET: Store LSM netlabel data in a lsmblob
Casey Schaufler
- [PATCH v15 19/23] LSM: Verify LSM display sanity in binder
Casey Schaufler
- [PATCH v15 20/23] Audit: Add subj_LSM fields when necessary
Casey Schaufler
- [PATCH v15 21/23] Audit: Include object data for all security modules
Casey Schaufler
- [PATCH v15 22/23] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH v15 23/23] AppArmor: Remove the exclusive flag
Casey Schaufler
- [PATCH v26 13/22] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Andy Lutomirski
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Dr. Greg
- [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
Randy Dunlap
- [PATCH] MAINTAINERS: use tabs for SAFESETID
Randy Dunlap
- [PATCH v2 19/28] stat: handle fsid mappings
Christian Brauner
- [PATCH v2 00/28] user_namespace: introduce fsid mappings
Florian Weimer
- [PATCH v2 00/28] user_namespace: introduce fsid mappings
Christian Brauner
- [PATCH v2 04/28] fsuidgid: add fsid mapping helpers
Christian Brauner
- [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
Casey Schaufler
- [PATCH v7 00/12] Introduce CAP_PERFMON to secure system performance monitoring and observability
Alexey Budankov
- [PATCH v7 01/12] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- [PATCH v7 02/12] perf/core: open access to the core for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v7 03/12] perf/core: open access to probes for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v7 04/12] perf tool: extend Perf tool with CAP_PERFMON capability support
Alexey Budankov
- [PATCH v7 05/12] drm/i915/perf: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v7 06/12] trace/bpf_trace: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v7 07/12] powerpc/perf: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v7 08/12] parisc/perf: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v7 09/12] drivers/perf: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v7 10/12] drivers/oprofile: open access for CAP_PERFMON privileged process
Alexey Budankov
- [PATCH v7 11/12] doc/admin-guide: update perf-security.rst with CAP_PERFMON information
Alexey Budankov
- [PATCH v7 12/12] doc/admin-guide: update kernel.rst with CAP_PERFMON information
Alexey Budankov
- [PATCH v2] IMA hash algorithm supports sm3
Tianjia Zhang
- [PATCH v2 1/2] crypto: fix mismatched hash algorithm name sm3-256 to sm3
Tianjia Zhang
- [PATCH v2 2/2] ima: add sm3 algorithm to hash algorithm configuration list
Tianjia Zhang
- [RESEND PATCH v2] efi: Only print errors about failing to get certs if EFI vars are found
Javier Martinez Canillas
- [RESEND PATCH v2] efi: Only print errors about failing to get certs if EFI vars are found
Ard Biesheuvel
- [PATCH] efi: Suppress spurious "Couldn't get size" error
Takashi Iwai
- [PATCH] efi: Suppress spurious "Couldn't get size" error
Ard Biesheuvel
- [PATCH] efi: Suppress spurious "Couldn't get size" error
Takashi Iwai
- [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
Kees Cook
- [PATCH v2 00/28] user_namespace: introduce fsid mappings
James Bottomley
- [PATCH v2 00/28] user_namespace: introduce fsid mappings
James Bottomley
- [PATCH v2 00/28] user_namespace: introduce fsid mappings
Christian Brauner
- [PATCH v2 00/28] user_namespace: introduce fsid mappings
Stéphane Graber
- [PATCH v2 00/28] user_namespace: introduce fsid mappings
James Bottomley
- [PATCH v2 00/28] user_namespace: introduce fsid mappings
James Bottomley
- [PATCH v2 00/28] user_namespace: introduce fsid mappings
Christian Brauner
- [PATCH v2 00/28] user_namespace: introduce fsid mappings
Stéphane Graber
- [RFC PATCH] security, anon_inodes, kvm: enable security support for anon inodes
Paul Moore
- [PATCH v2 1/2] crypto: fix mismatched hash algorithm name sm3-256 to sm3
Mimi Zohar
- [PATCH v2 1/2] crypto: fix mismatched hash algorithm name sm3-256 to sm3
Tianjia Zhang
- [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
Stephen Smalley
- [PATCH v2 1/2] crypto: fix mismatched hash algorithm name sm3-256 to sm3
Mimi Zohar
- [PATCH v3 00/25] user_namespace: introduce fsid mappings
Christian Brauner
- [PATCH v3 01/25] user_namespace: introduce fsid mappings infrastructure
Christian Brauner
- [PATCH v3 02/25] proc: add /proc/<pid>/fsuid_map
Christian Brauner
- [PATCH v3 03/25] proc: add /proc/<pid>/fsgid_map
Christian Brauner
- [PATCH v3 04/25] fsuidgid: add fsid mapping helpers
Christian Brauner
- [PATCH v3 05/25] user_namespace: refactor map_write()
Christian Brauner
- [PATCH v3 06/25] user_namespace: make map_write() support fsid mappings
Christian Brauner
- [PATCH v3 07/25] proc: task_state(): use from_kfs{g,u}id_munged
Christian Brauner
- [PATCH v3 08/25] cred: add kfs{g,u}id
Christian Brauner
- [PATCH v3 09/25] fs: add is_userns_visible() helper
Christian Brauner
- [PATCH v3 10/25] namei: may_{o_}create(): handle fsid mappings
Christian Brauner
- [PATCH v3 11/25] inode: inode_owner_or_capable(): handle fsid mappings
Christian Brauner
- [PATCH v3 12/25] capability: privileged_wrt_inode_uidgid(): handle fsid mappings
Christian Brauner
- [PATCH v3 13/25] stat: handle fsid mappings
Christian Brauner
- [PATCH v3 14/25] open: handle fsid mappings
Christian Brauner
- [PATCH v3 15/25] posix_acl: handle fsid mappings
Christian Brauner
- [PATCH v3 16/25] attr: notify_change(): handle fsid mappings
Christian Brauner
- [PATCH v3 17/25] commoncap: cap_bprm_set_creds(): handle fsid mappings
Christian Brauner
- [PATCH v3 18/25] commoncap: cap_task_fix_setuid(): handle fsid mappings
Christian Brauner
- [PATCH v3 19/25] commoncap: handle fsid mappings with vfs caps
Christian Brauner
- [PATCH v3 20/25] exec: bprm_fill_uid(): handle fsid mappings
Christian Brauner
- [PATCH v3 21/25] ptrace: adapt ptrace_may_access() to always uses unmapped fsids
Christian Brauner
- [PATCH v3 22/25] devpts: handle fsid mappings
Christian Brauner
- [PATCH v3 23/25] keys: handle fsid mappings
Christian Brauner
- [PATCH v3 24/25] sys: handle fsid mappings in set*id() calls
Christian Brauner
- [PATCH v3 25/25] selftests: add simple fsid mapping selftests
Christian Brauner
- [PATCH v2] ima: export the measurement list when needed
david.safford at gmail.com
- [PATCH v2] ima: export the measurement list when needed
Mimi Zohar
- [PATCH v15 02/23] LSM: Create and manage the lsmblob data structure.
Stephen Smalley
- [PATCH] net: netlabel: Use built-in RCU list checking
madhuparnabhowmik10 at gmail.com
- [PATCH v15 22/23] LSM: Add /proc attr entry for full LSM context
Stephen Smalley
- [PATCH v15 23/23] AppArmor: Remove the exclusive flag
Stephen Smalley
- [PATCH v7 01/12] capabilities: introduce CAP_PERFMON to kernel and user space
Stephen Smalley
- [PATCH] netlabel_domainhash.c: Use built-in RCU list checking
madhuparnabhowmik10 at gmail.com
- [PATCH v7 01/12] capabilities: introduce CAP_PERFMON to kernel and user space
James Morris
- [PATCH v7 02/12] perf/core: open access to the core for CAP_PERFMON privileged process
James Morris
- [PATCH v7 03/12] perf/core: open access to probes for CAP_PERFMON privileged process
James Morris
- [PATCH v7 04/12] perf tool: extend Perf tool with CAP_PERFMON capability support
James Morris
- [PATCH v7 05/12] drm/i915/perf: open access for CAP_PERFMON privileged process
James Morris
- [PATCH v7 06/12] trace/bpf_trace: open access for CAP_PERFMON privileged process
James Morris
- [PATCH v7 07/12] powerpc/perf: open access for CAP_PERFMON privileged process
James Morris
- [PATCH v7 08/12] parisc/perf: open access for CAP_PERFMON privileged process
James Morris
- [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
Randy Dunlap
- [PATCH v7 09/12] drivers/perf: open access for CAP_PERFMON privileged process
James Morris
- [PATCH v7 10/12] drivers/oprofile: open access for CAP_PERFMON privileged process
James Morris
- [PATCH] net: netlabel: Use built-in RCU list checking
David Miller
- [PATCH] netlabel_domainhash.c: Use built-in RCU list checking
David Miller
- kernel BUG at lib/assoc_array.c:LINE!
Jarkko Sakkinen
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [PATCH v3 11/25] inode: inode_owner_or_capable(): handle fsid mappings
Christoph Hellwig
- [PATCH v3 15/25] posix_acl: handle fsid mappings
Christoph Hellwig
- [PATCH] net: netlabel: Use built-in RCU list checking
Paul Moore
- [PATCH] netlabel_domainhash.c: Use built-in RCU list checking
Paul Moore
- [PATCH v3 00/25] user_namespace: introduce fsid mappings
James Bottomley
- [PATCH v3 01/25] user_namespace: introduce fsid mappings infrastructure
Serge E. Hallyn
- [PATCH v3 02/25] proc: add /proc/<pid>/fsuid_map
Serge E. Hallyn
- [PATCH v3 03/25] proc: add /proc/<pid>/fsgid_map
Serge E. Hallyn
- [PATCH v3 05/25] user_namespace: refactor map_write()
Serge E. Hallyn
- [PATCH v3 07/25] proc: task_state(): use from_kfs{g,u}id_munged
Serge E. Hallyn
- [PATCH v3 09/25] fs: add is_userns_visible() helper
Serge E. Hallyn
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Jordan Hand
- [PATCH v7 01/12] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- [PATCH] module support: during lockdown, log name of unsigned module
Martin Haass
- 19-02-2020
urs portmann
- No subject
Cynthia E
- [PATCH v3 09/25] fs: add is_userns_visible() helper
Christian Brauner
- [PATCH v3 00/25] user_namespace: introduce fsid mappings
Christian Brauner
- [PATCH v3 11/25] inode: inode_owner_or_capable(): handle fsid mappings
Christian Brauner
- [PATCH v3 15/25] posix_acl: handle fsid mappings
Christian Brauner
- [PATCH v3 00/25] user_namespace: introduce fsid mappings
Jann Horn
- [PATCH v3 00/25] user_namespace: introduce fsid mappings
James Bottomley
- [PATCH v3 24/25] sys: handle fsid mappings in set*id() calls
Jann Horn
- [PATCH v3 19/25] commoncap: handle fsid mappings with vfs caps
Jann Horn
- [PATCH v3 06/25] user_namespace: make map_write() support fsid mappings
Jann Horn
- [PATCH v3 09/25] fs: add is_userns_visible() helper
Andy Lutomirski
- [PATCH 9/9] integrity: check properly whether EFI GetVariable() is available
Ard Biesheuvel
- SELinux support in virtio-fs
Casey Schaufler
- [PATCH v3 00/25] user_namespace: introduce fsid mappings
Serge E. Hallyn
- [PATCH 9/9] integrity: check properly whether EFI GetVariable() is available
Serge E. Hallyn
- [PATCH 9/9] integrity: check properly whether EFI GetVariable() is available
Ard Biesheuvel
- [PATCH v3 00/25] user_namespace: introduce fsid mappings
Serge E. Hallyn
- [PATCH v3 00/25] user_namespace: introduce fsid mappings
Tycho Andersen
- [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
James Morris
- [PATCH 9/9] integrity: check properly whether EFI GetVariable() is available
Serge E. Hallyn
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space
Alexey Budankov
- [PATCH v3 09/25] fs: add is_userns_visible() helper
Serge E. Hallyn
- [PATCH] lockdown: Allow unprivileged users to see lockdown status
Jeremy Cline
- [PATCH bpf-next v4 0/8] MAC and Audit policy using eBPF (KRSI)
KP Singh
- [PATCH bpf-next v4 1/8] bpf: Introduce BPF_PROG_TYPE_LSM
KP Singh
- [PATCH bpf-next v4 2/8] security: Refactor declaration of LSM hooks
KP Singh
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
KP Singh
- [PATCH bpf-next v4 4/8] bpf: lsm: Add support for enabling/disabling BPF hooks
KP Singh
- [PATCH bpf-next v4 5/8] bpf: lsm: Implement attach, detach and execution
KP Singh
- [PATCH bpf-next v4 6/8] tools/libbpf: Add support for BPF_PROG_TYPE_LSM
KP Singh
- [PATCH bpf-next v4 7/8] bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM
KP Singh
- [PATCH bpf-next v4 8/8] bpf: lsm: Add Documentation
KP Singh
- [RFC PATCH] security, anon_inodes, kvm: enable security support for anon inodes
Casey Schaufler
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Jordan Hand
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [RFC PATCH] security, anon_inodes, kvm: enable security support for anon inodes
Daniel Colascione
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Andy Lutomirski
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [PATCH 0/7] proc: Dentry flushing without proc_mnt
Eric W. Biederman
- [PATCH 1/7] proc: Rename in proc_inode rename sysctl_inodes sibling_inodes
Eric W. Biederman
- [PATCH 2/7] proc: Generalize proc_sys_prune_dcache into proc_prune_siblings_dcache
Eric W. Biederman
- [PATCH 3/7] proc: Mov rcu_read_(lock|unlock) in proc_prune_siblings_dcache
Eric W. Biederman
- [PATCH 4/7] proc: Use d_invalidate in proc_prune_siblings_dcache
Eric W. Biederman
- [PATCH 5/7] proc: Clear the pieces of proc_inode that proc_evict_inode cares about
Eric W. Biederman
- [PATCH 6/7] proc: Use a list of inodes to flush from proc
Eric W. Biederman
- [PATCH 7/7] proc: Ensure we see the exit of each process tid exactly once
Eric W. Biederman
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH 3/7] proc: Mov rcu_read_(lock|unlock) in proc_prune_siblings_dcache
Linus Torvalds
- [PATCH 4/7] proc: Use d_invalidate in proc_prune_siblings_dcache
Linus Torvalds
- [PATCH 4/7] proc: Use d_invalidate in proc_prune_siblings_dcache
Al Viro
- [PATCH 4/7] proc: Use d_invalidate in proc_prune_siblings_dcache
Linus Torvalds
- [PATCH 0/7] proc: Dentry flushing without proc_mnt
Linus Torvalds
- [PATCH 4/7] proc: Use d_invalidate in proc_prune_siblings_dcache
Al Viro
- [PATCH 0/7] proc: Dentry flushing without proc_mnt
Al Viro
- [PATCH 0/7] proc: Dentry flushing without proc_mnt
Eric W. Biederman
- [PATCH 4/7] proc: Use d_invalidate in proc_prune_siblings_dcache
Eric W. Biederman
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Casey Schaufler
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Jordan Hand
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Andy Lutomirski
- [PATCH bpf-next v4 5/8] bpf: lsm: Implement attach, detach and execution
Alexei Starovoitov
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Alexei Starovoitov
- [PATCH -next] security: remove duplicated include from security.h
YueHaibing
- [PATCH net] ipv4: ensure rcu_read_lock() in cipso_v4_error()
Matteo Croce
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
KP Singh
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
KP Singh
- [PATCH bpf-next v4 5/8] bpf: lsm: Implement attach, detach and execution
KP Singh
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v26 10/22] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH 7/7] proc: Ensure we see the exit of each process tid exactly once
Oleg Nesterov
- [PATCH] lockdown: Allow unprivileged users to see lockdown status
James Morris
- [PATCH -next] security: remove duplicated include from security.h
James Morris
- [PATCH v2 0/6] Harden userfaultfd
James Morris
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Casey Schaufler
- [PATCH bpf-next v4 4/8] bpf: lsm: Add support for enabling/disabling BPF hooks
Casey Schaufler
- [PATCH bpf-next v4 4/8] bpf: lsm: Add support for enabling/disabling BPF hooks
James Morris
- [PATCH bpf-next v4 0/8] MAC and Audit policy using eBPF (KRSI)
Casey Schaufler
- [PATCH bpf-next v4 0/8] MAC and Audit policy using eBPF (KRSI)
KP Singh
- [PATCH net] ipv4: ensure rcu_read_lock() in cipso_v4_error()
Paul Moore
- [PATCH bpf-next v4 0/8] MAC and Audit policy using eBPF (KRSI)
Casey Schaufler
- [PATCH bpf-next v4 0/8] MAC and Audit policy using eBPF (KRSI)
KP Singh
- [PATCH bpf-next v4 0/8] MAC and Audit policy using eBPF (KRSI)
Casey Schaufler
- [PATCH bpf-next v4 0/8] MAC and Audit policy using eBPF (KRSI)
Kees Cook
- [PATCH bpf-next v4 0/8] MAC and Audit policy using eBPF (KRSI)
Casey Schaufler
- [PATCH bpf-next v4 0/8] MAC and Audit policy using eBPF (KRSI)
Kees Cook
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Kees Cook
- [PATCH bpf-next v4 4/8] bpf: lsm: Add support for enabling/disabling BPF hooks
Kees Cook
- [PATCH 7/7] proc: Ensure we see the exit of each process tid exactly once
Eric W. Biederman
- [PATCH] device_cgroup: Fix RCU list debugging warning
Amol Grover
- [PATCH net] ipv4: ensure rcu_read_lock() in cipso_v4_error()
David Miller
- [PATCH v27 10/22] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v27 13/22] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Alexei Starovoitov
- [RFC PATCH v14 00/10] Landlock LSM
Mickaël Salaün
- [RFC PATCH v14 01/10] landlock: Add object and rule management
Mickaël Salaün
- [RFC PATCH v14 02/10] landlock: Add ruleset and domain management
Mickaël Salaün
- [RFC PATCH v14 03/10] landlock: Set up the security framework and manage credentials
Mickaël Salaün
- [RFC PATCH v14 04/10] landlock: Add ptrace restrictions
Mickaël Salaün
- [RFC PATCH v14 05/10] fs,landlock: Support filesystem access-control
Mickaël Salaün
- [RFC PATCH v14 06/10] landlock: Add syscall implementation
Mickaël Salaün
- [RFC PATCH v14 07/10] arch: Wire up landlock() syscall
Mickaël Salaün
- [RFC PATCH v14 08/10] selftests/landlock: Add initial tests
Mickaël Salaün
- [RFC PATCH v14 09/10] samples/landlock: Add a sandbox manager example
Mickaël Salaün
- [RFC PATCH v14 10/10] landlock: Add user and kernel documentation
Mickaël Salaün
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Casey Schaufler
- [PATCH v2 0/6] proc: Dentry flushing without proc_mnt
Eric W. Biederman
- [PATCH v2 1/6] proc: Rename in proc_inode rename sysctl_inodes sibling_inodes
Eric W. Biederman
- [PATCH v2 2/6] proc: Generalize proc_sys_prune_dcache into proc_prune_siblings_dcache
Eric W. Biederman
- [PATCH v2 3/6] proc: In proc_prune_siblings_dcache cache an aquired super block
Eric W. Biederman
- [PATCH v2 4/6] proc: Use d_invalidate in proc_prune_siblings_dcache
Eric W. Biederman
- [PATCH v2 5/6] proc: Clear the pieces of proc_inode that proc_evict_inode cares about
Eric W. Biederman
- [PATCH v2 6/6] proc: Use a list of inodes to flush from proc
Eric W. Biederman
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Casey Schaufler
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
KP Singh
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
KP Singh
- [PATCH v15 02/23] LSM: Create and manage the lsmblob data structure.
Mimi Zohar
- [PATCH v15 03/23] LSM: Use lsmblob in security_audit_rule_match
Mimi Zohar
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Casey Schaufler
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Kees Cook
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Casey Schaufler
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Alexei Starovoitov
- [PATCH bpf-next v4 6/8] tools/libbpf: Add support for BPF_PROG_TYPE_LSM
Andrii Nakryiko
- BUG: unable to handle kernel NULL pointer dereference in cipso_v4_sock_setattr
syzbot
- [PATCH v7 00/12] Introduce CAP_PERFMON to secure system performance monitoring and observability
Alexey Budankov
- BUG: unable to handle kernel NULL pointer dereference in cipso_v4_sock_setattr
Paul Moore
- BUG: unable to handle kernel NULL pointer dereference in cipso_v4_sock_setattr
Dmitry Vyukov
- BUG: unable to handle kernel NULL pointer dereference in cipso_v4_sock_setattr
Paolo Abeni
- BUG: unable to handle kernel NULL pointer dereference in cipso_v4_sock_setattr
Dmitry Vyukov
- BUG: unable to handle kernel NULL pointer dereference in cipso_v4_sock_setattr
Paul Moore
- BUG: unable to handle kernel NULL pointer dereference in cipso_v4_sock_setattr
Dmitry Vyukov
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Kees Cook
- suspicious RCU usage from smack code
John Garry
- [RFC PATCH v14 00/10] Landlock LSM
J Freyensee
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
KP Singh
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
KP Singh
- Business Partnership
Gray Brian Towner
- [RFC PATCH v14 01/10] landlock: Add object and rule management
Jann Horn
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Casey Schaufler
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
KP Singh
- [RFC PATCH v14 01/10] landlock: Add object and rule management
Mickaël Salaün
- [RFC PATCH v14 00/10] Landlock LSM
Mickaël Salaün
- [PATCH bpf-next v4 3/8] bpf: lsm: provide attachment points for BPF LSM programs
Casey Schaufler
- [PATCH] module support: during lockdown, log name of unsigned module
Jessica Yu
- suspicious RCU usage from smack code
Casey Schaufler
- [RFC PATCH v14 01/10] landlock: Add object and rule management
Jann Horn
- [RFC PATCH v14 05/10] fs, landlock: Support filesystem access-control
Jann Horn
- [PATCH] apparmor: Replace zero-length array with flexible-array member
Gustavo A. R. Silva
- [PATCH] security: integrity: Replace zero-length array with flexible-array member
Gustavo A. R. Silva
- [RFC PATCH v14 01/10] landlock: Add object and rule management
Mickaël Salaün
- [RFC PATCH v14 05/10] fs,landlock: Support filesystem access-control
Mickaël Salaün
- [RFC PATCH v14 05/10] fs, landlock: Support filesystem access-control
Jann Horn
- [RFC PATCH v14 01/10] landlock: Add object and rule management
Mickaël Salaün
- [PATCH bpf-next v4 0/8] MAC and Audit policy using eBPF (KRSI)
Dr. Greg
- [PATCH v3 00/25] user_namespace: introduce fsid mappings
Josef Bacik
- Please revert SELinux/keys patches from the keys linux-next branch
Paul Moore
- COMPLEMENT OF THE DAY TO YOU DEAR FRIEND.
MRS AMINA KADI.
- [RESEND PATCH v2] efi: Only print errors about failing to get certs if EFI vars are found
David Hildenbrand
- [RESEND PATCH v2] efi: Only print errors about failing to get certs if EFI vars are found
David Hildenbrand
- [RESEND PATCH v2] efi: Only print errors about failing to get certs if EFI vars are found
Ard Biesheuvel
- [RESEND PATCH v2] efi: Only print errors about failing to get certs if EFI vars are found
David Hildenbrand
- [RESEND PATCH v2] efi: Only print errors about failing to get certs if EFI vars are found
Ard Biesheuvel
- [RESEND PATCH v2] efi: Only print errors about failing to get certs if EFI vars are found
David Hildenbrand
- [RESEND PATCH v2] efi: Only print errors about failing to get certs if EFI vars are found
Ard Biesheuvel
- [RESEND PATCH v2] efi: Only print errors about failing to get certs if EFI vars are found
David Hildenbrand
- Please revert SELinux/keys patches from the keys linux-next branch
David Howells
- Please revert SELinux/keys patches from the keys linux-next branch
Paul Moore
- protecting overlayfs's lower consistently.
Alexander Ivanov
- [PATCH 0/3] proc: Actually honor the mount options
Eric W. Biederman
- [PATCH 1/3] uml: Don't consult current to find the proc_mnt in mconsole_proc
Eric W. Biederman
- [PATCH 2/3] uml: Create a private mount of proc for mconsole
Eric W. Biederman
- [PATCH 3/3] proc: Remove the now unnecessary internal mount of proc
Eric W. Biederman
- [PATCH 2/3] uml: Create a private mount of proc for mconsole
Christian Brauner
- [PATCH 3/3] proc: Remove the now unnecessary internal mount of proc
Christian Brauner
- [PATCH 2/3] uml: Create a private mount of proc for mconsole
Eric W. Biederman
- [PATCH 3/3] proc: Remove the now unnecessary internal mount of proc
Eric W. Biederman
- [PATCH 2/3] uml: Create a private mount of proc for mconsole
Christian Brauner
- [PATCH 4/3] pid: Improve the comment about waiting in zap_pid_ns_processes
Eric W. Biederman
- [PATCH 4/3] pid: Improve the comment about waiting in zap_pid_ns_processes
Christian Brauner
- [RFC PATCH v14 10/10] landlock: Add user and kernel documentation
Randy Dunlap
Last message date:
Sat Feb 29 17:23:38 UTC 2020
Archived on: Sat Feb 29 17:24:01 UTC 2020
This archive was generated by
Pipermail 0.09 (Mailman edition).