June 2020 Archives by author
Starting: Mon Jun 1 01:16:35 UTC 2020
Ending: Tue Jun 30 23:46:27 UTC 2020
Messages: 707
- 答复: new seccomp mode aims to improve performance
zhujianwei (C)
- 答复: new seccomp mode aims to improve performance
zhujianwei (C)
- 答复: 答复: new seccomp mode aims to improve performance
zhujianwei (C)
- 答复: 答复: new seccomp mode aims to improve performance
zhujianwei (C)
- 答复: 答复: 答复: new seccomp mode aims to improve performance
zhujianwei (C)
- [PATCH 1/4] cap_get_proc.3: Typo fixes
Michael Kerrisk (man-pages)
- [PATCH 2/4] cap_get_proc.3: for cap_get_pid(), pid==0 means "the calling process"
Michael Kerrisk (man-pages)
- [PATCH 3/4] getpcaps.8: Note that pid==0 displays capabilities of getpcaps itself
Michael Kerrisk (man-pages)
- [PATCH 4/4] cap_get_proc.3: change "current process" to "calling process"
Michael Kerrisk (man-pages)
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Jo -l
- Hello.
YAVUZ BEKTER
- [V2 PATCH 1/3] Refactoring powerpc code for carrying over IMA measurement logs, to move non architecture specific code to security/ima.
Thiago Jung Bauermann
- [V2 PATCH 2/3] dt-bindings: chosen: Document ima-kexec-buffer
Thiago Jung Bauermann
- [PATCH v3] acpi: Extend TPM2 ACPI table with missing log fields
Stefan Berger
- [PATCH v3] acpi: Extend TPM2 ACPI table with missing log fields
Stefan Berger
- [PATCH v5 0/2] tpm2: Make TPM2 logs accessible for non-UEFI firmware
Stefan Berger
- [PATCH v5 1/2] acpi: Extend TPM2 ACPI table with missing log fields
Stefan Berger
- [PATCH v5 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table
Stefan Berger
- [PATCH v2] ima_evm_utils: extended calc_bootaggr to PCRs 8 - 9
Stefan Berger
- [PATCH v5 1/2] acpi: Extend TPM2 ACPI table with missing log fields
Stefan Berger
- [PATCH v5 1/2] acpi: Extend TPM2 ACPI table with missing log fields
Stefan Berger
- [PATCH v6 0/2] tpm2: Make TPM2 logs accessible for non-UEFI firmware
Stefan Berger
- [PATCH v6 1/2] acpi: Extend TPM2 ACPI table with missing log fields
Stefan Berger
- [PATCH v6 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table
Stefan Berger
- Enabling interrupts in QEMU TPM TIS
Stefan Berger
- Enabling interrupts in QEMU TPM TIS
Stefan Berger
- [PATCH v7 0/2] tpm2: Make TPM2 logs accessible for non-UEFI firmware
Stefan Berger
- [PATCH v7 1/2] acpi: Extend TPM2 ACPI table with missing log fields
Stefan Berger
- [PATCH v7 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table
Stefan Berger
- Enabling interrupts in QEMU TPM TIS
Stefan Berger
- Enabling interrupts in QEMU TPM TIS
Stefan Berger
- [PATCH v8 0/2] tpm2: Make TPM2 logs accessible for non-UEFI firmware
Stefan Berger
- [PATCH v8 1/2] acpi: Extend TPM2 ACPI table with missing log fields
Stefan Berger
- [PATCH v8 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table
Stefan Berger
- [PATCH RFC] seccomp: Implement syscall isolation based on memory areas
Gabriel Krisman Bertazi
- [PATCH RFC] seccomp: Implement syscall isolation based on memory areas
Gabriel Krisman Bertazi
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Eric W. Biederman
- [PATCH 00/14] Make the user mode driver code a better citizen
Eric W. Biederman
- [PATCH 01/14] umh: Capture the pid in umh_pipe_setup
Eric W. Biederman
- [PATCH 02/14] umh: Move setting PF_UMH into umh_pipe_setup
Eric W. Biederman
- [PATCH 03/14] umh: Rename the user mode driver helpers for clarity
Eric W. Biederman
- [PATCH 04/14] umh: Remove call_usermodehelper_setup_file.
Eric W. Biederman
- [PATCH 05/14] umh: Separate the user mode driver and the user mode helper support
Eric W. Biederman
- [PATCH 06/14] umd: For clarity rename umh_info umd_info
Eric W. Biederman
- [PATCH 07/14] umd: Rename umd_info.cmdline umd_info.driver_name
Eric W. Biederman
- [PATCH 08/14] umd: Transform fork_usermode_blob into fork_usermode_driver
Eric W. Biederman
- [PATCH 09/14] umh: Stop calling do_execve_file
Eric W. Biederman
- [PATCH 10/14] exec: Remove do_execve_file
Eric W. Biederman
- [PATCH 11/14] bpfilter: Move bpfilter_umh back into init data
Eric W. Biederman
- [PATCH 12/14] umd: Track user space drivers with struct pid
Eric W. Biederman
- [PATCH 13/14] bpfilter: Take advantage of the facilities of struct pid
Eric W. Biederman
- [PATCH 14/14] umd: Remove exit_umh
Eric W. Biederman
- [PATCH 00/14] Make the user mode driver code a better citizen
Eric W. Biederman
- [PATCH 06/14] umd: For clarity rename umh_info umd_info
Eric W. Biederman
- [PATCH 05/14] umh: Separate the user mode driver and the user mode helper support
Eric W. Biederman
- [PATCH 00/14] Make the user mode driver code a better citizen
Eric W. Biederman
- [PATCH 05/14] umh: Separate the user mode driver and the user mode helper support
Eric W. Biederman
- [PATCH 00/14] Make the user mode driver code a better citizen
Eric W. Biederman
- [PATCH v2 00/15] Make the user mode driver code a better citizen
Eric W. Biederman
- [PATCH v2 01/15] umh: Capture the pid in umh_pipe_setup
Eric W. Biederman
- [PATCH v2 02/15] umh: Move setting PF_UMH into umh_pipe_setup
Eric W. Biederman
- [PATCH v2 03/15] umh: Rename the user mode driver helpers for clarity
Eric W. Biederman
- [PATCH v2 04/15] umh: Remove call_usermodehelper_setup_file.
Eric W. Biederman
- [PATCH v2 05/15] umh: Separate the user mode driver and the user mode helper support
Eric W. Biederman
- [PATCH v2 06/15] umd: For clarity rename umh_info umd_info
Eric W. Biederman
- [PATCH v2 07/15] umd: Rename umd_info.cmdline umd_info.driver_name
Eric W. Biederman
- [PATCH v2 08/15] umd: Transform fork_usermode_blob into fork_usermode_driver
Eric W. Biederman
- [PATCH v2 09/15] umh: Stop calling do_execve_file
Eric W. Biederman
- [PATCH v2 10/15] exec: Remove do_execve_file
Eric W. Biederman
- [PATCH v2 11/15] bpfilter: Move bpfilter_umh back into init data
Eric W. Biederman
- [PATCH v2 12/15] umd: Track user space drivers with struct pid
Eric W. Biederman
- [PATCH v2 13/15] bpfilter: Take advantage of the facilities of struct pid
Eric W. Biederman
- [PATCH v2 14/15] umd: Remove exit_umh
Eric W. Biederman
- [PATCH v2 15/15] umd: Stop using split_argv
Eric W. Biederman
- [PATCH 00/14] Make the user mode driver code a better citizen
Eric W. Biederman
- [PATCH v2 00/15] Make the user mode driver code a better citizen
Eric W. Biederman
- [PATCH v2 10/15] exec: Remove do_execve_file
Eric W. Biederman
- [PATCH v2 00/15] Make the user mode driver code a better citizen
Eric W. Biederman
- [PATCH 00/14] Make the user mode driver code a better citizen
Eric W. Biederman
- [PATCH v2 10/15] exec: Remove do_execve_file
Eric W. Biederman
- [PATCH v4 1/3] mm/slab: Use memzero_explicit() in kzfree()
Eric Biggers
- LTP: crypto: af_alg02 regression on linux-next 20200621 tag
Eric Biggers
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christian Borntraeger
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christian Borntraeger
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christian Borntraeger
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christian Borntraeger
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christian Borntraeger
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christian Borntraeger
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christian Borntraeger
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christian Borntraeger
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christian Borntraeger
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christian Borntraeger
- [PATCH v5 0/4] Introduce TEE based Trusted Keys support
James Bottomley
- [PATCH] extend IMA boot_aggregate with kernel measurements
James Bottomley
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Scott Branden
- [PATCH v6 0/8] firmware: add partial read support in request_firmware_into_buf
Scott Branden
- [PATCH v6 1/8] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v6 2/8] firmware: add offset to request_firmware_into_buf
Scott Branden
- [PATCH v6 3/8] test_firmware: add partial read support for request_firmware_into_buf
Scott Branden
- [PATCH v6 4/8] firmware: test partial file reads of request_firmware_into_buf
Scott Branden
- [PATCH v6 5/8] bcm-vk: add bcm_vk UAPI
Scott Branden
- [PATCH v6 7/8] MAINTAINERS: bcm-vk: add maintainer for Broadcom VK Driver
Scott Branden
- [PATCH v6 8/8] ima: add FIRMWARE_PARTIAL_READ support
Scott Branden
- [PATCH v6 8/8] ima: add FIRMWARE_PARTIAL_READ support
Scott Branden
- [PATCH v6 1/8] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v7 0/8] firmware: add partial read support in request_firmware_into_buf
Scott Branden
- [PATCH v7 1/8] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v7 2/8] firmware: add offset to request_firmware_into_buf
Scott Branden
- [PATCH v7 3/8] test_firmware: add partial read support for request_firmware_into_buf
Scott Branden
- [PATCH v7 4/8] firmware: test partial file reads of request_firmware_into_buf
Scott Branden
- [PATCH v7 5/8] bcm-vk: add bcm_vk UAPI
Scott Branden
- [PATCH v7 7/8] MAINTAINERS: bcm-vk: add maintainer for Broadcom VK Driver
Scott Branden
- [PATCH v7 8/8] ima: add FIRMWARE_PARTIAL_READ support
Scott Branden
- [PATCH v7 1/8] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v7 1/8] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v8 0/8] firmware: add request_partial_firmware_into_buf
Scott Branden
- [PATCH v8 1/8] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v8 2/8] firmware: add offset to request_firmware_into_buf
Scott Branden
- [PATCH v8 3/8] test_firmware: add partial read support for request_firmware_into_buf
Scott Branden
- [PATCH v8 4/8] firmware: test partial file reads of request_firmware_into_buf
Scott Branden
- [PATCH v8 5/8] bcm-vk: add bcm_vk UAPI
Scott Branden
- [PATCH v8 7/8] MAINTAINERS: bcm-vk: add maintainer for Broadcom VK Driver
Scott Branden
- [PATCH v8 8/8] ima: add FIRMWARE_PARTIAL_READ support
Scott Branden
- [PATCH v9 0/8] firmware: add request_partial_firmware_into_buf
Scott Branden
- [PATCH v9 1/8] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v9 2/8] firmware: add request_partial_firmware_into_buf
Scott Branden
- [PATCH v9 3/8] test_firmware: add partial read support for request_firmware_into_buf
Scott Branden
- [PATCH v9 4/8] firmware: test partial file reads of request_partial_firmware_into_buf
Scott Branden
- [PATCH v9 5/8] bcm-vk: add bcm_vk UAPI
Scott Branden
- [PATCH v9 7/8] MAINTAINERS: bcm-vk: add maintainer for Broadcom VK Driver
Scott Branden
- [PATCH v9 8/8] ima: add FIRMWARE_PARTIAL_READ support
Scott Branden
- [PATCH v9 1/8] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH] fs: move kernel_read_file* to its own include file
Scott Branden
- [PATCH] fs: move kernel_read_file* to its own include file
Scott Branden
- [PATCH v2 1/1] fs: move kernel_read_file* to its own include file
Scott Branden
- [PATCH v3 1/1] fs: move kernel_read_file* to its own include file
Scott Branden
- [PATCH v3 1/1] fs: move kernel_read_file* to its own include file
Scott Branden
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Christian Brauner
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Christian Brauner
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Christian Brauner
- [PATCH] capabilities: Introduce CAP_RESTORE
Christian Brauner
- My Dear in the lord
Mrs. Mina A. Brunel
- [PATCH 1/2] mm, treewide: Rename kzfree() to kfree_sensitive()
Dan Carpenter
- [PATCH v4 1/3] mm/slab: Use memzero_explicit() in kzfree()
Dan Carpenter
- [PATCH v4 2/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Dan Carpenter
- [PATCH 0/5] kmod/umh: a few fixes
Luis Chamberlain
- [PATCH 0/5] kmod/umh: a few fixes
Luis Chamberlain
- LTP: crypto: af_alg02 regression on linux-next 20200621 tag
Luis Chamberlain
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Luis Chamberlain
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Luis Chamberlain
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Luis Chamberlain
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Luis Chamberlain
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Luis Chamberlain
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Luis Chamberlain
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Luis Chamberlain
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Luis Chamberlain
- [PATCH v3 0/8] crpyto: introduce OSCCA certificate and SM2 asymmetric algorithm
Vitaly Chikunov
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [PATCH v33 12/21] x86/sgx: Allow a limited use of ATTRIBUTE.PROVISIONKEY for attestation
Sean Christopherson
- [PATCH v33 12/21] x86/sgx: Allow a limited use of ATTRIBUTE.PROVISIONKEY for attestation
Sean Christopherson
- new seccomp mode aims to improve performance
Kees Cook
- new seccomp mode aims to improve performance
Kees Cook
- 答复: 答复: new seccomp mode aims to improve performance
Kees Cook
- new seccomp mode aims to improve performance
Kees Cook
- new seccomp mode aims to improve performance
Kees Cook
- [exec] 166d03c9ec: ltp.execveat02.fail
Kees Cook
- [exec] 166d03c9ec: ltp.execveat02.fail
Kees Cook
- [PATCH] security: Add LSM hooks to set*gid syscalls
Kees Cook
- [PATCH] [RFC] security: allow using Clang's zero initialization for stack variables
Kees Cook
- [PATCH] [RFC] security: allow using Clang's zero initialization for stack variables
Kees Cook
- new seccomp mode aims to improve performance
Kees Cook
- [RFC][PATCH 0/8] seccomp: Implement constant action bitmaps
Kees Cook
- [PATCH 1/8] selftests/seccomp: Improve calibration loop
Kees Cook
- [PATCH 2/8] seccomp: Use pr_fmt
Kees Cook
- [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
Kees Cook
- [PATCH 4/8] seccomp: Implement constant action bitmaps
Kees Cook
- [PATCH 5/8] selftests/seccomp: Compare bitmap vs filter overhead
Kees Cook
- [PATCH 6/8] x86: Provide API for local kernel TLB flushing
Kees Cook
- [PATCH 7/8] x86: Enable seccomp constant action bitmaps
Kees Cook
- [PATCH 8/8] [DEBUG] seccomp: Report bitmap coverage ranges
Kees Cook
- [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables
Kees Cook
- [PATCH 4/8] seccomp: Implement constant action bitmaps
Kees Cook
- [PATCH 4/8] seccomp: Implement constant action bitmaps
Kees Cook
- [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables
Kees Cook
- [RFC][PATCH 0/8] seccomp: Implement constant action bitmaps
Kees Cook
- [PATCH 6/8] x86: Provide API for local kernel TLB flushing
Kees Cook
- [PATCH 4/8] seccomp: Implement constant action bitmaps
Kees Cook
- [PATCH 06/14] umd: For clarity rename umh_info umd_info
Kees Cook
- lockdown bypass on mainline kernel for loading unsigned modules
Jason A. Donenfeld
- [oss-security] lockdown bypass on mainline kernel for loading unsigned modules
Jason A. Donenfeld
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Jason A. Donenfeld
- [PATCH] extend IMA boot_aggregate with kernel measurements
Maurizio Drocco
- [PATCH] extend IMA boot_aggregate with kernel measurements
Maurizio Drocco
- [PATCH] extend IMA boot_aggregate with kernel measurements
Maurizio Drocco
- [PATCH] ima_evm_utils: extended calc_bootaggr to PCRs 8 - 9
Maurizio Drocco
- [PATCH] ima: extend boot_aggregate with kernel measurements
Maurizio Drocco
- [PATCH v4] ima: extend boot_aggregate with kernel measurements
Maurizio Drocco
- [PATCH v2] ima_evm_utils: extended calc_bootaggr to PCRs 8 - 9
Maurizio Drocco
- [PATCH] ima_evm_utils: extended calc_bootaggr to PCRs 8 - 9
Maurizio Drocco
- [PATCH v3] ima_evm_utils: extended calc_bootaggr to PCRs 8 - 9
Maurizio Drocco
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Denis Efremov
- [PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [PATCH v5 0/4] Introduce TEE based Trusted Keys support
Sumit Garg
- [PATCH v5 1/4] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [PATCH v5 2/4] KEYS: trusted: Introduce TEE based Trusted Keys
Sumit Garg
- [PATCH v5 3/4] doc: trusted-encrypted: updates with TEE as a new trust source
Sumit Garg
- [PATCH v5 4/4] MAINTAINERS: Add entry for TEE based Trusted Keys
Sumit Garg
- [PATCH v5 0/4] Introduce TEE based Trusted Keys support
Sumit Garg
- [PATCH v5 0/4] Introduce TEE based Trusted Keys support
Sumit Garg
- [PATCH v5 1/4] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [PATCH v5 1/4] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [PATCH v5 0/3] SELinux support for anonymous inodes and UFFD
Lokesh Gidra
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Cyrill Gorcunov
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Cyrill Gorcunov
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Cyrill Gorcunov
- [PATCH] RFC: fuse: virtiofs: Call security hooks on new inodes
Vivek Goyal
- Enabling interrupts in QEMU TPM TIS
Jason Gunthorpe
- Enabling interrupts in QEMU TPM TIS
Jason Gunthorpe
- Enabling interrupts in QEMU TPM TIS
Jason Gunthorpe
- [PATCH v2] capabilities: add description for CAP_SETFCAP
Stefan Hajnoczi
- [PATCH RESEND] device_cgroup: Fix RCU list debugging warning
Serge E. Hallyn
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Tetsuo Handa
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Tetsuo Handa
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Tetsuo Handa
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Tetsuo Handa
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Tetsuo Handa
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Tetsuo Handa
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Tetsuo Handa
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Tetsuo Handa
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Tetsuo Handa
- [PATCH 05/14] umh: Separate the user mode driver and the user mode helper support
Tetsuo Handa
- [PATCH 05/14] umh: Separate the user mode driver and the user mode helper support
Tetsuo Handa
- [PATCH 05/14] umh: Separate the user mode driver and the user mode helper support
Tetsuo Handa
- [PATCH 00/14] Make the user mode driver code a better citizen
Tetsuo Handa
- [PATCH 00/14] Make the user mode driver code a better citizen
Tetsuo Handa
- [PATCH 00/14] Make the user mode driver code a better citizen
Tetsuo Handa
- [PATCH v2 00/15] Make the user mode driver code a better citizen
Tetsuo Handa
- [PATCH 00/14] Make the user mode driver code a better citizen
Tetsuo Handa
- [PATCH v2 00/15] Make the user mode driver code a better citizen
Tetsuo Handa
- [PATCH 00/14] Make the user mode driver code a better citizen
Tetsuo Handa
- [PATCH 00/14] Make the user mode driver code a better citizen
Tetsuo Handa
- [PATCH 4/8] seccomp: Implement constant action bitmaps
Dave Hansen
- clean up kernel_{read,write} & friends v4
Christoph Hellwig
- [PATCH 01/13] cachefiles: switch to kernel_write
Christoph Hellwig
- [PATCH 02/13] autofs: switch to kernel_write
Christoph Hellwig
- [PATCH 03/13] bpfilter: switch to kernel_write
Christoph Hellwig
- [PATCH 04/13] fs: unexport __kernel_write
Christoph Hellwig
- [PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
Christoph Hellwig
- [PATCH 06/13] fs: implement kernel_write using __kernel_write
Christoph Hellwig
- [PATCH 07/13] fs: remove __vfs_write
Christoph Hellwig
- [PATCH 08/13] fs: don't change the address limit for ->write_iter in __kernel_write
Christoph Hellwig
- [PATCH 09/13] fs: add a __kernel_read helper
Christoph Hellwig
- [PATCH 10/13] integrity/ima: switch to using __kernel_read
Christoph Hellwig
- [PATCH 11/13] fs: implement kernel_read using __kernel_read
Christoph Hellwig
- [PATCH 12/13] fs: remove __vfs_read
Christoph Hellwig
- [PATCH 13/13] fs: don't change the address limit for ->read_iter in __kernel_read
Christoph Hellwig
- [PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
Christoph Hellwig
- [PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
Christoph Hellwig
- [PATCH v9 1/8] fs: introduce kernel_pread_file* support
Christoph Hellwig
- [PATCH v3 1/1] fs: move kernel_read_file* to its own include file
Christoph Hellwig
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christoph Hellwig
- clean up kernel_{read,write} & friends v5
Christoph Hellwig
- [PATCH 01/14] cachefiles: switch to kernel_write
Christoph Hellwig
- [PATCH 02/14] autofs: switch to kernel_write
Christoph Hellwig
- [PATCH 03/14] bpfilter: switch to kernel_write
Christoph Hellwig
- [PATCH 04/14] fs: unexport __kernel_write
Christoph Hellwig
- [PATCH 05/14] fs: check FMODE_WRITE in __kernel_write
Christoph Hellwig
- [PATCH 06/14] fs: implement kernel_write using __kernel_write
Christoph Hellwig
- [PATCH 07/14] fs: remove __vfs_write
Christoph Hellwig
- [PATCH 08/14] fs: don't change the address limit for ->write_iter in __kernel_write
Christoph Hellwig
- [PATCH 09/14] fs: add a __kernel_read helper
Christoph Hellwig
- [PATCH 10/14] integrity/ima: switch to using __kernel_read
Christoph Hellwig
- [PATCH 11/14] fs: implement kernel_read using __kernel_read
Christoph Hellwig
- [PATCH 12/14] fs: remove __vfs_read
Christoph Hellwig
- [PATCH 13/14] fs: implement default_file_splice_read using __kernel_read
Christoph Hellwig
- [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
Christoph Hellwig
- linux-next: umh: fix processed error when UMH_WAIT_PROC is used seems to break linux bridge on s390x (bisected)
Christoph Hellwig
- [PATCH v2 10/15] exec: Remove do_execve_file
Christoph Hellwig
- [PATCH v2 10/15] exec: Remove do_execve_file
Christoph Hellwig
- [PATCH] capabilities: Introduce CAP_RESTORE
Matt Helsley
- [v1 PATCH 2/2] Add Documentation regarding the ima-kexec-buffer node in the chosen node documentation
Rob Herring
- [PATCH 00/12] ima: Fix rule parsing bugs and extend KEXEC_CMDLINE rule support
Tyler Hicks
- [PATCH 01/12] ima: Have the LSM free its audit rule
Tyler Hicks
- [PATCH 02/12] ima: Create a function to free a rule entry
Tyler Hicks
- [PATCH 03/12] ima: Free the entire rule when deleting a list of rules
Tyler Hicks
- [PATCH 04/12] ima: Free the entire rule if it fails to parse
Tyler Hicks
- [PATCH 05/12] ima: Fail rule parsing when buffer hook functions have an invalid action
Tyler Hicks
- [PATCH 06/12] ima: Fail rule parsing when the KEXEC_CMDLINE hook is combined with an invalid cond
Tyler Hicks
- [PATCH 07/12] ima: Fail rule parsing when the KEY_CHECK hook is combined with an invalid cond
Tyler Hicks
- [PATCH 08/12] ima: Shallow copy the args_p member of ima_rule_entry.lsm elements
Tyler Hicks
- [PATCH 09/12] ima: Use correct type for the args_p member of ima_rule_entry.lsm elements
Tyler Hicks
- [PATCH 10/12] ima: Move validation of the keyrings conditional into ima_validate_rule()
Tyler Hicks
- [PATCH 11/12] ima: Use the common function to detect LSM conditionals in a rule
Tyler Hicks
- [PATCH 12/12] ima: Support additional conditionals in the KEXEC_CMDLINE hook function
Tyler Hicks
- [PATCH 01/12] ima: Have the LSM free its audit rule
Tyler Hicks
- [PATCH 01/12] ima: Have the LSM free its audit rule
Tyler Hicks
- [PATCH] ima: AppArmor satisfies the audit rule requirements
Tyler Hicks
- [PATCH 10/12] ima: Move validation of the keyrings conditional into ima_validate_rule()
Tyler Hicks
- [PATCH 02/12] ima: Create a function to free a rule entry
Tyler Hicks
- [PATCH 12/12] ima: Support additional conditionals in the KEXEC_CMDLINE hook function
Tyler Hicks
- [PATCH v2 00/11] ima: Fix rule parsing bugs and extend KEXEC_CMDLINE rule support
Tyler Hicks
- [PATCH v2 01/11] ima: Have the LSM free its audit rule
Tyler Hicks
- [PATCH v2 02/11] ima: Free the entire rule when deleting a list of rules
Tyler Hicks
- [PATCH v2 03/11] ima: Free the entire rule if it fails to parse
Tyler Hicks
- [PATCH v2 04/11] ima: Fail rule parsing when buffer hook functions have an invalid action
Tyler Hicks
- [PATCH v2 05/11] ima: Fail rule parsing when the KEXEC_CMDLINE hook is combined with an invalid cond
Tyler Hicks
- [PATCH v2 06/11] ima: Fail rule parsing when the KEY_CHECK hook is combined with an invalid cond
Tyler Hicks
- [PATCH v2 07/11] ima: Shallow copy the args_p member of ima_rule_entry.lsm elements
Tyler Hicks
- [PATCH v2 08/11] ima: Use correct type for the args_p member of ima_rule_entry.lsm elements
Tyler Hicks
- [PATCH v2 09/11] ima: Move validation of the keyrings conditional into ima_validate_rule()
Tyler Hicks
- [PATCH v2 10/11] ima: Use the common function to detect LSM conditionals in a rule
Tyler Hicks
- [PATCH v2 11/11] ima: Support additional conditionals in the KEXEC_CMDLINE hook function
Tyler Hicks
- [PATCH v2 09/11] ima: Move validation of the keyrings conditional into ima_validate_rule()
Tyler Hicks
- [PATCH] ima: Rename internal audit rule functions
Tyler Hicks
- [PATCH v4 1/3] mm/slab: Use memzero_explicit() in kzfree()
Michal Hocko
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Michal Hocko
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Michal Hocko
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Michal Hocko
- Lucrative Proposal.
L.D Holt
- [oss-security] lockdown bypass on mainline kernel for loading unsigned modules
Jann Horn
- [PATCH 4/8] seccomp: Implement constant action bitmaps
Jann Horn
- [PATCH 4/8] seccomp: Implement constant action bitmaps
Jann Horn
- [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
Jann Horn
- [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
Jann Horn
- [PATCH v3 3/3] prctl: Allow ptrace capable processes to change exe_fd
Jann Horn
- [GIT PULL] keys: Changes for 5.8
David Howells
- [PATCH v4 1/3] mm/slab: Use memzero_explicit() in kzfree()
David Howells
- [GIT PULL] apparmor updates for 5.8
John Johansen
- [PATCH 4/5] LSM: Define SELinux function to measure security state
John Johansen
- HELLO: I AM MRS SUSAN JONES
Mrs.Susan Jones
- [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables
Greg KH
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Greg KH
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Greg KH
- LTP: crypto: af_alg02 regression on linux-next 20200621 tag
Naresh Kamboju
- LTP: crypto: af_alg02 regression on linux-next 20200621 tag
Naresh Kamboju
- [PATCH] crypto: af_alg - Fix regression on empty requests
Naresh Kamboju
- [PATCH v32 12/21] x86/sgx: Add provisioning
Darren Kenny
- [PATCH 13/17] watch_queue: Implement mount topology and attribute change notifications [ver #5]
Ian Kent
- [PATCH v3 0/6] Enable as many KUnit tests as possible
Shuah Khan
- Greetings From Mrs. Sarah Koffi
Sarah Koffi
- [PATCH] fs: move kernel_read_file* to its own include file
Greg Kroah-Hartman
- [PATCH v2 1/1] fs: move kernel_read_file* to its own include file
Greg Kroah-Hartman
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Greg Kroah-Hartman
- [PATCH 00/14] Make the user mode driver code a better citizen
Greg Kroah-Hartman
- [RFC PATCH] security: Add a config option to disable security mitigations
Pranith Kumar
- [PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
David Laight
- [PATCH bpf-next v2 1/4] bpf: Generalize bpf_sk_storage
Martin KaFai Lau
- [PATCH bpf-next v2 2/4] bpf: Implement bpf_local_storage for inodes
Martin KaFai Lau
- [PATCH bpf-next v2 1/4] bpf: Generalize bpf_sk_storage
Martin KaFai Lau
- [PATCH AUTOSEL 5.7 047/274] lockdown: Allow unprivileged users to see lockdown status
Sasha Levin
- [PATCH AUTOSEL 5.6 082/606] ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash()
Sasha Levin
- [PATCH AUTOSEL 5.6 083/606] evm: Check also if *tfm is an error pointer in init_desc()
Sasha Levin
- [PATCH AUTOSEL 5.6 084/606] ima: Fix return value of ima_write_policy()
Sasha Levin
- [PATCH AUTOSEL 5.6 095/606] evm: Fix a small race in init_desc()
Sasha Levin
- [PATCH AUTOSEL 5.6 153/606] apparmor: Fix use-after-free in aa_audit_rule_init
Sasha Levin
- [PATCH AUTOSEL 5.6 154/606] apparmor: fix potential label refcnt leak in aa_change_profile
Sasha Levin
- [PATCH AUTOSEL 5.6 155/606] apparmor: Fix aa_label refcnt leak in policy_update
Sasha Levin
- [PATCH AUTOSEL 5.6 321/606] exec: Always set cap_ambient in cap_bprm_set_creds
Sasha Levin
- [PATCH AUTOSEL 5.4 034/175] lockdown: Allow unprivileged users to see lockdown status
Sasha Levin
- [PATCH AUTOSEL 5.7 098/388] apparmor: fix introspection of of task mode for unconfined tasks
Sasha Levin
- [PATCH AUTOSEL 5.7 100/388] apparmor: check/put label on apparmor_sk_clone_security()
Sasha Levin
- [PATCH AUTOSEL 5.7 112/388] apparmor: fix nnp subset test for unconfined
Sasha Levin
- [PATCH AUTOSEL 5.4 075/266] apparmor: fix introspection of of task mode for unconfined tasks
Sasha Levin
- [PATCH AUTOSEL 5.4 077/266] apparmor: check/put label on apparmor_sk_clone_security()
Sasha Levin
- [PATCH AUTOSEL 5.4 083/266] apparmor: fix nnp subset test for unconfined
Sasha Levin
- [PATCH AUTOSEL 4.19 017/172] Smack: slab-out-of-bounds in vsscanf
Sasha Levin
- [PATCH AUTOSEL 4.19 045/172] apparmor: fix introspection of of task mode for unconfined tasks
Sasha Levin
- [PATCH AUTOSEL 4.19 046/172] apparmor: check/put label on apparmor_sk_clone_security()
Sasha Levin
- [PATCH AUTOSEL 4.19 050/172] apparmor: fix nnp subset test for unconfined
Sasha Levin
- [PATCH AUTOSEL 4.14 013/108] Smack: slab-out-of-bounds in vsscanf
Sasha Levin
- [PATCH AUTOSEL 4.14 034/108] apparmor: fix introspection of of task mode for unconfined tasks
Sasha Levin
- [PATCH AUTOSEL 4.9 10/80] Smack: slab-out-of-bounds in vsscanf
Sasha Levin
- [PATCH AUTOSEL 4.4 06/60] Smack: slab-out-of-bounds in vsscanf
Sasha Levin
- [PATCH 1/2] mm, treewide: Rename kzfree() to kfree_sensitive()
Waiman Long
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Waiman Long
- [PATCH v4 1/3] mm/slab: Use memzero_explicit() in kzfree()
Waiman Long
- [PATCH v4 2/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Waiman Long
- [PATCH v4 3/3] btrfs: Use kfree() in btrfs_ioctl_get_subvol_info()
Waiman Long
- [PATCH v4 1/3] mm/slab: Use memzero_explicit() in kzfree()
Waiman Long
- [PATCH v4 3/3] btrfs: Use kfree() in btrfs_ioctl_get_subvol_info()
Waiman Long
- [PATCH v4 2/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Waiman Long
- [PATCH v5 0/2] mm, treewide: Rename kzfree() to kfree_sensitive()
Waiman Long
- [PATCH v5 1/2] mm/slab: Use memzero_explicit() in kzfree()
Waiman Long
- [PATCH v5 2/2] mm, treewide: Rename kzfree() to kfree_sensitive()
Waiman Long
- [PATCH v5 2/2] mm, treewide: Rename kzfree() to kfree_sensitive()
Waiman Long
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Waiman Long
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Waiman Long
- [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
Andy Lutomirski
- [PATCH 6/8] x86: Provide API for local kernel TLB flushing
Andy Lutomirski
- [RFC][PATCH 0/8] seccomp: Implement constant action bitmaps
Andy Lutomirski
- [PATCH 4/8] seccomp: Implement constant action bitmaps
Andy Lutomirski
- [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
Andy Lutomirski
- [PATCH v33 12/21] x86/sgx: Allow a limited use of ATTRIBUTE.PROVISIONKEY for attestation
Andy Lutomirski
- clean up kernel_{read,write} & friends v2
Philippe Mathieu-Daudé
- [PATCH RESEND] device_cgroup: Fix RCU list debugging warning
Paul E. McKenney
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
David Miller
- [PATCH bpf-next v2 2/4] bpf: Implement bpf_local_storage for inodes
Quentin Monnet
- new seccomp mode aims to improve performance
Paul Moore
- [GIT PULL] SELinux patches for v5.8
Paul Moore
- new seccomp mode aims to improve performance
Paul Moore
- [GIT PULL] SELinux patches for v5.8
Paul Moore
- [GIT PULL] SELinux fixes for v5.8 (#1)
Paul Moore
- [PATCH 4/4] cap_get_proc.3: change "current process" to "calling process"
Andrew G. Morgan
- [GIT PULL][Security] lockdown: Allow unprivileged users to see lockdown status
James Morris
- [PATCH v2] capabilities: add description for CAP_SETFCAP
James Morris
- [GIT PULL][Security] lockdown: Allow unprivileged users to see lockdown status
James Morris
- [GIT PULL] SELinux patches for v5.8
James Morris
- [GIT PULL] SELinux patches for v5.8
James Morris
- [PATCH v5 0/3] SELinux support for anonymous inodes and UFFD
James Morris
- [GIT PULL] SafeSetID LSM changes for v5.8
James Morris
- [GIT PULL] SafeSetID LSM changes for v5.8
James Morris
- [PATCH] security: fix the key_permission LSM hook function type
James Morris
- [PATCH] security: Fix hook iteration and default value for inode_copy_up_xattr
James Morris
- [GIT PULL] Security subsystem fixes for v5.8
James Morris
- [PATCH v5 2/2] mm, treewide: Rename kzfree() to kfree_sensitive()
Andrew Morton
- [PATCH 0/5] kmod/umh: a few fixes
Andrew Morton
- [PATCH] security: Add LSM hooks to set*gid syscalls
Micah Morton
- [PATCH] security: Add LSM hooks to set*gid syscalls
Micah Morton
- [GIT PULL] SafeSetID LSM changes for v5.8
Micah Morton
- [GIT PULL] SafeSetID LSM changes for v5.8
Micah Morton
- [GIT PULL] SafeSetID LSM changes for v5.8
Micah Morton
- [GIT PULL] SafeSetID LSM changes for v5.8
Micah Morton
- [GIT PULL] SafeSetID LSM changes for v5.8
Micah Morton
- Add SafeSetID LSM tree to linux-next
Micah Morton
- Add SafeSetID LSM tree to linux-next
Micah Morton
- [GIT PULL] SafeSetID LSM changes for v5.8
Micah Morton
- [PATCH bpf] security: Fix hook iteration for secid_to_secctx
Ondrej Mosnacek
- [PATCH bpf] security: Fix hook iteration for secid_to_secctx
Ondrej Mosnacek
- [PATCH bpf-next 4/4] bpf: Add selftests for local_storage
Andrii Nakryiko
- [PATCH bpf-next 4/4] bpf: Add selftests for local_storage
Andrii Nakryiko
- [PATCH bpf-next v2 4/4] bpf: Add selftests for local_storage
Andrii Nakryiko
- [PATCH] apparmor: check/put label on apparmor_sk_clone_security()
Mauricio Faria de Oliveira
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Joe Perches
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Joe Perches
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Borislav Petkov
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Borislav Petkov
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Borislav Petkov
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Borislav Petkov
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Borislav Petkov
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Borislav Petkov
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Borislav Petkov
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Borislav Petkov
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Borislav Petkov
- [PATCH v33 12/21] x86/sgx: Allow a limited use of ATTRIBUTE.PROVISIONKEY for attestation
Borislav Petkov
- [PATCH v33 12/21] x86/sgx: Allow a limited use of ATTRIBUTE.PROVISIONKEY for attestation
Borislav Petkov
- clean up kernel_{read,write} & friends v2
Nicolas Pitre
- new seccomp mode aims to improve performance
Lennart Poettering
- new seccomp mode aims to improve performance
Lennart Poettering
- new seccomp mode aims to improve performance
Lennart Poettering
- [PATCH] [RFC] security: allow using Clang's zero initialization for stack variables
Alexander Potapenko
- [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables
Alexander Potapenko
- [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables
Alexander Potapenko
- [PATCH 0/5] LSM: Measure security module state
Lakshmi Ramasubramanian
- [PATCH 1/5] IMA: Add LSM_STATE func to measure LSM data
Lakshmi Ramasubramanian
- [PATCH 2/5] IMA: Define an IMA hook to measure LSM data
Lakshmi Ramasubramanian
- [PATCH 3/5] LSM: Add security_state function pointer in lsm_info struct
Lakshmi Ramasubramanian
- [PATCH 4/5] LSM: Define SELinux function to measure security state
Lakshmi Ramasubramanian
- [PATCH 5/5] LSM: Define workqueue for measuring security module state
Lakshmi Ramasubramanian
- [PATCH 4/5] LSM: Define SELinux function to measure security state
Lakshmi Ramasubramanian
- [PATCH v2 06/11] ima: Fail rule parsing when the KEY_CHECK hook is combined with an invalid cond
Lakshmi Ramasubramanian
- [PATCH v2 05/11] ima: Fail rule parsing when the KEXEC_CMDLINE hook is combined with an invalid cond
Lakshmi Ramasubramanian
- [PATCH v2 09/11] ima: Move validation of the keyrings conditional into ima_validate_rule()
Lakshmi Ramasubramanian
- [PATCH v2 11/11] ima: Support additional conditionals in the KEXEC_CMDLINE hook function
Lakshmi Ramasubramanian
- [RFC PATCH 1/7] x86/cpufeatures: add X86_FEATURE_SCI
Mike Rapoport
- [PATCH v2 0/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Adrian Reber
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Adrian Reber
- [PATCH v2 2/3] selftests: add clone3() CAP_CHECKPOINT_RESTORE test
Adrian Reber
- [PATCH v2 3/3] prctl: Allow ptrace capable processes to change exe_fd
Adrian Reber
- [PATCH v3 0/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Adrian Reber
- [PATCH v3 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Adrian Reber
- [PATCH v3 2/3] selftests: add clone3() CAP_CHECKPOINT_RESTORE test
Adrian Reber
- [PATCH v3 3/3] prctl: Allow ptrace capable processes to change exe_fd
Adrian Reber
- [PATCH 0/5] kmod/umh: a few fixes
Luis R. Rodriguez
- [PATCH 1/5] selftests: kmod: Use variable NAME in kmod_test_0001()
Luis R. Rodriguez
- [PATCH 2/5] kmod: Remove redundant "be an" in the comment
Luis R. Rodriguez
- [PATCH 3/5] test_kmod: Avoid potential double free in trigger_config_run_type()
Luis R. Rodriguez
- [PATCH 4/5] umh: fix processed error when UMH_WAIT_PROC is used
Luis R. Rodriguez
- [PATCH 5/5] selftests: simplify kmod failure value
Luis R. Rodriguez
- [PATCH v31 11/21] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v31 12/21] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework
Jarkko Sakkinen
- [PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework
Jarkko Sakkinen
- [PATCH v32 11/21] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v32 12/21] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework
Jarkko Sakkinen
- [PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework
Jarkko Sakkinen
- [PATCH v5 1/4] KEYS: trusted: Add generic trusted keys framework
Jarkko Sakkinen
- [PATCH v32 12/21] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v32 12/21] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH] dh key: Missing a blank line after declarations
Jarkko Sakkinen
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v33 12/21] x86/sgx: Allow a limited use of ATTRIBUTE.PROVISIONKEY for attestation
Jarkko Sakkinen
- [PATCH v5 1/4] KEYS: trusted: Add generic trusted keys framework
Jarkko Sakkinen
- [PATCH v5 1/4] KEYS: trusted: Add generic trusted keys framework
Jarkko Sakkinen
- [PATCH v3] acpi: Extend TPM2 ACPI table with missing log fields
Jarkko Sakkinen
- [PATCH v3] acpi: Extend TPM2 ACPI table with missing log fields
Jarkko Sakkinen
- [PATCH v3] acpi: Extend TPM2 ACPI table with missing log fields
Jarkko Sakkinen
- [PATCH v5 1/2] acpi: Extend TPM2 ACPI table with missing log fields
Jarkko Sakkinen
- [PATCH v5 1/2] acpi: Extend TPM2 ACPI table with missing log fields
Jarkko Sakkinen
- [PATCH v5 1/2] acpi: Extend TPM2 ACPI table with missing log fields
Jarkko Sakkinen
- [PATCH v5 1/2] acpi: Extend TPM2 ACPI table with missing log fields
Jarkko Sakkinen
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v6 1/2] acpi: Extend TPM2 ACPI table with missing log fields
Jarkko Sakkinen
- [PATCH v6 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table
Jarkko Sakkinen
- [PATCH v7 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table
Jarkko Sakkinen
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH 1/2] ima: Directly assign the ima_default_policy pointer to ima_rules
Roberto Sassu
- [PATCH 2/2] ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
Roberto Sassu
- general protection fault in ima_free_template_entry
Roberto Sassu
- [PATCH] ima: Directly free *entry in ima_alloc_init_template() if digests is NULL
Roberto Sassu
- [PATCH] extend IMA boot_aggregate with kernel measurements
Roberto Sassu
- [PATCH] extend IMA boot_aggregate with kernel measurements
Roberto Sassu
- [PATCH] extend IMA boot_aggregate with kernel measurements
Roberto Sassu
- [PATCH 01/11] evm: Execute evm_inode_init_security() only when the HMAC key is loaded
Roberto Sassu
- [PATCH 02/11] evm: Load EVM key in ima_load_x509() to avoid appraisal
Roberto Sassu
- [PATCH 03/11] evm: Refuse EVM_ALLOW_METADATA_WRITES only if the HMAC key is loaded
Roberto Sassu
- [PATCH 04/11] evm: Check size of security.evm before using it
Roberto Sassu
- [PATCH 05/11] evm: Allow xattr/attr operations for portable signatures if check fails
Roberto Sassu
- [PATCH 06/11] evm: Allow setxattr() and setattr() if metadata digest won't change
Roberto Sassu
- [PATCH 07/11] evm: Set IMA_CHANGE_XATTR/ATTR bit if EVM_ALLOW_METADATA_WRITES is set
Roberto Sassu
- [PATCH 08/11] ima: Allow imasig requirement to be satisfied by EVM portable signatures
Roberto Sassu
- [PATCH 09/11] ima: Don't remove security.ima if file must not be appraised
Roberto Sassu
- [PATCH 10/11] ima: Don't ignore errors from crypto_shash_update()
Roberto Sassu
- [PATCH 11/11] ima: Remove semicolon at the end of ima_get_binary_runtime_size()
Roberto Sassu
- [GIT PULL] Smack patches for v5.8
Casey Schaufler
- [GIT PULL] SELinux patches for v5.8
Casey Schaufler
- [GIT PULL] SELinux patches for v5.8
Casey Schaufler
- [GIT PULL] SELinux patches for v5.8
Casey Schaufler
- [GIT PULL] SELinux patches for v5.8
Casey Schaufler
- [GIT PULL] SELinux patches for v5.8
Casey Schaufler
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Casey Schaufler
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Casey Schaufler
- [PATCH 4/5] LSM: Define SELinux function to measure security state
Casey Schaufler
- [PATCH 4/5] LSM: Define SELinux function to measure security state
Casey Schaufler
- [PATCH 01/12] ima: Have the LSM free its audit rule
Casey Schaufler
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Casey Schaufler
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Casey Schaufler
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Casey Schaufler
- [PATCH] ima: Rename internal audit rule functions
Casey Schaufler
- [PATCH bpf-next 4/4] bpf: Add selftests for local_storage
KP Singh
- [PATCH bpf-next 4/4] bpf: Add selftests for local_storage
KP Singh
- [PATCH bpf-next v2 0/4] Generalizing bpf_local_storage
KP Singh
- [PATCH bpf-next v2 1/4] bpf: Generalize bpf_sk_storage
KP Singh
- [PATCH bpf-next v2 2/4] bpf: Implement bpf_local_storage for inodes
KP Singh
- [PATCH bpf-next v2 3/4] bpf: Allow local storage to be used from LSM programs
KP Singh
- [PATCH bpf-next v2 4/4] bpf: Add selftests for local_storage
KP Singh
- [PATCH bpf] security: Fix hook iteration for secid_to_secctx
KP Singh
- [PATCH bpf] security: Fix hook iteration for secid_to_secctx
KP Singh
- [PATCH] security: Fix hook iteration and default value for inode_copy_up_xattr
KP Singh
- [PATCH bpf-next v2 1/4] bpf: Generalize bpf_sk_storage
KP Singh
- [PATCH bpf-next v2 2/4] bpf: Implement bpf_local_storage for inodes
KP Singh
- [PATCH bpf-next v2 4/4] bpf: Add selftests for local_storage
KP Singh
- [PATCH bpf-next v2 1/4] bpf: Generalize bpf_sk_storage
KP Singh
- [GIT PULL] SELinux patches for v5.8
Stephen Smalley
- [GIT PULL] SELinux patches for v5.8
Stephen Smalley
- [PATCH v5 0/3] SELinux support for anonymous inodes and UFFD
Stephen Smalley
- [PATCH 4/5] LSM: Define SELinux function to measure security state
Stephen Smalley
- [PATCH 4/5] LSM: Define SELinux function to measure security state
Stephen Smalley
- [PATCH 5/5] LSM: Define workqueue for measuring security module state
Stephen Smalley
- [PATCH 5/5] LSM: Define workqueue for measuring security module state
Stephen Smalley
- [PATCH 4/5] LSM: Define SELinux function to measure security state
Stephen Smalley
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Stephen Smalley
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Stephen Smalley
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Stephen Smalley
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Stephen Smalley
- [PATCH bpf-next 4/4] bpf: Add selftests for local_storage
Yonghong Song
- [PATCH bpf-next 4/4] bpf: Add selftests for local_storage
Yonghong Song
- [RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass
Prakhar Srivastava
- [v1 PATCH 0/2] Adding support to carry IMA measurement logs
Prakhar Srivastava
- [v1 PATCH 1/2] Refactoring carrying over IMA measuremnet logs over Kexec.
Prakhar Srivastava
- [v1 PATCH 2/2] Add Documentation regarding the ima-kexec-buffer node in the chosen node documentation
Prakhar Srivastava
- [V2 PATCH 0/3] Adding support for carrying IMA measurement logs
Prakhar Srivastava
- [V2 PATCH 1/3] Refactoring powerpc code for carrying over IMA measurement logs, to move non architecture specific code to security/ima.
Prakhar Srivastava
- [V2 PATCH 2/3] dt-bindings: chosen: Document ima-kexec-buffer
Prakhar Srivastava
- [V2 PATCH 3/3] Add support for arm64 to carry over IMA measurement logs
Prakhar Srivastava
- new seccomp mode aims to improve performance
Alexei Starovoitov
- 答复: new seccomp mode aims to improve performance
Alexei Starovoitov
- [GIT PULL] SELinux patches for v5.8
Alexei Starovoitov
- [GIT PULL] SELinux patches for v5.8
Alexei Starovoitov
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Alexei Starovoitov
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Alexei Starovoitov
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Alexei Starovoitov
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Alexei Starovoitov
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Alexei Starovoitov
- [PATCH 00/14] Make the user mode driver code a better citizen
Alexei Starovoitov
- [PATCH 00/14] Make the user mode driver code a better citizen
Alexei Starovoitov
- [PATCH 00/14] Make the user mode driver code a better citizen
Alexei Starovoitov
- [PATCH v2 00/15] Make the user mode driver code a better citizen
Alexei Starovoitov
- [PATCH 00/14] Make the user mode driver code a better citizen
Alexei Starovoitov
- [PATCH v2 00/15] Make the user mode driver code a better citizen
Alexei Starovoitov
- [PATCH v2 10/15] exec: Remove do_execve_file
Alexei Starovoitov
- [PATCH 00/14] Make the user mode driver code a better citizen
Alexei Starovoitov
- [PATCH v4 3/3] btrfs: Use kfree() in btrfs_ioctl_get_subvol_info()
David Sterba
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
David Sterba
- linux-next: build failure after merge of the overlayfs tree
Miklos Szeredi
- [PATCH 13/17] watch_queue: Implement mount topology and attribute change notifications [ver #5]
Miklos Szeredi
- [GIT PULL] SELinux patches for v5.8
Linus Torvalds
- [GIT PULL][Security] lockdown: Allow unprivileged users to see lockdown status
Linus Torvalds
- [GIT PULL] SELinux patches for v5.8
Linus Torvalds
- [GIT PULL] SafeSetID LSM changes for v5.8
Linus Torvalds
- [GIT PULL] SafeSetID LSM changes for v5.8
Linus Torvalds
- [GIT PULL] SafeSetID LSM changes for v5.8
Linus Torvalds
- [PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
Linus Torvalds
- [PATCH 10/13] integrity/ima: switch to using __kernel_read
Linus Torvalds
- [PATCH 10/13] integrity/ima: switch to using __kernel_read
Linus Torvalds
- [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
Linus Torvalds
- [PATCH v2 05/15] umh: Separate the user mode driver and the user mode helper support
Linus Torvalds
- [PATCH] capabilities: Introduce CAP_RESTORE
Andrei Vagin
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Andrei Vagin
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Andrei Vagin
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Andrei Vagin
- [PATCH v2 1/3] capabilities: Introduce CAP_CHECKPOINT_RESTORE
Nicolas Viennot
- [PATCH] dh key: Missing a blank line after declarations
Frank Werner-Krippendorf
- [PATCH v6 1/8] fs: introduce kernel_pread_file* support
Matthew Wilcox
- [PATCH v7 1/8] fs: introduce kernel_pread_file* support
Matthew Wilcox
- [PATCH v7 1/8] fs: introduce kernel_pread_file* support
Matthew Wilcox
- [PATCH v7 1/8] fs: introduce kernel_pread_file* support
Matthew Wilcox
- [PATCH v7 1/8] fs: introduce kernel_pread_file* support
Matthew Wilcox
- [PATCH v7 2/8] firmware: add offset to request_firmware_into_buf
Matthew Wilcox
- [PATCH 05/13] fs: check FMODE_WRITE in __kernel_write
Matthew Wilcox
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Matthew Wilcox
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Matthew Wilcox
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Matthew Wilcox
- [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
Matthew Wilcox
- [PATCH v3] acpi: Extend TPM2 ACPI table with missing log fields
Rafael J. Wysocki
- LTP: crypto: af_alg02 regression on linux-next 20200621 tag
Herbert Xu
- LTP: crypto: af_alg02 regression on linux-next 20200621 tag
Herbert Xu
- [PATCH] crypto: af_alg - Fix regression on empty requests
Herbert Xu
- [RFC PATCH] security: Add a config option to disable security mitigations
Qais Yousef
- URGENT REPLY.
Karim Zakari
- [PATCH] integrity: Remove redundant variable assignments
Tianjia Zhang
- [PATCH v3 0/8] crpyto: introduce OSCCA certificate and SM2 asymmetric algorithm
Tianjia Zhang
- [PATCH v3 1/8] crypto: sm3 - export crypto_sm3_final function
Tianjia Zhang
- [PATCH v3 2/8] lib/mpi: Extend the MPI library
Tianjia Zhang
- [PATCH v3 3/8] lib/mpi: Introduce ec implementation to MPI library
Tianjia Zhang
- [PATCH v3 4/8] crypto: sm2 - introduce OSCCA SM2 asymmetric cipher algorithm
Tianjia Zhang
- [PATCH v3 5/8] crypto: testmgr - support test with different ciphertext per encryption
Tianjia Zhang
- [PATCH v3 6/8] X.509: support OSCCA certificate parse
Tianjia Zhang
- [PATCH v3 7/8] X.509: support OSCCA sm2-with-sm3 certificate verification
Tianjia Zhang
- [PATCH v3 8/8] integrity: Asymmetric digsig supports SM2-with-SM3 algorithm
Tianjia Zhang
- [PATCH v3 0/8] crpyto: introduce OSCCA certificate and SM2 asymmetric algorithm
Tianjia Zhang
- Two questions about IMA
Zhao, Shirley
- [PATCH 1/2] ima: Directly assign the ima_default_policy pointer to ima_rules
Mimi Zohar
- [PATCH 2/2] ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
Mimi Zohar
- [PATCH 2/2] ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
Mimi Zohar
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Mimi Zohar
- [PATCH v6 8/8] ima: add FIRMWARE_PARTIAL_READ support
Mimi Zohar
- [PATCH v6 8/8] ima: add FIRMWARE_PARTIAL_READ support
Mimi Zohar
- [v1 PATCH 1/2] Refactoring carrying over IMA measuremnet logs over Kexec.
Mimi Zohar
- [PATCH v7 1/8] fs: introduce kernel_pread_file* support
Mimi Zohar
- [PATCH v7 1/8] fs: introduce kernel_pread_file* support
Mimi Zohar
- [PATCH v7 1/8] fs: introduce kernel_pread_file* support
Mimi Zohar
- [PATCH] extend IMA boot_aggregate with kernel measurements
Mimi Zohar
- [PATCH 5/5] LSM: Define workqueue for measuring security module state
Mimi Zohar
- [PATCH 5/5] LSM: Define workqueue for measuring security module state
Mimi Zohar
- [PATCH 4/5] LSM: Define SELinux function to measure security state
Mimi Zohar
- [PATCH 4/5] LSM: Define SELinux function to measure security state
Mimi Zohar
- [PATCH] extend IMA boot_aggregate with kernel measurements
Mimi Zohar
- [PATCH] ima_evm_utils: extended calc_bootaggr to PCRs 8 - 9
Mimi Zohar
- [PATCH] ima: extend boot_aggregate with kernel measurements
Mimi Zohar
- [PATCH 02/12] ima: Create a function to free a rule entry
Mimi Zohar
- [PATCH 01/12] ima: Have the LSM free its audit rule
Mimi Zohar
- [PATCH 02/12] ima: Create a function to free a rule entry
Mimi Zohar
- [PATCH 10/12] ima: Move validation of the keyrings conditional into ima_validate_rule()
Mimi Zohar
- [PATCH 03/12] ima: Free the entire rule when deleting a list of rules
Mimi Zohar
- [PATCH 03/12] ima: Free the entire rule when deleting a list of rules
Mimi Zohar
- [PATCH 03/12] ima: Free the entire rule when deleting a list of rules
Mimi Zohar
- [PATCH 08/12] ima: Shallow copy the args_p member of ima_rule_entry.lsm elements
Mimi Zohar
- [PATCH 09/12] ima: Use correct type for the args_p member of ima_rule_entry.lsm elements
Mimi Zohar
- [PATCH 05/12] ima: Fail rule parsing when buffer hook functions have an invalid action
Mimi Zohar
- [PATCH 06/12] ima: Fail rule parsing when the KEXEC_CMDLINE hook is combined with an invalid cond
Mimi Zohar
- [PATCH 11/12] ima: Use the common function to detect LSM conditionals in a rule
Mimi Zohar
- [PATCH 12/12] ima: Support additional conditionals in the KEXEC_CMDLINE hook function
Mimi Zohar
- [PATCH] ima: AppArmor satisfies the audit rule requirements
Mimi Zohar
- [PATCH] ima: Rename internal audit rule functions
Mimi Zohar
- [PATCH v2 09/11] ima: Move validation of the keyrings conditional into ima_validate_rule()
Mimi Zohar
- Hello,
mrs.victoria alexander
- donation of Euro 2,000,000.00.
manuel franco
- [PATCH] [RFC] security: allow using Clang's zero initialization for stack variables
glider at google.com
- [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables
glider at google.com
- [RFC PATCH 1/7] x86/cpufeatures: add X86_FEATURE_SCI
hackapple
- No subject
lookman joe
- [GIT PULL] SELinux patches for v5.8
pr-tracker-bot at kernel.org
- [GIT PULL][Security] lockdown: Allow unprivileged users to see lockdown status
pr-tracker-bot at kernel.org
- [GIT PULL] keys: Changes for 5.8
pr-tracker-bot at kernel.org
- [GIT PULL] Smack patches for v5.8
pr-tracker-bot at kernel.org
- [GIT PULL] apparmor updates for 5.8
pr-tracker-bot at kernel.org
- [GIT PULL] SafeSetID LSM changes for v5.8
pr-tracker-bot at kernel.org
- [GIT PULL] SELinux fixes for v5.8 (#1)
pr-tracker-bot at kernel.org
- [PATCH bpf-next 2/4] bpf: Implement bpf_local_storage for inodes
kbuild test robot
- [security:secure_uffd_v5.9 1/3] fs/anon_inodes.c:92:10-17: WARNING: ERR_CAST can be used with inode
kernel test robot
- [PATCH] fix err_cast.cocci warnings
kernel test robot
- [v1 PATCH 1/2] Refactoring carrying over IMA measuremnet logs over Kexec.
kernel test robot
- [v1 PATCH 1/2] Refactoring carrying over IMA measuremnet logs over Kexec.
kernel test robot
- Re;
test02 at shecc.com
- general protection fault in ima_free_template_entry
syzbot
- KASAN: use-after-free Read in smk_write_relabel_self
syzbot
- possible deadlock in process_measurement (2)
syzbot
- [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables
Maciej Żenczykowski
- [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables
Maciej Żenczykowski
- [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables
Maciej Żenczykowski
Last message date:
Tue Jun 30 23:46:27 UTC 2020
Archived on: Tue Jun 30 23:46:43 UTC 2020
This archive was generated by
Pipermail 0.09 (Mailman edition).