May 2020 Archives by subject
Starting: Fri May 1 03:46:25 UTC 2020
Ending: Sun May 31 23:59:53 UTC 2020
Messages: 704
- (DONATION) $2 Million Has Been Donated
pedro hills
- [ANNOUNCE][CFP] Linux Security Summit Europe 2020
Elena Reshetova
- [bug report] evm: Check also if *tfm is an error pointer in init_desc()
Dan Carpenter
- [bug report] evm: Check also if *tfm is an error pointer in init_desc()
Roberto Sassu
- [bug report] evm: Check also if *tfm is an error pointer in init_desc()
Dan Carpenter
- [bug report] evm: Check also if *tfm is an error pointer in init_desc()
Roberto Sassu
- [bug report] evm: Check also if *tfm is an error pointer in init_desc()
Dan Carpenter
- [bug report] evm: Check also if *tfm is an error pointer in init_desc()
Roberto Sassu
- [GIT PULL] apparmor bug fixes for v5.7-rc6
John Johansen
- [GIT PULL] apparmor bug fixes for v5.7-rc6
pr-tracker-bot at kernel.org
- [GIT PULL] security: Fix the default value of fs_context_parse_param hook
pr-tracker-bot at kernel.org
- [GIT PULL] security: Fix the default value of fs_context_parse_param hook
James Morris
- [GIT PULL] SELinux fixes for v5.7 (#2)
Paul Moore
- [PATCH 0/11] exec: cred calculation simplifications
Eric W. Biederman
- [PATCH -next] apparmor: Use true and false for bool variable
John Johansen
- [PATCH -next] Smack: Remove unused inline function smk_ad_setfield_u_fs_path_mnt
YueHaibing
- [PATCH -next] Smack: Remove unused inline function smk_ad_setfield_u_fs_path_mnt
Casey Schaufler
- [PATCH 0/2] exec: Remove the computation of bprm->cred
Eric W. Biederman
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Luis Chamberlain
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Christoph Hellwig
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Luis Chamberlain
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Christoph Hellwig
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Mimi Zohar
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Kees Cook
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Scott Branden
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Kees Cook
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Scott Branden
- [PATCH 0/3] fs: reduce export usage of kerne_read*() calls
Mimi Zohar
- [PATCH 0/4] Relocate execve() sanity checks
Kees Cook
- [PATCH 0/4] Relocate execve() sanity checks
Eric W. Biederman
- [PATCH 0/4] Relocate execve() sanity checks
Kees Cook
- [PATCH 0/4] Relocate execve() sanity checks
Eric W. Biederman
- [PATCH 0/4] Relocate execve() sanity checks
Kees Cook
- [PATCH 0/4] Relocate execve() sanity checks
Eric W. Biederman
- [PATCH 0/4] Relocate execve() sanity checks
Kees Cook
- [PATCH 0/4] Relocate execve() sanity checks
John Johansen
- [PATCH 0/5] exec: Control flow simplifications
Eric W. Biederman
- [PATCH 01/11] exec: Reduce bprm->per_clear to a single bit
Eric W. Biederman
- [PATCH 01/11] exec: Reduce bprm->per_clear to a single bit
Linus Torvalds
- [PATCH 01/11] exec: Reduce bprm->per_clear to a single bit
Eric W. Biederman
- [PATCH 01/11] fs: call file_{start,end}_write from __kernel_write
Christoph Hellwig
- [PATCH 01/14] cachefiles: switch to kernel_write
Christoph Hellwig
- [PATCH 01/14] cachefiles: switch to kernel_write
David Howells
- [PATCH 01/14] cachefiles: switch to kernel_write
Christoph Hellwig
- [PATCH 02/11] exec: Introduce active_per_clear the per file version of per_clear
Linus Torvalds
- [PATCH 02/11] exec: Introduce active_per_clear the per file version of per_clear
Eric W. Biederman
- [PATCH 02/11] fs: check FMODE_WRITE in __kernel_write
Christoph Hellwig
- [PATCH 02/14] autofs: switch to kernel_write
Christoph Hellwig
- [PATCH 02/14] autofs: switch to kernel_write
Ian Kent
- [PATCH 02/14] autofs: switch to kernel_write
Christoph Hellwig
- [PATCH 03/11] exec: Compute file based creds only once
Eric W. Biederman
- [PATCH 03/11] fs: remove the call_{read,write}_iter functions
Christoph Hellwig
- [PATCH 03/14] bpfilter: switch to kernel_write
Christoph Hellwig
- [PATCH 03/14] bpfilter: switch to kernel_write
Christoph Hellwig
- [PATCH 04/11] exec: Move uid/gid handling from creds_from_file into bprm_fill_uid
Eric W. Biederman
- [PATCH 04/11] exec: Move uid/gid handling from creds_from_file into bprm_fill_uid
Eric W. Biederman
- [PATCH 04/11] fs: implement kernel_write using __kernel_write
Christoph Hellwig
- [PATCH 04/14] fs: unexport __kernel_write
Christoph Hellwig
- [PATCH 04/14] fs: unexport __kernel_write
Christoph Hellwig
- [PATCH 05/11] exec: In bprm_fill_uid use CAP_SETGID to see if a gid change is safe
Eric W. Biederman
- [PATCH 05/11] fs: remove __vfs_write
Christoph Hellwig
- [PATCH 05/14] fs: check FMODE_WRITE in __kernel_write
Christoph Hellwig
- [PATCH 05/14] fs: check FMODE_WRITE in __kernel_write
Christoph Hellwig
- [PATCH 06/11] exec: Don't set secureexec when the uid or gid changes are abandoned
Eric W. Biederman
- [PATCH 06/11] fs: don't change the address limit for ->write_iter in __kernel_write
Christoph Hellwig
- [PATCH 06/14] fs: remove the call_{read,write}_iter functions
Christoph Hellwig
- [PATCH 06/14] fs: remove the call_{read,write}_iter functions
Christoph Hellwig
- [PATCH 06/14] fs: remove the call_{read,write}_iter functions
Al Viro
- [PATCH 06/14] fs: remove the call_{read,write}_iter functions
Christoph Hellwig
- [PATCH 07/11] exec: Set saved, fs, and effective ids together in bprm_fill_uid
Eric W. Biederman
- [PATCH 07/11] fs: add a __kernel_read helper
Christoph Hellwig
- [PATCH 07/14] fs: implement kernel_write using __kernel_write
Christoph Hellwig
- [PATCH 07/14] fs: implement kernel_write using __kernel_write
Christoph Hellwig
- [PATCH 08/11] exec: In bprm_fill_uid remove unnecessary no new privs check
Eric W. Biederman
- [PATCH 08/11] integrity/ima: switch to using __kernel_read
Christoph Hellwig
- [PATCH 08/14] fs: remove __vfs_write
Christoph Hellwig
- [PATCH 08/14] fs: remove __vfs_write
Christoph Hellwig
- [PATCH 09/11] exec: In bprm_fill_uid only set per_clear when honoring suid or sgid
Linus Torvalds
- [PATCH 09/11] exec: In bprm_fill_uid only set per_clear when honoring suid or sgid
Eric W. Biederman
- [PATCH 09/11] exec: In bprm_fill_uid only set per_clear when honoring suid or sgid
Eric W. Biederman
- [PATCH 09/11] fs: implement kernel_read using __kernel_read
Christoph Hellwig
- [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
Christoph Hellwig
- [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
Al Viro
- [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
Christoph Hellwig
- [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
Christoph Hellwig
- [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
Christoph Hellwig
- [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
Logan Gunthorpe
- [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
Linus Torvalds
- [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
Christoph Hellwig
- [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
Christoph Hellwig
- [PATCH 1/2] exec: Add a per bprm->file version of per_clear
Eric W. Biederman
- [PATCH 1/2] exec: Add a per bprm->file version of per_clear
Kees Cook
- [PATCH 1/2] exec: Add a per bprm->file version of per_clear
Eric W. Biederman
- [PATCH 1/2] exec: Add a per bprm->file version of per_clear
Kees Cook
- [PATCH 1/3] fs: unexport kernel_read_file()
Luis Chamberlain
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Kees Cook
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Christian Brauner
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Jann Horn
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Christian Brauner
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Eric W. Biederman
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Christian Brauner
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Andreas Schwab
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Eric W. Biederman
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Andreas Schwab
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Eric W. Biederman
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Christian Brauner
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Christian Brauner
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Geert Uytterhoeven
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Christian Brauner
- [PATCH 1/4] exec: Change uselib(2) IS_SREG() failure to EACCES
Eric W. Biederman
- [PATCH 1/5] exec: Call cap_bprm_set_creds directly from prepare_binprm
Linus Torvalds
- [PATCH 1/5] exec: Call cap_bprm_set_creds directly from prepare_binprm
Eric W. Biederman
- [PATCH 10/11] exec: In bprm_fill_uid set secureexec at same time as per_clear
Eric W. Biederman
- [PATCH 10/11] fs: remove __vfs_read
Christoph Hellwig
- [PATCH 10/11] fs: remove __vfs_read
Ira Weiny
- [PATCH 10/11] fs: remove __vfs_read
Christoph Hellwig
- [PATCH 10/14] fs: add a __kernel_read helper
Christoph Hellwig
- [PATCH 10/14] fs: add a __kernel_read helper
Christoph Hellwig
- [PATCH 11/11] exec: Remove the label after_setid from bprm_fill_uid
Eric W. Biederman
- [PATCH 11/11] fs: don't change the address limit for ->read_iter in __kernel_read
Christoph Hellwig
- [PATCH 11/14] integrity/ima: switch to using __kernel_read
Christoph Hellwig
- [PATCH 11/14] integrity/ima: switch to using __kernel_read
Christoph Hellwig
- [PATCH 12/14] fs: implement kernel_read using __kernel_read
Christoph Hellwig
- [PATCH 12/14] fs: implement kernel_read using __kernel_read
Christoph Hellwig
- [PATCH 13/14] fs: remove __vfs_read
Christoph Hellwig
- [PATCH 13/14] fs: remove __vfs_read
Christoph Hellwig
- [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
Al Viro
- [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
Christoph Hellwig
- [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
Christoph Hellwig
- [PATCH 2/2] exec: Compute file based creds only once
Eric W. Biederman
- [PATCH 2/2] exec: Compute file based creds only once
Kees Cook
- [PATCH 2/2] exec: Compute file based creds only once
Eric W. Biederman
- [PATCH 2/2] exec: Compute file based creds only once
Kees Cook
- [PATCH 2/3] security: add symbol namespace for reading file data
Luis Chamberlain
- [PATCH 2/3] security: add symbol namespace for reading file data
Eric W. Biederman
- [PATCH 2/3] security: add symbol namespace for reading file data
Greg KH
- [PATCH 2/3] security: add symbol namespace for reading file data
Luis Chamberlain
- [PATCH 2/3] security: add symbol namespace for reading file data
Greg KH
- [PATCH 2/3] security: add symbol namespace for reading file data
Josh Triplett
- [PATCH 2/4] exec: Relocate S_ISREG() check
Kees Cook
- [PATCH 2/5] exec: Directly call security_bprm_set_creds from __do_execve_file
Eric W. Biederman
- [PATCH 2/5] exec: Directly call security_bprm_set_creds from __do_execve_file
Linus Torvalds
- [PATCH 2/5] exec: Directly call security_bprm_set_creds from __do_execve_file
Eric W. Biederman
- [PATCH 2/5] exec: Directly call security_bprm_set_creds from __do_execve_file
Linus Torvalds
- [PATCH 2/5] exec: Directly call security_bprm_set_creds from __do_execve_file
Kees Cook
- [PATCH 2/5] exec: Directly call security_bprm_set_creds from __do_execve_file
Eric W. Biederman
- [PATCH 2/5] exec: Directly call security_bprm_set_creds from __do_execve_file
Kees Cook
- [PATCH 3/3] fs: move kernel_read*() calls to its own symbol namespace
Greg KH
- [PATCH 3/3] fs: move kernel_read*() calls to its own symbol namespace
Luis Chamberlain
- [PATCH 3/4] exec: Relocate path_noexec() check
Kees Cook
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Eric W. Biederman
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Linus Torvalds
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Tetsuo Handa
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Linus Torvalds
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Eric W. Biederman
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Rob Landley
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Kees Cook
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Eric W. Biederman
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Kees Cook
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Eric W. Biederman
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Kees Cook
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Kees Cook
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Kees Cook
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Linus Torvalds
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Rob Landley
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Linus Torvalds
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Eric W. Biederman
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Eric W. Biederman
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Eric W. Biederman
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Casey Schaufler
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Eric W. Biederman
- [PATCH 3/5] exec: Remove recursion from search_binary_handler
Rob Landley
- [PATCH 4/4] fs: Include FMODE_EXEC when converting flags to f_mode
Kees Cook
- [PATCH 4/5] exec: Allow load_misc_binary to call prepare_binfmt unconditionally
Eric W. Biederman
- [PATCH 4/5] exec: Allow load_misc_binary to call prepare_binfmt unconditionally
Kees Cook
- [PATCH 5/5] exec: Move the call of prepare_binprm into search_binary_handler
Eric W. Biederman
- [PATCH 5/5] exec: Move the call of prepare_binprm into search_binary_handler
Kees Cook
- [PATCH AUTOSEL 4.19 03/17] evm: Fix RCU list related warnings
Sasha Levin
- [PATCH AUTOSEL 5.4 03/26] evm: Fix RCU list related warnings
Sasha Levin
- [PATCH AUTOSEL 5.6 04/47] evm: Fix RCU list related warnings
Sasha Levin
- [PATCH bpf-next 0/4] Generalizing bpf_local_storage
KP Singh
- [PATCH bpf-next 1/4] bpf: Generalize bpf_sk_storage
KP Singh
- [PATCH bpf-next 1/4] bpf: Generalize bpf_sk_storage
kbuild test robot
- [PATCH bpf-next 2/4] bpf: Implement bpf_local_storage for inodes
KP Singh
- [PATCH bpf-next 2/4] bpf: Implement bpf_local_storage for inodes
Alexei Starovoitov
- [PATCH bpf-next 2/4] bpf: Implement bpf_local_storage for inodes
KP Singh
- [PATCH bpf-next 2/4] bpf: Implement bpf_local_storage for inodes
Christoph Hellwig
- [PATCH bpf-next 2/4] bpf: Implement bpf_local_storage for inodes
KP Singh
- [PATCH bpf-next 2/4] bpf: Implement bpf_local_storage for inodes
Casey Schaufler
- [PATCH bpf-next 2/4] bpf: Implement bpf_local_storage for inodes
KP Singh
- [PATCH bpf-next 3/4] bpf: Allow local storage to be used from LSM programs
KP Singh
- [PATCH bpf-next 4/4] bpf: Add selftests for local_storage
KP Singh
- [PATCH bpf] security: Fix hook iteration for secid_to_secctx
KP Singh
- [PATCH bpf] security: Fix hook iteration for secid_to_secctx
Casey Schaufler
- [PATCH bpf] security: Fix hook iteration for secid_to_secctx
Alexei Starovoitov
- [PATCH bpf] security: Fix hook iteration for secid_to_secctx
James Morris
- [PATCH bpf] security: Fix hook iteration for secid_to_secctx
Alexei Starovoitov
- [PATCH bpf] security: Fix the default value of fs_context_parse_param hook
James Morris
- [PATCH bpf] security: Fix the default value of fs_context_parse_param hook
Mikko Ylinen
- [PATCH bpf] security: Fix the default value of fs_context_parse_param hook
Alexei Starovoitov
- [PATCH net] netlabel: cope with NULL catmap
Paolo Abeni
- [PATCH net] netlabel: cope with NULL catmap
Paul Moore
- [PATCH net] netlabel: cope with NULL catmap
David Miller
- [PATCH RESEND] lockdown: Allow unprivileged users to see lockdown status
Jeremy Cline
- [PATCH RESEND] lockdown: Allow unprivileged users to see lockdown status
James Morris
- [PATCH RFC] seccomp: Implement syscall isolation based on memory areas
Kees Cook
- [PATCH RFC] seccomp: Implement syscall isolation based on memory areas
Gabriel Krisman Bertazi
- [PATCH RFC] seccomp: Implement syscall isolation based on memory areas
Paul Gofman
- [PATCH RFC] seccomp: Implement syscall isolation based on memory areas
Matthew Wilcox
- [PATCH RFC] seccomp: Implement syscall isolation based on memory areas
Paul Gofman
- [PATCH RFC] seccomp: Implement syscall isolation based on memory areas
Matthew Wilcox
- [PATCH RFC] seccomp: Implement syscall isolation based on memory areas
Paul Gofman
- [PATCH v17 00/10] Landlock LSM
Mickaël Salaün
- [PATCH v17 00/10] Landlock LSM
Mickaël Salaün
- [PATCH v17 00/23] LSM: Module stacking for AppArmor
Casey Schaufler
- [PATCH v17 01/10] landlock: Add object management
Mickaël Salaün
- [PATCH v17 01/23] LSM: Infrastructure management of the sock security
Casey Schaufler
- [PATCH v17 02/10] landlock: Add ruleset and domain management
Mickaël Salaün
- [PATCH v17 02/10] landlock: Add ruleset and domain management
James Morris
- [PATCH v17 02/10] landlock: Add ruleset and domain management
Mickaël Salaün
- [PATCH v17 02/23] LSM: Create and manage the lsmblob data structure.
Casey Schaufler
- [PATCH v17 03/10] landlock: Set up the security framework and manage credentials
Mickaël Salaün
- [PATCH v17 03/23] LSM: Use lsmblob in security_audit_rule_match
Casey Schaufler
- [PATCH v17 04/10] landlock: Add ptrace restrictions
Mickaël Salaün
- [PATCH v17 04/23] LSM: Use lsmblob in security_kernel_act_as
Casey Schaufler
- [PATCH v17 05/10] fs,landlock: Support filesystem access-control
Mickaël Salaün
- [PATCH v17 05/10] fs,landlock: Support filesystem access-control
James Morris
- [PATCH v17 05/10] fs,landlock: Support filesystem access-control
Mickaël Salaün
- [PATCH v17 05/10] fs,landlock: Support filesystem access-control
Casey Schaufler
- [PATCH v17 05/10] fs,landlock: Support filesystem access-control
James Morris
- [PATCH v17 05/10] fs,landlock: Support filesystem access-control
Mickaël Salaün
- [PATCH v17 05/10] fs,landlock: Support filesystem access-control
Mickaël Salaün
- [PATCH v17 05/10] fs,landlock: Support filesystem access-control
James Morris
- [PATCH v17 05/23] net: Prepare UDS for security module stacking
Casey Schaufler
- [PATCH v17 05/23] net: Prepare UDS for security module stacking
Stephen Smalley
- [PATCH v17 06/10] landlock: Add syscall implementation
Mickaël Salaün
- [PATCH v17 06/23] Use lsmblob in security_secctx_to_secid
Casey Schaufler
- [PATCH v17 07/10] arch: Wire up landlock() syscall
Mickaël Salaün
- [PATCH v17 07/23] LSM: Use lsmblob in security_secid_to_secctx
Casey Schaufler
- [PATCH v17 08/10] selftests/landlock: Add initial tests
Mickaël Salaün
- [PATCH v17 08/23] LSM: Use lsmblob in security_ipc_getsecid
Casey Schaufler
- [PATCH v17 09/10] samples/landlock: Add a sandbox manager example
Mickaël Salaün
- [PATCH v17 09/23] LSM: Use lsmblob in security_task_getsecid
Casey Schaufler
- [PATCH v17 10/10] landlock: Add user and kernel documentation
Mickaël Salaün
- [PATCH v17 10/23] LSM: Use lsmblob in security_inode_getsecid
Casey Schaufler
- [PATCH v17 11/23] LSM: Use lsmblob in security_cred_getsecid
Casey Schaufler
- [PATCH v17 12/23] IMA: Change internal interfaces to use lsmblobs
Casey Schaufler
- [PATCH v17 13/23] LSM: Specify which LSM to display
Casey Schaufler
- [PATCH v17 14/23] LSM: Ensure the correct LSM context releaser
Casey Schaufler
- [PATCH v17 15/23] LSM: Use lsmcontext in security_secid_to_secctx
Casey Schaufler
- [PATCH v17 16/23] LSM: Use lsmcontext in security_inode_getsecctx
Casey Schaufler
- [PATCH v17 17/23] LSM: security_secid_to_secctx in netlink netfilter
Casey Schaufler
- [PATCH v17 18/23] NET: Store LSM netlabel data in a lsmblob
Casey Schaufler
- [PATCH v17 19/23] LSM: Verify LSM display sanity in binder
Casey Schaufler
- [PATCH v17 20/23] Audit: Add a new record for multiple subject LSM attributes
Stephen Smalley
- [PATCH v17 20/23] Audit: Add a new record for multiple subject LSM attributes
Casey Schaufler
- [PATCH v17 20/23] Audit: Add a new record for multiple subject LSM attributes
Paul Moore
- [PATCH v17 20/23] Audit: Add a new record for multiple subject LSM attributes
Casey Schaufler
- [PATCH v17 20/23] Audit: Add a new record for multiple subject LSM attributes
Casey Schaufler
- [PATCH v17 20/23] Audit: Add a new record for multiple subject LSM attributes
Paul Moore
- [PATCH v17 20/23] Audit: Add a new record for multiple subject LSM attributes
Casey Schaufler
- [PATCH v17 21/23] Audit: Add a new record for multiple object LSM attributes
Casey Schaufler
- [PATCH v17 22/23] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH v17 23/23] AppArmor: Remove the exclusive flag
Casey Schaufler
- [PATCH v18 00/12] Landlock LSM
Mickaël Salaün
- [PATCH v18 01/12] landlock: Add object management
Mickaël Salaün
- [PATCH v18 02/12] landlock: Add ruleset and domain management
Mickaël Salaün
- [PATCH v18 03/12] landlock: Set up the security framework and manage credentials
Mickaël Salaün
- [PATCH v18 04/12] landlock: Add ptrace restrictions
Mickaël Salaün
- [PATCH v18 05/12] LSM: Infrastructure management of the superblock
Mickaël Salaün
- [PATCH v18 06/12] fs,security: Add sb_delete hook
Mickaël Salaün
- [PATCH v18 07/12] landlock: Support filesystem access-control
Mickaël Salaün
- [PATCH v18 07/12] landlock: Support filesystem access-control
Amir Goldstein
- [PATCH v18 07/12] landlock: Support filesystem access-control
Mickaël Salaün
- [PATCH v18 08/12] landlock: Add syscall implementation
Mickaël Salaün
- [PATCH v18 09/12] arch: Wire up landlock() syscall
Mickaël Salaün
- [PATCH v18 10/12] selftests/landlock: Add initial tests
Mickaël Salaün
- [PATCH v18 11/12] samples/landlock: Add a sandbox manager example
Mickaël Salaün
- [PATCH v18 12/12] landlock: Add user and kernel documentation
Mickaël Salaün
- [PATCH v2 0/6] Enable as many KUnit tests as possible
Anders Roxell
- [PATCH v2 0/8] exec: Control flow simplifications
Eric W. Biederman
- [PATCH v2 0/8] exec: Control flow simplifications
Linus Torvalds
- [PATCH v2 0/8] exec: Control flow simplifications
Kees Cook
- [PATCH v2 0/8] exec: Control flow simplifications
Eric W. Biederman
- [PATCH v2 0/8] exec: Control flow simplifications
Eric W. Biederman
- [PATCH v2 0/8] exec: Control flow simplifications
Kees Cook
- [PATCH v2 0/8] exec: Control flow simplifications
Eric W. Biederman
- [PATCH v2 1/6] kunit: Kconfig: enable a KUNIT_RUN_ALL fragment
Anders Roxell
- [PATCH v2 1/6] kunit: Kconfig: enable a KUNIT_RUN_ALL fragment
David Gow
- [PATCH v2 1/6] kunit: Kconfig: enable a KUNIT_RUN_ALL fragment
Anders Roxell
- [PATCH v2 1/6] kunit: Kconfig: enable a KUNIT_RUN_ALL fragment
David Gow
- [PATCH v2 1/8] exec: Teach prepare_exec_creds how exec treats uids & gids
Kees Cook
- [PATCH v2 1/8] exec: Teach prepare_exec_creds how exec treats uids & gids
Linus Torvalds
- [PATCH v2 1/8] exec: Teach prepare_exec_creds how exec treats uids & gids
Eric W. Biederman
- [PATCH v2 1/8] exec: Teach prepare_exec_creds how exec treats uids & gids
Eric W. Biederman
- [PATCH v2 2/2] fs: avoid fdput() after failed fdget() in kernel_read_file_from_fd()
Luis Chamberlain
- [PATCH v2 2/2] fs: avoid fdput() after failed fdget() in kernel_read_file_from_fd()
Luis Chamberlain
- [PATCH v2 2/2] fs: avoid fdput() after failed fdget() in kernel_read_file_from_fd()
Scott Branden
- [PATCH v2 2/2] fs: avoid fdput() after failed fdget() in kernel_read_file_from_fd()
Scott Branden
- [PATCH v2 2/2] fs: avoid fdput() after failed fdget() in kernel_read_file_from_fd()
Luis Chamberlain
- [PATCH v2 2/6] kunit: default KUNIT_* fragments to KUNIT_RUN_ALL
Anders Roxell
- [PATCH v2 2/6] kunit: default KUNIT_* fragments to KUNIT_RUN_ALL
David Gow
- [PATCH v2 2/8] exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds
Eric W. Biederman
- [PATCH v2 2/8] exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds
Casey Schaufler
- [PATCH v2 2/8] exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds
Kees Cook
- [PATCH v2 2/8] exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds
James Morris
- [PATCH v2 3/6] lib: Kconfig.debug: default KUNIT_* fragments to KUNIT_RUN_ALL
Anders Roxell
- [PATCH v2 3/6] lib: Kconfig.debug: default KUNIT_* fragments to KUNIT_RUN_ALL
David Gow
- [PATCH v2 3/8] exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds
Eric W. Biederman
- [PATCH v2 3/8] exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds
Kees Cook
- [PATCH v2 3/8] exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds
Eric W. Biederman
- [PATCH v2 3/8] exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds
Kees Cook
- [PATCH v2 3/8] exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds
James Morris
- [PATCH v2 3/8] exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds
Eric W. Biederman
- [PATCH v2 3/8] exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds
Eric W. Biederman
- [PATCH v2 3/8] exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds
Kees Cook
- [PATCH v2 4/6] drivers: base: default KUNIT_* fragments to KUNIT_RUN_ALL
Anders Roxell
- [PATCH v2 4/6] drivers: base: default KUNIT_* fragments to KUNIT_RUN_ALL
David Gow
- [PATCH v2 4/8] exec: Allow load_misc_binary to call prepare_binfmt unconditionally
Kees Cook
- [PATCH v2 4/8] exec: Allow load_misc_binary to call prepare_binfmt unconditionally
Eric W. Biederman
- [PATCH v2 4/8] exec: Allow load_misc_binary to call prepare_binfmt unconditionally
Kees Cook
- [PATCH v2 4/8] exec: Allow load_misc_binary to call prepare_binfmt unconditionally
Eric W. Biederman
- [PATCH v2 5/6] fs: ext4: default KUNIT_* fragments to KUNIT_RUN_ALL
David Gow
- [PATCH v2 5/6] fs: ext4: default KUNIT_* fragments to KUNIT_RUN_ALL
Anders Roxell
- [PATCH v2 5/8] exec: Move the call of prepare_binprm into search_binary_handler
Eric W. Biederman
- [PATCH v2 5/8] exec: Move the call of prepare_binprm into search_binary_handler
Kees Cook
- [PATCH v2 5/8] exec: Move the call of prepare_binprm into search_binary_handler
James Morris
- [PATCH v2 6/6] security: apparmor: default KUNIT_* fragments to KUNIT_RUN_ALL
Anders Roxell
- [PATCH v2 6/6] security: apparmor: default KUNIT_* fragments to KUNIT_RUN_ALL
David Gow
- [PATCH v2 6/8] exec/binfmt_script: Don't modify bprm->buf and then return -ENOEXEC
Kees Cook
- [PATCH v2 6/8] exec/binfmt_script: Don't modify bprm->buf and then return -ENOEXEC
Eric W. Biederman
- [PATCH v2 6/8] exec/binfmt_script: Don't modify bprm->buf and then return -ENOEXEC
Eric W. Biederman
- [PATCH v2 7/8] exec: Generic execfd support
Eric W. Biederman
- [PATCH v2 7/8] exec: Generic execfd support
Kees Cook
- [PATCH v2 7/8] exec: Generic execfd support
Linus Torvalds
- [PATCH v2 7/8] exec: Generic execfd support
Eric W. Biederman
- [PATCH v2 7/8] exec: Generic execfd support
Rob Landley
- [PATCH v2 7/8] exec: Generic execfd support
Eric W. Biederman
- [PATCH v2 7/8] exec: Generic execfd support
Rob Landley
- [PATCH v2 7/8] exec: Generic execfd support
Eric W. Biederman
- [PATCH v2 7/8] exec: Generic execfd support
Rob Landley
- [PATCH v2 7/8] exec: Generic execfd support
Eric W. Biederman
- [PATCH v2 8/8] exec: Remove recursion from search_binary_handler
Eric W. Biederman
- [PATCH v2 8/8] exec: Remove recursion from search_binary_handler
Kees Cook
- [PATCH v29 11/20] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [PATCH v2] evm: Fix a small race in init_desc()
Dan Carpenter
- [PATCH v2] evm: Fix a small race in init_desc()
Roberto Sassu
- [PATCH v2] evm: Fix a small race in init_desc()
Krzysztof Struczynski
- [PATCH v2] evm: Fix a small race in init_desc()
Mimi Zohar
- [PATCH v2] proc: proc_pid_ns takes super_block as an argument
Alexey Gladkov
- [PATCH v2] proc: proc_pid_ns takes super_block as an argument
Eric W. Biederman
- [PATCH v2] proc: proc_pid_ns takes super_block as an argument
Alexey Gladkov
- [PATCH v2] proc: proc_pid_ns takes super_block as an argument
Eric W. Biederman
- [PATCH v3 0/3] perf: make Perf tool aware of SELinux access control
Alexey Budankov
- [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC
James Morris
- [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC
Christian Heimes
- [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC
Mickaël Salaün
- [PATCH v3 0/6] Enable as many KUnit tests as possible
Anders Roxell
- [PATCH v3 0/6] Enable as many KUnit tests as possible
Anders Roxell
- [PATCH v3 0/6] Enable as many KUnit tests as possible
Brendan Higgins
- [PATCH v3 0/6] Enable as many KUnit tests as possible
Shuah Khan
- [PATCH v3 1/5] fs: Add support for a RESOLVE_MAYEXEC flag on openat2(2)
James Morris
- [PATCH v3 1/5] fs: Add support for a RESOLVE_MAYEXEC flag on openat2(2)
Mickaël Salaün
- [PATCH v3 1/6] kunit: Kconfig: enable a KUNIT_ALL_TESTS fragment
Anders Roxell
- [PATCH v3 1/6] kunit: Kconfig: enable a KUNIT_ALL_TESTS fragment
Brendan Higgins
- [PATCH v3 2/3] perf tool: make Perf tool aware of SELinux access control
Arnaldo Carvalho de Melo
- [PATCH v3 2/3] perf tool: make Perf tool aware of SELinux access control
Alexey Budankov
- [PATCH v3 2/3] perf tool: make Perf tool aware of SELinux access control
Alexey Budankov
- [PATCH v3 2/3] perf tool: make Perf tool aware of SELinux access control
Arnaldo Carvalho de Melo
- [PATCH v3 2/5] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property
James Morris
- [PATCH v3 2/5] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property
Mickaël Salaün
- [PATCH v3 2/6] kunit: default KUNIT_* fragments to KUNIT_ALL_TESTS
Anders Roxell
- [PATCH v3 3/3] perf docs: introduce security.txt file to document related issues
Arnaldo Carvalho de Melo
- [PATCH v3 3/3] perf docs: introduce security.txt file to document related issues
Arnaldo Carvalho de Melo
- [PATCH v3 3/3] perf docs: introduce security.txt file to document related issues
Alexey Budankov
- [PATCH v3 3/5] fs: Enable to enforce noexec mounts or file exec through RESOLVE_MAYEXEC
James Morris
- [PATCH v3 3/5] fs: Enable to enforce noexec mounts or file exec through RESOLVE_MAYEXEC
Mickaël Salaün
- [PATCH v3 3/5] fs: Enable to enforce noexec mounts or file exec through RESOLVE_MAYEXEC
James Morris
- [PATCH v3 3/6] lib: Kconfig.debug: default KUNIT_* fragments to KUNIT_ALL_TESTS
Anders Roxell
- [PATCH v3 4/6] drivers: base: default KUNIT_* fragments to KUNIT_ALL_TESTS
Anders Roxell
- [PATCH v3 5/6] fs: ext4: default KUNIT_* fragments to KUNIT_ALL_TESTS
Theodore Y. Ts'o
- [PATCH v3 5/6] fs: ext4: default KUNIT_* fragments to KUNIT_ALL_TESTS
Anders Roxell
- [PATCH v3 6/6] security: apparmor: default KUNIT_* fragments to KUNIT_ALL_TESTS
Anders Roxell
- [PATCH v3 6/6] security: apparmor: default KUNIT_* fragments to KUNIT_ALL_TESTS
John Johansen
- [PATCH v30 10/20] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v30 10/20] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [PATCH v30 10/20] x86/sgx: Linux Enclave Driver
Sean Christopherson
- [PATCH v30 10/20] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v30 10/20] x86/sgx: Linux Enclave Driver
Jarkko Sakkinen
- [PATCH v30 11/20] x86/sgx: Add provisioning
Jarkko Sakkinen
- [PATCH v3] proc: proc_pid_ns takes super_block as an argument
Alexey Gladkov
- [PATCH v3] proc: proc_pid_ns takes super_block as an argument
Tetsuo Handa
- [PATCH v4 0/4] Introduce TEE based Trusted Keys support
Sumit Garg
- [PATCH v4 0/4] Introduce TEE based Trusted Keys support
Sumit Garg
- [PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework
Jarkko Sakkinen
- [PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework
Sumit Garg
- [PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework
Jarkko Sakkinen
- [PATCH v4 1/5] fs: Add support for an O_MAYEXEC flag on openat2(2)
Deven Bowers
- [PATCH v4 1/7] ima: Switch to ima_hash_algo for boot aggregate
Jerry Snitselaar
- [PATCH v4 1/7] ima: Switch to ima_hash_algo for boot aggregate
Mimi Zohar
- [PATCH v4 2/4] KEYS: trusted: Introduce TEE based Trusted Keys
Sumit Garg
- [PATCH v4 2/4] KEYS: trusted: Introduce TEE based Trusted Keys
Jarkko Sakkinen
- [PATCH v4 2/4] KEYS: trusted: Introduce TEE based Trusted Keys
Sumit Garg
- [PATCH v4 2/4] KEYS: trusted: Introduce TEE based Trusted Keys
Jarkko Sakkinen
- [PATCH v4 3/4] doc: trusted-encrypted: updates with TEE as a new trust source
Jarkko Sakkinen
- [PATCH v4 3/4] doc: trusted-encrypted: updates with TEE as a new trust source
Sumit Garg
- [PATCH v4 4/4] MAINTAINERS: Add entry for TEE based Trusted Keys
Sumit Garg
- [PATCH v4 4/4] MAINTAINERS: Add entry for TEE based Trusted Keys
Jarkko Sakkinen
- [PATCH v4] proc: proc_pid_ns takes super_block as an argument
Alexey Gladkov
- [PATCH v5 0/6] Add support for O_MAYEXEC
Mickaël Salaün
- [PATCH v5 0/6] Add support for O_MAYEXEC
Mickaël Salaün
- [PATCH v5 0/6] Add support for O_MAYEXEC
Lev R. Oshvang .
- [PATCH v5 0/6] Add support for O_MAYEXEC
David Laight
- [PATCH v5 0/6] Add support for O_MAYEXEC
Mickaël Salaün
- [PATCH v5 0/6] Add support for O_MAYEXEC
Mickaël Salaün
- [PATCH v5 0/6] Add support for O_MAYEXEC
David Laight
- [PATCH v5 0/6] Add support for O_MAYEXEC
Mickaël Salaün
- [PATCH v5 0/6] Add support for O_MAYEXEC
David Laight
- [PATCH v5 0/6] Add support for O_MAYEXEC
Mickaël Salaün
- [PATCH v5 0/6] Add support for O_MAYEXEC
Lev R. Oshvang .
- [PATCH v5 0/6] Add support for O_MAYEXEC
Mimi Zohar
- [PATCH v5 1/3] Add a new LSM-supporting anonymous inode interface
James Morris
- [PATCH v5 1/6] fs: Add support for an O_MAYEXEC flag on openat2(2)
Mickaël Salaün
- [PATCH v5 1/6] fs: Add support for an O_MAYEXEC flag on openat2(2)
Kees Cook
- [PATCH v5 1/6] fs: Add support for an O_MAYEXEC flag on openat2(2)
Christian Heimes
- [PATCH v5 1/6] fs: Add support for an O_MAYEXEC flag on openat2(2)
Kees Cook
- [PATCH v5 1/6] fs: Add support for an O_MAYEXEC flag on openat2(2)
Mickaël Salaün
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Mimi Zohar
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Mimi Zohar
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Mimi Zohar
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Mimi Zohar
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Luis Chamberlain
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Mimi Zohar
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Scott Branden
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Mimi Zohar
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Kees Cook
- [PATCH v5 1/7] fs: introduce kernel_pread_file* support
Mimi Zohar
- [PATCH v5 2/6] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property
Kees Cook
- [PATCH v5 2/6] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property
Lev R. Oshvang .
- [PATCH v5 2/6] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property
Kees Cook
- [PATCH v5 2/6] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property
Lev R. Oshvang .
- [PATCH v5 2/6] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property
Mickaël Salaün
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Mickaël Salaün
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Randy Dunlap
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Mickaël Salaün
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Randy Dunlap
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Kees Cook
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Mickaël Salaün
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Stephen Smalley
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Kees Cook
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Kees Cook
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
David Laight
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Stephen Smalley
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Kees Cook
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Kees Cook
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Stephen Smalley
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Stephen Smalley
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Mickaël Salaün
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Mickaël Salaün
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
Tetsuo Handa
- [PATCH v5 4/6] selftest/openat2: Add tests for O_MAYEXEC enforcing
Mickaël Salaün
- [PATCH v5 4/6] selftest/openat2: Add tests for O_MAYEXEC enforcing
Kees Cook
- [PATCH v5 4/6] selftest/openat2: Add tests for O_MAYEXEC enforcing
Mickaël Salaün
- [PATCH v5 5/6] doc: Add documentation for the fs.open_mayexec_enforce sysctl
Kees Cook
- [PATCH v5 5/6] doc: Add documentation for the fs.open_mayexec_enforce sysctl
Mickaël Salaün
- [PATCH v5 5/6] doc: Add documentation for the fs.open_mayexec_enforce sysctl
Mickaël Salaün
- [PATCH v5 6/6] ima: add policy support for the new file open MAY_OPENEXEC flag
Mickaël Salaün
- [PATCH v5 bpf-next 0/3] Introduce CAP_BPF
Alexei Starovoitov
- [PATCH v5 bpf-next 0/3] Introduce CAP_BPF
Casey Schaufler
- [PATCH v5 bpf-next 0/3] Introduce CAP_BPF
Alexei Starovoitov
- [PATCH v5 bpf-next 1/3] bpf, capability: Introduce CAP_BPF
Alexei Starovoitov
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Alexei Starovoitov
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
sdf at google.com
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Alexei Starovoitov
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Jordan Glover
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Daniel Borkmann
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Daniel Borkmann
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Alexei Starovoitov
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
sdf at google.com
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Alexei Starovoitov
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Alexei Starovoitov
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Alexei Starovoitov
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Daniel Borkmann
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Daniel Borkmann
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Daniel Borkmann
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Alexei Starovoitov
- [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF
Alexei Starovoitov
- [PATCH v5 bpf-next 3/3] selftests/bpf: use CAP_BPF and CAP_PERFMON in tests
Alexei Starovoitov
- [PATCH v6 bpf-next 0/3] Introduce CAP_BPF
Alexei Starovoitov
- [PATCH v6 bpf-next 0/3] Introduce CAP_BPF
Marek Majkowski
- [PATCH v6 bpf-next 0/3] Introduce CAP_BPF
Alexei Starovoitov
- [PATCH v6 bpf-next 0/3] Introduce CAP_BPF
Marek Majkowski
- [PATCH v6 bpf-next 0/3] Introduce CAP_BPF
Alexei Starovoitov
- [PATCH v6 bpf-next 0/3] Introduce CAP_BPF
Marek Majkowski
- [PATCH v6 bpf-next 1/3] bpf, capability: Introduce CAP_BPF
Alexei Starovoitov
- [PATCH v6 bpf-next 2/3] bpf: implement CAP_BPF
Alexei Starovoitov
- [PATCH v6 bpf-next 3/3] selftests/bpf: use CAP_BPF and CAP_PERFMON in tests
Alexei Starovoitov
- [PATCH v7 bpf-next 0/3] Introduce CAP_BPF
Alexei Starovoitov
- [PATCH v7 bpf-next 0/3] Introduce CAP_BPF
Daniel Borkmann
- [PATCH v7 bpf-next 1/3] bpf, capability: Introduce CAP_BPF
Alexei Starovoitov
- [PATCH v7 bpf-next 2/3] bpf: implement CAP_BPF
Alexei Starovoitov
- [PATCH v7 bpf-next 3/3] selftests/bpf: use CAP_BPF and CAP_PERFMON in tests
Alexei Starovoitov
- [PATCH] capabilities: add description for CAP_SETFCAP
James Morris
- [PATCH] capabilities: Introduce CAP_RESTORE
Adrian Reber
- [PATCH] capabilities: Introduce CAP_RESTORE
Christian Brauner
- [PATCH] capabilities: Introduce CAP_RESTORE
Christian Brauner
- [PATCH] capabilities: Introduce CAP_RESTORE
Casey Schaufler
- [PATCH] capabilities: Introduce CAP_RESTORE
Andrei Vagin
- [PATCH] capabilities: Introduce CAP_RESTORE
Andrei Vagin
- [PATCH] capabilities: Introduce CAP_RESTORE
Casey Schaufler
- [PATCH] capabilities: Introduce CAP_RESTORE
Adrian Reber
- [PATCH] capabilities: Introduce CAP_RESTORE
Casey Schaufler
- [PATCH] capabilities: Introduce CAP_RESTORE
Jann Horn
- [PATCH] capabilities: Introduce CAP_RESTORE
Radostin Stoyanov
- [PATCH] capabilities: Introduce CAP_RESTORE
Eric W. Biederman
- [PATCH] capabilities: Introduce CAP_RESTORE
Casey Schaufler
- [PATCH] capabilities: Introduce CAP_RESTORE
Jann Horn
- [PATCH] capabilities: Introduce CAP_RESTORE
Adrian Reber
- [PATCH] capabilities: Introduce CAP_RESTORE
Adrian Reber
- [PATCH] capabilities: Introduce CAP_RESTORE
Christian Brauner
- [PATCH] capabilities: Introduce CAP_RESTORE
Casey Schaufler
- [PATCH] capabilities: Introduce CAP_RESTORE
Nicolas Viennot
- [PATCH] capabilities: Introduce CAP_RESTORE
Casey Schaufler
- [PATCH] capabilities: Introduce CAP_RESTORE
Nicolas Viennot
- [PATCH] capabilities: Introduce CAP_RESTORE
Christian Brauner
- [PATCH] checkpatch/coding-style: Allow 100 column lines
Joe Perches
- [PATCH] checkpatch/coding-style: Allow 100 column lines
Markus Elfring
- [PATCH] checkpatch/coding-style: Allow 100 column lines
Joe Perches
- [PATCH] commoncap: Make cap_inode_killpriv ignore other LSM xattr
Dmitry Mastykin
- [PATCH] evm: Fix a small race in init_desc()
Dan Carpenter
- [PATCH] evm: Fix a small race in init_desc()
Roberto Sassu
- [PATCH] ima: Allow imasig requirement to be satisfied by EVM portable signatures
Roberto Sassu
- [PATCH] ima: Replace zero-length array with flexible-array
Gustavo A. R. Silva
- [PATCH] integrity: evm: Fix RCU list related warnings.
Mimi Zohar
- [PATCH] keys: Make the KEY_NEED_* perms an enum rather than a mask
David Howells
- [PATCH] keys: Make the KEY_NEED_* perms an enum rather than a mask
Paul Moore
- [PATCH] keys: Make the KEY_NEED_* perms an enum rather than a mask
Stephen Smalley
- [PATCH] keys: Make the KEY_NEED_* perms an enum rather than a mask
Casey Schaufler
- [PATCH] keys: Make the KEY_NEED_* perms an enum rather than a mask
David Howells
- [PATCH] keys: Make the KEY_NEED_* perms an enum rather than a mask
David Howells
- [PATCH] keys: Make the KEY_NEED_* perms an enum rather than a mask
David Howells
- [PATCH] keys: Make the KEY_NEED_* perms an enum rather than a mask
Jarkko Sakkinen
- [PATCH] keys: Make the KEY_NEED_* perms an enum rather than a mask
Stephen Smalley
- [PATCH] keys: Make the KEY_NEED_* perms an enum rather than a mask
Stephen Smalley
- [PATCH] keys: Move permissions checking decisions into the checking code
Casey Schaufler
- [PATCH] keys: Move permissions checking decisions into the checking code
Stephen Smalley
- [PATCH] keys: Move permissions checking decisions into the checking code
David Howells
- [PATCH] keys: Move permissions checking decisions into the checking code
Stephen Smalley
- [PATCH] keys: Move permissions checking decisions into the checking code
Casey Schaufler
- [PATCH] keys: Move permissions checking decisions into the checking code
David Howells
- [PATCH] keys: Move permissions checking decisions into the checking code
David Howells
- [PATCH] kunit: Kconfig: enable a KUNIT_RUN_ALL fragment
Anders Roxell
- [PATCH] kunit: Kconfig: enable a KUNIT_RUN_ALL fragment
Marco Elver
- [PATCH] kunit: Kconfig: enable a KUNIT_RUN_ALL fragment
Anders Roxell
- [PATCH] kunit: Kconfig: enable a KUNIT_RUN_ALL fragment
Brendan Higgins
- [PATCH] kunit: Kconfig: enable a KUNIT_RUN_ALL fragment
David Gow
- [PATCH] kunit: Kconfig: enable a KUNIT_RUN_ALL fragment
Anders Roxell
- [PATCH] lockdown: Allow unprivileged users to see lockdown status
Jeremy Cline
- [PATCH] lockdown: Allow unprivileged users to see lockdown status
James Morris
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Andy Shevchenko
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Richard Hughes
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Javier Martinez Canillas
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Andy Shevchenko
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Javier Martinez Canillas
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Mario.Limonciello at dell.com
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Richard Hughes
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Mario.Limonciello at dell.com
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Richard Hughes
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Mario.Limonciello at dell.com
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Mika Westerberg
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Richard Hughes
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Mario.Limonciello at dell.com
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Mika Westerberg
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Mika Westerberg
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Richard Hughes
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Mika Westerberg
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Richard Hughes
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Mika Westerberg
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Richard Hughes
- [PATCH] platform/x86: Export LPC attributes for the system SPI chip
Richard Hughes
- [PATCH] proc: proc_pid_ns takes super_block as an argument
Alexey Gladkov
- [PATCH] security: fix the default value of secid_to_secctx hook
James Morris
- [PATCH] security: fix the default value of secid_to_secctx hook
Schaufler, Casey
- [PATCH] security: fix the default value of secid_to_secctx hook
Casey Schaufler
- [PATCH] security: integrity: Replace zero-length array with flexible-array member
Gustavo A. R. Silva
- [PATCH] securityfs: Add missing d_delete() call on removal
Kees Cook
- [PATCH] securityfs: Add missing d_delete() call on removal
Al Viro
- [PATCH] securityfs: Add missing d_delete() call on removal
Kees Cook
- [PATCH] securityfs: Add missing d_delete() call on removal
Al Viro
- [PATCH] securityfs: Add missing d_delete() call on removal
Kees Cook
- [PATCH] securityfs: Add missing d_delete() call on removal
Al Viro
- [PATCH] securityfs: Add missing d_delete() call on removal
Kees Cook
- [PATCH] selinux: Fix use of KEY_NEED_* instead of KEY__* perms [v2]
Paul Moore
- [PATCH] vfs: allow unprivileged whiteout creation
Miklos Szeredi
- [PATCH] vfs: allow unprivileged whiteout creation
Ondrej Mosnacek
- [PATCH] vfs: allow unprivileged whiteout creation
Stephen Smalley
- [PATCH] vfs: allow unprivileged whiteout creation
Miklos Szeredi
- [PATCH] vfs: allow unprivileged whiteout creation
Stephen Smalley
- [PATCH] vfs: allow unprivileged whiteout creation
Miklos Szeredi
- [RFC PATCH v1] ima: verify mprotect change is consistent with mmap policy
Lakshmi Ramasubramanian
- [RFC PATCH v1] ima: verify mprotect change is consistent with mmap policy
Mimi Zohar
- [RFC PATCH v3 00/12] Integrity Policy Enforcement LSM (IPE)
Mickaël Salaün
- [RFC PATCH v3 00/12] Integrity Policy Enforcement LSM (IPE)
Deven Bowers
- [RFC PATCH v3 00/12] Integrity Policy Enforcement LSM (IPE)
Deven Bowers
- [RFC PATCH v3 00/12] Integrity Policy Enforcement LSM (IPE)
Mickaël Salaün
- [RFC PATCH v3 00/12] Integrity Policy Enforcement LSM (IPE)
Jaskaran Singh Khurana
- [RFC PATCH v3 00/12] Integrity Policy Enforcement LSM (IPE)
Jaskaran Singh Khurana
- [RFC PATCH v3 00/12] Integrity Policy Enforcement LSM (IPE)
Mickaël Salaün
- [RFC PATCH] ima: verify mprotect change is consistent with mmap policy
Lakshmi Ramasubramanian
- [RFC PATCH] ima: verify mprotect change is consistent with mmap policy
Jann Horn
- [RFC PATCH] ima: verify mprotect change is consistent with mmap policy
Mimi Zohar
- [RFC PATCH] ima: verify mprotect change is consistent with mmap policy
Mimi Zohar
- [RFC PATCH] ima: verify mprotect change is consistent with mmap policy
Mimi Zohar
- [RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass
Mark Rutland
- [RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass
Prakhar Srivastava
- [RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass
Rob Herring
- [RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass
Prakhar Srivastava
- [RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass
Thiago Jung Bauermann
- [RFC][PATCH 0/2] Add support for using reserved memory for ima buffer pass
Prakhar Srivastava
- [RFC][PATCH 1/2] Add a layer of abstraction to use the memory reserved by device tree for ima buffer pass.
Prakhar Srivastava
- [RFC][PATCH 1/2] Add a layer of abstraction to use the memory reserved by device tree for ima buffer pass.
Rob Herring
- [RFC][PATCH 1/2] Add a layer of abstraction to use the memory reserved by device tree for ima buffer pass.
Prakhar Srivastava
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Roberto Sassu
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Mimi Zohar
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Mimi Zohar
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Roberto Sassu
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Mimi Zohar
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Roberto Sassu
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Mimi Zohar
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Roberto Sassu
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Mimi Zohar
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Roberto Sassu
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Mimi Zohar
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Roberto Sassu
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Mimi Zohar
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Roberto Sassu
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Mimi Zohar
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Roberto Sassu
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Mimi Zohar
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Roberto Sassu
- [RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Mimi Zohar
- [RFC][PATCH 2/2] Add support for ima buffer pass using reserved memory arm64
Prakhar Srivastava
- clean up kernel_{read,write} & friends
Christoph Hellwig
- clean up kernel_{read,write} & friends v2
Christoph Hellwig
- clean up kernel_{read,write} & friends v2
Christoph Hellwig
- clean up kernel_{read,write} & friends v2
Christoph Hellwig
- clean up kernel_{read,write} & friends v2
Linus Torvalds
- clean up kernel_{read,write} & friends v2
Sedat Dilek
- clean up kernel_{read,write} & friends v2
Joe Perches
- clean up kernel_{read,write} & friends v2
Al Viro
- clean up kernel_{read,write} & friends v2
Matthew Wilcox
- clean up kernel_{read,write} & friends v2
Al Viro
- clean up kernel_{read,write} & friends v2
Deucher, Alexander
- clean up kernel_{read,write} & friends v2
David Howells
- clean up kernel_{read,write} & friends v2
Joe Perches
- clean up kernel_{read,write} & friends v2
Dave Airlie
- clean up kernel_{read,write} & friends v2
Joe Perches
- clean up kernel_{read,write} & friends v2
Casey Schaufler
- clean up kernel_{read,write} & friends v2
David Laight
- clean up kernel_{read,write} & friends v2
Linus Torvalds
- clean up kernel_{read,write} & friends v2
Casey Schaufler
- fuse doesn't use security_inode_init_security?
Miklos Szeredi
- fuse doesn't use security_inode_init_security?
Stephen Smalley
- fuse doesn't use security_inode_init_security?
Chirantan Ekbote
- fuse doesn't use security_inode_init_security?
Stephen Smalley
- general protection fault in tomoyo_check_acl
syzbot
- general protection fault in tomoyo_check_acl
Tetsuo Handa
- Geschäftsvorschlag.
gandrade at hontanar.edu.ec
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Florian Weimer
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Mickaël Salaün
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Kees Cook
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Florian Weimer
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Kees Cook
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Kees Cook
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Mickaël Salaün
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Florian Weimer
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Mickaël Salaün
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Kees Cook
- jjCompliment
mrs chantal
- linux-next boot error: general protection fault in tomoyo_get_local_path
syzbot
- linux-next boot error: general protection fault in tomoyo_get_local_path
Tetsuo Handa
- linux-next boot error: general protection fault in tomoyo_get_local_path
Tetsuo Handa
- linux-next boot error: general protection fault in tomoyo_get_local_path
Eric W. Biederman
- linux-next boot error: general protection fault in tomoyo_get_local_path
Alexey Gladkov
- linux-next boot error: general protection fault in tomoyo_get_local_path
Al Viro
- linux-next boot error: general protection fault in tomoyo_get_local_path
Eric W. Biederman
- linux-next boot error: general protection fault in tomoyo_get_local_path
Al Viro
- new seccomp mode aims to improve performance
zhujianwei (C)
- new seccomp mode aims to improve performance
Alexei Starovoitov
- new seccomp mode aims to improve performance
Kees Cook
- new seccomp mode aims to improve performance
Alexei Starovoitov
- new seccomp mode aims to improve performance
Kees Cook
- new seccomp mode aims to improve performance
Alexei Starovoitov
- Spende
Mrs.Judith Rice
- Spende
Mrs.Judith Rice
- Spende von 2.000.000,00 Euro
manuel franco
- WARNING: suspicious RCU usage with PROVE_RCU_LIST=y
Amol Grover
- WARNING: suspicious RCU usage with PROVE_RCU_LIST=y
John Johansen
- WARNING: suspicious RCU usage with PROVE_RCU_LIST=y
John Johansen
Last message date:
Sun May 31 23:59:53 UTC 2020
Archived on: Mon Jun 1 00:24:25 UTC 2020
This archive was generated by
Pipermail 0.09 (Mailman edition).