May 2021 Archives by author
Starting: Sat May 1 00:02:23 UTC 2021
Ending: Mon May 31 17:38:30 UTC 2021
Messages: 392
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Tycho Andersen
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Jens Axboe
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Jens Axboe
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Jens Axboe
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Jens Axboe
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Jens Axboe
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Jens Axboe
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Jens Axboe
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Pavel Begunkov
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Pavel Begunkov
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Pavel Begunkov
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Pavel Begunkov
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Pavel Begunkov
- [RFC 0/12] Unify asm/unaligned.h around struct helper
Arnd Bergmann
- [RFC 09/12] apparmor: use get_unaligned() only for multi-byte words
Arnd Bergmann
- [RFC 0/12] Unify asm/unaligned.h around struct helper
Arnd Bergmann
- [PATCH v2 00/13] Unify asm/unaligned.h around struct helper
Arnd Bergmann
- [PATCH v2 09/13] apparmor: use get_unaligned() only for multi-byte words
Arnd Bergmann
- [PATCH v2 00/13] Unify asm/unaligned.h around struct helper
Arnd Bergmann
- [PATCH] proc: Check /proc/$pid/attr/ writes against file opener
Eric W. Biederman
- [syzbot] KCSAN: data-race in assoc_array_apply_edit / search_nested_keyrings
Eric Biggers
- [PATCH] crypto: arm64/gcm - remove Wunused-const-variable ghash_cpu_feature
Eric Biggers
- [PATCH v2 1/1] trusted-keys: match tpm_get_ops on all return paths
Ben Boeckel
- [PATCH v2 1/1] trusted-keys: match tpm_get_ops on all return paths
Ben Boeckel
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Daniel Borkmann
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Daniel Borkmann
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Daniel Borkmann
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Daniel Borkmann
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Daniel Borkmann
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Daniel Borkmann
- [PATCH v2 1/1] trusted-keys: match tpm_get_ops on all return paths
James Bottomley
- [RFC PATCH 0/3] Allow access to confidential computing secret area
James Bottomley
- [RFC PATCH 0/3] Allow access to confidential computing secret area
James Bottomley
- [RFC PATCH 0/3] Allow access to confidential computing secret area
James Bottomley
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Christian Brauner
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Christian Brauner
- [PATCH 3/7] ima: Introduce template fields mntuidmap and mntgidmap
Christian Brauner
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Christian Brauner
- [PATCH 3/7] ima: Introduce template fields mntuidmap and mntgidmap
Christian Brauner
- [PATCH v2 2/7] ima: Define new template fields iuid and igid
Christian Brauner
- [PATCH RESEND v5] proc: Allow pid_revalidate() during LOOKUP_RCU
Stephen Brennan
- [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
Richard Guy Briggs
- [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
Richard Guy Briggs
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Richard Guy Briggs
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Richard Guy Briggs
- [RFC PATCH 4/9] audit: add filtering for io_uring records
Richard Guy Briggs
- [RFC PATCH 4/9] audit: add filtering for io_uring records
Richard Guy Briggs
- [PATCH 1/2] audit: add filtering for io_uring records, addendum
Richard Guy Briggs
- [PATCH 2/2] audit: block PERM fields being used with io_uring filtering
Richard Guy Briggs
- Business inquiries 05:11:2021
COMPANY
- [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS
Kees Cook
- [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS
Kees Cook
- [PATCH] serial: core: fix suspicious security_locked_down() call
Kees Cook
- [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS
Kees Cook
- [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down
Kees Cook
- [PATCH v26 04/25] IMA: avoid label collisions with stacked LSMs
Kees Cook
- [PATCH v26 03/25] LSM: provide lsm name and id slot mappings
Kees Cook
- [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid
Kees Cook
- [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx
Kees Cook
- [PATCH v26 14/25] LSM: Specify which LSM to display
Kees Cook
- [PATCH v26 17/25] LSM: Use lsmcontext in security_inode_getsecctx
Kees Cook
- [PATCH] proc: Check /proc/$pid/attr/ writes against file opener
Kees Cook
- [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down
Maxime Coquelin
- [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down
Maxime Coquelin
- [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down
Maxime Coquelin
- [PATCH] KEYS: trusted: Fix memory leak on object td
Nick Desaulniers
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Sargun Dhillon
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Sargun Dhillon
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Michael Ellerman
- [syzbot] KCSAN: data-race in assoc_array_apply_edit / search_nested_keyrings
Marco Elver
- [RFC PATCH 0/3] Allow access to confidential computing secret area
Dr. David Alan Gilbert
- [RFC PATCH 0/3] Allow access to confidential computing secret area
Dr. David Alan Gilbert
- [PATCH v2 09/10] apparmor: test: Remove some casts which are no-longer required
David Gow
- [RFC PATCH 0/3] Add additional MOK vars
Dr. Greg
- [RFC PATCH 2/9] audit, io_uring, io-wq: add some basic audit support to io_uring
Steve Grubb
- [PATCH v2 00/13] Unify asm/unaligned.h around struct helper
Vineet Gupta
- [PATCH v2 00/13] Unify asm/unaligned.h around struct helper
Vineet Gupta
- [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
Tetsuo Handa
- [PATCH] proc: Check /proc/$pid/attr/ writes against file opener
Jann Horn
- [PATCH] Keys: Remove redundant initialization of cred
David Howells
- [RFC 09/12] apparmor: use get_unaligned() only for multi-byte words
John Johansen
- [PATCH] crypto: arm64/gcm - remove Wunused-const-variable ghash_cpu_feature
Austin Kim
- [PATCH] crypto: arm64/gcm - remove Wunused-const-variable ghash_cpu_feature
Austin Kim
- [RFC PATCH 0/3] Allow access to confidential computing secret area
Andi Kleen
- [RFC PATCH 0/3] Allow access to confidential computing secret area
Andi Kleen
- [PATCH v7 0/7] Fork brute force attack mitigation
Andi Kleen
- [PATCH v7 0/7] Fork brute force attack mitigation
Andi Kleen
- [RFC PATCH 0/3] Allow access to confidential computing secret area
Andi Kleen
- [PATCH v2 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag
Olga Kornievskaia
- [PATCH] debugfs: fix security_locked_down() call for SELinux
Greg Kroah-Hartman
- [PATCH] debugfs: fix security_locked_down() call for SELinux
Greg Kroah-Hartman
- [PATCH] serial: core: fix suspicious security_locked_down() call
Greg Kroah-Hartman
- [PATCH 4/4] integrity: Load mokx variables into the blacklist keyring
Dimitri John Ledkov
- [PATCH] Keys: Remove redundant initialization of cred
Yang Li
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Andy Lutomirski
- [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory
Andy Lutomirski
- [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory
Andy Lutomirski
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Andy Lutomirski
- [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring
Stefan Metzmacher
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Stefan Metzmacher
- Partner with me
janete Moon
- [PATCH 2/2] selinux:Delete selinux_xfrm_policy_lookup() useless argument
Paul Moore
- A missing check bug in __sys_accept4_file()
Paul Moore
- [PATCH v26 03/25] LSM: provide lsm name and id slot mappings
Paul Moore
- [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid
Paul Moore
- [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx
Paul Moore
- [PATCH v26 14/25] LSM: Specify which LSM to display
Paul Moore
- [PATCH v26 15/25] LSM: Ensure the correct LSM context releaser
Paul Moore
- [PATCH v26 18/25] LSM: security_secid_to_secctx in netlink netfilter
Paul Moore
- [PATCH v26 21/25] audit: add support for non-syscall auxiliary records
Paul Moore
- [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
Paul Moore
- [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
Paul Moore
- [RFC PATCH 1/9] audit: prepare audit_context for use in calling contexts beyond syscalls
Paul Moore
- [RFC PATCH 2/9] audit, io_uring, io-wq: add some basic audit support to io_uring
Paul Moore
- [RFC PATCH 3/9] audit: dev/test patch to force io_uring auditing
Paul Moore
- [RFC PATCH 4/9] audit: add filtering for io_uring records
Paul Moore
- [RFC PATCH 5/9] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure()
Paul Moore
- [RFC PATCH 6/9] io_uring: convert io_uring to the secure anon inode interface
Paul Moore
- [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring
Paul Moore
- [RFC PATCH 8/9] selinux: add support for the io_uring access controls
Paul Moore
- [RFC PATCH 9/9] Smack: Brutalist io_uring support with debug
Paul Moore
- [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
Paul Moore
- [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
Paul Moore
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Paul Moore
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Paul Moore
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Paul Moore
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Paul Moore
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Paul Moore
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Paul Moore
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Paul Moore
- [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
Paul Moore
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Paul Moore
- [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
Paul Moore
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Paul Moore
- [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring
Paul Moore
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Paul Moore
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Paul Moore
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Paul Moore
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Paul Moore
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Paul Moore
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Paul Moore
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Paul Moore
- [RFC PATCH 4/9] audit: add filtering for io_uring records
Paul Moore
- [ANNOUNCE][CFP] Linux Security Summit 2021
James Morris
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
James Morris
- [GIT PULL] SafeSetID changes for v5.13
Micah Morton
- [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down
Ondrej Mosnacek
- [PATCH] lockdown, selinux: fix bogus SELinux lockdown permission checks
Ondrej Mosnacek
- [PATCH] debugfs: fix security_locked_down() call for SELinux
Ondrej Mosnacek
- [PATCH] serial: core: fix suspicious security_locked_down() call
Ondrej Mosnacek
- [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect
Ondrej Mosnacek
- [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down
Ondrej Mosnacek
- [PATCH] debugfs: fix security_locked_down() call for SELinux
Ondrej Mosnacek
- [PATCH v2] debugfs: fix security_locked_down() call for SELinux
Ondrej Mosnacek
- [PATCH] serial: core: fix suspicious security_locked_down() call
Ondrej Mosnacek
- [PATCH] lockdown, selinux: fix bogus SELinux lockdown permission checks
Ondrej Mosnacek
- [PATCH] lockdown, selinux: fix bogus SELinux lockdown permission checks
Ondrej Mosnacek
- [PATCH] lockdown, selinux: fix bogus SELinux lockdown permission checks
Ondrej Mosnacek
- [PATCH] lockdown, selinux: fix bogus SELinux lockdown permission checks
Ondrej Mosnacek
- [PATCH v2] lockdown, selinux: avoid bogus SELinux lockdown permission checks
Ondrej Mosnacek
- [PATCH v2 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
Ondrej Mosnacek
- [PATCH v2 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag
Ondrej Mosnacek
- [PATCH v2 2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount
Ondrej Mosnacek
- [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
Ondrej Mosnacek
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Ondrej Mosnacek
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Ondrej Mosnacek
- [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
Jeff Moyer
- [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
Jeff Moyer
- [RFC PATCH 0/3] Allow access to confidential computing secret area
Dov Murik
- [RFC PATCH 3/3] virt: Add sev_secret module to expose confidential computing secrets
Dov Murik
- [RFC PATCH 0/3] Allow access to confidential computing secret area
Dov Murik
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Jiri Olsa
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Jiri Olsa
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Jiri Olsa
- Personal
Chris Pavlides
- [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect
Steven Rostedt
- [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
Steven Rostedt
- [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS
Mark Rutland
- [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS
Mark Rutland
- [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS
Mark Rutland
- [PATCH] KEYS: trusted: Fix memory leak on object td
Jarkko Sakkinen
- [PATCH] KEYS: trusted: Fix memory leak on object td
Jarkko Sakkinen
- [PATCH] KEYS: trusted: fix memory leak
Jarkko Sakkinen
- [PATCH] Keys: Remove redundant initialization of cred
Jarkko Sakkinen
- [PATCH v2 1/1] trusted-keys: match tpm_get_ops on all return paths
Jarkko Sakkinen
- [PATCH v2 1/1] trusted-keys: match tpm_get_ops on all return paths
Jarkko Sakkinen
- [RFC PATCH 0/3] Add additional MOK vars
Jarkko Sakkinen
- [RFC PATCH 1/3] keys: Add ability to trust the platform keyring
Jarkko Sakkinen
- [PATCH v7 0/5] Enable root to update the blacklist keyring
Mickaël Salaün
- New mailing list for Landlock LSM user space discussions
Mickaël Salaün
- [PATCH v26 02/25] LSM: Add the lsmblob data structure.
Mickaël Salaün
- [PATCH v26 02/25] LSM: Add the lsmblob data structure.
Mickaël Salaün
- [PATCH v4 04/11] ima: Move ima_reset_appraise_flags() call to post hooks
Roberto Sassu
- [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe
Roberto Sassu
- [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe
Roberto Sassu
- [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata
Roberto Sassu
- [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata
Roberto Sassu
- [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata
Roberto Sassu
- [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata
Roberto Sassu
- [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe
Roberto Sassu
- [PATCH v5 07/12] evm: Allow xattr/attr operations for portable signatures
Roberto Sassu
- [PATCH v6 00/11] evm: Improve usability of portable signatures
Roberto Sassu
- [PATCH v6 01/11] evm: Execute evm_inode_init_security() only when an HMAC key is loaded
Roberto Sassu
- [PATCH v6 02/11] evm: Load EVM key in ima_load_x509() to avoid appraisal
Roberto Sassu
- [PATCH v6 03/11] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
Roberto Sassu
- [PATCH v6 04/11] evm: Introduce evm_status_revalidate()
Roberto Sassu
- [PATCH v6 05/11] evm: Introduce evm_hmac_disabled() to safely ignore verification errors
Roberto Sassu
- [PATCH v6 06/11] evm: Allow xattr/attr operations for portable signatures
Roberto Sassu
- [PATCH v6 07/11] evm: Pass user namespace to set/remove xattr hooks
Roberto Sassu
- [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata
Roberto Sassu
- [PATCH v6 09/11] ima: Allow imasig requirement to be satisfied by EVM portable signatures
Roberto Sassu
- [PATCH v6 10/11] ima: Introduce template field evmsig and write to field sig as fallback
Roberto Sassu
- [PATCH v6 11/11] ima: Don't remove security.ima if file must not be appraised
Roberto Sassu
- [RESEND][PATCH v6 05/11] evm: Introduce evm_hmac_disabled() to safely ignore verification errors
Roberto Sassu
- [PATCH v6 03/11] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
Roberto Sassu
- [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata
Roberto Sassu
- [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata
Roberto Sassu
- [PATCH v6 10/11] ima: Introduce template field evmsig and write to field sig as fallback
Roberto Sassu
- [PATCH v7 00/12] evm: Improve usability of portable signatures
Roberto Sassu
- [PATCH v7 01/12] evm: Execute evm_inode_init_security() only when an HMAC key is loaded
Roberto Sassu
- [PATCH v7 02/12] evm: Load EVM key in ima_load_x509() to avoid appraisal
Roberto Sassu
- [PATCH v7 03/12] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
Roberto Sassu
- [PATCH v7 04/12] evm: Introduce evm_revalidate_status()
Roberto Sassu
- [PATCH v7 05/12] evm: Introduce evm_hmac_disabled() to safely ignore verification errors
Roberto Sassu
- [PATCH v7 06/12] evm: Allow xattr/attr operations for portable signatures
Roberto Sassu
- [PATCH v7 07/12] evm: Pass user namespace to set/remove xattr hooks
Roberto Sassu
- [PATCH v7 08/12] evm: Allow setxattr() and setattr() for unmodified metadata
Roberto Sassu
- [PATCH v7 09/12] evm: Deprecate EVM_ALLOW_METADATA_WRITES
Roberto Sassu
- [PATCH v7 10/12] ima: Allow imasig requirement to be satisfied by EVM portable signatures
Roberto Sassu
- [PATCH v7 11/12] ima: Introduce template field evmsig and write to field sig as fallback
Roberto Sassu
- [PATCH v7 12/12] ima: Don't remove security.ima if file must not be appraised
Roberto Sassu
- [RESEND][PATCH 05/12] evm: Introduce evm_hmac_disabled() to safely ignore verification errors
Roberto Sassu
- [RESEND][PATCH 05/12] evm: Introduce evm_hmac_disabled() to safely ignore verification errors
Roberto Sassu
- [PATCH 0/7] ima: Add template fields to verify EVM portable signatures
Roberto Sassu
- [PATCH 1/7] ima: Add ima_show_template_uint() template library function
Roberto Sassu
- [PATCH 2/7] ima: Introduce template fields iuid and igid
Roberto Sassu
- [PATCH 3/7] ima: Introduce template fields mntuidmap and mntgidmap
Roberto Sassu
- [PATCH 4/7] ima: Introduce template field imode
Roberto Sassu
- [PATCH 5/7] evm: Verify portable signatures against all protected xattrs
Roberto Sassu
- [PATCH 6/7] ima: Introduce template field evmxattrs
Roberto Sassu
- [PATCH 7/7] evm: Don't return an error in evm_write_xattrs() if audit is not enabled
Roberto Sassu
- [PATCH 3/7] ima: Introduce template fields mntuidmap and mntgidmap
Roberto Sassu
- [PATCH v7 00/12] evm: Improve usability of portable signatures
Roberto Sassu
- [PATCH v2 0/7] ima: Add template fields to verify EVM portable signatures
Roberto Sassu
- [PATCH v2 1/7] ima: Add ima_show_template_uint() template library function
Roberto Sassu
- [PATCH v2 2/7] ima: Define new template fields iuid and igid
Roberto Sassu
- [PATCH v2 3/7] ima: Define new template field imode
Roberto Sassu
- [PATCH v2 4/7] evm: Verify portable signatures against all protected xattrs
Roberto Sassu
- [PATCH v2 5/7] ima: Define new template fields xattrnames, xattrlengths and xattrvalues
Roberto Sassu
- [PATCH v2 6/7] ima: Define new template evm-sig
Roberto Sassu
- [PATCH v2 7/7] evm: Don't return an error in evm_write_xattrs() if audit is not enabled
Roberto Sassu
- [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
Casey Schaufler
- [syzbot] WARNING in smk_set_cipso (2)
Casey Schaufler
- [PATCH] security/smack: fix misspellings using codespell tool
Casey Schaufler
- [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
Casey Schaufler
- [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
Casey Schaufler
- [PATCH v26 00/25] LSM: Module stacking for AppArmor
Casey Schaufler
- [PATCH v26 01/25] LSM: Infrastructure management of the sock security
Casey Schaufler
- [PATCH v26 02/25] LSM: Add the lsmblob data structure.
Casey Schaufler
- [PATCH v26 03/25] LSM: provide lsm name and id slot mappings
Casey Schaufler
- [PATCH v26 04/25] IMA: avoid label collisions with stacked LSMs
Casey Schaufler
- [PATCH v26 05/25] LSM: Use lsmblob in security_audit_rule_match
Casey Schaufler
- [PATCH v26 06/25] LSM: Use lsmblob in security_kernel_act_as
Casey Schaufler
- [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid
Casey Schaufler
- [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx
Casey Schaufler
- [PATCH v26 09/25] LSM: Use lsmblob in security_ipc_getsecid
Casey Schaufler
- [PATCH v26 10/25] LSM: Use lsmblob in security_task_getsecid
Casey Schaufler
- [PATCH v26 11/25] LSM: Use lsmblob in security_inode_getsecid
Casey Schaufler
- [PATCH v26 12/25] LSM: Use lsmblob in security_cred_getsecid
Casey Schaufler
- [PATCH v26 13/25] IMA: Change internal interfaces to use lsmblobs
Casey Schaufler
- [PATCH v26 14/25] LSM: Specify which LSM to display
Casey Schaufler
- [PATCH v26 15/25] LSM: Ensure the correct LSM context releaser
Casey Schaufler
- [PATCH v26 16/25] LSM: Use lsmcontext in security_secid_to_secctx
Casey Schaufler
- [PATCH v26 17/25] LSM: Use lsmcontext in security_inode_getsecctx
Casey Schaufler
- [PATCH v26 18/25] LSM: security_secid_to_secctx in netlink netfilter
Casey Schaufler
- [PATCH v26 19/25] NET: Store LSM netlabel data in a lsmblob
Casey Schaufler
- [PATCH v26 20/25] LSM: Verify LSM display sanity in binder
Casey Schaufler
- [PATCH v26 21/25] audit: add support for non-syscall auxiliary records
Casey Schaufler
- [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
Casey Schaufler
- [PATCH v26 23/25] Audit: Add a new record for multiple object LSM attributes
Casey Schaufler
- [PATCH v26 24/25] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH v26 25/25] AppArmor: Remove the exclusive flag
Casey Schaufler
- [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
Casey Schaufler
- [PATCH v26 14/25] LSM: Specify which LSM to display
Casey Schaufler
- [PATCH] Revert "Smack: Handle io_uring kernel thread privileges"
Casey Schaufler
- [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
Casey Schaufler
- [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
Casey Schaufler
- [PATCH v26 02/25] LSM: Add the lsmblob data structure.
Casey Schaufler
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Casey Schaufler
- [RFC PATCH 0/3] Allow access to confidential computing secret area
Brijesh Singh
- [RFC PATCH 0/3] Allow access to confidential computing secret area
Brijesh Singh
- [RFC PATCH 0/3] Allow access to confidential computing secret area
Brijesh Singh
- [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task
KP Singh
- [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task
KP Singh
- [RFC PATCH 0/3] Add additional MOK vars
Eric Snowberg
- [RFC PATCH 1/3] keys: Add ability to trust the platform keyring
Eric Snowberg
- [RFC PATCH 2/3] keys: Trust platform keyring if MokTrustPlatform found
Eric Snowberg
- [RFC PATCH 3/3] ima: Enable IMA SB Policy if MokIMAPolicy found
Eric Snowberg
- [RFC PATCH 0/3] Add additional MOK vars
Eric Snowberg
- [RFC PATCH 0/3] Add additional MOK vars
Eric Snowberg
- [RFC PATCH 0/3] Add additional MOK vars
Eric Snowberg
- [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader
Alexei Starovoitov
- [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory
Alexei Starovoitov
- [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader
Alexei Starovoitov
- [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory
Alexei Starovoitov
- [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task
Alexei Starovoitov
- [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task
Alexei Starovoitov
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
Victor Stewart
- [PATCH v2 00/13] Unify asm/unaligned.h around struct helper
Linus Torvalds
- [PATCH v2 00/13] Unify asm/unaligned.h around struct helper
Linus Torvalds
- [PATCH v2 00/13] Unify asm/unaligned.h around struct helper
Linus Torvalds
- [syzbot] WARNING: suspicious RCU usage in tomoyo_encode2
Dmitry Vyukov
- URGENT REPLY NEEDED
Mrs Suzara Maling Wan
- [PATCH] debugfs: fix security_locked_down() call for SELinux
Matthew Wilcox
- [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down
Alex Williamson
- [PATCH v7 0/7] Fork brute force attack mitigation
John Wood
- [PATCH v7 1/7] security: Add LSM hook at the point where a task gets a fatal signal
John Wood
- [PATCH v7 2/7] security/brute: Define a LSM and add sysctl attributes
John Wood
- [PATCH v7 3/7] security/brute: Detect a brute force attack
John Wood
- [PATCH v7 4/7] security/brute: Mitigate a brute force attack
John Wood
- [PATCH v7 5/7] selftests/brute: Add tests for the Brute LSM
John Wood
- [PATCH v7 6/7] Documentation: Add documentation for the Brute LSM
John Wood
- [PATCH v7 7/7] MAINTAINERS: Add a new entry for the Brute LSM
John Wood
- [PATCH v7 0/7] Fork brute force attack mitigation
John Wood
- [PATCH v7 0/7] Fork brute force attack mitigation
John Wood
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Tianyin Xu
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Tianyin Xu
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Tianyin Xu
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Tianyin Xu
- [PATCH] security: remove unneeded subdir-$(CONFIG_...)
Masahiro Yamada
- [PATCH] apparmor: Remove the repeated declaration
Shaokun Zhang
- [RFC] [PATCH bpf-next 0/1] Implement getting cgroup path bpf helper
Xufeng Zhang
- [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task
Xufeng Zhang
- Fwd: A missing check bug in __sys_accept4_file()
Jinmeng Zhou
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
YiFei Zhu
- [RFC PATCH bpf-next seccomp 01/12] seccomp: Move no_new_privs check to after prepare_filter
YiFei Zhu
- [RFC PATCH bpf-next seccomp 02/12] bpf, seccomp: Add eBPF filter capabilities
YiFei Zhu
- [RFC PATCH bpf-next seccomp 03/12] seccomp, ptrace: Add a mechanism to retrieve attached eBPF seccomp filters
YiFei Zhu
- [RFC PATCH bpf-next seccomp 04/12] libbpf: recognize section "seccomp"
YiFei Zhu
- [RFC PATCH bpf-next seccomp 05/12] samples/bpf: Add eBPF seccomp sample programs
YiFei Zhu
- [RFC PATCH bpf-next seccomp 06/12] lsm: New hook seccomp_extended
YiFei Zhu
- [RFC PATCH bpf-next seccomp 07/12] bpf/verifier: allow restricting direct map access
YiFei Zhu
- [RFC PATCH bpf-next seccomp 08/12] seccomp-ebpf: restrict filter to almost cBPF if LSM request such
YiFei Zhu
- [RFC PATCH bpf-next seccomp 09/12] yama: (concept) restrict seccomp-eBPF with ptrace_scope
YiFei Zhu
- [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory
YiFei Zhu
- [RFC PATCH bpf-next seccomp 11/12] bpf/verifier: support NULL-able ptr to BTF ID as helper argument
YiFei Zhu
- [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader
YiFei Zhu
- [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
YiFei Zhu
- [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader
YiFei Zhu
- [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory
YiFei Zhu
- [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory
YiFei Zhu
- [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory
YiFei Zhu
- [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe
Mimi Zohar
- [PATCH v5 07/12] evm: Allow xattr/attr operations for portable signatures
Mimi Zohar
- [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe
Mimi Zohar
- [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata
Mimi Zohar
- [PATCH v4 04/11] ima: Move ima_reset_appraise_flags() call to post hooks
Mimi Zohar
- [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe
Mimi Zohar
- [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata
Mimi Zohar
- [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata
Mimi Zohar
- [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata
Mimi Zohar
- [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe
Mimi Zohar
- [PATCH v5 07/12] evm: Allow xattr/attr operations for portable signatures
Mimi Zohar
- [PATCH v6 03/11] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
Mimi Zohar
- [PATCH v6 04/11] evm: Introduce evm_status_revalidate()
Mimi Zohar
- [RESEND][PATCH v6 05/11] evm: Introduce evm_hmac_disabled() to safely ignore verification errors
Mimi Zohar
- [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata
Mimi Zohar
- [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata
Mimi Zohar
- [PATCH v6 03/11] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
Mimi Zohar
- [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata
Mimi Zohar
- [PATCH v6 10/11] ima: Introduce template field evmsig and write to field sig as fallback
Mimi Zohar
- [RFC PATCH 0/3] Add additional MOK vars
Mimi Zohar
- [RFC PATCH 0/3] Add additional MOK vars
Mimi Zohar
- [PATCH v7 00/12] evm: Improve usability of portable signatures
Mimi Zohar
- [RFC PATCH 0/3] Add additional MOK vars
Mimi Zohar
- [PATCH v7 00/12] evm: Improve usability of portable signatures
Mimi Zohar
- [RFC PATCH 0/3] Add additional MOK vars
Mimi Zohar
- [PATCH 5/7] evm: Verify portable signatures against all protected xattrs
Mimi Zohar
- [PATCH 6/7] ima: Introduce template field evmxattrs
Mimi Zohar
- [PATCH v2 0/7] ima: Add template fields to verify EVM portable signatures
Mimi Zohar
- [PATCH v4 2/2] certs: Add support for using elliptic curve keys for signing modules
Mimi Zohar
- [PATCH v4 1/2] certs: Trigger creation of RSA module signing key if it's not an RSA key
Mimi Zohar
- [GIT PULL][Security] Add new Landlock LSM
pr-tracker-bot at kernel.org
- [GIT PULL] SafeSetID changes for v5.13
pr-tracker-bot at kernel.org
- [PATCH 1/2] audit: add filtering for io_uring records, addendum
kernel test robot
- [PATCH 1/2] audit: add filtering for io_uring records, addendum
kernel test robot
- [syzbot] KCSAN: data-race in assoc_array_apply_edit / search_nested_keyrings
syzbot
- [syzbot] WARNING: suspicious RCU usage in tomoyo_encode2
syzbot
- [syzbot] possible deadlock in process_measurement (3)
syzbot
- [syzbot] general protection fault in tomoyo_check_acl (2)
syzbot
- [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task
xufeng zhang
- [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task
xufeng zhang
Last message date:
Mon May 31 17:38:30 UTC 2021
Archived on: Mon May 31 17:34:06 UTC 2021
This archive was generated by
Pipermail 0.09 (Mailman edition).