May 2021 Archives by thread

• Messages sorted by: [ subject ] [ author ] [ date ]
• More info on this list...

Starting: Sat May 1 00:02:23 UTC 2021
Ending: Mon May 31 17:38:30 UTC 2021
Messages: 392

• [PATCH] KEYS: trusted: Fix memory leak on object td   Nick Desaulniers
  • [PATCH] KEYS: trusted: Fix memory leak on object td   Jarkko Sakkinen
  • [PATCH] KEYS: trusted: Fix memory leak on object td   Jarkko Sakkinen
• [GIT PULL][Security] Add new Landlock LSM   pr-tracker-bot at kernel.org
• [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe   Mimi Zohar
  • [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe   Roberto Sassu
    • [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe   Mimi Zohar
    • [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe   Roberto Sassu
      • [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe   Mimi Zohar
      • [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe   Roberto Sassu
      • [PATCH v5 06/12] evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are safe   Mimi Zohar
• [PATCH v5 07/12] evm: Allow xattr/attr operations for portable signatures   Mimi Zohar
  • [PATCH v5 07/12] evm: Allow xattr/attr operations for portable signatures   Roberto Sassu
    • [PATCH v5 07/12] evm: Allow xattr/attr operations for portable signatures   Mimi Zohar
• [PATCH v4 04/11] ima: Move ima_reset_appraise_flags() call to post hooks   Roberto Sassu
  • [PATCH v4 04/11] ima: Move ima_reset_appraise_flags() call to post hooks   Mimi Zohar
• [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata   Mimi Zohar
  • [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata   Roberto Sassu
    • [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata   Mimi Zohar
      • [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata   Roberto Sassu
  • [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata   Roberto Sassu
    • [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata   Mimi Zohar
      • [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata   Roberto Sassu
      • [PATCH v5 09/12] evm: Allow setxattr() and setattr() for unmodified metadata   Mimi Zohar
• [PATCH] KEYS: trusted: fix memory leak   Jarkko Sakkinen
• [GIT PULL] SafeSetID changes for v5.13   Micah Morton
  • [GIT PULL] SafeSetID changes for v5.13   pr-tracker-bot at kernel.org
• [PATCH v7 0/5] Enable root to update the blacklist keyring   Mickaël Salaün
• [syzbot] KCSAN: data-race in assoc_array_apply_edit / search_nested_keyrings   syzbot
  • [syzbot] KCSAN: data-race in assoc_array_apply_edit / search_nested_keyrings   Marco Elver
    • [syzbot] KCSAN: data-race in assoc_array_apply_edit / search_nested_keyrings   Eric Biggers
• [PATCH 4/4] integrity: Load mokx variables into the blacklist keyring   Dimitri John Ledkov
• [PATCH v6 00/11] evm: Improve usability of portable signatures   Roberto Sassu
  • [PATCH v6 03/11] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded   Roberto Sassu
    • [PATCH v6 03/11] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded   Mimi Zohar
      • [PATCH v6 03/11] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded   Roberto Sassu
      • [PATCH v6 03/11] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded   Mimi Zohar
  • [PATCH v6 04/11] evm: Introduce evm_status_revalidate()   Roberto Sassu
    • [PATCH v6 04/11] evm: Introduce evm_status_revalidate()   Mimi Zohar
  • [PATCH v6 05/11] evm: Introduce evm_hmac_disabled() to safely ignore verification errors   Roberto Sassu
    • [RESEND][PATCH v6 05/11] evm: Introduce evm_hmac_disabled() to safely ignore verification errors   Roberto Sassu
      • [RESEND][PATCH v6 05/11] evm: Introduce evm_hmac_disabled() to safely ignore verification errors   Mimi Zohar
  • [PATCH v6 06/11] evm: Allow xattr/attr operations for portable signatures   Roberto Sassu
  • [PATCH v6 07/11] evm: Pass user namespace to set/remove xattr hooks   Roberto Sassu
  • [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata   Roberto Sassu
    • [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata   Mimi Zohar
      • [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata   Roberto Sassu
      • [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata   Mimi Zohar
      • [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata   Roberto Sassu
      • [PATCH v6 08/11] evm: Allow setxattr() and setattr() for unmodified metadata   Mimi Zohar
  • [PATCH v6 09/11] ima: Allow imasig requirement to be satisfied by EVM portable signatures   Roberto Sassu
  • [PATCH v6 10/11] ima: Introduce template field evmsig and write to field sig as fallback   Roberto Sassu
    • [PATCH v6 10/11] ima: Introduce template field evmsig and write to field sig as fallback   Mimi Zohar
      • [PATCH v6 10/11] ima: Introduce template field evmsig and write to field sig as fallback   Roberto Sassu
  • [PATCH v6 11/11] ima: Don't remove security.ima if file must not be appraised   Roberto Sassu
• [PATCH v6 01/11] evm: Execute evm_inode_init_security() only when an HMAC key is loaded   Roberto Sassu
• [PATCH v6 02/11] evm: Load EVM key in ima_load_x509() to avoid appraisal   Roberto Sassu
• [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS   Kees Cook
  • [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS   Mark Rutland
    • [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS   Kees Cook
      • [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS   Mark Rutland
      • [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS   Kees Cook
      • [PATCH] Makefile: Introduce CONFIG_ZERO_CALL_USED_REGS   Mark Rutland
• [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down   Maxime Coquelin
  • [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down   Alex Williamson
    • [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down   Ondrej Mosnacek
      • [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down   Maxime Coquelin
      • [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down   Ondrej Mosnacek
  • [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down   Kees Cook
    • [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down   Maxime Coquelin
• [PATCH] lockdown, selinux: fix bogus SELinux lockdown permission checks   Ondrej Mosnacek
  • [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks   Casey Schaufler
    • [PATCH] lockdown, selinux: fix bogus SELinux lockdown permission checks   Ondrej Mosnacek
      • [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks   Casey Schaufler
      • [PATCH] lockdown, selinux: fix bogus SELinux lockdown permission checks   Ondrej Mosnacek
      • [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks   Casey Schaufler
      • [PATCH] lockdown, selinux: fix bogus SELinux lockdown permission checks   Ondrej Mosnacek
      • [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks   Casey Schaufler
      • [PATCH] lockdown, selinux: fix bogus SELinux lockdown permission checks   Ondrej Mosnacek
• [PATCH] debugfs: fix security_locked_down() call for SELinux   Ondrej Mosnacek
  • [PATCH] debugfs: fix security_locked_down() call for SELinux   Greg Kroah-Hartman
    • [PATCH] debugfs: fix security_locked_down() call for SELinux   Matthew Wilcox
      • [PATCH] debugfs: fix security_locked_down() call for SELinux   Greg Kroah-Hartman
      • [PATCH] debugfs: fix security_locked_down() call for SELinux   Ondrej Mosnacek
• [PATCH] serial: core: fix suspicious security_locked_down() call   Ondrej Mosnacek
  • [PATCH] serial: core: fix suspicious security_locked_down() call   Greg Kroah-Hartman
    • [PATCH] serial: core: fix suspicious security_locked_down() call   Ondrej Mosnacek
  • [PATCH] serial: core: fix suspicious security_locked_down() call   Kees Cook
• [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect   Ondrej Mosnacek
  • [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect   Steven Rostedt
• [PATCH v2] debugfs: fix security_locked_down() call for SELinux   Ondrej Mosnacek
• New mailing list for Landlock LSM user space discussions   Mickaël Salaün
• URGENT REPLY NEEDED   Mrs Suzara Maling Wan
• [RFC 0/12] Unify asm/unaligned.h around struct helper   Arnd Bergmann
  • [RFC 09/12] apparmor: use get_unaligned() only for multi-byte words   Arnd Bergmann
    • [RFC 09/12] apparmor: use get_unaligned() only for multi-byte words   John Johansen
  • [RFC 0/12] Unify asm/unaligned.h around struct helper   Arnd Bergmann
• [syzbot] WARNING: suspicious RCU usage in tomoyo_encode2   syzbot
  • [syzbot] WARNING: suspicious RCU usage in tomoyo_encode2   Dmitry Vyukov
• [PATCH] Keys: Remove redundant initialization of cred   Yang Li
  • [PATCH] Keys: Remove redundant initialization of cred   Jarkko Sakkinen
  • [PATCH] Keys: Remove redundant initialization of cred   David Howells
• [syzbot] possible deadlock in process_measurement (3)   syzbot
• Personal   Chris Pavlides
• [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   YiFei Zhu
  • [RFC PATCH bpf-next seccomp 01/12] seccomp: Move no_new_privs check to after prepare_filter   YiFei Zhu
  • [RFC PATCH bpf-next seccomp 02/12] bpf, seccomp: Add eBPF filter capabilities   YiFei Zhu
  • [RFC PATCH bpf-next seccomp 03/12] seccomp, ptrace: Add a mechanism to retrieve attached eBPF seccomp filters   YiFei Zhu
  • [RFC PATCH bpf-next seccomp 04/12] libbpf: recognize section "seccomp"   YiFei Zhu
  • [RFC PATCH bpf-next seccomp 05/12] samples/bpf: Add eBPF seccomp sample programs   YiFei Zhu
  • [RFC PATCH bpf-next seccomp 06/12] lsm: New hook seccomp_extended   YiFei Zhu
  • [RFC PATCH bpf-next seccomp 07/12] bpf/verifier: allow restricting direct map access   YiFei Zhu
  • [RFC PATCH bpf-next seccomp 08/12] seccomp-ebpf: restrict filter to almost cBPF if LSM request such   YiFei Zhu
  • [RFC PATCH bpf-next seccomp 09/12] yama: (concept) restrict seccomp-eBPF with ptrace_scope   YiFei Zhu
  • [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory   YiFei Zhu
    • [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory   Alexei Starovoitov
      • [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory   YiFei Zhu
      • [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory   Alexei Starovoitov
      • [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory   YiFei Zhu
      • [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory   Andy Lutomirski
      • [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory   YiFei Zhu
      • [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory   Andy Lutomirski
  • [RFC PATCH bpf-next seccomp 11/12] bpf/verifier: support NULL-able ptr to BTF ID as helper argument   YiFei Zhu
  • [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader   YiFei Zhu
    • [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader   Alexei Starovoitov
      • [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader   YiFei Zhu
      • [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader   Alexei Starovoitov
  • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Andy Lutomirski
    • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   YiFei Zhu
      • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Andy Lutomirski
      • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Christian Brauner
      • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Tianyin Xu
      • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Tycho Andersen
      • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Sargun Dhillon
      • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Tianyin Xu
      • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Christian Brauner
      • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Christian Brauner
      • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Tianyin Xu
      • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Tianyin Xu
      • [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters   Sargun Dhillon
• [PATCH v2 1/1] trusted-keys: match tpm_get_ops on all return paths   Ben Boeckel
  • [PATCH v2 1/1] trusted-keys: match tpm_get_ops on all return paths   James Bottomley
  • [PATCH v2 1/1] trusted-keys: match tpm_get_ops on all return paths   Jarkko Sakkinen
  • [PATCH v2 1/1] trusted-keys: match tpm_get_ops on all return paths   Jarkko Sakkinen
    • [PATCH v2 1/1] trusted-keys: match tpm_get_ops on all return paths   Ben Boeckel
• Business inquiries 05:11:2021   COMPANY
• [PATCH 2/2] selinux:Delete selinux_xfrm_policy_lookup() useless argument   Paul Moore
• [syzbot] WARNING in smk_set_cipso (2)   Casey Schaufler
• [PATCH] security/smack: fix misspellings using codespell tool   Casey Schaufler
• Partner with me   janete Moon
• Fwd: A missing check bug in __sys_accept4_file()   Jinmeng Zhou
  • A missing check bug in __sys_accept4_file()   Paul Moore
• [RFC] [PATCH bpf-next 0/1] Implement getting cgroup path bpf helper   Xufeng Zhang
  • [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task   Xufeng Zhang
    • [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task   Alexei Starovoitov
      • [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task   xufeng zhang
      • [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task   Alexei Starovoitov
      • [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task   KP Singh
      • [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task   xufeng zhang
      • [RFC] [PATCH bpf-next 1/1] bpf: Add a BPF helper for getting the cgroup path of current task   KP Singh
• [RFC PATCH 0/3] Allow access to confidential computing secret area   Dov Murik
  • [RFC PATCH 3/3] virt: Add sev_secret module to expose confidential computing secrets   Dov Murik
  • [RFC PATCH 0/3] Allow access to confidential computing secret area   Brijesh Singh
    • [RFC PATCH 0/3] Allow access to confidential computing secret area   Dov Murik
    • [RFC PATCH 0/3] Allow access to confidential computing secret area   Dr. David Alan Gilbert
      • [RFC PATCH 0/3] Allow access to confidential computing secret area   Andi Kleen
      • [RFC PATCH 0/3] Allow access to confidential computing secret area   Brijesh Singh
      • [RFC PATCH 0/3] Allow access to confidential computing secret area   James Bottomley
      • [RFC PATCH 0/3] Allow access to confidential computing secret area   Brijesh Singh
      • [RFC PATCH 0/3] Allow access to confidential computing secret area   Andi Kleen
      • [RFC PATCH 0/3] Allow access to confidential computing secret area   Dr. David Alan Gilbert
      • [RFC PATCH 0/3] Allow access to confidential computing secret area   James Bottomley
      • [RFC PATCH 0/3] Allow access to confidential computing secret area   Andi Kleen
      • [RFC PATCH 0/3] Allow access to confidential computing secret area   James Bottomley
• [PATCH v2 09/10] apparmor: test: Remove some casts which are no-longer required   David Gow
• [PATCH v26 00/25] LSM: Module stacking for AppArmor   Casey Schaufler
  • [PATCH v26 01/25] LSM: Infrastructure management of the sock security   Casey Schaufler
  • [PATCH v26 02/25] LSM: Add the lsmblob data structure.   Casey Schaufler
    • [PATCH v26 02/25] LSM: Add the lsmblob data structure.   Mickaël Salaün
      • [PATCH v26 02/25] LSM: Add the lsmblob data structure.   Casey Schaufler
      • [PATCH v26 02/25] LSM: Add the lsmblob data structure.   Mickaël Salaün
  • [PATCH v26 03/25] LSM: provide lsm name and id slot mappings   Casey Schaufler
    • [PATCH v26 03/25] LSM: provide lsm name and id slot mappings   Kees Cook
    • [PATCH v26 03/25] LSM: provide lsm name and id slot mappings   Paul Moore
  • [PATCH v26 04/25] IMA: avoid label collisions with stacked LSMs   Casey Schaufler
    • [PATCH v26 04/25] IMA: avoid label collisions with stacked LSMs   Kees Cook
  • [PATCH v26 05/25] LSM: Use lsmblob in security_audit_rule_match   Casey Schaufler
  • [PATCH v26 06/25] LSM: Use lsmblob in security_kernel_act_as   Casey Schaufler
  • [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid   Casey Schaufler
    • [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid   Kees Cook
    • [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid   Paul Moore
  • [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx   Casey Schaufler
    • [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx   Kees Cook
    • [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx   Paul Moore
  • [PATCH v26 09/25] LSM: Use lsmblob in security_ipc_getsecid   Casey Schaufler
  • [PATCH v26 10/25] LSM: Use lsmblob in security_task_getsecid   Casey Schaufler
  • [PATCH v26 11/25] LSM: Use lsmblob in security_inode_getsecid   Casey Schaufler
  • [PATCH v26 12/25] LSM: Use lsmblob in security_cred_getsecid   Casey Schaufler
  • [PATCH v26 13/25] IMA: Change internal interfaces to use lsmblobs   Casey Schaufler
  • [PATCH v26 14/25] LSM: Specify which LSM to display   Casey Schaufler
    • [PATCH v26 14/25] LSM: Specify which LSM to display   Kees Cook
      • [PATCH v26 14/25] LSM: Specify which LSM to display   Casey Schaufler
      • [PATCH v26 14/25] LSM: Specify which LSM to display   Paul Moore
  • [PATCH v26 15/25] LSM: Ensure the correct LSM context releaser   Casey Schaufler
    • [PATCH v26 15/25] LSM: Ensure the correct LSM context releaser   Paul Moore
  • [PATCH v26 16/25] LSM: Use lsmcontext in security_secid_to_secctx   Casey Schaufler
  • [PATCH v26 17/25] LSM: Use lsmcontext in security_inode_getsecctx   Casey Schaufler
    • [PATCH v26 17/25] LSM: Use lsmcontext in security_inode_getsecctx   Kees Cook
  • [PATCH v26 18/25] LSM: security_secid_to_secctx in netlink netfilter   Casey Schaufler
    • [PATCH v26 18/25] LSM: security_secid_to_secctx in netlink netfilter   Paul Moore
  • [PATCH v26 19/25] NET: Store LSM netlabel data in a lsmblob   Casey Schaufler
  • [PATCH v26 20/25] LSM: Verify LSM display sanity in binder   Casey Schaufler
  • [PATCH v26 21/25] audit: add support for non-syscall auxiliary records   Casey Schaufler
    • [PATCH v26 21/25] audit: add support for non-syscall auxiliary records   Paul Moore
  • [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes   Casey Schaufler
    • [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes   Paul Moore
      • [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes   Richard Guy Briggs
      • [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes   Casey Schaufler
      • [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes   Paul Moore
      • [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes   Richard Guy Briggs
      • [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes   Casey Schaufler
  • [PATCH v26 23/25] Audit: Add a new record for multiple object LSM attributes   Casey Schaufler
  • [PATCH v26 24/25] LSM: Add /proc attr entry for full LSM context   Casey Schaufler
  • [PATCH v26 25/25] AppArmor: Remove the exclusive flag   Casey Schaufler
• [PATCH v2 00/13] Unify asm/unaligned.h around struct helper   Arnd Bergmann
  • [PATCH v2 09/13] apparmor: use get_unaligned() only for multi-byte words   Arnd Bergmann
  • [PATCH v2 00/13] Unify asm/unaligned.h around struct helper   Linus Torvalds
    • [PATCH v2 00/13] Unify asm/unaligned.h around struct helper   Vineet Gupta
      • [PATCH v2 00/13] Unify asm/unaligned.h around struct helper   Linus Torvalds
      • [PATCH v2 00/13] Unify asm/unaligned.h around struct helper   Vineet Gupta
      • [PATCH v2 00/13] Unify asm/unaligned.h around struct helper   Linus Torvalds
    • [PATCH v2 00/13] Unify asm/unaligned.h around struct helper   Arnd Bergmann
• [PATCH v7 00/12] evm: Improve usability of portable signatures   Roberto Sassu
  • [PATCH v7 01/12] evm: Execute evm_inode_init_security() only when an HMAC key is loaded   Roberto Sassu
  • [PATCH v7 02/12] evm: Load EVM key in ima_load_x509() to avoid appraisal   Roberto Sassu
  • [PATCH v7 03/12] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded   Roberto Sassu
  • [PATCH v7 04/12] evm: Introduce evm_revalidate_status()   Roberto Sassu
  • [PATCH v7 05/12] evm: Introduce evm_hmac_disabled() to safely ignore verification errors   Roberto Sassu
    • [RESEND][PATCH 05/12] evm: Introduce evm_hmac_disabled() to safely ignore verification errors   Roberto Sassu
      • [RESEND][PATCH 05/12] evm: Introduce evm_hmac_disabled() to safely ignore verification errors   Roberto Sassu
  • [PATCH v7 06/12] evm: Allow xattr/attr operations for portable signatures   Roberto Sassu
  • [PATCH v7 07/12] evm: Pass user namespace to set/remove xattr hooks   Roberto Sassu
  • [PATCH v7 08/12] evm: Allow setxattr() and setattr() for unmodified metadata   Roberto Sassu
  • [PATCH v7 09/12] evm: Deprecate EVM_ALLOW_METADATA_WRITES   Roberto Sassu
  • [PATCH v7 10/12] ima: Allow imasig requirement to be satisfied by EVM portable signatures   Roberto Sassu
  • [PATCH v7 11/12] ima: Introduce template field evmsig and write to field sig as fallback   Roberto Sassu
  • [PATCH v7 12/12] ima: Don't remove security.ima if file must not be appraised   Roberto Sassu
  • [PATCH v7 00/12] evm: Improve usability of portable signatures   Mimi Zohar
    • [PATCH v7 00/12] evm: Improve usability of portable signatures   Roberto Sassu
      • [PATCH v7 00/12] evm: Improve usability of portable signatures   Mimi Zohar
• [PATCH v2] lockdown, selinux: avoid bogus SELinux lockdown permission checks   Ondrej Mosnacek
  • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Michael Ellerman
    • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Ondrej Mosnacek
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   James Morris
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Paul Moore
  • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Paul Moore
    • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Daniel Borkmann
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Jiri Olsa
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Daniel Borkmann
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Jiri Olsa
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Jiri Olsa
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Daniel Borkmann
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Ondrej Mosnacek
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Daniel Borkmann
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Paul Moore
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Paul Moore
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Daniel Borkmann
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Paul Moore
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Paul Moore
      • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Daniel Borkmann
  • [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks   Steven Rostedt
• [syzbot] general protection fault in tomoyo_check_acl (2)   syzbot
• [PATCH v2 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling   Ondrej Mosnacek
  • [PATCH v2 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag   Ondrej Mosnacek
    • [PATCH v2 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag   Olga Kornievskaia
  • [PATCH v2 2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount   Ondrej Mosnacek
• [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling   Ondrej Mosnacek
• [RFC PATCH 0/3] Add additional MOK vars   Eric Snowberg
  • [RFC PATCH 1/3] keys: Add ability to trust the platform keyring   Eric Snowberg
    • [RFC PATCH 1/3] keys: Add ability to trust the platform keyring   Jarkko Sakkinen
  • [RFC PATCH 2/3] keys: Trust platform keyring if MokTrustPlatform found   Eric Snowberg
  • [RFC PATCH 3/3] ima: Enable IMA SB Policy if MokIMAPolicy found   Eric Snowberg
  • [RFC PATCH 0/3] Add additional MOK vars   Jarkko Sakkinen
  • [RFC PATCH 0/3] Add additional MOK vars   Mimi Zohar
    • [RFC PATCH 0/3] Add additional MOK vars   Eric Snowberg
      • [RFC PATCH 0/3] Add additional MOK vars   Mimi Zohar
      • [RFC PATCH 0/3] Add additional MOK vars   Eric Snowberg
      • [RFC PATCH 0/3] Add additional MOK vars   Mimi Zohar
      • [RFC PATCH 0/3] Add additional MOK vars   Eric Snowberg
      • [RFC PATCH 0/3] Add additional MOK vars   Mimi Zohar
      • [RFC PATCH 0/3] Add additional MOK vars   Dr. Greg
• [PATCH] Revert "Smack: Handle io_uring kernel thread privileges"   Casey Schaufler
• [PATCH RESEND v5] proc: Allow pid_revalidate() during LOOKUP_RCU   Stephen Brennan
• [PATCH 0/7] ima: Add template fields to verify EVM portable signatures   Roberto Sassu
  • [PATCH 5/7] evm: Verify portable signatures against all protected xattrs   Roberto Sassu
    • [PATCH 5/7] evm: Verify portable signatures against all protected xattrs   Mimi Zohar
  • [PATCH 6/7] ima: Introduce template field evmxattrs   Roberto Sassu
    • [PATCH 6/7] ima: Introduce template field evmxattrs   Mimi Zohar
  • [PATCH 7/7] evm: Don't return an error in evm_write_xattrs() if audit is not enabled   Roberto Sassu
• [PATCH 1/7] ima: Add ima_show_template_uint() template library function   Roberto Sassu
• [PATCH 2/7] ima: Introduce template fields iuid and igid   Roberto Sassu
• [PATCH 3/7] ima: Introduce template fields mntuidmap and mntgidmap   Roberto Sassu
  • [PATCH 3/7] ima: Introduce template fields mntuidmap and mntgidmap   Christian Brauner
    • [PATCH 3/7] ima: Introduce template fields mntuidmap and mntgidmap   Christian Brauner
      • [PATCH 3/7] ima: Introduce template fields mntuidmap and mntgidmap   Roberto Sassu
• [PATCH 4/7] ima: Introduce template field imode   Roberto Sassu
• [PATCH v7 0/7] Fork brute force attack mitigation   John Wood
  • [PATCH v7 1/7] security: Add LSM hook at the point where a task gets a fatal signal   John Wood
  • [PATCH v7 2/7] security/brute: Define a LSM and add sysctl attributes   John Wood
  • [PATCH v7 3/7] security/brute: Detect a brute force attack   John Wood
  • [PATCH v7 4/7] security/brute: Mitigate a brute force attack   John Wood
  • [PATCH v7 0/7] Fork brute force attack mitigation   Andi Kleen
    • [PATCH v7 0/7] Fork brute force attack mitigation   John Wood
      • [PATCH v7 0/7] Fork brute force attack mitigation   Andi Kleen
      • [PATCH v7 0/7] Fork brute force attack mitigation   John Wood
  • [PATCH v7 5/7] selftests/brute: Add tests for the Brute LSM   John Wood
  • [PATCH v7 6/7] Documentation: Add documentation for the Brute LSM   John Wood
  • [PATCH v7 7/7] MAINTAINERS: Add a new entry for the Brute LSM   John Wood
• [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring   Paul Moore
  • [RFC PATCH 1/9] audit: prepare audit_context for use in calling contexts beyond syscalls   Paul Moore
  • [RFC PATCH 2/9] audit, io_uring, io-wq: add some basic audit support to io_uring   Paul Moore
    • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Pavel Begunkov
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Paul Moore
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Pavel Begunkov
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Paul Moore
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Pavel Begunkov
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Paul Moore
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Jens Axboe
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Paul Moore
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Pavel Begunkov
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Paul Moore
      • [RFC PATCH 2/9] audit, io_uring, io-wq: add some basic audit support to io_uring   Steve Grubb
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Stefan Metzmacher
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Richard Guy Briggs
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Jens Axboe
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Richard Guy Briggs
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Victor Stewart
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Casey Schaufler
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Jens Axboe
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Jens Axboe
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Jens Axboe
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Jens Axboe
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Paul Moore
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Pavel Begunkov
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Paul Moore
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Jens Axboe
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Paul Moore
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Paul Moore
      • [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring   Paul Moore
  • [RFC PATCH 3/9] audit: dev/test patch to force io_uring auditing   Paul Moore
  • [RFC PATCH 4/9] audit: add filtering for io_uring records   Paul Moore
    • [RFC PATCH 4/9] audit: add filtering for io_uring records   Richard Guy Briggs
      • [RFC PATCH 4/9] audit: add filtering for io_uring records   Paul Moore
      • [RFC PATCH 4/9] audit: add filtering for io_uring records   Richard Guy Briggs
      • [PATCH 1/2] audit: add filtering for io_uring records, addendum   Richard Guy Briggs
      • [PATCH 1/2] audit: add filtering for io_uring records, addendum   kernel test robot
      • [PATCH 1/2] audit: add filtering for io_uring records, addendum   kernel test robot
      • [PATCH 2/2] audit: block PERM fields being used with io_uring filtering   Richard Guy Briggs
  • [RFC PATCH 5/9] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure()   Paul Moore
  • [RFC PATCH 6/9] io_uring: convert io_uring to the secure anon inode interface   Paul Moore
  • [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring   Paul Moore
    • [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring   Stefan Metzmacher
      • [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring   Paul Moore
  • [RFC PATCH 8/9] selinux: add support for the io_uring access controls   Paul Moore
  • [RFC PATCH 9/9] Smack: Brutalist io_uring support with debug   Paul Moore
  • [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring   Tetsuo Handa
    • [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring   Paul Moore
  • [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring   Jeff Moyer
    • [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring   Paul Moore
      • [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring   Jeff Moyer
      • [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring   Paul Moore
• [ANNOUNCE][CFP] Linux Security Summit 2021   James Morris
• [PATCH] proc: Check /proc/$pid/attr/ writes against file opener   Kees Cook
  • [PATCH] proc: Check /proc/$pid/attr/ writes against file opener   Jann Horn
    • [PATCH] proc: Check /proc/$pid/attr/ writes against file opener   Eric W. Biederman
• [PATCH] crypto: arm64/gcm - remove Wunused-const-variable ghash_cpu_feature   Austin Kim
  • [PATCH] crypto: arm64/gcm - remove Wunused-const-variable ghash_cpu_feature   Eric Biggers
    • [PATCH] crypto: arm64/gcm - remove Wunused-const-variable ghash_cpu_feature   Austin Kim
• [PATCH v2 0/7] ima: Add template fields to verify EVM portable signatures   Roberto Sassu
  • [PATCH v2 2/7] ima: Define new template fields iuid and igid   Roberto Sassu
    • [PATCH v2 2/7] ima: Define new template fields iuid and igid   Christian Brauner
  • [PATCH v2 3/7] ima: Define new template field imode   Roberto Sassu
  • [PATCH v2 4/7] evm: Verify portable signatures against all protected xattrs   Roberto Sassu
  • [PATCH v2 5/7] ima: Define new template fields xattrnames, xattrlengths and xattrvalues   Roberto Sassu
  • [PATCH v2 6/7] ima: Define new template evm-sig   Roberto Sassu
  • [PATCH v2 7/7] evm: Don't return an error in evm_write_xattrs() if audit is not enabled   Roberto Sassu
  • [PATCH v2 0/7] ima: Add template fields to verify EVM portable signatures   Mimi Zohar
• [PATCH v2 1/7] ima: Add ima_show_template_uint() template library function   Roberto Sassu
• [PATCH] security: remove unneeded subdir-$(CONFIG_...)   Masahiro Yamada
• [PATCH] apparmor: Remove the repeated declaration   Shaokun Zhang
• [PATCH v4 2/2] certs: Add support for using elliptic curve keys for signing modules   Mimi Zohar
• [PATCH v4 1/2] certs: Trigger creation of RSA module signing key if it's not an RSA key   Mimi Zohar

Last message date: Mon May 31 17:38:30 UTC 2021
Archived on: Mon May 31 17:34:06 UTC 2021

• Messages sorted by: [ subject ] [ author ] [ date ]
• More info on this list...