September 2021 Archives by author
Starting: Wed Sep 1 00:52:16 UTC 2021
Ending: Thu Sep 30 22:57:53 UTC 2021
Messages: 385
- Regression in unix stream sockets with the Smack LSM
Jiang Wang .
- Regression in unix stream sockets with the Smack LSM
Jiang Wang .
- [External] Re: Regression in unix stream sockets with the Smack LSM
Jiang Wang .
- My Dear Friend
Aisha Al-Qaddafi
- [PATCH] [RESEND] apparmor: avoid -Wempty-body warning
Arnd Bergmann
- [PATCH] [RESEND] apparmor: avoid -Wempty-body warning
Arnd Bergmann
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Eric W. Biederman
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Segher Boessenkool
- [PATCH 0/3] Allow access to confidential computing secret area in SEV guests
James Bottomley
- [PATCH 0/3] Allow access to confidential computing secret area in SEV guests
James Bottomley
- [PATCH 0/3] Allow access to confidential computing secret area in SEV guests
James Bottomley
- [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring
Richard Guy Briggs
- [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring
Richard Guy Briggs
- [PATCH] lsm_audit: avoid overloading the "key" audit field
Richard Guy Briggs
- [PATCH v4 3/8] audit: add filtering for io_uring records
Richard Guy Briggs
- [PATCH v4 2/8] audit,io_uring,io-wq: add some basic audit support to io_uring
Richard Guy Briggs
- [PATCH v4 2/8] audit,io_uring,io-wq: add some basic audit support to io_uring
Richard Guy Briggs
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Nathan Chancellor
- [PATCH] hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
Nathan Chancellor
- [PATCH] hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
Nathan Chancellor
- [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels
Dave Chinner
- [PATCH] landlock: Drop "const" argument qualifier to avoid GCC 4.9 warnings
Kees Cook
- [PATCH] landlock: Drop "const" argument qualifier to avoid GCC 4.9 warnings
Kees Cook
- [PATCH] hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
Kees Cook
- [PATCH] hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
Kees Cook
- [PATCH] hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
Kees Cook
- [PATCH v2] hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO
Kees Cook
- [PATCH] mm: Remove HARDENED_USERCOPY_FALLBACK
Kees Cook
- [PATCH] hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
Will Deacon
- [PATCH v2] hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO
Will Deacon
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Nick Desaulniers
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Nick Desaulniers
- [PATCH] hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
Nick Desaulniers
- [PATCH] hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
Nick Desaulniers
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Randy Dunlap
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Marco Elver
- [PATCH v3] KEYS: trusted: Fix trusted key backends when building as module
Ahmad Fatoum
- [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels
Bruce Fields
- [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels
Bruce Fields
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Bruce Fields
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Bruce Fields
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Dr. David Alan Gilbert
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Dr. David Alan Gilbert
- apparmor: WARNING: suspicious RCU usage
Thomas Gleixner
- [PATCH 1/1] Smack:- Use overlay inode label in smack_inode_copy_up()
Vishal Goel
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Vivek Goyal
- [PATCH v3 1/1] xattr: Allow user.* xattr on symlink and special files
Vivek Goyal
- [PATCH 2/1] man-pages: xattr.7: Update text for user extended xattr behavior change
Vivek Goyal
- [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels
Vivek Goyal
- [PATCH 4/1] xfstest: Add a new test to test xattr operations
Vivek Goyal
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Vivek Goyal
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Vivek Goyal
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Vivek Goyal
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Vivek Goyal
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Vivek Goyal
- [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels
Vivek Goyal
- [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels
Vivek Goyal
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Vivek Goyal
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Vivek Goyal
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Vivek Goyal
- [PATCH 0/2] fuse: Send file/inode security context during creation
Vivek Goyal
- [PATCH 1/2] fuse: Add a flag FUSE_SECURITY_CTX
Vivek Goyal
- [PATCH 2/2] fuse: Send security context of inode on file creation
Vivek Goyal
- [PATCH 2/2] fuse: Send security context of inode on file creation
Vivek Goyal
- [PATCH 2/2] fuse: Send security context of inode on file creation
Vivek Goyal
- [PATCH 2/2] fuse: Send security context of inode on file creation
Vivek Goyal
- [PATCH 2/2] fuse: Send security context of inode on file creation
Vivek Goyal
- [PATCH 2/2] fuse: Send security context of inode on file creation
Vivek Goyal
- [PATCH 2/2] fuse: Send security context of inode on file creation
Vivek Goyal
- [PATCH 2/2] fuse: Send security context of inode on file creation
Vivek Goyal
- [PATCH 2/2] fuse: Send security context of inode on file creation
Vivek Goyal
- [PATCH] security: Return xattr name from security_dentry_init_security()
Vivek Goyal
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Dr. Greg
- [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring
Steve Grubb
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Andreas Gruenbacher
- [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels
Andreas Gruenbacher
- [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels
Andreas Gruenbacher
- [PATCH] smackfs: Fix use-after-free in netlbl_catmap_walk()
Pawan Gupta
- [PATCH] apparmor: remove unused argument of aa_umount()
Serge E. Hallyn
- CORISBANK INTERNATIONAL OFFICIAL NOTIFICATION
CorisBank International
- [PATCH] integrity: support including firmware ".platform" keys at build time
Nayna Jain
- [PATCH v2] integrity: support including firmware ".platform" keys at build time
Nayna Jain
- [PATCH] apparmor: remove unused argument of aa_umount()
John Johansen
- apparmor: WARNING: suspicious RCU usage
John Johansen
- [PATCH] [RESEND] apparmor: avoid -Wempty-body warning
John Johansen
- [PATCH v6 00/13] Enroll kernel keys thru MOK
Peter Jones
- [PATCH v6 12/13] integrity: Trust MOK keys if MokListTrustedRT found
Peter Jones
- [PATCH v6 12/13] integrity: Trust MOK keys if MokListTrustedRT found
Peter Jones
- [PATCH 0/3] Allow access to confidential computing secret area in SEV guests
Greg KH
- [PATCH 3/3] virt: Add sev_secret module to expose confidential computing secrets
Greg KH
- [PATCH 0/3] Allow access to confidential computing secret area in SEV guests
Greg KH
- [PATCH 0/3] Allow access to confidential computing secret area in SEV guests
Greg KH
- [PATCH 0/3] Allow access to confidential computing secret area in SEV guests
Greg KH
- [PATCH] apparmor: remove unused argument of aa_umount()
Austin Kim
- [PATCH] mm: Remove HARDENED_USERCOPY_FALLBACK
Stephen Kitt
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Greg Kroah-Hartman
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Greg Kroah-Hartman
- [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels
Zorro Lang
- [PATCH AUTOSEL 5.13 13/14] net: fix NULL pointer reference in cipso_v4_doi_free
Sasha Levin
- [PATCH AUTOSEL 5.14 033/252] Smack: Fix wrong semantics in smk_access_entry()
Sasha Levin
- [PATCH AUTOSEL 5.14 249/252] net: fix NULL pointer reference in cipso_v4_doi_free
Sasha Levin
- [PATCH AUTOSEL 5.13 026/219] Smack: Fix wrong semantics in smk_access_entry()
Sasha Levin
- [PATCH AUTOSEL 5.13 216/219] net: fix NULL pointer reference in cipso_v4_doi_free
Sasha Levin
- [PATCH AUTOSEL 5.10 017/176] Smack: Fix wrong semantics in smk_access_entry()
Sasha Levin
- [PATCH AUTOSEL 5.10 173/176] net: fix NULL pointer reference in cipso_v4_doi_free
Sasha Levin
- [PATCH AUTOSEL 5.4 013/109] Smack: Fix wrong semantics in smk_access_entry()
Sasha Levin
- [PATCH AUTOSEL 5.4 107/109] net: fix NULL pointer reference in cipso_v4_doi_free
Sasha Levin
- [PATCH AUTOSEL 4.19 09/74] Smack: Fix wrong semantics in smk_access_entry()
Sasha Levin
- [PATCH AUTOSEL 4.19 73/74] net: fix NULL pointer reference in cipso_v4_doi_free
Sasha Levin
- [PATCH AUTOSEL 4.14 08/59] Smack: Fix wrong semantics in smk_access_entry()
Sasha Levin
- [PATCH AUTOSEL 4.14 58/59] net: fix NULL pointer reference in cipso_v4_doi_free
Sasha Levin
- [PATCH AUTOSEL 4.9 06/48] Smack: Fix wrong semantics in smk_access_entry()
Sasha Levin
- [PATCH AUTOSEL 4.9 47/48] net: fix NULL pointer reference in cipso_v4_doi_free
Sasha Levin
- [PATCH AUTOSEL 4.4 06/35] Smack: Fix wrong semantics in smk_access_entry()
Sasha Levin
- [PATCH AUTOSEL 4.4 35/35] net: fix NULL pointer reference in cipso_v4_doi_free
Sasha Levin
- [PATCH v2] net: fix NULL pointer reference in cipso_v4_doi_free
David Miller
- [PATCH v2] net: fix NULL pointer reference in cipso_v4_doi_free
David Miller
- [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring
Paul Moore
- [PATCH] Revert "net: fix NULL pointer reference in cipso_v4_doi_free"
Paul Moore
- [PATCH] Revert "net: fix NULL pointer reference in cipso_v4_doi_free"
Paul Moore
- [PATCH] net: remove the unnecessary check in cipso_v4_doi_free
Paul Moore
- [PATCH] Revert "net: fix NULL pointer reference in cipso_v4_doi_free"
Paul Moore
- [PATCH AUTOSEL 5.13 13/14] net: fix NULL pointer reference in cipso_v4_doi_free
Paul Moore
- [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring
Paul Moore
- [PATCH v4] lockdown,selinux: fix wrong subject in some SELinux lockdown checks
Paul Moore
- Regression in unix stream sockets with the Smack LSM
Paul Moore
- [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring
Paul Moore
- [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring
Paul Moore
- [PATCH v3 0/8] Add LSM access controls and auditing to io_uring
Paul Moore
- [PATCH v3 1/8] audit: prepare audit_context for use in calling contexts beyond syscalls
Paul Moore
- [PATCH v3 2/8] audit, io_uring, io-wq: add some basic audit support to io_uring
Paul Moore
- [PATCH v3 3/8] audit: add filtering for io_uring records
Paul Moore
- [PATCH v3 4/8] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure()
Paul Moore
- [PATCH v3 5/8] io_uring: convert io_uring to the secure anon inode interface
Paul Moore
- [PATCH v3 6/8] lsm,io_uring: add LSM hooks to io_uring
Paul Moore
- [PATCH v3 7/8] selinux: add support for the io_uring access controls
Paul Moore
- [PATCH v3 8/8] Smack: Brutalist io_uring support with debug
Paul Moore
- [PATCH] lsm_audit: avoid overloading the "key" audit field
Paul Moore
- [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring
Paul Moore
- [PATCH v4 0/8] Add LSM access controls and auditing to io_uring
Paul Moore
- [PATCH v4 1/8] audit: prepare audit_context for use in calling contexts beyond syscalls
Paul Moore
- [PATCH v4 2/8] audit, io_uring, io-wq: add some basic audit support to io_uring
Paul Moore
- [PATCH v4 3/8] audit: add filtering for io_uring records
Paul Moore
- [PATCH v4 4/8] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure()
Paul Moore
- [PATCH v4 5/8] io_uring: convert io_uring to the secure anon inode interface
Paul Moore
- [PATCH v4 6/8] lsm,io_uring: add LSM hooks to io_uring
Paul Moore
- [PATCH v4 7/8] selinux: add support for the io_uring access controls
Paul Moore
- [PATCH v4 8/8] Smack: Brutalist io_uring support
Paul Moore
- [PATCH v4] lockdown,selinux: fix wrong subject in some SELinux lockdown checks
Paul Moore
- [PATCH v4 2/8] audit, io_uring, io-wq: add some basic audit support to io_uring
Paul Moore
- [selinuxproject-selinux:stable-5.15 1/1] include/linux/rcupdate.h:395:2: warning: passing argument 1 of 'security_locked_down' discards 'const' qualifier from pointer target type
Paul Moore
- [PATCH v4 2/8] audit, io_uring, io-wq: add some basic audit support to io_uring
Paul Moore
- [GIT PULL] SELinux fixes for v5.15 (#1)
Paul Moore
- [PATCH v4 0/8] Add LSM access controls and auditing to io_uring
Paul Moore
- [PATCH] lsm_audit: avoid overloading the "key" audit field
Paul Moore
- [GIT PULL] SELinux fixes for v5.15 (#1)
Paul Moore
- [GIT PULL] SELinux fixes for v5.15 (#1)
Paul Moore
- [GIT PULL] SELinux fixes for v5.15 (#1)
Paul Moore
- [PATCH] selinux, smack: fix subjective/objective credential use mixups
Paul Moore
- [PATCH] selinux, smack: fix subjective/objective credential use mixups
Paul Moore
- [GIT PULL] SELinux fixes for v5.15 (#1)
Paul Moore
- [PATCH] selinux, smack: fix subjective/objective credential use mixups
Paul Moore
- [PATCH v4] lockdown,selinux: fix wrong subject in some SELinux lockdown checks
Paul Moore
- [GIT PULL] SELinux/Smack fixes for v5.15 (#2)
Paul Moore
- [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
Paul Moore
- [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
Paul Moore
- [ANNOUNCE][CFP] Linux Security Summit 2021
James Morris
- [PATCH v4] lockdown, selinux: fix wrong subject in some SELinux lockdown checks
Ondrej Mosnacek
- [PATCH] lsm_audit: avoid overloading the "key" audit field
Ondrej Mosnacek
- [PATCH v4] lockdown,selinux: fix wrong subject in some SELinux lockdown checks
Ondrej Mosnacek
- [PATCH 3/3] virt: Add sev_secret module to expose confidential computing secrets
Dov Murik
- [PATCH v4 00/12] Enroll kernel keys thru MOK
Nayna
- [PATCH v6 00/13] Enroll kernel keys thru MOK
Nayna
- [PATCH v6 03/13] KEYS: CA link restriction
Nayna
- [PATCH v2] integrity: support including firmware ".platform" keys at build time
Nayna
- [PATCH v3] KEYS: trusted: Fix trusted key backends when building as module
Andreas Rammhold
- [PATCH v3] KEYS: trusted: Fix trusted key backends when building as module
Andreas Rammhold
- [PATCH v3] KEYS: trusted: Fix trusted key backends when building as module
Andreas Rammhold
- [PATCH] mm: Remove HARDENED_USERCOPY_FALLBACK
David Rientjes
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Guenter Roeck
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Guenter Roeck
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Steven Rostedt
- Dear owner,
SOUTHWESTLOANCO
- [PATCH v4 00/12] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH v4 00/12] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH v4 00/12] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH v5 00/12] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH v5 00/12] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH v5 02/12] integrity: Do not allow machine keyring updates following init
Jarkko Sakkinen
- [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca
Jarkko Sakkinen
- [PATCH v5 01/12] integrity: Introduce a Linux keyring called machine
Jarkko Sakkinen
- [PATCH v5 12/12] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true
Jarkko Sakkinen
- [PATCH] integrity: support including firmware ".platform" keys at build time
Jarkko Sakkinen
- [PATCH v3 01/13] diglim: Overview
Jarkko Sakkinen
- [PATCH v6 00/13] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH v2] integrity: support including firmware ".platform" keys at build time
Jarkko Sakkinen
- [PATCH v6 00/13] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH v6 00/13] Enroll kernel keys thru MOK
Jarkko Sakkinen
- Landlock news #1
Mickaël Salaün
- Landlock news #1
Mickaël Salaün
- [PATCH] landlock: Drop "const" argument qualifier to avoid GCC 4.9 warnings
Mickaël Salaün
- [PATCH v3 00/13] integrity: Introduce DIGLIM
Roberto Sassu
- [PATCH v3 01/13] diglim: Overview
Roberto Sassu
- [PATCH v3 02/13] diglim: Basic definitions
Roberto Sassu
- [PATCH v3 03/13] diglim: Objects
Roberto Sassu
- [PATCH v3 04/13] diglim: Methods
Roberto Sassu
- [PATCH v3 05/13] diglim: Parser
Roberto Sassu
- [PATCH v3 06/13] diglim: IMA info
Roberto Sassu
- [PATCH v3 07/13] diglim: Interfaces - digest_list_add, digest_list_del
Roberto Sassu
- [PATCH v3 08/13] diglim: Interfaces - digest_lists_loaded
Roberto Sassu
- [PATCH v3 09/13] diglim: Interfaces - digest_list_label
Roberto Sassu
- [PATCH v3 10/13] diglim: Interfaces - digest_query
Roberto Sassu
- [PATCH v3 11/13] diglim: Interfaces - digests_count
Roberto Sassu
- [PATCH v3 12/13] diglim: Remote Attestation
Roberto Sassu
- [PATCH v3 13/13] diglim: Tests
Roberto Sassu
- [PATCH v3 01/13] diglim: Overview
Roberto Sassu
- [RFC][PATCH 0/9] integrity: Introduce DIGLIM advanced features
Roberto Sassu
- [RFC][PATCH 1/9] ima: Introduce new hook DIGEST_LIST_CHECK
Roberto Sassu
- [RFC][PATCH 2/9] diglim: Loader
Roberto Sassu
- [RFC][PATCH 3/9] diglim: LSM
Roberto Sassu
- [RFC][PATCH 4/9] diglim: Tests - LSM
Roberto Sassu
- [RFC][PATCH 5/9] diglim: Compact digest list generator
Roberto Sassu
- [RFC][PATCH 6/9] diglim: RPM digest list generator
Roberto Sassu
- [RFC][PATCH 7/9] diglim: Digest list uploader
Roberto Sassu
- [RFC][PATCH 8/9] diglim: RPM parser
Roberto Sassu
- [RFC][PATCH 9/9] diglim: Admin guide
Roberto Sassu
- [RFC][PATCH 0/7] ima: Measure and appraise files with DIGLIM
Roberto Sassu
- [RFC][PATCH 1/7] integrity: Change type of IMA rule-related flags to u64
Roberto Sassu
- [RFC][PATCH 2/7] ima: Introduce new policy keyword use_diglim
Roberto Sassu
- [RFC][PATCH 3/7] ima: Introduce diglim and appraise_diglim policies
Roberto Sassu
- [RFC][PATCH 4/7] ima: Query file digest and retrieve info from its digest lists
Roberto Sassu
- [RFC][PATCH 5/7] ima: Query metadata digest and retrieve info from its digest lists
Roberto Sassu
- [RFC][PATCH 6/7] ima: Skip measurement of files found in DIGLIM hash table
Roberto Sassu
- [RFC][PATCH 7/7] ima: Add support for appraisal with digest lists
Roberto Sassu
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Casey Schaufler
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Casey Schaufler
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Casey Schaufler
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Casey Schaufler
- [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels
Casey Schaufler
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Casey Schaufler
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Casey Schaufler
- Regression in unix stream sockets with the Smack LSM
Casey Schaufler
- Regression in unix stream sockets with the Smack LSM
Casey Schaufler
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Casey Schaufler
- Regression in unix stream sockets with the Smack LSM
Casey Schaufler
- Regression in unix stream sockets with the Smack LSM
Casey Schaufler
- [PATCH] smack: Guard smack_ipv6_lock definition within a SMACK_IPV6_PORT_LABELING block
Casey Schaufler
- [PATCH 1/1] Smack:- Use overlay inode label in smack_inode_copy_up()
Casey Schaufler
- [PATCH 1/1] Smack:- Use overlay inode label in smack_inode_copy_up()
Casey Schaufler
- Regression in unix stream sockets with the Smack LSM
Casey Schaufler
- [PATCH] selinux,smack: fix subjective/objective credential use mixups
Casey Schaufler
- [PATCH v29 00/28] LSM: Module stacking for AppArmor
Casey Schaufler
- [PATCH v29 01/28] LSM: Infrastructure management of the sock security
Casey Schaufler
- [PATCH v29 02/28] LSM: Add the lsmblob data structure.
Casey Schaufler
- [PATCH v29 03/28] LSM: provide lsm name and id slot mappings
Casey Schaufler
- [PATCH v29 04/28] IMA: avoid label collisions with stacked LSMs
Casey Schaufler
- [PATCH v29 05/28] LSM: Use lsmblob in security_audit_rule_match
Casey Schaufler
- [PATCH v29 06/28] LSM: Use lsmblob in security_kernel_act_as
Casey Schaufler
- [PATCH v29 07/28] LSM: Use lsmblob in security_secctx_to_secid
Casey Schaufler
- [PATCH v29 08/28] LSM: Use lsmblob in security_secid_to_secctx
Casey Schaufler
- [PATCH v29 09/28] LSM: Use lsmblob in security_ipc_getsecid
Casey Schaufler
- [PATCH v29 10/28] LSM: Use lsmblob in security_task_getsecid
Casey Schaufler
- [PATCH v29 11/28] LSM: Use lsmblob in security_inode_getsecid
Casey Schaufler
- [PATCH v29 12/28] LSM: Use lsmblob in security_cred_getsecid
Casey Schaufler
- [PATCH v29 13/28] IMA: Change internal interfaces to use lsmblobs
Casey Schaufler
- [PATCH v29 14/28] LSM: Specify which LSM to display
Casey Schaufler
- [PATCH v29 15/28] LSM: Ensure the correct LSM context releaser
Casey Schaufler
- [PATCH v29 16/28] LSM: Use lsmcontext in security_secid_to_secctx
Casey Schaufler
- [PATCH v29 17/28] LSM: Use lsmcontext in security_inode_getsecctx
Casey Schaufler
- [PATCH v29 18/28] LSM: security_secid_to_secctx in netlink netfilter
Casey Schaufler
- [PATCH v29 19/28] NET: Store LSM netlabel data in a lsmblob
Casey Schaufler
- [PATCH v29 20/28] LSM: Verify LSM display sanity in binder
Casey Schaufler
- [PATCH v29 21/28] LSM: Extend security_secid_to_secctx to include module selection
Casey Schaufler
- [PATCH v29 22/28] Audit: Keep multiple LSM data in audit_names
Casey Schaufler
- [PATCH v29 23/28] Audit: Create audit_stamp structure
Casey Schaufler
- [PATCH v29 24/28] Audit: Add framework for auxiliary records
Casey Schaufler
- [PATCH v29 25/28] Audit: Add record for multiple task security contexts
Casey Schaufler
- [PATCH v29 26/28] Audit: Add record for multiple object security contexts
Casey Schaufler
- [PATCH v29 27/28] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH v29 28/28] AppArmor: Remove the exclusive flag
Casey Schaufler
- [PATCH 2/2] fuse: Send security context of inode on file creation
Casey Schaufler
- [PATCH 2/2] fuse: Send security context of inode on file creation
Casey Schaufler
- [PATCH 2/2] fuse: Send security context of inode on file creation
Casey Schaufler
- [PATCH 2/2] fuse: Send security context of inode on file creation
Casey Schaufler
- [PATCH 2/2] fuse: Send security context of inode on file creation
Casey Schaufler
- [PATCH 2/2] fuse: Send security context of inode on file creation
Casey Schaufler
- [PATCH 2/2] fuse: Send security context of inode on file creation
Casey Schaufler
- [PATCH 2/2] fuse: Send security context of inode on file creation
Casey Schaufler
- [PATCH 2/2] fuse: Send security context of inode on file creation
Casey Schaufler
- Regression in unix stream sockets with the Smack LSM
Casey Schaufler
- [PATCH] security: Return xattr name from security_dentry_init_security()
Casey Schaufler
- [PATCH] smack: Guard smack_ipv6_lock definition within a SMACK_IPV6_PORT_LABELING block
Sebastian Andrzej Siewior
- [PATCH v2] smack: Guard smack_ipv6_lock definition within a SMACK_IPV6_PORT_LABELING block
Sebastian Andrzej Siewior
- [PATCH][next] apparmor: Use struct_size() helper in kzalloc()
Gustavo A. R. Silva
- [PATCH v4 00/12] Enroll kernel keys thru MOK
Eric Snowberg
- [PATCH v5 00/12] Enroll kernel keys thru MOK
Eric Snowberg
- [PATCH v5 01/12] integrity: Introduce a Linux keyring called machine
Eric Snowberg
- [PATCH v5 02/12] integrity: Do not allow machine keyring updates following init
Eric Snowberg
- [PATCH v5 03/12] KEYS: CA link restriction
Eric Snowberg
- [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca
Eric Snowberg
- [PATCH v5 05/12] integrity: add new keyring handler for mok keys
Eric Snowberg
- [PATCH v5 06/12] KEYS: add a reference to machine keyring
Eric Snowberg
- [PATCH v5 07/12] KEYS: Introduce link restriction to include builtin, secondary and machine keys
Eric Snowberg
- [PATCH v5 08/12] KEYS: integrity: change link restriction to trust the machine keyring
Eric Snowberg
- [PATCH v5 09/12] KEYS: link secondary_trusted_keys to machine trusted keys
Eric Snowberg
- [PATCH v5 10/12] integrity: store reference to machine keyring
Eric Snowberg
- [PATCH v5 11/12] integrity: Trust MOK keys if MokListTrustedRT found
Eric Snowberg
- [PATCH v5 12/12] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true
Eric Snowberg
- [PATCH v5 00/12] Enroll kernel keys thru MOK
Eric Snowberg
- [PATCH v5 00/12] Enroll kernel keys thru MOK
Eric Snowberg
- [PATCH v5 01/12] integrity: Introduce a Linux keyring called machine
Eric Snowberg
- [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca
Eric Snowberg
- [PATCH v5 07/12] KEYS: Introduce link restriction to include builtin, secondary and machine keys
Eric Snowberg
- [PATCH v6 00/13] Enroll kernel keys thru MOK
Eric Snowberg
- [PATCH v6 01/13] integrity: Introduce a Linux keyring called machine
Eric Snowberg
- [PATCH v6 02/13] integrity: Do not allow machine keyring updates following init
Eric Snowberg
- [PATCH v6 03/13] KEYS: CA link restriction
Eric Snowberg
- [PATCH v6 04/13] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca
Eric Snowberg
- [PATCH v6 05/13] integrity: add new keyring handler for mok keys
Eric Snowberg
- [PATCH v6 06/13] KEYS: Rename get_builtin_and_secondary_restriction
Eric Snowberg
- [PATCH v6 07/13] KEYS: add a reference to machine keyring
Eric Snowberg
- [PATCH v6 08/13] KEYS: Introduce link restriction for machine keys
Eric Snowberg
- [PATCH v6 09/13] KEYS: integrity: change link restriction to trust the machine keyring
Eric Snowberg
- [PATCH v6 10/13] KEYS: link secondary_trusted_keys to machine trusted keys
Eric Snowberg
- [PATCH v6 11/13] integrity: store reference to machine keyring
Eric Snowberg
- [PATCH v6 12/13] integrity: Trust MOK keys if MokListTrustedRT found
Eric Snowberg
- [PATCH v6 13/13] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true
Eric Snowberg
- [PATCH v6 00/13] Enroll kernel keys thru MOK
Eric Snowberg
- [PATCH v6 00/13] Enroll kernel keys thru MOK
Eric Snowberg
- [PATCH v6 00/13] Enroll kernel keys thru MOK
Eric Snowberg
- [PATCH v6 12/13] integrity: Trust MOK keys if MokListTrustedRT found
Eric Snowberg
- [PATCH v6 12/13] integrity: Trust MOK keys if MokListTrustedRT found
Eric Snowberg
- [PATCH] mm: Remove HARDENED_USERCOPY_FALLBACK
Joel Stanley
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Miklos Szeredi
- [PATCH v3 0/1] Relax restrictions on user.* xattr
Miklos Szeredi
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Fāng-ruì Sòng
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Linus Torvalds
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Linus Torvalds
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Linus Torvalds
- [GIT PULL] SELinux fixes for v5.15 (#1)
Linus Torvalds
- [GIT PULL] SELinux fixes for v5.15 (#1)
Linus Torvalds
- [GIT PULL] SELinux fixes for v5.15 (#1)
Linus Torvalds
- [GIT PULL] SELinux fixes for v5.15 (#1)
Linus Torvalds
- [GIT PULL] SELinux fixes for v5.15 (#1)
Linus Torvalds
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Geert Uytterhoeven
- [PATCH 04/11] ath11: Wstringop-overread warning
Kalle Valo
- [PATCH 2/2] fuse: Send security context of inode on file creation
Colin Walters
- Hello
Mrs Suzara Maling Wan
- [PATCH] Revert "Enable '-Werror' by default for all kernel builds"
Florian Weimer
- [PATCH v4] lockdown,selinux: fix wrong subject in some SELinux lockdown checks
Rafael J. Wysocki
- [PATCH -next] apparmor: Remove unused inline function label_is_visible()
YueHaibing
- [PATCH v6 0/1] NAX (No Anonymous Execution) LSM
Igor Zhbanov
- [PATCH v6 1/1] NAX LSM: Add initial support
Igor Zhbanov
- [PATCH v4 00/12] Enroll kernel keys thru MOK
Mimi Zohar
- [PATCH v5 00/12] Enroll kernel keys thru MOK
Mimi Zohar
- [PATCH v5 01/12] integrity: Introduce a Linux keyring called machine
Mimi Zohar
- [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca
Mimi Zohar
- [PATCH v5 07/12] KEYS: Introduce link restriction to include builtin, secondary and machine keys
Mimi Zohar
- [PATCH v5 08/12] KEYS: integrity: change link restriction to trust the machine keyring
Mimi Zohar
- [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca
Mimi Zohar
- [PATCH v5 07/12] KEYS: Introduce link restriction to include builtin, secondary and machine keys
Mimi Zohar
- [PATCH v6 00/13] Enroll kernel keys thru MOK
Mimi Zohar
- [PATCH v3] KEYS: trusted: Fix trusted key backends when building as module
Mimi Zohar
- [PATCH v3] KEYS: trusted: Fix trusted key backends when building as module
Mimi Zohar
- [PATCH v3] KEYS: trusted: Fix trusted key backends when building as module
Mimi Zohar
- [PATCH] ima: fix deadlock when traversing "ima_default_rules".
Mimi Zohar
- [PATCH] NET: IPV4: fix error "do not initialise globals to 0"
patchwork-bot+netdevbpf at kernel.org
- [GIT PULL] hardening updates for v5.15-rc1
pr-tracker-bot at kernel.org
- [GIT PULL] SELinux/Smack fixes for v5.15 (#2)
pr-tracker-bot at kernel.org
- [PATCH] ima: fix deadlock when traversing "ima_default_rules".
liqiong
- [PATCH] integrity: support including firmware ".platform" keys at build time
kernel test robot
- [PATCH] integrity: support including firmware ".platform" keys at build time
kernel test robot
- [PATCH] integrity: support including firmware ".platform" keys at build time
kernel test robot
- [syzbot] riscv/fixes boot error: BUG: unable to handle kernel paging request in corrupted
syzbot
- [syzbot] riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted
syzbot
- [PATCH] NET: IPV4: fix error "do not initialise globals to 0"
wangzhitong
- PLEASE I NEED YOUR HELP
Irene zakari
- [PATCH v2] net: fix NULL pointer reference in cipso_v4_doi_free
王贇
- [PATCH] Revert "net: fix NULL pointer reference in cipso_v4_doi_free"
王贇
- [PATCH] Revert "net: fix NULL pointer reference in cipso_v4_doi_free"
王贇
- [PATCH v2] net: fix NULL pointer reference in cipso_v4_doi_free
王贇
- [PATCH] Revert "net: fix NULL pointer reference in cipso_v4_doi_free"
王贇
- [PATCH v2] net: fix NULL pointer reference in cipso_v4_doi_free
王贇
- [PATCH] net: remove the unnecessary check in cipso_v4_doi_free
王贇
- [PATCH] Revert "net: fix NULL pointer reference in cipso_v4_doi_free"
王贇
Last message date:
Thu Sep 30 22:57:53 UTC 2021
Archived on: Thu Sep 30 22:48:45 UTC 2021
This archive was generated by
Pipermail 0.09 (Mailman edition).