February 2022 Archives by author
Starting: Tue Feb 1 12:13:48 UTC 2022
Ending: Mon Feb 28 21:59:35 UTC 2022
Messages: 444
- Problem with commit ccf11dbaa07b ("evm: Fix memleak in init_desc")
Guozihua (Scott)
- Problem with commit ccf11dbaa07b ("evm: Fix memleak in init_desc")
Guozihua (Scott)
- [PATCH v1 2/7] landlock: Fix landlock_add_rule(2) signature
Alejandro Colomar (man-pages)
- お問い合わせありがとうございます!
ATS造家設計事務所
- [RFC PATCH 0/1] SELinux-namespaces
Igor Baranov
- [RFC PATCH 1/1] selinuxns: Replace state pointer with namespace id
Igor Baranov
- Business invitation
Fatimah Baro
- [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
Stefan Berger
- [PATCH v10 01/27] ima: Remove ima_policy file before directory
Stefan Berger
- [PATCH v10 02/27] ima: Do not print policy rule with inactive LSM labels
Stefan Berger
- [PATCH v10 03/27] ima: Return error code obtained from securityfs functions
Stefan Berger
- [PATCH v10 04/27] securityfs: rework dentry creation
Stefan Berger
- [PATCH v10 05/27] ima: Define ima_namespace struct and start moving variables into it
Stefan Berger
- [PATCH v10 06/27] ima: Move arch_policy_entry into ima_namespace
Stefan Berger
- [PATCH v10 07/27] ima: Move ima_htable into ima_namespace
Stefan Berger
- [PATCH v10 08/27] ima: Move measurement list related variables into ima_namespace
Stefan Berger
- [PATCH v10 09/27] ima: Move some IMA policy and filesystem related variables into ima_namespace
Stefan Berger
- [PATCH v10 10/27] ima: Move IMA securityfs files into ima_namespace or onto stack
Stefan Berger
- [PATCH v10 11/27] ima: Move ima_lsm_policy_notifier into ima_namespace
Stefan Berger
- [PATCH v10 12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
Stefan Berger
- [PATCH v10 13/27] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
Stefan Berger
- [PATCH v10 14/27] userns: Add pointer to ima_namespace to user_namespace
Stefan Berger
- [PATCH v10 15/27] ima: Implement hierarchical processing of file accesses
Stefan Berger
- [PATCH v10 16/27] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
Stefan Berger
- [PATCH v10 17/27] ima: Add functions for creating and freeing of an ima_namespace
Stefan Berger
- [PATCH v10 18/27] integrity/ima: Define ns_status for storing namespaced iint data
Stefan Berger
- [PATCH v10 19/27] integrity: Add optional callback function to integrity_inode_free()
Stefan Berger
- [PATCH v10 20/27] ima: Namespace audit status flags
Stefan Berger
- [PATCH v10 21/27] ima: Remove unused iints from the integrity_iint_cache
Stefan Berger
- [PATCH v10 22/27] securityfs: Extend securityfs with namespacing support
Stefan Berger
- [PATCH v10 23/27] ima: Setup securityfs for IMA namespace
Stefan Berger
- [PATCH v10 24/27] ima: Introduce securityfs file to activate an IMA namespace
Stefan Berger
- [PATCH v10 25/27] ima: Show owning user namespace's uid and gid when displaying policy
Stefan Berger
- [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
Stefan Berger
- [PATCH v10 27/27] ima: Enable IMA namespaces
Stefan Berger
- [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
Stefan Berger
- [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
Stefan Berger
- [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
Stefan Berger
- [PATCH v10 12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
Stefan Berger
- [PATCH v10 12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
Stefan Berger
- [PATCH v10 05/27] ima: Define ima_namespace struct and start moving variables into it
Stefan Berger
- [PATCH v10 06/27] ima: Move arch_policy_entry into ima_namespace
Stefan Berger
- [PATCH v10 06/27] ima: Move arch_policy_entry into ima_namespace
Stefan Berger
- [PATCH v10 11/27] ima: Move ima_lsm_policy_notifier into ima_namespace
Stefan Berger
- [PATCH v10 16/27] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
Stefan Berger
- [PATCH v10 22/27] securityfs: Extend securityfs with namespacing support
Stefan Berger
- [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
Stefan Berger
- [PATCH v10 24/27] ima: Introduce securityfs file to activate an IMA namespace
Stefan Berger
- [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
Stefan Berger
- [PATCH v10 27/27] ima: Enable IMA namespaces
Stefan Berger
- [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
Stefan Berger
- [PATCH v10 24/27] ima: Introduce securityfs file to activate an IMA namespace
Stefan Berger
- [PATCH v10 18/27] integrity/ima: Define ns_status for storing namespaced iint data
Stefan Berger
- [PATCH v10 18/27] integrity/ima: Define ns_status for storing namespaced iint data
Stefan Berger
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Ard Biesheuvel
- [PATCH v2] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Ard Biesheuvel
- [PATCH v8 3/4] efi: Load efi_secret module if EFI secret area is populated
Ard Biesheuvel
- [PATCH v8 3/4] efi: Load efi_secret module if EFI secret area is populated
Ard Biesheuvel
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
James Bottomley
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
James Bottomley
- [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
Christian Brauner
- [PATCH v10 02/27] ima: Do not print policy rule with inactive LSM labels
Christian Brauner
- [PATCH v10 22/27] securityfs: Extend securityfs with namespacing support
Christian Brauner
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Willem de Bruijn
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Willem de Bruijn
- [PATCH v5 0/6] KEXEC_SIG with appended signature
Luis Chamberlain
- [PATCH v3 2/2] fs/proc: Optimize arrays defined by struct ctl_path
Luis Chamberlain
- [PATCH v3 1/2] fs/proc: Optimize arrays defined by struct ctl_path
Luis Chamberlain
- [PATCH 0/4 v5] fortify: Add Clang support
Kees Cook
- [PATCH 1/4] Compiler Attributes: Add Clang's __pass_object_size
Kees Cook
- [PATCH 2/4] Compiler Attributes: Add __overloadable
Kees Cook
- [PATCH 3/4] Compiler Attributes: Add __diagnose_as
Kees Cook
- [PATCH 4/4 v5] fortify: Add Clang support
Kees Cook
- [PATCH 1/4] Compiler Attributes: Add Clang's __pass_object_size
Kees Cook
- [PATCH 4/4 v5] fortify: Add Clang support
Kees Cook
- [PATCH 4/4 v5] fortify: Add Clang support
Kees Cook
- [PATCH 4/4 v5] fortify: Add Clang support
Kees Cook
- Wycena paneli fotowoltaicznych
Jakub Daroch
- [PATCH 4/4 v5] fortify: Add Clang support
Nick Desaulniers
- [PATCH 4/4 v5] fortify: Add Clang support
Nick Desaulniers
- [PATCH 4/4 v5] fortify: Add Clang support
Nick Desaulniers
- [PATCH] EVM: fix the evm= __setup handler return value
Randy Dunlap
- [PATCH] TOMOYO: fix __setup handlers return values
Randy Dunlap
- [PATCH v5 2/6] powerpc/kexec_file: Add KEXEC_SIG support.
Michael Ellerman
- [PATCH v5 0/6] KEXEC_SIG with appended signature
Michael Ellerman
- [PATCH] KEYS: trusted: fix crash when TPM/TEE are built as module
Ahmad Fatoum
- [EXT] Re: [PATCH v4 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys
Ahmad Fatoum
- [PATCH v5 0/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys
Ahmad Fatoum
- [PATCH v5 1/5] KEYS: trusted: allow use of TEE as backend without TCG_TPM support
Ahmad Fatoum
- [PATCH v5 2/5] KEYS: trusted: allow users to use kernel RNG for key material
Ahmad Fatoum
- [PATCH v5 3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material
Ahmad Fatoum
- [PATCH v5 4/5] crypto: caam - add in-kernel interface for blob generator
Ahmad Fatoum
- [PATCH v5 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys
Ahmad Fatoum
- [PATCH v5 4/5] crypto: caam - add in-kernel interface for blob generator
Ahmad Fatoum
- [PATCH v5 3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material
Ahmad Fatoum
- [BUG] Unable to write the NVRAM on T2 Macs if CONFIG_INTEGRITY_PLATFORM_KEYRING and CONFIG_LOAD_UEFI_KEYS are enabled.
Aditya Garg
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH v2] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH v3] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH v2] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH v3] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH v3] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
- [PATCH v5] KEYS: encrypted: Instantiate key with user-provided decrypted data
Sumit Garg
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Matthew Garrett
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Matthew Garrett
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Matthew Garrett
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Matthew Garrett
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Matthew Garrett
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Matthew Garrett
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Matthew Garrett
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Matthew Garrett
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Matthew Garrett
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Matthew Garrett
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Matthew Garrett
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Matthew Garrett
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Dr. David Alan Gilbert
- [EXT] Re: [PATCH v4 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys
Pankaj Gupta
- [EXT] Re: [PATCH v5 3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material
Pankaj Gupta
- [EXT] Re: [PATCH v5 4/5] crypto: caam - add in-kernel interface for blob generator
Pankaj Gupta
- [EXT] [PATCH v5 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys
Pankaj Gupta
- [PATCH] security: declare member holding string literal const
Christian Göttsche
- [RFC PATCH] mm: create security context for memfd_secret inodes
Christian Göttsche
- [PATCH] selinux: log anon inode class name
Christian Göttsche
- [RFC PATCH 2/2] capability: use new capable_or functionality
Christian Göttsche
- [RFC PATCH 1/2] capability: add capable_or to test for multiple caps with exactly one audit message
Christian Göttsche
- [PATCH net v3 0/2] security: fixups for the security hooks in sctp
Richard Haines
- [PATCH v10 12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
Serge E. Hallyn
- [PATCH v10 12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
Serge E. Hallyn
- [PATCH v10 27/27] ima: Enable IMA namespaces
Serge E. Hallyn
- [PATCH] TOMOYO: fix __setup handlers return values
Tetsuo Handa
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Gerd Hoffmann
- [PATCH v7 1/5] efi: Save location of EFI confidential computing area
Gerd Hoffmann
- [PATCH v7 2/5] efi/libstub: Reserve confidential computing secret area
Gerd Hoffmann
- [PATCH v7 3/5] virt: Add efi_secret module to expose confidential computing secrets
Gerd Hoffmann
- [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated
Gerd Hoffmann
- [PATCH v7 5/5] docs: security: Add coco/efi_secret documentation
Gerd Hoffmann
- [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated
Gerd Hoffmann
- [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated
Gerd Hoffmann
- [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated
Gerd Hoffmann
- [PATCH] apparmor: fix aa_label_asxprint return check
John Johansen
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Greg KH
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Greg KH
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Greg KH
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Greg KH
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Greg KH
- [PATCH v8 10/17] KEYS: add a reference to machine keyring
Darren Kenny
- [PATCH v8 11/17] KEYS: Introduce link restriction for machine keys
Darren Kenny
- [PATCH v8 13/17] integrity: store reference to machine keyring
Darren Kenny
- [PATCH v8 14/17] KEYS: link machine trusted keys to secondary_trusted_keys
Darren Kenny
- [PATCH v8 15/17] efi/mokvar: move up init order
Darren Kenny
- [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found
Darren Kenny
- [PATCH v8 17/17] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true
Darren Kenny
- [PATCH v8 07/17] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca
Darren Kenny
- [PATCH v2 1/6] ima: Fix documentation-related warnings in ima_main.c
Shuah Khan
- [PATCH v2 4/6] selftests/bpf: Add test for bpf_ima_file_hash()
Shuah Khan
- [PATCH v2 6/6] selftests/bpf: Add test for bpf_lsm_kernel_read_file()
Shuah Khan
- [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux
Jakub Kicinski
- [PATCH] KEYS: trusted: Avoid calling null function trusted_key_exit
Dave Kleikamp
- [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Greg Kroah-Hartman
- [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Greg Kroah-Hartman
- [PATCH] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
David Laight
- [PATCH v2] fs/proc: Optimize arrays defined by struct ctl_path
David Laight
- [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux
Xin Long
- [PATCH net v3 0/2] security: fixups for the security hooks in sctp
Xin Long
- [PATCH v5 2/6] powerpc/kexec_file: Add KEXEC_SIG support.
Paul Menzel
- [PATCH v5 2/6] powerpc/kexec_file: Add KEXEC_SIG support.
Paul Menzel
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Konstantin Meskhidze
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Konstantin Meskhidze
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Konstantin Meskhidze
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Konstantin Meskhidze
- [RFC PATCH 0/2] landlock network implementation cover letter
Konstantin Meskhidze
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Konstantin Meskhidze
- [RFC PATCH 0/2] landlock network implementation cover letter
Konstantin Meskhidze
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Konstantin Meskhidze
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Konstantin Meskhidze
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Konstantin Meskhidze
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Konstantin Meskhidze
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Konstantin Meskhidze
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Konstantin Meskhidze
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Konstantin Meskhidze
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Konstantin Meskhidze
- [GIT PULL] SELinux fixes for v5.17 (#1)
Paul Moore
- [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux
Paul Moore
- [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux
Paul Moore
- [PATCH net v3 0/2] security: fixups for the security hooks in sctp
Paul Moore
- [RFC PATCH 0/1] SELinux-namespaces
Paul Moore
- [PATCH] security: declare member holding string literal const
Paul Moore
- [RFC PATCH] mm: create security context for memfd_secret inodes
Paul Moore
- [GIT PULL] SELinux fixes for v5.17 (#2)
Paul Moore
- [PATCH] selinux: log anon inode class name
Paul Moore
- [ANNOUNCE][CFP] Linux Security Summit North America 2022
James Morris
- [PATCH net v3 0/2] security: fixups for the security hooks in sctp
Ondrej Mosnacek
- [PATCH net v3 1/2] security: add sctp_assoc_established hook
Ondrej Mosnacek
- [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux
Ondrej Mosnacek
- [PATCH net v3 0/2] security: fixups for the security hooks in sctp
Ondrej Mosnacek
- [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux
Ondrej Mosnacek
- [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux
Ondrej Mosnacek
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Dov Murik
- [PATCH v7 1/5] efi: Save location of EFI confidential computing area
Dov Murik
- [PATCH v7 2/5] efi/libstub: Reserve confidential computing secret area
Dov Murik
- [PATCH v7 3/5] virt: Add efi_secret module to expose confidential computing secrets
Dov Murik
- [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated
Dov Murik
- [PATCH v7 5/5] docs: security: Add coco/efi_secret documentation
Dov Murik
- [PATCH v7 3/5] virt: Add efi_secret module to expose confidential computing secrets
Dov Murik
- [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated
Dov Murik
- [PATCH v7 2/5] efi/libstub: Reserve confidential computing secret area
Dov Murik
- [PATCH v7 5/5] docs: security: Add coco/efi_secret documentation
Dov Murik
- [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated
Dov Murik
- [PATCH v7 4/5] efi: Load efi_secret module if EFI secret area is populated
Dov Murik
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Dov Murik
- [PATCH v8 0/4] Allow guest access to EFI confidential computing secret area
Dov Murik
- [PATCH v8 1/4] efi: Save location of EFI confidential computing area
Dov Murik
- [PATCH v8 2/4] virt: Add efi_secret module to expose confidential computing secrets
Dov Murik
- [PATCH v8 3/4] efi: Load efi_secret module if EFI secret area is populated
Dov Murik
- [PATCH v8 4/4] docs: security: Add secrets/coco documentation
Dov Murik
- [PATCH v8 3/4] efi: Load efi_secret module if EFI secret area is populated
Dov Murik
- Aufmerksamkeit:
Barrister Mustafa
- [PATCH v7 0/5] Allow guest access to EFI confidential computing secret area
Nayna
- [PATCH v8 0/3] integrity: support including firmware ".platform" keys at build time
Nayna
- [PATCH 1/4] Compiler Attributes: Add Clang's __pass_object_size
Miguel Ojeda
- [PATCH 1/4] Compiler Attributes: Add Clang's __pass_object_size
Miguel Ojeda
- [PATCH 1/4] Compiler Attributes: Add Clang's __pass_object_size
Miguel Ojeda
- [PATCH 4/4 v5] fortify: Add Clang support
Miguel Ojeda
- W sprawie samochodu
Filip Ostrowski
- [PATCH] userfaultfd, capability: introduce CAP_USERFAULTFD
Axel Rasmussen
- [PATCH] userfaultfd, capability: introduce CAP_USERFAULTFD
Axel Rasmussen
- [PATCH] userfaultfd, capability: introduce CAP_USERFAULTFD
Axel Rasmussen
- [PATCH] ima: Calculate digest in ima_inode_hash() if not available
Florent Revest
- [Intel-gfx] [PATCH v2 06/11] drm/i915: Use str_on_off()
Matt Roper
- [Intel-gfx] [PATCH v2 05/11] drm/i915: Use str_enabled_disabled()
Matt Roper
- [Intel-gfx] [PATCH v2 04/11] drm/i915: Use str_enable_disable()
Matt Roper
- [Intel-gfx] [PATCH v2 03/11] drm/i915: Use str_yes_no()
Matt Roper
- [PATCH v4] KEYS: encrypted: Instantiate key with user-provided decrypted data
Jarkko Sakkinen
- [PATCH v10 0/8] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH] KEYS: remove support for asym_tpm keys
Jarkko Sakkinen
- [PATCH] KEYS: remove support for asym_tpm keys
Jarkko Sakkinen
- [PATCH v8 0/5] Enable root to update the blacklist keyring
Jarkko Sakkinen
- [PATCH v8 0/5] Enable root to update the blacklist keyring
Jarkko Sakkinen
- [PATCH v10 0/8] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH v8 0/3] integrity: support including firmware ".platform" keys at build time
Jarkko Sakkinen
- [PATCH] KEYS: trusted: fix crash when TPM/TEE are built as module
Jarkko Sakkinen
- [PATCH] KEYS: trusted: fix crash when TPM/TEE are built as module
Jarkko Sakkinen
- [PATCH v8 00/17] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH] KEYS: trusted: Avoid calling null function trusted_key_exit
Jarkko Sakkinen
- [PATCH v5] KEYS: encrypted: Instantiate key with user-provided decrypted data
Jarkko Sakkinen
- [PATCH v10 0/8] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH v10 0/8] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH v10 0/8] Enroll kernel keys thru MOK
Jarkko Sakkinen
- [PATCH v5 4/5] crypto: caam - add in-kernel interface for blob generator
Jarkko Sakkinen
- [PATCH v5 2/5] KEYS: trusted: allow users to use kernel RNG for key material
Jarkko Sakkinen
- [PATCH v5 4/5] crypto: caam - add in-kernel interface for blob generator
Jarkko Sakkinen
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Mickaël Salaün
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Mickaël Salaün
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Mickaël Salaün
- [RFC PATCH 0/2] landlock network implementation cover letter
Mickaël Salaün
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Mickaël Salaün
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Mickaël Salaün
- [RFC PATCH 0/2] landlock network implementation cover letter
Mickaël Salaün
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Mickaël Salaün
- [RFC PATCH 1/2] landlock: TCP network hooks implementation
Mickaël Salaün
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Mickaël Salaün
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Mickaël Salaün
- [PATCH v1 0/7] Minor Landlock fixes and new tests
Mickaël Salaün
- [PATCH v1 1/7] landlock: Fix landlock_add_rule(2) documentation
Mickaël Salaün
- [PATCH v1 2/7] landlock: Fix landlock_add_rule(2) signature
Mickaël Salaün
- [PATCH v1 3/7] selftest/landlock: Make tests build with old libc
Mickaël Salaün
- [PATCH v1 4/7] selftest/landlock: Extend tests for minimal valid attribute size
Mickaël Salaün
- [PATCH v1 5/7] selftest/landlock: Add tests for unknown access rights
Mickaël Salaün
- [PATCH v1 6/7] selftest/landlock: Extend access right tests to directories
Mickaël Salaün
- [PATCH v1 7/7] selftest/landlock: Fully test file rename with "remove" access
Mickaël Salaün
- [PATCH v1 00/11] Landlock: file linking and renaming support
Mickaël Salaün
- [PATCH v1 01/11] landlock: Define access_mask_t to enforce a consistent access mask size
Mickaël Salaün
- [PATCH v1 02/11] landlock: Reduce the maximum number of layers to 16
Mickaël Salaün
- [PATCH v1 03/11] landlock: Create find_rule() from unmask_layers()
Mickaël Salaün
- [PATCH v1 04/11] landlock: Fix same-layer rule unions
Mickaël Salaün
- [PATCH v1 05/11] landlock: Move filesystem helpers and add a new one
Mickaël Salaün
- [PATCH v1 06/11] landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER
Mickaël Salaün
- [PATCH v1 07/11] selftest/landlock: Add 6 new test suites dedicated to file reparenting
Mickaël Salaün
- [PATCH v1 08/11] samples/landlock: Add support for file reparenting
Mickaël Salaün
- [PATCH v1 09/11] landlock: Document LANDLOCK_ACCESS_FS_REFER and ABI versioning
Mickaël Salaün
- [PATCH v1 10/11] landlock: Document good practices about filesystem policies
Mickaël Salaün
- [PATCH v1 11/11] landlock: Add design choices documentation for filesystem access rights
Mickaël Salaün
- [PATCH v1 06/11] landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER
Mickaël Salaün
- [RFC PATCH v1] LSM: Remove double path_rename hook calls for RENAME_EXCHANGE
Mickaël Salaün
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Mickaël Salaün
- [RFC PATCH 2/2] landlock: selftests for bind and connect hooks
Mickaël Salaün
- [PATCH v1 2/7] landlock: Fix landlock_add_rule(2) signature
Mickaël Salaün
- [PATCH v1] fs: Fix inconsistent f_mode
Mickaël Salaün
- [PATCH] ima: Calculate digest in ima_inode_hash() if not available
Roberto Sassu
- [PATCH] ima: Calculate digest in ima_inode_hash() if not available
Roberto Sassu
- [PATCH] ima: Calculate digest in ima_inode_hash() if not available
Roberto Sassu
- [PATCH] ima: Calculate digest in ima_inode_hash() if not available
Roberto Sassu
- [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Roberto Sassu
- [PATCH v2 1/6] ima: Fix documentation-related warnings in ima_main.c
Roberto Sassu
- [PATCH v2 2/6] ima: Always return a file measurement in ima_file_hash()
Roberto Sassu
- [PATCH v2 3/6] bpf-lsm: Introduce new helper bpf_ima_file_hash()
Roberto Sassu
- [PATCH v2 4/6] selftests/bpf: Add test for bpf_ima_file_hash()
Roberto Sassu
- [PATCH v2 5/6] bpf-lsm: Make bpf_lsm_kernel_read_file() as sleepable
Roberto Sassu
- [PATCH v2 6/6] selftests/bpf: Add test for bpf_lsm_kernel_read_file()
Roberto Sassu
- [PATCH v2 1/6] ima: Fix documentation-related warnings in ima_main.c
Roberto Sassu
- [PATCH v2 6/6] selftests/bpf: Add test for bpf_lsm_kernel_read_file()
Roberto Sassu
- [PATCH v2 3/6] bpf-lsm: Introduce new helper bpf_ima_file_hash()
Roberto Sassu
- [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Roberto Sassu
- [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Roberto Sassu
- [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Roberto Sassu
- [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Roberto Sassu
- Leftover info for sb_copy_data and sb_parse_opts_str in include/linux/lsm_hooks.h
Casey Schaufler
- [PATCH v32 00/28] LSM: Module stacking for AppArmor
Casey Schaufler
- [PATCH v32 01/28] integrity: disassociate ima_filter_rule from security_audit_rule
Casey Schaufler
- [PATCH v32 02/28] LSM: Infrastructure management of the sock security
Casey Schaufler
- [PATCH v32 03/28] LSM: Add the lsmblob data structure.
Casey Schaufler
- [PATCH v32 04/28] LSM: provide lsm name and id slot mappings
Casey Schaufler
- [PATCH v32 05/28] IMA: avoid label collisions with stacked LSMs
Casey Schaufler
- [PATCH v32 06/28] LSM: Use lsmblob in security_audit_rule_match
Casey Schaufler
- [PATCH v32 07/28] LSM: Use lsmblob in security_kernel_act_as
Casey Schaufler
- [PATCH v32 08/28] LSM: Use lsmblob in security_secctx_to_secid
Casey Schaufler
- [PATCH v32 09/28] LSM: Use lsmblob in security_secid_to_secctx
Casey Schaufler
- [PATCH v32 10/28] LSM: Use lsmblob in security_ipc_getsecid
Casey Schaufler
- [PATCH v32 11/28] LSM: Use lsmblob in security_current_getsecid
Casey Schaufler
- [PATCH v32 12/28] LSM: Use lsmblob in security_inode_getsecid
Casey Schaufler
- [PATCH v32 13/28] LSM: Use lsmblob in security_cred_getsecid
Casey Schaufler
- [PATCH v32 14/28] LSM: Specify which LSM to display
Casey Schaufler
- [PATCH v32 15/28] LSM: Ensure the correct LSM context releaser
Casey Schaufler
- [PATCH v32 16/28] LSM: Use lsmcontext in security_secid_to_secctx
Casey Schaufler
- [PATCH v32 17/28] LSM: Use lsmcontext in security_inode_getsecctx
Casey Schaufler
- [PATCH v32 18/28] LSM: security_secid_to_secctx in netlink netfilter
Casey Schaufler
- [PATCH v32 19/28] NET: Store LSM netlabel data in a lsmblob
Casey Schaufler
- [PATCH v32 20/28] binder: Pass LSM identifier for confirmation
Casey Schaufler
- [PATCH v32 21/28] LSM: Extend security_secid_to_secctx to include module selection
Casey Schaufler
- [PATCH v32 22/28] Audit: Keep multiple LSM data in audit_names
Casey Schaufler
- [PATCH v32 23/28] Audit: Create audit_stamp structure
Casey Schaufler
- [PATCH v32 24/28] Audit: Add framework for auxiliary records
Casey Schaufler
- [PATCH v32 25/28] Audit: Add record for multiple task security contexts
Casey Schaufler
- [PATCH v32 26/28] Audit: Add record for multiple object security contexts
Casey Schaufler
- [PATCH v32 27/28] LSM: Add /proc attr entry for full LSM context
Casey Schaufler
- [PATCH v32 28/28] AppArmor: Remove the exclusive flag
Casey Schaufler
- [RFC PATCH 0/1] SELinux-namespaces
Casey Schaufler
- [PATCH] security: declare member holding string literal const
Casey Schaufler
- [PATCH 2/2] integrity: double check iint_cache was initialized
Casey Schaufler
- [PATCH 2/2] integrity: double check iint_cache was initialized
Casey Schaufler
- [PATCH] userfaultfd, capability: introduce CAP_USERFAULTFD
Casey Schaufler
- [PATCH] userfaultfd, capability: introduce CAP_USERFAULTFD
Casey Schaufler
- [PATCH] userfaultfd, capability: introduce CAP_USERFAULTFD
Casey Schaufler
- [PATCH] userfaultfd, capability: introduce CAP_USERFAULTFD
Casey Schaufler
- [PATCH v2 3/6] bpf-lsm: Introduce new helper bpf_ima_file_hash()
Yonghong Song
- [RFC PATCH 2/2] capability: use new capable_or functionality
Alexei Starovoitov
- [PATCH 1/4] Fix arm64 kexec forbidding kernels signed with keys in the secondary keyring to boot
Michal Suchanek
- [PATCH 2/4] kexec, KEYS, arm64: Make use of platform keyring for signature verification
Michal Suchanek
- [PATCH 3/4] kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification
Michal Suchanek
- [PATCH 4/4] module, KEYS: Make use of platform keyring for signature verification
Michal Suchanek
- [PATCH v5 3/6] kexec_file: Don't opencode appended signature verification.
Michal Suchánek
- [PATCH v5 2/6] powerpc/kexec_file: Add KEXEC_SIG support.
Michal Suchánek
- [PATCH v5 2/6] powerpc/kexec_file: Add KEXEC_SIG support.
Michal Suchánek
- [PATCH 4/4] module, KEYS: Make use of platform keyring for signature verification
Michal Suchánek
- [PATCH 4/4] module, KEYS: Make use of platform keyring for signature verification
Michal Suchánek
- [PATCH 4/4] module, KEYS: Make use of platform keyring for signature verification
Michal Suchánek
- [PATCH 4/4] module, KEYS: Make use of platform keyring for signature verification
Michal Suchánek
- Prezentacja
Mateusz Talaga
- [PATCH] fs/proc: Optimize arrays defined by struct ctl_path
Meng Tang
- [PATCH v2] fs/proc: Optimize arrays defined by struct ctl_path
Meng Tang
- [PATCH v3 1/2] fs/proc: Optimize arrays defined by struct ctl_path
Meng Tang
- [PATCH v3 2/2] fs/proc: Optimize arrays defined by struct ctl_path
Meng Tang
- [PATCH v5] KEYS: encrypted: Instantiate key with user-provided decrypted data
Yael Tzur
- [PATCH 2/2] integrity: double check iint_cache was initialized
Petr Vorel
- [PATCH 2/2] integrity: double check iint_cache was initialized
Petr Vorel
- [PATCH 2/2] integrity: double check iint_cache was initialized
Petr Vorel
- Új hirdetési kapcsolatfelvétel
WordPress
- [PATCH v3] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Lukas Wunner
- [PATCH] userfaultfd, capability: introduce CAP_USERFAULTFD
Peter Xu
- [PATCH] KEYS: trusted: fix crash when TPM/TEE are built as module
Tong Zhang
- [PATCH] KEYS: trusted: fix crash when TPM/TEE are built as module
Tong Zhang
- Leftover info for sb_copy_data and sb_parse_opts_str in include/linux/lsm_hooks.h
Igor Zhbanov
- [PATCH] lsm: Remove stale info about sb_copy_data and sb_parse_opts_str
Igor Zhbanov
- TOMOYO can't be enabled with other major LSM
Igor Zhbanov
- Ruch z pierwszej pozycji w Google
Wiktor Zielonko
- [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
Mimi Zohar
- Problem with commit ccf11dbaa07b ("evm: Fix memleak in init_desc")
Mimi Zohar
- MAINTAINERS update suggestion (subject change)
Mimi Zohar
- [PATCH v10 01/27] ima: Remove ima_policy file before directory
Mimi Zohar
- [PATCH v10 03/27] ima: Return error code obtained from securityfs functions
Mimi Zohar
- [PATCH v10 04/27] securityfs: rework dentry creation
Mimi Zohar
- [PATCH] ima: Calculate digest in ima_inode_hash() if not available
Mimi Zohar
- [PATCH] ima: Calculate digest in ima_inode_hash() if not available
Mimi Zohar
- [PATCH v5 2/6] powerpc/kexec_file: Add KEXEC_SIG support.
Mimi Zohar
- [PATCH v5 0/6] KEXEC_SIG with appended signature
Mimi Zohar
- [PATCH v5 0/6] KEXEC_SIG with appended signature
Mimi Zohar
- [PATCH v5 2/6] powerpc/kexec_file: Add KEXEC_SIG support.
Mimi Zohar
- [PATCH v5 2/6] powerpc/kexec_file: Add KEXEC_SIG support.
Mimi Zohar
- [PATCH v5 2/6] powerpc/kexec_file: Add KEXEC_SIG support.
Mimi Zohar
- [PATCH] ima: Calculate digest in ima_inode_hash() if not available
Mimi Zohar
- [PATCH] ima: Calculate digest in ima_inode_hash() if not available
Mimi Zohar
- [PATCH v10 03/27] ima: Return error code obtained from securityfs functions
Mimi Zohar
- [PATCH 4/4] module, KEYS: Make use of platform keyring for signature verification
Mimi Zohar
- [PATCH 4/4] module, KEYS: Make use of platform keyring for signature verification
Mimi Zohar
- [PATCH 4/4] module, KEYS: Make use of platform keyring for signature verification
Mimi Zohar
- [PATCH v10 05/27] ima: Define ima_namespace struct and start moving variables into it
Mimi Zohar
- [PATCH v10 07/27] ima: Move ima_htable into ima_namespace
Mimi Zohar
- [PATCH v10 06/27] ima: Move arch_policy_entry into ima_namespace
Mimi Zohar
- [PATCH v10 06/27] ima: Move arch_policy_entry into ima_namespace
Mimi Zohar
- [PATCH v10 09/27] ima: Move some IMA policy and filesystem related variables into ima_namespace
Mimi Zohar
- [PATCH v10 10/27] ima: Move IMA securityfs files into ima_namespace or onto stack
Mimi Zohar
- [PATCH v10 08/27] ima: Move measurement list related variables into ima_namespace
Mimi Zohar
- [PATCH v10 11/27] ima: Move ima_lsm_policy_notifier into ima_namespace
Mimi Zohar
- [PATCH v10 11/27] ima: Move ima_lsm_policy_notifier into ima_namespace
Mimi Zohar
- [PATCH v10 13/27] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
Mimi Zohar
- [PATCH v10 14/27] userns: Add pointer to ima_namespace to user_namespace
Mimi Zohar
- [PATCH v10 15/27] ima: Implement hierarchical processing of file accesses
Mimi Zohar
- [PATCH v10 16/27] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
Mimi Zohar
- [PATCH v10 17/27] ima: Add functions for creating and freeing of an ima_namespace
Mimi Zohar
- [PATCH v10 16/27] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
Mimi Zohar
- [PATCH v5] KEYS: encrypted: Instantiate key with user-provided decrypted data
Mimi Zohar
- [PATCH v10 0/8] Enroll kernel keys thru MOK
Mimi Zohar
- [PATCH v10 0/8] Enroll kernel keys thru MOK
Mimi Zohar
- [PATCH v10 0/8] Enroll kernel keys thru MOK
Mimi Zohar
- [PATCH v10 22/27] securityfs: Extend securityfs with namespacing support
Mimi Zohar
- [EXTERNAL] [PATCH] EVM: fix the evm= __setup handler return value
Mimi Zohar
- [PATCH v10 23/27] ima: Setup securityfs for IMA namespace
Mimi Zohar
- [PATCH v10 24/27] ima: Introduce securityfs file to activate an IMA namespace
Mimi Zohar
- [PATCH v10 25/27] ima: Show owning user namespace's uid and gid when displaying policy
Mimi Zohar
- [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
Mimi Zohar
- [PATCH v10 18/27] integrity/ima: Define ns_status for storing namespaced iint data
Mimi Zohar
- [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
Mimi Zohar
- [PATCH v10 24/27] ima: Introduce securityfs file to activate an IMA namespace
Mimi Zohar
- [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
Mimi Zohar
- [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Mimi Zohar
- [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Mimi Zohar
- [PATCH 2/2] integrity: double check iint_cache was initialized
Mimi Zohar
- [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Mimi Zohar
- [PATCH 2/2] integrity: double check iint_cache was initialized
Mimi Zohar
- [GIT PULL] SELinux fixes for v5.17 (#1)
pr-tracker-bot at kernel.org
- [GIT PULL] SELinux fixes for v5.17 (#2)
pr-tracker-bot at kernel.org
- [PATCH] apparmor: fix aa_label_asxprint return check
trix at redhat.com
- [PATCH v1 06/11] landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER
kernel test robot
- Very Very Urgent.
komi zongo
- 宇土センターホテル "6t8h6t97"
宇土センターホテル
Last message date:
Mon Feb 28 21:59:35 UTC 2022
Archived on: Mon Feb 28 21:45:32 UTC 2022
This archive was generated by
Pipermail 0.09 (Mailman edition).