April 2024 Archives by author
Starting: Mon Apr 1 03:21:25 UTC 2024
Ending: Tue Apr 30 23:30:47 UTC 2024
Messages: 404
- [PATCH v4 10/12] selftests: kselftest_harness: let PASS / FAIL provide diagnostic
Muhammad Usama Anjum
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Suren Baghdasaryan
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Suren Baghdasaryan
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Suren Baghdasaryan
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Suren Baghdasaryan
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Suren Baghdasaryan
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Suren Baghdasaryan
- [PATCH v2 1/1] mm: change inlined allocation helpers to account at the call site
Suren Baghdasaryan
- [PATCH v3 2/2] fs/xattr: add *at family syscalls
Arnd Bergmann
- [GIT PULL] security changes for v6.9-rc3
Eric W. Biederman
- [PATCH v16 16/20] fsverity: consume fsverity built-in signatures via LSM hook
Eric Biggers
- [PATCH v16 17/20] ipe: enable support for fs-verity as a trust provider
Eric Biggers
- [PATCH v17 16/21] fsverity: expose verified fsverity built-in signatures to LSMs
Eric Biggers
- [PATCH v17 17/21] ipe: enable support for fs-verity as a trust provider
Eric Biggers
- [PATCH v17 13/21] dm verity: consume root hash digest and expose signature data via LSM hook
Eric Biggers
- [PATCH v17 20/21] Documentation: add ipe documentation
Eric Biggers
- [PATCH v17 17/21] ipe: enable support for fs-verity as a trust provider
Eric Biggers
- [PATCH v17 20/21] Documentation: add ipe documentation
Eric Biggers
- [PATCH v3] security: Place security_path_post_mknod() where the original IMA call was
Christian Brauner
- (subset) [PATCH v14 01/12] fs: Return ENOTTY directly if FS_IOC_GETUUID or FS_IOC_GETFSSYSFSPATH fail
Christian Brauner
- [PATCH net] netlabel: fix RCU annotation for IPv4 options on socket creation
Davide Caratti
- [PATCH net v2] netlabel: fix RCU annotation for IPv4 options on socket creation
Davide Caratti
- [PATCH v2] netlabel: fix RCU annotation for IPv4 options on socket creation
Davide Caratti
- [PATCH v3 11/11] sysctl: treewide: constify the ctl_table argument of handlers
Heiko Carstens
- [PATCH v3 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers
Luis Chamberlain
- Hardcoded security module suggestion - stop the stacking insanity
Kees Cook
- Hardcoded security module suggestion - stop the stacking insanity
Kees Cook
- [PATCH 2/7] security: Remove the now superfluous sentinel element from ctl_table array
Kees Cook
- [PATCH v3 1/2] proc: restrict /proc/pid/mem access via param knobs
Kees Cook
- [PATCH v3 2/2] proc: add Kconfigs to restrict /proc/pid/mem access
Kees Cook
- [PATCH 0/7] sysctl: Remove sentinel elements from misc directories
Will Deacon
- [PATCH net] netlabel: fix RCU annotation for IPv4 options on socket creation
Eric Dumazet
- [PATCH v17 20/21] Documentation: add ipe documentation
Randy Dunlap
- [PATCH v4 01/14] lib: Add TLV parser
Randy Dunlap
- [PATCH v2] landlock: Add abstract unix socket connect restrictions
Tahera Fahimi
- [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys
Ahmad Fatoum
- general protection fault in security_inode_getattr
Amir Goldstein
- [PATCH v3 03/12] TSEM global declarations.
Dr. Greg
- Hardcoded security module suggestion - stop the stacking insanity
Dr. Greg
- [PATCH v3 04/12] Add primary TSEM implementation file.
Dr. Greg
- [PATCH v8 0/6] DCP as trusted keys backend
David Gstir
- [PATCH v8 1/6] crypto: mxs-dcp: Add support for hardware-bound keys
David Gstir
- [PATCH v8 2/6] KEYS: trusted: improve scalability of trust source config
David Gstir
- [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys
David Gstir
- [PATCH v8 4/6] MAINTAINERS: add entry for DCP-based trusted keys
David Gstir
- [PATCH v8 5/6] docs: document DCP-backed trusted keys kernel params
David Gstir
- [PATCH v8 6/6] docs: trusted-encrypted: add DCP as new trust source
David Gstir
- [EXT] [PATCH v8 6/6] docs: trusted-encrypted: add DCP as new trust source
David Gstir
- [EXT] [PATCH v8 6/6] docs: trusted-encrypted: add DCP as new trust source
David Gstir
- Subject: [PATCH] Add test for more file systems in landlock - ext4
Saasha Gupta
- [PATCH v3 2/2] fs/xattr: add *at family syscalls
Christian Göttsche
- [kpsingh:static_calls] [security] 9e15595ed0: Kernel_panic-not_syncing:lsm_static_call_init-Ran_out_of_static_slots
Tetsuo Handa
- [PATCH v2] tty: n_gsm: restrict tty devices to attach
Tetsuo Handa
- [PATCH v2] tty: n_gsm: restrict tty devices to attach
Tetsuo Handa
- [PATCH v2] tty: n_gsm: restrict tty devices to attach
Tetsuo Handa
- general protection fault in security_inode_getattr
Andrey Kalachev
- general protection fault in security_inode_getattr
Andrey Kalachev
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Jan Kara
- [PATCH v2 1/1] mm: change inlined allocation helpers to account at the call site
Jan Kara
- [PATCH v3 2/2] fs/xattr: add *at family syscalls
Jan Kara
- [PATCH v4 0/7] Handle faults in KUnit tests
Shuah Khan
- [PATCH v4 0/7] Handle faults in KUnit tests
Shuah Khan
- [PATCH v4 RESEND 0/7] Handle faults in KUnit tests
Shuah Khan
- [PATCH v3 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers
Jakub Kicinski
- [PATCH v2] tty: n_gsm: restrict tty devices to attach
Greg Kroah-Hartman
- [PATCH bpf-next v2 2/7] bpf, lsm: Add return value range description for lsm hook
Xu Kuohai
- [PATCH bpf-next v2 0/7] Add check for bpf lsm return value
Xu Kuohai
- [PATCH bpf-next v3 00/11] Add check for bpf lsm return value
Xu Kuohai
- [PATCH bpf-next v3 01/11] bpf, lsm: Annotate lsm hook return value range
Xu Kuohai
- [PATCH bpf-next v3 02/11] bpf, lsm: Add helper to read lsm hook return value range
Xu Kuohai
- [PATCH bpf-next v3 03/11] bpf, lsm: Check bpf lsm hook return values in verifier
Xu Kuohai
- [PATCH bpf-next v3 04/11] bpf, lsm: Add bpf lsm disabled hook list
Xu Kuohai
- [PATCH bpf-next v3 05/11] bpf: Avoid progs for different hooks calling each other with tail call
Xu Kuohai
- [PATCH bpf-next v3 06/11] bpf: Fix compare error in function retval_range_within
Xu Kuohai
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Xu Kuohai
- [PATCH bpf-next v3 08/11] selftests/bpf: Avoid load failure for token_lsm.c
Xu Kuohai
- [PATCH bpf-next v3 09/11] selftests/bpf: Add return value checks for failed tests
Xu Kuohai
- [PATCH bpf-next v3 10/11] selftests/bpf: Add test for lsm tail call
Xu Kuohai
- [PATCH bpf-next v3 11/11] selftests/bpf: Add verifier tests for bpf lsm
Xu Kuohai
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Xu Kuohai
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Xu Kuohai
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Xu Kuohai
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Xu Kuohai
- [PATCH bpf-next v3 06/11] bpf: Fix compare error in function retval_range_within
Xu Kuohai
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Xu Kuohai
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Xu Kuohai
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Xu Kuohai
- Subject: [PATCH] Add test for more file systems in landlock - ext4
Julia Lawall
- Subject: [PATCH] Add test for more file systems in landlock - ext4
Julia Lawall
- [PATCH 1/7] memory: Remove the now superfluous sentinel element from ctl_table array
Miaohe Lin
- [RFC PATCH v1 00/10] Socket type control for Landlock
Ivanov Mikhail
- [RFC PATCH v1 01/10] landlock: Support socket access-control
Ivanov Mikhail
- [RFC PATCH v1 02/10] landlock: Add hook on socket_create()
Ivanov Mikhail
- [RFC PATCH v1 03/10] selftests/landlock: Create 'create' test
Ivanov Mikhail
- [RFC PATCH v1 04/10] selftests/landlock: Create 'socket_access_rights' test
Ivanov Mikhail
- [RFC PATCH v1 05/10] selftests/landlock: Create 'rule_with_unknown_access' test
Ivanov Mikhail
- [RFC PATCH v1 06/10] selftests/landlock: Create 'rule_with_unhandled_access' test
Ivanov Mikhail
- [RFC PATCH v1 07/10] selftests/landlock: Create 'inval' test
Ivanov Mikhail
- [RFC PATCH v1 08/10] selftests/landlock: Create 'ruleset_overlap' test
Ivanov Mikhail
- [RFC PATCH v1 09/10] selftests/landlock: Create 'ruleset_with_unknown_access' test
Ivanov Mikhail
- [RFC PATCH v1 10/10] samples/landlock: Support socket protocol restrictions
Ivanov Mikhail
- [PATCH 0/2] Forbid illegitimate binding via listen(2)
Ivanov Mikhail
- [PATCH 1/2] landlock: Add hook on socket_listen()
Ivanov Mikhail
- [PATCH 2/2] selftests/landlock: Create 'listen_zero', 'deny_listen_zero' tests
Ivanov Mikhail
- [RFC PATCH v1 01/10] landlock: Support socket access-control
Ivanov Mikhail
- [RFC PATCH v1 03/10] selftests/landlock: Create 'create' test
Ivanov Mikhail
- [PATCH v16 11/20] block|security: add LSM blob to block_device
Paul Moore
- [PATCH v16 13/20] dm verity: consume root hash digest and signature data via LSM hook
Paul Moore
- [PATCH v16 14/20] ipe: add support for dm-verity as a trust provider
Paul Moore
- [PATCH v16 15/20] security: add security_inode_setintegrity() hook
Paul Moore
- [GIT PULL] security changes for v6.9-rc3
Paul Moore
- [GIT PULL] security changes for v6.9-rc3
Paul Moore
- [GIT PULL] security changes for v6.9-rc3
Paul Moore
- [GIT PULL] security changes for v6.9-rc3
Paul Moore
- [GIT PULL] selinux/selinux-pr-20240402
Paul Moore
- [PATCH v3] security: Place security_path_post_mknod() where the original IMA call was
Paul Moore
- [RESEND][PATCH v3] security: Place security_path_post_mknod() where the original IMA call was
Paul Moore
- [GIT PULL] security changes for v6.9-rc3
Paul Moore
- Hardcoded security module suggestion - stop the stacking insanity
Paul Moore
- Hardcoded security module suggestion - stop the stacking insanity
Paul Moore
- [PATCH v9 3/4] security: Replace indirect LSM hook calls with static calls
Paul Moore
- [PATCH v9 4/4] bpf: Only enable BPF LSM hooks when an LSM program is attached
Paul Moore
- [PATCH net] netlabel: fix RCU annotation for IPv4 options on socket creation
Paul Moore
- [PATCH net] netlabel: fix RCU annotation for IPv4 options on socket creation
Paul Moore
- [PATCH v9 3/4] security: Replace indirect LSM hook calls with static calls
Paul Moore
- [PATCH 2/7] security: Remove the now superfluous sentinel element from ctl_table array
Paul Moore
- [kpsingh:static_calls] [security] 9e15595ed0: Kernel_panic-not_syncing:lsm_static_call_init-Ran_out_of_static_slots
Paul Moore
- [PATCH 2/7] security: Remove the now superfluous sentinel element from ctl_table array
Paul Moore
- [PATCH 1/2] cipso: fix total option length computation
Paul Moore
- [PATCH 2/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options
Paul Moore
- [PATCH v2] netlabel: fix RCU annotation for IPv4 options on socket creation
Paul Moore
- [PATCH 1/2] cipso: fix total option length computation
Paul Moore
- [PATCH 2/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options
Paul Moore
- [PATCH v2] netlabel: fix RCU annotation for IPv4 options on socket creation
Paul Moore
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Andrew Morton
- [PATCH 0/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options
Ondrej Mosnacek
- [PATCH 1/2] cipso: fix total option length computation
Ondrej Mosnacek
- [PATCH 2/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options
Ondrej Mosnacek
- [PATCH 1/2] cipso: fix total option length computation
Ondrej Mosnacek
- [PATCH 2/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options
Ondrej Mosnacek
- [PATCH bpf-next v3 06/11] bpf: Fix compare error in function retval_range_within
Andrii Nakryiko
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Andrii Nakryiko
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Andrii Nakryiko
- [PATCH v13 01/10] landlock: Add IOCTL access right for character and block devices
Günther Noack
- [PATCH v13 01/10] landlock: Add IOCTL access right for character and block devices
Günther Noack
- [PATCH v13 01/10] landlock: Add IOCTL access right for character and block devices
Günther Noack
- [PATCH v14 00/12] Landlock: IOCTL support
Günther Noack
- [PATCH v14 01/12] fs: Return ENOTTY directly if FS_IOC_GETUUID or FS_IOC_GETFSSYSFSPATH fail
Günther Noack
- [PATCH v14 02/12] landlock: Add IOCTL access right for character and block devices
Günther Noack
- [PATCH v14 03/12] selftests/landlock: Test IOCTL support
Günther Noack
- [PATCH v14 04/12] selftests/landlock: Test IOCTL with memfds
Günther Noack
- [PATCH v14 05/12] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH)
Günther Noack
- [PATCH v14 06/12] selftests/landlock: Test IOCTLs on named pipes
Günther Noack
- [PATCH v14 07/12] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets
Günther Noack
- [PATCH v14 08/12] selftests/landlock: Exhaustive test for the IOCTL allow-list
Günther Noack
- [PATCH v14 09/12] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV
Günther Noack
- [PATCH v14 10/12] landlock: Document IOCTL support
Günther Noack
- [PATCH v14 11/12] MAINTAINERS: Notify Landlock maintainers about changes to fs/ioctl.c
Günther Noack
- [PATCH v14 12/12] fs/ioctl: Add a comment to keep the logic in sync with LSM policies
Günther Noack
- [PATCH v13 01/10] landlock: Add IOCTL access right for character and block devices
Günther Noack
- [RFC PATCH v1 03/10] selftests/landlock: Create 'create' test
Günther Noack
- [RFC PATCH v1 00/10] Socket type control for Landlock
Günther Noack
- [RFC PATCH v1 01/10] landlock: Support socket access-control
Günther Noack
- [RFC PATCH v1 01/10] landlock: Support socket access-control
Günther Noack
- [PATCH v14 02/12] landlock: Add IOCTL access right for character and block devices
Günther Noack
- [PATCH v14 03/12] selftests/landlock: Test IOCTL support
Günther Noack
- [PATCH v14 07/12] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets
Günther Noack
- [PATCH v14 08/12] selftests/landlock: Exhaustive test for the IOCTL allow-list
Günther Noack
- [PATCH v14 03/12] selftests/landlock: Test IOCTL support
Günther Noack
- [PATCH v14 08/12] selftests/landlock: Exhaustive test for the IOCTL allow-list
Günther Noack
- [PATCH v15 00/11] Landlock: IOCTL support
Günther Noack
- [PATCH v15 01/11] landlock: Add IOCTL access right for character and block devices
Günther Noack
- [PATCH v15 02/11] selftests/landlock: Test IOCTL support
Günther Noack
- [PATCH v15 03/11] selftests/landlock: Test IOCTL with memfds
Günther Noack
- [PATCH v15 04/11] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH)
Günther Noack
- [PATCH v15 05/11] selftests/landlock: Test IOCTLs on named pipes
Günther Noack
- [PATCH v15 06/11] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets
Günther Noack
- [PATCH v15 07/11] selftests/landlock: Exhaustive test for the IOCTL allow-list
Günther Noack
- [PATCH v15 08/11] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV
Günther Noack
- [PATCH v15 09/11] landlock: Document IOCTL support
Günther Noack
- [PATCH v15 10/11] MAINTAINERS: Notify Landlock maintainers about changes to fs/ioctl.c
Günther Noack
- [PATCH v15 11/11] fs/ioctl: Add a comment to keep the logic in sync with LSM policies
Günther Noack
- [PATCH] MAINTAINER: Add Günther Noack as Landlock reviewer
Günther Noack
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Kent Overstreet
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Kent Overstreet
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Kent Overstreet
- [PATCH v13 01/10] landlock: Add IOCTL access right for character and block devices
Kent Overstreet
- [PATCH v14 01/12] fs: Return ENOTTY directly if FS_IOC_GETUUID or FS_IOC_GETFSSYSFSPATH fail
Kent Overstreet
- [PATCH v3 1/2] proc: restrict /proc/pid/mem access via param knobs
Adrian Ratiu
- [PATCH v3 2/2] proc: add Kconfigs to restrict /proc/pid/mem access
Adrian Ratiu
- [PATCH v3 7/7] kunit: Add tests for fault
Guenter Roeck
- [PATCH v3 7/7] kunit: Add tests for fault
Guenter Roeck
- [PATCH v3 7/7] kunit: Add tests for fault
Guenter Roeck
- [PATCH v8 6/6] docs: trusted-encrypted: add DCP as new trust source
Jarkko Sakkinen
- [EXT] Re: [PATCH v8 6/6] docs: trusted-encrypted: add DCP as new trust source
Jarkko Sakkinen
- [PATCH v8 6/6] docs: trusted-encrypted: add DCP as new trust source
Jarkko Sakkinen
- [PATCH v4 00/14] security: digest_cache LSM
Jarkko Sakkinen
- [PATCH v4 01/14] lib: Add TLV parser
Jarkko Sakkinen
- [PATCH v4 02/14] security: Introduce the digest_cache LSM
Jarkko Sakkinen
- [PATCH v4 03/14] digest_cache: Add securityfs interface
Jarkko Sakkinen
- [PATCH v4 04/14] digest_cache: Add hash tables and operations
Jarkko Sakkinen
- [PATCH v4 09/14] digest_cache: Add support for directories
Jarkko Sakkinen
- [PATCH v4 10/14] digest cache: Prefetch digest lists if requested
Jarkko Sakkinen
- [PATCH v4 11/14] digest_cache: Reset digest cache on file/directory change
Jarkko Sakkinen
- [PATCH v4 13/14] selftests/digest_cache: Add selftests for digest_cache LSM
Jarkko Sakkinen
- [PATCH v4 01/14] lib: Add TLV parser
Jarkko Sakkinen
- [PATCH v4 02/14] security: Introduce the digest_cache LSM
Jarkko Sakkinen
- [PATCH v4 03/14] digest_cache: Add securityfs interface
Jarkko Sakkinen
- [PATCH v4 10/14] digest cache: Prefetch digest lists if requested
Jarkko Sakkinen
- [PATCH v4 00/14] security: digest_cache LSM
Jarkko Sakkinen
- [PATCH v2] landlock: Add abstract unix socket connect restrictions
Mickaël Salaün
- [PATCH v3] selftests/landlock: Add tests for io_uring openat access control with Landlock rules
Mickaël Salaün
- [PATCH v13 01/10] landlock: Add IOCTL access right for character and block devices
Mickaël Salaün
- [PATCH v2] landlock: Use kmem for landlock_object
Mickaël Salaün
- Subject: [PATCH] Add test for more file systems in landlock - ext4
Mickaël Salaün
- [PATCH v3] selftests/landlock: Add tests for io_uring openat access control with Landlock rules
Mickaël Salaün
- [PATCH v13 01/10] landlock: Add IOCTL access right for character and block devices
Mickaël Salaün
- [PATCH v13 01/10] landlock: Add IOCTL access right for character and block devices
Mickaël Salaün
- [PATCH v4 0/7] Handle faults in KUnit tests
Mickaël Salaün
- [PATCH v4 RESEND 0/7] Handle faults in KUnit tests
Mickaël Salaün
- [PATCH v4 RESEND 1/7] kunit: Handle thread creation error
Mickaël Salaün
- [PATCH v4 RESEND 2/7] kunit: Fix kthread reference
Mickaël Salaün
- [PATCH v4 RESEND 3/7] kunit: Fix timeout message
Mickaël Salaün
- [PATCH v4 RESEND 4/7] kunit: Handle test faults
Mickaël Salaün
- [PATCH v4 RESEND 5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests
Mickaël Salaün
- [PATCH v4 RESEND 6/7] kunit: Print last test location on fault
Mickaël Salaün
- [PATCH v4 RESEND 7/7] kunit: Add tests for fault
Mickaël Salaün
- (subset) [PATCH v14 01/12] fs: Return ENOTTY directly if FS_IOC_GETUUID or FS_IOC_GETFSSYSFSPATH fail
Mickaël Salaün
- [PATCH v14 02/12] landlock: Add IOCTL access right for character and block devices
Mickaël Salaün
- [PATCH v14 01/12] fs: Return ENOTTY directly if FS_IOC_GETUUID or FS_IOC_GETFSSYSFSPATH fail
Mickaël Salaün
- [PATCH v14 03/12] selftests/landlock: Test IOCTL support
Mickaël Salaün
- [PATCH v14 07/12] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets
Mickaël Salaün
- [PATCH v14 08/12] selftests/landlock: Exhaustive test for the IOCTL allow-list
Mickaël Salaün
- [RFC PATCH v1 01/10] landlock: Support socket access-control
Mickaël Salaün
- [RFC PATCH v1 01/10] landlock: Support socket access-control
Mickaël Salaün
- [PATCH v14 02/12] landlock: Add IOCTL access right for character and block devices
Mickaël Salaün
- [PATCH v14 03/12] selftests/landlock: Test IOCTL support
Mickaël Salaün
- [PATCH v14 08/12] selftests/landlock: Exhaustive test for the IOCTL allow-list
Mickaël Salaün
- [PATCH v3 7/7] kunit: Add tests for fault
Mickaël Salaün
- [PATCH] MAINTAINER: Add Günther Noack as Landlock reviewer
Mickaël Salaün
- [linus:master] [selftests/harness] 0710a1a73f: kernel-selftests.pidfd.pidfd_setns_test.fail
Mickaël Salaün
- WARNING in current_check_refer_path
Mickaël Salaün
- 回复:WARNING in current_check_refer_path
Mickaël Salaün
- [PATCH 1/2] landlock: Add hook on socket_listen()
Mickaël Salaün
- [PATCH 2/2] selftests/landlock: Create 'listen_zero', 'deny_listen_zero' tests
Mickaël Salaün
- [PATCH v2] landlock: Add abstract unix socket connect restrictions
Mickaël Salaün
- [PATCH 1/2] landlock: Add hook on socket_listen()
Mickaël Salaün
- [PATCH v4 00/14] security: digest_cache LSM
Bagas Sanjaya
- [PATCH v2] security: Handle dentries without inode in security_path_post_mknod()
Roberto Sassu
- [GIT PULL] security changes for v6.9-rc3
Roberto Sassu
- [GIT PULL] security changes for v6.9-rc3
Roberto Sassu
- [GIT PULL] security changes for v6.9-rc3
Roberto Sassu
- [PATCH v3] security: Place security_path_post_mknod() where the original IMA call was
Roberto Sassu
- [RESEND][PATCH v3] security: Place security_path_post_mknod() where the original IMA call was
Roberto Sassu
- [PATCH v4 00/14] security: digest_cache LSM
Roberto Sassu
- [PATCH v4 00/14] security: digest_cache LSM
Roberto Sassu
- [PATCH v4 01/14] lib: Add TLV parser
Roberto Sassu
- [PATCH v4 02/14] security: Introduce the digest_cache LSM
Roberto Sassu
- [PATCH v4 03/14] digest_cache: Add securityfs interface
Roberto Sassu
- [PATCH v4 04/14] digest_cache: Add hash tables and operations
Roberto Sassu
- [PATCH v4 05/14] digest_cache: Populate the digest cache from a digest list
Roberto Sassu
- [PATCH v4 06/14] digest_cache: Parse tlv digest lists
Roberto Sassu
- [PATCH v4 07/14] digest_cache: Parse rpm digest lists
Roberto Sassu
- [PATCH v4 08/14] digest_cache: Add management of verification data
Roberto Sassu
- [PATCH v4 09/14] digest_cache: Add support for directories
Roberto Sassu
- [PATCH v4 10/14] digest cache: Prefetch digest lists if requested
Roberto Sassu
- [PATCH v4 11/14] digest_cache: Reset digest cache on file/directory change
Roberto Sassu
- [PATCH v4 12/14] digest_cache: Notify digest cache events
Roberto Sassu
- [PATCH v4 13/14] selftests/digest_cache: Add selftests for digest_cache LSM
Roberto Sassu
- [PATCH v4 14/14] docs: Add documentation of the digest_cache LSM
Roberto Sassu
- [RFC][PATCH v2 0/9] ima: Integrate with digest_cache LSM
Roberto Sassu
- [RFC][PATCH v2 1/9] ima: Introduce hook DIGEST_LIST_CHECK
Roberto Sassu
- [RFC][PATCH v2 2/9] ima: Nest iint mutex for DIGEST_LIST_CHECK hook
Roberto Sassu
- [RFC][PATCH v2 3/9] ima: Add digest_cache policy keyword
Roberto Sassu
- [RFC][PATCH v2 4/9] ima: Add digest_cache_measure/appraise boot-time built-in policies
Roberto Sassu
- [RFC][PATCH v2 5/9] ima: Modify existing boot-time built-in policies with digest cache policies
Roberto Sassu
- [RFC][PATCH v2 6/9] ima: Store allowed usage in digest cache based on integrity metadata flags
Roberto Sassu
- [RFC][PATCH v2 7/9] ima: Use digest caches for measurement
Roberto Sassu
- [RFC][PATCH v2 8/9] ima: Use digest caches for appraisal
Roberto Sassu
- [RFC][PATCH v2 9/9] ima: Register to the digest_cache LSM notifier and process events
Roberto Sassu
- [PATCH v4 00/14] security: digest_cache LSM
Roberto Sassu
- [PATCH v4 02/14] security: Introduce the digest_cache LSM
Roberto Sassu
- [PATCH v4 03/14] digest_cache: Add securityfs interface
Roberto Sassu
- [PATCH v4 04/14] digest_cache: Add hash tables and operations
Roberto Sassu
- [PATCH v4 09/14] digest_cache: Add support for directories
Roberto Sassu
- [PATCH v4 10/14] digest cache: Prefetch digest lists if requested
Roberto Sassu
- [PATCH v4 11/14] digest_cache: Reset digest cache on file/directory change
Roberto Sassu
- [PATCH v4 13/14] selftests/digest_cache: Add selftests for digest_cache LSM
Roberto Sassu
- [PATCH v4 02/14] security: Introduce the digest_cache LSM
Roberto Sassu
- [PATCH v4 00/14] security: digest_cache LSM
Roberto Sassu
- [PATCH v3 03/12] TSEM global declarations.
Casey Schaufler
- [PATCH v3 04/12] Add primary TSEM implementation file.
Casey Schaufler
- Hardcoded security module suggestion - stop the stacking insanity
Casey Schaufler
- [PATCH net] netlabel: fix RCU annotation for IPv4 options on socket creation
Casey Schaufler
- [kpsingh:static_calls] [security] 9e15595ed0: Kernel_panic-not_syncing:lsm_static_call_init-Ran_out_of_static_slots
Casey Schaufler
- [PATCH v2] ima: Avoid blocking in RCU read-side critical section
Casey Schaufler
- [PATCH v4][next] integrity: Avoid -Wflex-array-member-not-at-end warnings
Gustavo A. R. Silva
- [PATCH v5][next] integrity: Avoid -Wflex-array-member-not-at-end warnings
Gustavo A. R. Silva
- [PATCH v5][next] integrity: Avoid -Wflex-array-member-not-at-end warnings
Gustavo A. R. Silva
- [PATCH bpf-next v2 2/7] bpf, lsm: Add return value range description for lsm hook
KP Singh
- [PATCH bpf-next v2 0/7] Add check for bpf lsm return value
KP Singh
- [PATCH bpf-next v2 2/7] bpf, lsm: Add return value range description for lsm hook
KP Singh
- [PATCH v9 3/4] security: Replace indirect LSM hook calls with static calls
KP Singh
- [kpsingh:static_calls] [security] 9e15595ed0: Kernel_panic-not_syncing:lsm_static_call_init-Ran_out_of_static_slots
KP Singh
- [kpsingh:static_calls] [security] 9e15595ed0: Kernel_panic-not_syncing:lsm_static_call_init-Ran_out_of_static_slots
KP Singh
- [kpsingh:static_calls] [security] 9e15595ed0: Kernel_panic-not_syncing:lsm_static_call_init-Ran_out_of_static_slots
KP Singh
- [kpsingh:static_calls] [security] 9e15595ed0: Kernel_panic-not_syncing:lsm_static_call_init-Ran_out_of_static_slots
KP Singh
- 回复:WARNING in current_check_refer_path
Ubisectech Sirius
- [PATCH RFC 1/8] certs: Introduce ability to link to a system key
Eric Snowberg
- [PATCH 1/7] memory: Remove the now superfluous sentinel element from ctl_table array
Muchun Song
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Yonghong Song
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Yonghong Song
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Yonghong Song
- No subject
Dorine Tipo
- [PATCH v4] Add test for io_uring openat access control with Landlock rules
Dorine Tipo
- [PATCH] landlock: Use kmem for object, rule, and hierarchy structures
Ayush Tiwari
- [GIT PULL] security changes for v6.9-rc3
Linus Torvalds
- [GIT PULL] security changes for v6.9-rc3
Linus Torvalds
- [GIT PULL] security changes for v6.9-rc3
Linus Torvalds
- [RESEND][PATCH v3] security: Place security_path_post_mknod() where the original IMA call was
Linus Torvalds
- Hardcoded security module suggestion - stop the stacking insanity
Linus Torvalds
- Hardcoded security module suggestion - stop the stacking insanity
Linus Torvalds
- [PATCH v2] tty: n_gsm: restrict tty devices to attach
Linus Torvalds
- [PATCH v2] tty: n_gsm: restrict tty devices to attach
Linus Torvalds
- [PATCH v2] tty: n_gsm: restrict tty devices to attach
Linus Torvalds
- [PATCH v2] tty: n_gsm: restrict tty devices to attach
Linus Torvalds
- [PATCH v2] tty: n_gsm: restrict tty devices to attach
Linus Torvalds
- [PATCH v2] tty: n_gsm: restrict tty devices to attach
Linus Torvalds
- [EXT] Re: [PATCH v8 6/6] docs: trusted-encrypted: add DCP as new trust source
Kshitiz Varshney
- [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys
Kshitiz Varshney
- [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys
Kshitiz Varshney
- [EXT] [PATCH v8 6/6] docs: trusted-encrypted: add DCP as new trust source
Kshitiz Varshney
- [GIT PULL] security changes for v6.9-rc3
Al Viro
- [GIT PULL] security changes for v6.9-rc3
Al Viro
- [RESEND][PATCH v3] security: Place security_path_post_mknod() where the original IMA call was
Al Viro
- [PATCH v3 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers
Thomas Weißschuh
- [PATCH v3 01/11] stackleak: don't modify ctl_table argument
Thomas Weißschuh
- [PATCH v3 02/11] cgroup: bpf: constify ctl_table arguments and fields
Thomas Weißschuh
- [PATCH v3 03/11] hugetlb: constify ctl_table arguments of utility functions
Thomas Weißschuh
- [PATCH v3 04/11] utsname: constify ctl_table arguments of utility function
Thomas Weißschuh
- [PATCH v3 05/11] neighbour: constify ctl_table arguments of utility function
Thomas Weißschuh
- [PATCH v3 06/11] ipv4/sysctl: constify ctl_table arguments of utility functions
Thomas Weißschuh
- [PATCH v3 07/11] ipv6/addrconf: constify ctl_table arguments of utility functions
Thomas Weißschuh
- [PATCH v3 08/11] ipv6/ndisc: constify ctl_table arguments of utility function
Thomas Weißschuh
- [PATCH v3 09/11] ipvs: constify ctl_table arguments of utility functions
Thomas Weißschuh
- [PATCH v3 10/11] sysctl: constify ctl_table arguments of utility function
Thomas Weißschuh
- [PATCH v3 11/11] sysctl: treewide: constify the ctl_table argument of handlers
Thomas Weißschuh
- [PATCH v3 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers
Thomas Weißschuh
- [PATCH v3 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers
Thomas Weißschuh
- [PATCH v3 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers
Thomas Weißschuh
- [PATCH v3 00/12] Implement Trusted Security Event Modeling.
Greg Wettstein
- [PATCH v3 01/12] Update MAINTAINERS file.
Greg Wettstein
- [PATCH v3 03/12] TSEM global declarations.
Greg Wettstein
- [PATCH v3 04/12] Add primary TSEM implementation file.
Greg Wettstein
- [PATCH v3 05/12] Add root domain trust implementation.
Greg Wettstein
- [PATCH v3 06/12] Implement TSEM control plane.
Greg Wettstein
- [PATCH v3 07/12] Add namespace implementation.
Greg Wettstein
- [PATCH v3 08/12] Add security event description export facility.
Greg Wettstein
- [PATCH v3 09/12] Add event processing implementation.
Greg Wettstein
- [PATCH v3 10/12] Implement security event mapping.
Greg Wettstein
- [PATCH v3 11/12] Implement the internal Trusted Modeling Agent.
Greg Wettstein
- [PATCH v3 12/12] Activate the configuration and build of the TSEM LSM.
Greg Wettstein
- [PATCH v3 02/12] Add TSEM specific documentation.
Greg Wettstein
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Matthew Wilcox
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Matthew Wilcox
- [PATCH 1/1] mm: change inlined allocation helpers to account at the call site
Matthew Wilcox
- [PATCH v17 00/21] Integrity Policy Enforcement LSM (IPE)
Fan Wu
- [PATCH v17 01/21] security: add ipe lsm
Fan Wu
- [PATCH v17 02/21] ipe: add policy parser
Fan Wu
- [PATCH v17 03/21] ipe: add evaluation loop
Fan Wu
- [PATCH v17 04/21] ipe: add LSM hooks on execution and kernel read
Fan Wu
- [PATCH v17 05/21] initramfs|security: Add a security hook to do_populate_rootfs()
Fan Wu
- [PATCH v17 06/21] ipe: introduce 'boot_verified' as a trust provider
Fan Wu
- [PATCH v17 07/21] security: add new securityfs delete function
Fan Wu
- [PATCH v17 08/21] ipe: add userspace interface
Fan Wu
- [PATCH v17 09/21] uapi|audit|ipe: add ipe auditing support
Fan Wu
- [PATCH v17 10/21] ipe: add permissive toggle
Fan Wu
- [PATCH v17 11/21] block, lsm: add LSM blob and new LSM hooks for block device
Fan Wu
- [PATCH v17 12/21] dm: add finalize hook to target_type
Fan Wu
- [PATCH v17 13/21] dm verity: consume root hash digest and expose signature data via LSM hook
Fan Wu
- [PATCH v17 14/21] ipe: add support for dm-verity as a trust provider
Fan Wu
- [PATCH v17 15/21] security: add security_inode_setintegrity() hook
Fan Wu
- [PATCH v17 16/21] fsverity: expose verified fsverity built-in signatures to LSMs
Fan Wu
- [PATCH v17 17/21] ipe: enable support for fs-verity as a trust provider
Fan Wu
- [PATCH v17 18/21] scripts: add boot policy generation program
Fan Wu
- [PATCH v17 19/21] ipe: kunit test for parser
Fan Wu
- [PATCH v17 20/21] Documentation: add ipe documentation
Fan Wu
- [PATCH v17 21/21] MAINTAINERS: ipe: add ipe maintainer information
Fan Wu
- [PATCH v17 13/21] dm verity: consume root hash digest and expose signature data via LSM hook
Fan Wu
- [PATCH 3/7] crypto: Remove the now superfluous sentinel element from ctl_table array
Herbert Xu
- [PATCH v8 6/6] docs: trusted-encrypted: add DCP as new trust source
Herbert Xu
- [PATCH bpf-next v3 06/11] bpf: Fix compare error in function retval_range_within
Shung-Hsi Yu
- [PATCH bpf-next v3 03/11] bpf, lsm: Check bpf lsm hook return values in verifier
Eduard Zingerman
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Eduard Zingerman
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Eduard Zingerman
- [PATCH bpf-next v3 07/11] bpf: Fix a false rejection caused by AND operation
Eduard Zingerman
- [RESEND][PATCH v3] security: Place security_path_post_mknod() where the original IMA call was
Mimi Zohar
- [PATCH v5][next] integrity: Avoid -Wflex-array-member-not-at-end warnings
Mimi Zohar
- [PATCH v5][next] integrity: Avoid -Wflex-array-member-not-at-end warnings
Mimi Zohar
- [PATCH RFC 1/8] certs: Introduce ability to link to a system key
Mimi Zohar
- [PATCH v5][next] integrity: Avoid -Wflex-array-member-not-at-end warnings
Mimi Zohar
- [PATCH v3 00/10] evm: Support signatures on stacked filesystem
Mimi Zohar
- [GIT PULL] selinux/selinux-pr-20240402
pr-tracker-bot at kernel.org
- [kpsingh:static_calls] [security] 9e15595ed0: Kernel_panic-not_syncing:lsm_static_call_init-Ran_out_of_static_slots
kernel test robot
Last message date:
Tue Apr 30 23:30:47 UTC 2024
Archived on: Tue Dec 17 21:00:50 UTC 2024
This archive was generated by
Pipermail 0.09 (Mailman edition).