January 2024 Archives by date
Starting: Tue Jan 2 02:19:47 UTC 2024
Ending: Wed Jan 31 23:46:15 UTC 2024
Messages: 476
- [PATCH] kernel: Introduce a write lock/unlock wrapper for tasklist_lock
Aiqun Yu (Maria)
- [PATCH] kernel: Introduce a write lock/unlock wrapper for tasklist_lock
Matthew Wilcox
- [PATCH v8 23/24] ima: Make it independent from 'integrity' LSM
Roberto Sassu
- [PATCH v8 21/24] evm: Move to LSM infrastructure
Roberto Sassu
- [PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
Eric Snowberg
- [PATCH v8 21/24] evm: Move to LSM infrastructure
Mimi Zohar
- [PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
Mimi Zohar
- Apparmor move_mount mediation breaks mount tool in containers
John Johansen
- [PATCH] kernel: Introduce a write lock/unlock wrapper for tasklist_lock
Aiqun Yu (Maria)
- [PATCH] kernel: Introduce a write lock/unlock wrapper for tasklist_lock
kernel test robot
- [PATCH v2 2/3] arch/x86: Add <asm/ima-efi.h> for arch_ima_efi_boot_mode
Ard Biesheuvel
- [PATCH] kernel: Introduce a write lock/unlock wrapper for tasklist_lock
Jarkko Sakkinen
- [PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
Jarkko Sakkinen
- [PATCH v3] selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket
Mickaël Salaün
- [PATCH] kernel: Introduce a write lock/unlock wrapper for tasklist_lock
Matthew Wilcox
- [GIT PULL] apparmor: Final fix for v6.7-rc8
John Johansen
- [GIT PULL] apparmor: Final fix for v6.7-rc8
pr-tracker-bot at kernel.org
- [PATCH bpf-next 00/29] BPF token
Andrii Nakryiko
- [PATCH bpf-next 01/29] bpf: align CAP_NET_ADMIN checks with bpf_capable() approach
Andrii Nakryiko
- [PATCH bpf-next 02/29] bpf: add BPF token delegation mount options to BPF FS
Andrii Nakryiko
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Andrii Nakryiko
- [PATCH bpf-next 04/29] bpf: add BPF token support to BPF_MAP_CREATE command
Andrii Nakryiko
- [PATCH bpf-next 05/29] bpf: add BPF token support to BPF_BTF_LOAD command
Andrii Nakryiko
- [PATCH bpf-next 06/29] bpf: add BPF token support to BPF_PROG_LOAD command
Andrii Nakryiko
- [PATCH bpf-next 07/29] bpf: take into account BPF token when fetching helper protos
Andrii Nakryiko
- [PATCH bpf-next 08/29] bpf: consistently use BPF token throughout BPF verifier logic
Andrii Nakryiko
- [PATCH bpf-next 09/29] bpf, lsm: refactor bpf_prog_alloc/bpf_prog_free LSM hooks
Andrii Nakryiko
- [PATCH bpf-next 10/29] bpf, lsm: refactor bpf_map_alloc/bpf_map_free LSM hooks
Andrii Nakryiko
- [PATCH bpf-next 11/29] bpf,lsm: add BPF token LSM hooks
Andrii Nakryiko
- [PATCH bpf-next 12/29] libbpf: add bpf_token_create() API
Andrii Nakryiko
- [PATCH bpf-next 13/29] libbpf: add BPF token support to bpf_map_create() API
Andrii Nakryiko
- [PATCH bpf-next 14/29] libbpf: add BPF token support to bpf_btf_load() API
Andrii Nakryiko
- [PATCH bpf-next 15/29] libbpf: add BPF token support to bpf_prog_load() API
Andrii Nakryiko
- [PATCH bpf-next 16/29] selftests/bpf: add BPF token-enabled tests
Andrii Nakryiko
- [PATCH bpf-next 17/29] bpf, selinux: allocate bpf_security_struct per BPF token
Andrii Nakryiko
- [PATCH bpf-next 18/29] bpf: fail BPF_TOKEN_CREATE if no delegation option was set on BPF FS
Andrii Nakryiko
- [PATCH bpf-next 19/29] bpf: support symbolic BPF FS delegation mount options
Andrii Nakryiko
- [PATCH bpf-next 20/29] selftests/bpf: utilize string values for delegate_xxx mount options
Andrii Nakryiko
- [PATCH bpf-next 21/29] libbpf: split feature detectors definitions from cached results
Andrii Nakryiko
- [PATCH bpf-next 22/29] libbpf: further decouple feature checking logic from bpf_object
Andrii Nakryiko
- [PATCH bpf-next 23/29] libbpf: move feature detection code into its own file
Andrii Nakryiko
- [PATCH bpf-next 24/29] libbpf: wire up token_fd into feature probing logic
Andrii Nakryiko
- [PATCH bpf-next 25/29] libbpf: wire up BPF token support at BPF object level
Andrii Nakryiko
- [PATCH bpf-next 26/29] selftests/bpf: add BPF object loading tests with explicit token passing
Andrii Nakryiko
- [PATCH bpf-next 27/29] selftests/bpf: add tests for BPF object load with implicit token
Andrii Nakryiko
- [PATCH bpf-next 28/29] libbpf: support BPF token path setting through LIBBPF_BPF_TOKEN_PATH envvar
Andrii Nakryiko
- [PATCH bpf-next 29/29] selftests/bpf: add tests for LIBBPF_BPF_TOKEN_PATH envvar
Andrii Nakryiko
- [PATCH bpf-next 00/29] BPF token
Jakub Kicinski
- [PATCH] kernel: Introduce a write lock/unlock wrapper for tasklist_lock
Aiqun Yu (Maria)
- [PATCH 2/13] Add TSEM specific documentation.
Paul Moore
- [PATCH] apparmor: avoid crash when parsed profile name is empty
John Johansen
- [PATCH] apparmor: fix possible memory leak in unpack_trans_table
John Johansen
- [PATCH] apparmor: make stack_msg static
John Johansen
- [PATCH v3 0/4] arch/x86: Remove unnecessary dependencies on bootparam.h
Thomas Zimmermann
- [PATCH v3 1/4] arch/x86: Move UAPI setup structures into setup_data.h
Thomas Zimmermann
- [PATCH v3 2/4] arch/x86: Move internal setup_data structures into setup_data.h
Thomas Zimmermann
- [PATCH v3 3/4] arch/x86: Implement arch_ima_efi_boot_mode() in source file
Thomas Zimmermann
- [PATCH v3 4/4] arch/x86: Do not include <asm/bootparam.h> in several files
Thomas Zimmermann
- [PATCH v5 4/4] vduse: Add LSM hook to check Virtio device type
Maxime Coquelin
- [PATCH v3] selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket
Muhammad Usama Anjum
- [PATCH 02/13] Add TSEM specific documentation.
Paul Moore
- [PATCH v3 4/4] arch/x86: Do not include <asm/bootparam.h> in several files
Ard Biesheuvel
- [PATCH bpf-next 13/29] libbpf: add BPF token support to bpf_map_create() API
Linus Torvalds
- [PATCH bpf-next 13/29] libbpf: add BPF token support to bpf_map_create() API
Andrii Nakryiko
- [PATCH v3] selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket
Paul Moore
- [PATCH] apparmor: Fix memory leak in unpack_profile()
Gaosheng Cui
- [PATCH 2/13] Add TSEM specific documentation.
Dr. Greg
- [PATCH 02/13] Add TSEM specific documentation.
Dr. Greg
- [PATCH v8 3/9] landlock: Optimize the number of calls to get_access_mask slightly
Mickaël Salaün
- help for concepts about key management of the Linux kernel security
cauc.peter
- help for concepts about key management of the Linux kernel security
cauc.peter
- [PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
Coiby Xu
- [PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
Coiby Xu
- [PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
Coiby Xu
- [PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
Mimi Zohar
- [PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
Jarkko Sakkinen
- [RFC PATCH v1 3/7] landlock: Log ruleset creation and release
Mickaël Salaün
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Linus Torvalds
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Matthew Wilcox
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Linus Torvalds
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Linus Torvalds
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Andrii Nakryiko
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Andrii Nakryiko
- [RFC PATCH v1 3/7] landlock: Log ruleset creation and release
Paul Moore
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Andrii Nakryiko
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Alexei Starovoitov
- [GIT PULL] selinux/selinux-pr-20240105
Paul Moore
- [GIT PULL] lsm/lsm-pr-20240105
Paul Moore
- [RFC V2] IMA Log Snapshotting Design Proposal
Paul Moore
- [RFC V2] IMA Log Snapshotting Design Proposal
Paul Moore
- [RFC V2] IMA Log Snapshotting Design Proposal
Mimi Zohar
- [RFC V2] IMA Log Snapshotting Design Proposal
Paul Moore
- [PATCH v4 0/4] arch/x86: Remove unnecessary dependencies on bootparam.h
Thomas Zimmermann
- [PATCH v4 1/4] arch/x86: Move UAPI setup structures into setup_data.h
Thomas Zimmermann
- [PATCH v4 2/4] arch/x86: Move internal setup_data structures into setup_data.h
Thomas Zimmermann
- [PATCH v4 3/4] arch/x86: Implement arch_ima_efi_boot_mode() in source file
Thomas Zimmermann
- [PATCH v4 4/4] arch/x86: Do not include <asm/bootparam.h> in several files
Thomas Zimmermann
- [GIT PULL] Landlock updates for v6.8
Mickaël Salaün
- [PATCH 2/13] Add TSEM specific documentation.
Dr. Greg
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Christian Brauner
- [RFC V2] IMA Log Snapshotting Design Proposal
Mimi Zohar
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Christian Brauner
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Christian Brauner
- [RFC PATCH v3 3/3] devguard: added device guard for mknod in non-initial userns
Michael Weiß
- [RFC PATCH v3 3/3] devguard: added device guard for mknod in non-initial userns
Paul Moore
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Paul Moore
- [RFC V2] IMA Log Snapshotting Design Proposal
Paul Moore
- Post Compile-Time RandStruct
Kees Cook
- [PATCH v4 4/4] arch/x86: Do not include <asm/bootparam.h> in several files
kernel test robot
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Andrii Nakryiko
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Andrii Nakryiko
- [PATCH v2] integrity: eliminate unnecessary "Problem loading X.509 certificate" msg
Coiby Xu
- [PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
Coiby Xu
- [PATCH v4 2/4] arch/x86: Move internal setup_data structures into setup_data.h
kernel test robot
- [PATCH v4 4/4] arch/x86: Do not include <asm/bootparam.h> in several files
kernel test robot
- [PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
Coiby Xu
- [PATCH] apparmor: Fix memory leak in unpack_profile()
John Johansen
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Christian Brauner
- [PATCH v4 2/4] arch/x86: Move internal setup_data structures into setup_data.h
Nathan Chancellor
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Andrii Nakryiko
- [GIT PULL] lsm/lsm-pr-20240105
Linus Torvalds
- [GIT PULL] selinux/selinux-pr-20240105
pr-tracker-bot at kernel.org
- [GIT PULL] lsm/lsm-pr-20240105
pr-tracker-bot at kernel.org
- [GIT PULL] Landlock updates for v6.8
pr-tracker-bot at kernel.org
- [PATCH 0/3] Update LLVM Phabricator and Bugzilla links
Nathan Chancellor
- [PATCH 1/3] selftests/bpf: Update LLVM Phabricator links
Nathan Chancellor
- [PATCH 2/3] arch and include: Update LLVM Phabricator links
Nathan Chancellor
- [PATCH 3/3] treewide: Update LLVM Bugzilla links
Nathan Chancellor
- [PATCH v5 bpf-next 0/5] mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf
Yafang Shao
- [PATCH] selftests/move_mount_set_group:Make tests build with old libc
Hu Yadi
- [PATCH] selftests/landlock:Fix two build issues
Hu Yadi
- [PATCH v2] selftests/move_mount_set_group:Make tests build with old libc
Hu Yadi
- [RFC 0/9] Nginx refcount scalability issue with Apparmor enabled and potential solutions
Neeraj Upadhyay
- [RFC 1/9] doc: Add document for apparmor refcount management
Neeraj Upadhyay
- [RFC 2/9] apparmor: Switch labels to percpu refcount in atomic mode
Neeraj Upadhyay
- [RFC 3/9] apparmor: Switch unconfined namespaces refcount to percpu mode
Neeraj Upadhyay
- [RFC 4/9] apparmor: Add infrastructure to reclaim percpu labels
Neeraj Upadhyay
- [RFC 5/9] apparmor: Switch intree labels to percpu mode
Neeraj Upadhyay
- [RFC 6/9] apparmor: Initial prototype for optimizing ref switch
Neeraj Upadhyay
- [RFC 7/9] percpu-rcuref: Add basic infrastructure
Neeraj Upadhyay
- [RFC 8/9] apparmor: Switch labels to percpu rcurefcount in unmanaged mode
Neeraj Upadhyay
- [RFC 9/9] apparmor: Switch unconfined and in tree labels to managed ref mode
Neeraj Upadhyay
- [PATCH v5 bpf-next 0/5] mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf
Paul Moore
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Christian Brauner
- [PATCH] kernel: capability: Remove unnecessary ‘0’ values from ret
Serge E. Hallyn
- [PATCH v5 bpf-next 0/5] mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf
Yafang Shao
- [PATCH v5 bpf-next 0/5] mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf
Paul Moore
- [PATCH] selftests/landlock:Fix two build issues
Mickaël Salaün
- [PATCH v2] selftests/move_mount_set_group:Make tests build with old libc
Mickaël Salaün
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Paul Moore
- [GIT PULL] lsm/lsm-pr-20240105
Paul Moore
- [GIT PULL] lsm/lsm-pr-20240105
Linus Torvalds
- [GIT PULL] lsm/lsm-pr-20240105
Paul Moore
- [GIT PULL] lsm/lsm-pr-20240105
Casey Schaufler
- [PATCH v4 5/6] add listmount(2) syscall
Guenter Roeck
- [PATCH v4 5/6] add listmount(2) syscall
Linus Torvalds
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Andrii Nakryiko
- [PATCH 0/3] Update LLVM Phabricator and Bugzilla links
Kees Cook
- 回复: [PATCH v2] selftests/move_mount_set_group:Make tests build with old libc
Huyadi
- 回复: [PATCH] selftests/landlock:Fix two build issues
Huyadi
- [PATCH v3] selftests/move_mount_set_group:Fix build issue with old libc
Hu Yadi
- [PATCH] selftests/core: Fix build issue with CLOSE_RANGE_UNSHARE
Hu Yadi
- [PATCH v2] selftests/landlock:Fix two build issues
Hu Yadi
- [PATCH 1/3] selftests/bpf: Update LLVM Phabricator links
Yonghong Song
- [PATCH v4 5/6] add listmount(2) syscall
Guenter Roeck
- [syzbot] [hfs] general protection fault in tomoyo_check_acl (3)
syzbot
- [syzbot] [hfs] general protection fault in tomoyo_check_acl (3)
Jan Kara
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Christian Brauner
- 回复: [PATCH v2] selftests/move_mount_set_group:Make tests build with old libc
Mickaël Salaün
- [PATCH v4] selftests/move_mount_set_group:Make tests build with old libc
Hu Yadi
- [PATCH v4] selftests/move_mount_set_group:Make tests build with old libc
Mickaël Salaün
- 回复: [PATCH] selftests/landlock:Fix two build issues
Mickaël Salaün
- [PATCH v14 10/12] selftests/landlock: Add network tests
Mickaël Salaün
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Andrii Nakryiko
- [PATCH v4 5/6] add listmount(2) syscall
Guenter Roeck
- [PATCH 1/3] selftests/bpf: Update LLVM Phabricator links
Nathan Chancellor
- [PATCH 1/3] selftests/bpf: Update LLVM Phabricator links
Alexei Starovoitov
- [PATCH v4 5/6] add listmount(2) syscall
Linus Torvalds
- [PATCH 1/3] selftests/bpf: Update LLVM Phabricator links
Nathan Chancellor
- [PATCH 0/3] Update LLVM Phabricator and Bugzilla links
Fangrui Song
- [PATCH v4 2/4] arch/x86: Move internal setup_data structures into setup_data.h
Nathan Chancellor
- [PATCH v4 5/6] add listmount(2) syscall
Arnd Bergmann
- [PATCH v4 5/6] add listmount(2) syscall
Guenter Roeck
- [PATCH v4 5/6] add listmount(2) syscall
Linus Torvalds
- 回复: 回复: [PATCH] selftests/landlock:Fix two build issues
Huyadi
- [PATCH v4 5/6] add listmount(2) syscall
Guenter Roeck
- 回复: [PATCH] selftests/core: Fix build issue with CLOSE_RANGE_UNSHARE
Huyadi
- [PATCH v3] selftests/landlock:Fix two build issues
Hu Yadi
- [PATCH] selftests/filesystems:fix build error in overlayfs
Hu Yadi
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Christian Brauner
- [PATCH v3 5/5] ramfs: Initialize security of in-memory inodes
Roberto Sassu
- [PATCH v4 5/6] add listmount(2) syscall
Christian Brauner
- [PATCH v5 0/4] arch/x86: Remove unnecessary dependencies on bootparam.h
Thomas Zimmermann
- [PATCH v5 1/4] arch/x86: Move UAPI setup structures into setup_data.h
Thomas Zimmermann
- [PATCH v5 2/4] arch/x86: Move internal setup_data structures into setup_data.h
Thomas Zimmermann
- [PATCH v5 3/4] arch/x86: Implement arch_ima_efi_boot_mode() in source file
Thomas Zimmermann
- [PATCH v5 4/4] arch/x86: Do not include <asm/bootparam.h> in several files
Thomas Zimmermann
- [PATCH v3] selftests/landlock:Fix two build issues
Mickaël Salaün
- [PATCH v8 9/9] landlock: Document IOCTL support
Günther Noack
- [PATCH 0/3] Update LLVM Phabricator and Bugzilla links
Alex Deucher
- [PATCH v5 0/4] arch/x86: Remove unnecessary dependencies on bootparam.h
Ard Biesheuvel
- [PATCH v8 5/9] selftests/landlock: Test IOCTL support
Günther Noack
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Andrii Nakryiko
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Christian Brauner
- [PATCH 0/2] apparmor: fix namespace check in serialized stream headers from the same policy load
Fedor Pchelkin
- [PATCH 1/2] apparmor: rename the data start flag inside verify_header
Fedor Pchelkin
- [PATCH 2/2] apparmor: fix namespace check in serialized stream headers from the same policy load
Fedor Pchelkin
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Andrii Nakryiko
- [PATCH v3 03/57] locking: Introduce __cleanup() based infrastructure
Dmitry Torokhov
- [PATCH v3] selftests/landlock:Fix two build issues
kernel test robot
- [PATCH] apparmor: lsm: fix kernel-doc typo
Randy Dunlap
- [PATCH v4] selftests/landlock:Fix two build issues
Hu Yadi
- 回复: [PATCH v3] selftests/landlock:Fix two build issues
Huyadi
- [PATCH v5 0/4] arch/x86: Remove unnecessary dependencies on bootparam.h
Ard Biesheuvel
- [PATCH v5 0/4] arch/x86: Remove unnecessary dependencies on bootparam.h
Borislav Petkov
- [PATCH v8 5/9] selftests/landlock: Test IOCTL support
Günther Noack
- [PATCH] selftests/filesystems:fix build error in overlayfs
Günther Noack
- [PATCH v9 00/25] security: Move IMA and EVM to the LSM infrastructure
Roberto Sassu
- [PATCH v9 01/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure
Roberto Sassu
- [PATCH v9 02/25] ima: Align ima_file_mprotect() definition with LSM infrastructure
Roberto Sassu
- [PATCH v9 03/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure
Roberto Sassu
- [PATCH v9 04/25] ima: Align ima_inode_removexattr() definition with LSM infrastructure
Roberto Sassu
- [PATCH v9 05/25] ima: Align ima_post_read_file() definition with LSM infrastructure
Roberto Sassu
- [PATCH v9 06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure
Roberto Sassu
- [PATCH v9 07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure
Roberto Sassu
- [PATCH v9 08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure
Roberto Sassu
- [PATCH v9 09/25] security: Align inode_setattr hook definition with EVM
Roberto Sassu
- [PATCH v9 10/25] security: Introduce inode_post_setattr hook
Roberto Sassu
- [PATCH v9 11/25] security: Introduce inode_post_removexattr hook
Roberto Sassu
- [PATCH v9 12/25] security: Introduce file_post_open hook
Roberto Sassu
- [PATCH v9 13/25] security: Introduce file_release hook
Roberto Sassu
- [PATCH v9 14/25] security: Introduce path_post_mknod hook
Roberto Sassu
- [PATCH v9 15/25] security: Introduce inode_post_create_tmpfile hook
Roberto Sassu
- [PATCH v9 16/25] security: Introduce inode_post_set_acl hook
Roberto Sassu
- [PATCH v9 17/25] security: Introduce inode_post_remove_acl hook
Roberto Sassu
- [PATCH v9 18/25] security: Introduce key_post_create_or_update hook
Roberto Sassu
- [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA
Roberto Sassu
- [PATCH v9 20/25] ima: Move to LSM infrastructure
Roberto Sassu
- [PATCH v9 21/25] ima: Move IMA-Appraisal to LSM infrastructure
Roberto Sassu
- [PATCH v9 22/25] evm: Move to LSM infrastructure
Roberto Sassu
- [PATCH v9 23/25] evm: Make it independent from 'integrity' LSM
Roberto Sassu
- [PATCH v9 24/25] ima: Make it independent from 'integrity' LSM
Roberto Sassu
- [PATCH v9 25/25] integrity: Remove LSM
Roberto Sassu
- [PATCH v9 13/25] security: Introduce file_release hook
Al Viro
- 回复: [PATCH] selftests/filesystems:fix build error in overlayfs
Huyadi
- [PATCH v3 5/5] ramfs: Initialize security of in-memory inodes
Roberto Sassu
- [PATCH v9 13/25] security: Introduce file_release hook
Roberto Sassu
- preventing executable stack with file_mprotect hook
Dmitry Mastykin
- preventing executable stack with file_mprotect hook
Dmitry Mastykin
- [PATCH bpf-next 03/29] bpf: introduce BPF token object
Christian Brauner
- [PATCH v9 13/25] security: Introduce file_release hook
Casey Schaufler
- [PATCH v9 13/25] security: Introduce file_release hook
Al Viro
- [PATCH v3 02/57] apparmor: Free up __cleanup() name
John Johansen
- [PATCH v9 13/25] security: Introduce file_release hook
Casey Schaufler
- [PATCH v9 20/25] ima: Move to LSM infrastructure
Casey Schaufler
- [PATCH v9 21/25] ima: Move IMA-Appraisal to LSM infrastructure
Casey Schaufler
- [PATCH v9 23/25] evm: Make it independent from 'integrity' LSM
Casey Schaufler
- [PATCH v9 24/25] ima: Make it independent from 'integrity' LSM
Casey Schaufler
- [PATCH v9 25/25] integrity: Remove LSM
Casey Schaufler
- [PATCH] selftests/filesystems:fix build error in overlayfs
Andrei Vagin
- [PATCH] lsm: Resolve compiling 'security.c' error
Lu Yao
- [PATCH] selftests/filesystems:fix build error in overlayfs
Christian Brauner
- [PATCH] lsm: Resolve compiling 'security.c' error
Paul Moore
- [PATCH] lsm: Resolve compiling 'security.c' error
Kees Cook
- [PATCH] lsm: Resolve compiling 'security.c' error
Paul Moore
- 回复: [PATCH v4] selftests/move_mount_set_group:Make tests build with old libc
Huyadi
- [PATCH v1] landlock: Add support for KUnit tests
Mickaël Salaün
- [PATCH v4] selftests/move_mount_set_group:Make tests build with old libc
Christian Brauner
- [GIT PULL] AppArmor updates for 6.8
John Johansen
- 回复: [PATCH v4] selftests/move_mount_set_group:Make tests build with old libc
Huyadi
- [GIT PULL] BPF token for v6.8
Andrii Nakryiko
- [PATCH v1] landlock: Add support for KUnit tests
Günther Noack
- [PATCH v4] selftests/landlock:Fix two build issues
Mickaël Salaün
- 回复: [PATCH v4] selftests/move_mount_set_group:Make tests build with old libc
Christian Brauner
- [GIT PULL] BPF token for v6.8
Andrii Nakryiko
- IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions
Paul Moore
- IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions
Jens Axboe
- IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions
Paul Moore
- IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions
Jens Axboe
- IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions
Paul Moore
- IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions
Jens Axboe
- [GIT PULL] AppArmor updates for 6.8
pr-tracker-bot at kernel.org
- 回复: [PATCH v4] selftests/landlock:Fix two build issues
Huyadi
- [GIT PULL] BPF token for v6.8
Linus Torvalds
- [GIT PULL] BPF token for v6.8
Andrii Nakryiko
- IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions
Christian Brauner
- [GIT PULL] BPF token for v6.8
Christian Brauner
- [PATCH] apparmor: Fix null pointer deref when receiving skb during sock creation
Xiao Liang
- [PATCH] selftests/landlock:Fix net_test build issues with old libc
Hu Yadi
- [PATCH v1] landlock: Add support for KUnit tests
Mickaël Salaün
- [PATCH] selftests/landlock:Fix net_test build issues with old libc
Mickaël Salaün
- 回复: [PATCH v4] selftests/landlock:Fix two build issues
Huyadi
- [PATCH v4 5/6] add listmount(2) syscall
John Paul Adrian Glaubitz
- [PATCH v4 5/6] add listmount(2) syscall
John Paul Adrian Glaubitz
- [PATCH v4 5/6] add listmount(2) syscall
Guenter Roeck
- 回复: [PATCH v4] selftests/landlock:Fix two build issues
Mickaël Salaün
- [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL
Paul Moore
- [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL
Paul Moore
- [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL
Jens Axboe
- [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL
Jens Axboe
- [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL
Jens Axboe
- [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL
Jens Axboe
- [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL
Paul Moore
- 回复: 回复: [PATCH v4] selftests/landlock:Fix two build issues
Huyadi
- [PATCH v2 bpf-next 00/30] BPF token
Andrii Nakryiko
- [PATCH v2 bpf-next 01/30] bpf: align CAP_NET_ADMIN checks with bpf_capable() approach
Andrii Nakryiko
- [PATCH v2 bpf-next 02/30] bpf: add BPF token delegation mount options to BPF FS
Andrii Nakryiko
- [PATCH v2 bpf-next 03/30] bpf: introduce BPF token object
Andrii Nakryiko
- [PATCH v2 bpf-next 04/30] bpf: add BPF token support to BPF_MAP_CREATE command
Andrii Nakryiko
- [PATCH v2 bpf-next 05/30] bpf: add BPF token support to BPF_BTF_LOAD command
Andrii Nakryiko
- [PATCH v2 bpf-next 06/30] bpf: add BPF token support to BPF_PROG_LOAD command
Andrii Nakryiko
- [PATCH v2 bpf-next 07/30] bpf: take into account BPF token when fetching helper protos
Andrii Nakryiko
- [PATCH v2 bpf-next 08/30] bpf: consistently use BPF token throughout BPF verifier logic
Andrii Nakryiko
- [PATCH v2 bpf-next 09/30] bpf, lsm: refactor bpf_prog_alloc/bpf_prog_free LSM hooks
Andrii Nakryiko
- [PATCH v2 bpf-next 10/30] bpf, lsm: refactor bpf_map_alloc/bpf_map_free LSM hooks
Andrii Nakryiko
- [PATCH v2 bpf-next 11/30] bpf,lsm: add BPF token LSM hooks
Andrii Nakryiko
- [PATCH v2 bpf-next 12/30] libbpf: add bpf_token_create() API
Andrii Nakryiko
- [PATCH v2 bpf-next 13/30] libbpf: add BPF token support to bpf_map_create() API
Andrii Nakryiko
- [PATCH v2 bpf-next 14/30] libbpf: add BPF token support to bpf_btf_load() API
Andrii Nakryiko
- [PATCH v2 bpf-next 15/30] libbpf: add BPF token support to bpf_prog_load() API
Andrii Nakryiko
- [PATCH v2 bpf-next 16/30] selftests/bpf: add BPF token-enabled tests
Andrii Nakryiko
- [PATCH v2 bpf-next 17/30] bpf, selinux: allocate bpf_security_struct per BPF token
Andrii Nakryiko
- [PATCH v2 bpf-next 18/30] bpf: fail BPF_TOKEN_CREATE if no delegation option was set on BPF FS
Andrii Nakryiko
- [PATCH v2 bpf-next 19/30] bpf: support symbolic BPF FS delegation mount options
Andrii Nakryiko
- [PATCH v2 bpf-next 20/30] selftests/bpf: utilize string values for delegate_xxx mount options
Andrii Nakryiko
- [PATCH v2 bpf-next 21/30] libbpf: split feature detectors definitions from cached results
Andrii Nakryiko
- [PATCH v2 bpf-next 22/30] libbpf: further decouple feature checking logic from bpf_object
Andrii Nakryiko
- [PATCH v2 bpf-next 23/30] libbpf: move feature detection code into its own file
Andrii Nakryiko
- [PATCH v2 bpf-next 24/30] libbpf: wire up token_fd into feature probing logic
Andrii Nakryiko
- [PATCH v2 bpf-next 25/30] libbpf: wire up BPF token support at BPF object level
Andrii Nakryiko
- [PATCH v2 bpf-next 26/30] selftests/bpf: add BPF object loading tests with explicit token passing
Andrii Nakryiko
- [PATCH v2 bpf-next 27/30] selftests/bpf: add tests for BPF object load with implicit token
Andrii Nakryiko
- [PATCH v2 bpf-next 28/30] libbpf: support BPF token path setting through LIBBPF_BPF_TOKEN_PATH envvar
Andrii Nakryiko
- [PATCH v2 bpf-next 29/30] selftests/bpf: add tests for LIBBPF_BPF_TOKEN_PATH envvar
Andrii Nakryiko
- [PATCH v2 bpf-next 30/30] selftests/bpf: incorporate LSM policy to token-based tests
Andrii Nakryiko
- [PATCH] selftests/landlock:Fix fs_test build issues with old libc
Hu Yadi
- [PATCH] selftests/landlock:Fix fs_test build issues with old libc
Mickaël Salaün
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Kees Cook
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Linus Torvalds
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Linus Torvalds
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Linus Torvalds
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Kees Cook
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Kees Cook
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Linus Torvalds
- [PATCH] KEYS: encrypted: Add check for strsep
Verma, Vishal L
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Linus Torvalds
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Linus Torvalds
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Kees Cook
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Kees Cook
- [PATCH] KEYS: encrypted: Add check for strsep
Mimi Zohar
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Kees Cook
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Kevin Locke
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Linus Torvalds
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Kees Cook
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Jann Horn
- [PATCH] KEYS: encrypted: Add check for strsep
Verma, Vishal L
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Kees Cook
- [PATCH] KEYS: encrypted: Add check for strsep
Mimi Zohar
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Linus Torvalds
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Jann Horn
- [PATCH] KEYS: encrypted: Add check for strsep
Verma, Vishal L
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Kees Cook
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Kees Cook
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Jann Horn
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Kees Cook
- [PATCH v3 0/5] Smack transmute fixes
Casey Schaufler
- security_file_free contract/expectations
Ben Smith
- [PATCH v2 bpf-next 00/30] BPF token
patchwork-bot+netdevbpf at kernel.org
- security_file_free contract/expectations
Casey Schaufler
- [PATCH v3 0/5] Smack transmute fixes
Roberto Sassu
- security_file_free contract/expectations
Roberto Sassu
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Tetsuo Handa
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Tetsuo Handa
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Jann Horn
- security_file_free contract/expectations
Tetsuo Handa
- [PATCH v1 0/2] Fix Landlock's net_test for non-root users
Mickaël Salaün
- [PATCH v1 1/2] selftests/landlock: Fix capability for net_test
Mickaël Salaün
- [PATCH v1 2/2] selftests/landlock: Clean up error logs related to capabilities
Mickaël Salaün
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
Mickaël Salaün
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Linus Torvalds
- [External] Re: security_file_free contract/expectations
Paul Moore
- [PATCH v3 5/5] ramfs: Initialize security of in-memory inodes
Andrew Morton
- [PATCH v3 5/5] ramfs: Initialize security of in-memory inodes
Roberto Sassu
- [PATCH] security: fix the logic in security_inode_getsecctx()
Ondrej Mosnacek
- [PATCH] security: fix the logic in security_inode_getsecctx()
Ondrej Mosnacek
- [PATCH] security: fix the logic in security_inode_getsecctx()
Stephen Smalley
- [PATCH] security: fix the logic in security_inode_getsecctx()
Stephen Smalley
- [PATCH v3 5/5] ramfs: Initialize security of in-memory inodes
Casey Schaufler
- [PATCH] security: fix the logic in security_inode_getsecctx()
Casey Schaufler
- [PATCH] security: fix the logic in security_inode_getsecctx()
Ondrej Mosnacek
- [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks
Ondrej Mosnacek
- [PATCH] security: fix the logic in security_inode_getsecctx()
Paul Moore
- [PATCH] exec: Check __FMODE_EXEC instead of in_execve for LSMs
John Johansen
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
John Johansen
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Tetsuo Handa
- [PATCH] apparmor: Fix null pointer deref when receiving skb during sock creation
John Johansen
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Tetsuo Handa
- [6.8-rc1 Regression] Unable to exec apparmor_parser from virt-aa-helper
Tetsuo Handa
- [PATCH 0/3] fs/exec: remove current->in_execve flag
Tetsuo Handa
- [PATCH 1/3] LSM: add security_bprm_aborting_creds() hook
Tetsuo Handa
- [PATCH 2/3] tomoyo: replace current->in_execve flag with security_bprm_aborting_creds() hook
Tetsuo Handa
- [PATCH 3/3] fs/exec: remove current->in_execve flag
Tetsuo Handa
- [PATCH 1/3] LSM: add security_bprm_aborting_creds() hook
Eric W. Biederman
- [PATCH 1/3] LSM: add security_bprm_aborting_creds() hook
Tetsuo Handa
- [PATCH] mm: init_mlocked_on_free_v2
York Jasper Niebuhr
- [PATCH] security: fix no-op hook logic in security_inode_{set, remove}xattr()
Ondrej Mosnacek
- [PATCH 1/3] LSM: add security_bprm_aborting_creds() hook
Eric W. Biederman
- [PATCH] security: fix the logic in security_inode_getsecctx()
Stephen Smalley
- [PATCH] security: fix the logic in security_inode_getsecctx()
Paul Moore
- [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks
Paul Moore
- [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks
Casey Schaufler
- [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks
Paul Moore
- [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks
Ondrej Mosnacek
- [PATCH 1/3] LSM: add security_bprm_aborting_creds() hook
Tetsuo Handa
- [PATCH] security: use default hook return value in call_int_hook()
Ondrej Mosnacek
- [PATCH] security: fix the logic in security_inode_getsecctx()
Stephen Smalley
- [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks
Casey Schaufler
- [PATCH] security: fix the logic in security_inode_getsecctx()
Paul Moore
- [PATCH] security: use default hook return value in call_int_hook()
Casey Schaufler
- [PATCH] KEYS: encrypted: Add check for strsep
Jarkko Sakkinen
- [PATCH] KEYS: encrypted: Add check for strsep
Jarkko Sakkinen
- [PATCH] KEYS: encrypted: Add check for strsep
Jarkko Sakkinen
- [PATCH] KEYS: encrypted: Add check for strsep
Jarkko Sakkinen
- [PATCH v8 4/9] landlock: Add IOCTL access right
Günther Noack
- [PATCH] KEYS: encrypted: Add check for strsep
Dan Williams
- [PATCH 0/5] evm: Support signatures on stacked filesystem
Stefan Berger
- [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs
Stefan Berger
- [PATCH 2/5] evm: Implement per signature type decision in security_inode_copy_up_xattr
Stefan Berger
- [PATCH 3/5] ima: Reset EVM status upon detecting changes to overlay backing file
Stefan Berger
- [PATCH 4/5] evm: Use the real inode's metadata to calculate metadata hash
Stefan Berger
- [PATCH 5/5] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509
Stefan Berger
- [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks
Paul Moore
- [RFC PATCH v12 00/20] Integrity Policy Enforcement LSM (IPE)
Fan Wu
- [RFC PATCH v12 01/20] security: add ipe lsm
Fan Wu
- [RFC PATCH v12 02/20] ipe: add policy parser
Fan Wu
- [RFC PATCH v12 03/20] ipe: add evaluation loop
Fan Wu
- [RFC PATCH v12 04/20] ipe: add LSM hooks on execution and kernel read
Fan Wu
- [RFC PATCH v12 05/20] initramfs|security: Add security hook to initramfs unpack
Fan Wu
- [RFC PATCH v12 06/20] ipe: introduce 'boot_verified' as a trust provider
Fan Wu
- [RFC PATCH v12 07/20] security: add new securityfs delete function
Fan Wu
- [RFC PATCH v12 08/20] ipe: add userspace interface
Fan Wu
- [RFC PATCH v12 09/20] uapi|audit|ipe: add ipe auditing support
Fan Wu
- [RFC PATCH v12 10/20] ipe: add permissive toggle
Fan Wu
- [RFC PATCH v12 11/20] block|security: add LSM blob to block_device
Fan Wu
- [RFC PATCH v12 12/20] dm verity: set DM_TARGET_SINGLETON feature flag
Fan Wu
- [RFC PATCH v12 13/20] dm: add finalize hook to target_type
Fan Wu
- [RFC PATCH v12 14/20] dm verity: consume root hash digest and signature data via LSM hook
Fan Wu
- [RFC PATCH v12 15/20] ipe: add support for dm-verity as a trust provider
Fan Wu
- [RFC PATCH v12 16/20] fsverity: consume builtin signature via LSM hook
Fan Wu
- [RFC PATCH v12 17/20] ipe: enable support for fs-verity as a trust provider
Fan Wu
- [RFC PATCH v12 18/20] scripts: add boot policy generation program
Fan Wu
- [RFC PATCH v12 19/20] ipe: kunit test for parser
Fan Wu
- [RFC PATCH v12 20/20] documentation: add ipe documentation
Fan Wu
- [PATCH] security: fix no-op hook logic in security_inode_{set, remove}xattr()
Paul Moore
- [PATCH] security: fix no-op hook logic in security_inode_{set, remove}xattr()
Paul Moore
- [PATCH 4/5] evm: Use the real inode's metadata to calculate metadata hash
Stefan Berger
- [PATCH] security: fix no-op hook logic in security_inode_{set, remove}xattr()
Paul Moore
- [PATCH 4/5] evm: Use the real inode's metadata to calculate metadata hash
Amir Goldstein
- [PATCH 0/5] evm: Support signatures on stacked filesystem
Amir Goldstein
- [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs
Amir Goldstein
- [PATCH 2/5] evm: Implement per signature type decision in security_inode_copy_up_xattr
Amir Goldstein
- [PATCH 3/5] ima: Reset EVM status upon detecting changes to overlay backing file
Amir Goldstein
- [PATCH 5/5] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509
Amir Goldstein
- [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs
Christian Brauner
- [PATCH 4/5] evm: Use the real inode's metadata to calculate metadata hash
Stefan Berger
- [PATCH 3/5] ima: Reset EVM status upon detecting changes to overlay backing file
Stefan Berger
- [PATCH 0/5] evm: Support signatures on stacked filesystem
Stefan Berger
- [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs
Stefan Berger
- [PATCH 4/5] evm: Use the real inode's metadata to calculate metadata hash
Amir Goldstein
- [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs
kernel test robot
- [PATCH v8 4/9] landlock: Add IOCTL access right
Mickaël Salaün
- [PATCH 4/5] evm: Use the real inode's metadata to calculate metadata hash
Amir Goldstein
- [PATCH 4/5] evm: Use the real inode's metadata to calculate metadata hash
Stefan Berger
- [PATCH 4/5] evm: Use the real inode's metadata to calculate metadata hash
Stefan Berger
- [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs
kernel test robot
- [GIT PULL] lsm/lsm-pr-20240131
Paul Moore
Last message date:
Wed Jan 31 23:46:15 UTC 2024
Archived on: Wed Jan 31 23:46:26 UTC 2024
This archive was generated by
Pipermail 0.09 (Mailman edition).