messages from 2024-02-09 23:01:04 to 2024-02-22 21:52:23 UTC [more...]
[PATCH] security: use default hook return value in call_int_hook()
2024-02-22 21:52 UTC (6+ messages)
[RFC 0/8] PGP key parser using SandBox Mode
2024-02-22 18:03 UTC (10+ messages)
` [RFC 0/5] PoC: convert AppArmor parser to "
` [RFC 1/5] sbm: x86: fix SBM error entry path
` [RFC 2/5] sbm: enhance buffer mapping API
` [RFC 3/5] sbm: x86: infrastructure to fix up sandbox faults
` [RFC 4/5] sbm: fix up calls to dynamic memory allocators
` [RFC 5/5] apparmor: parse profiles in sandbox mode
[PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities
2024-02-22 16:28 UTC (46+ messages)
` [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h
` [PATCH v2 02/25] mnt_idmapping: include cred.h
` [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data
` [PATCH v2 04/25] capability: rename cpu_vfs_cap_data to vfs_caps
` [PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids
` [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps
` [PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace
` [PATCH v2 08/25] xattr: add is_fscaps_xattr() helper
` [PATCH v2 09/25] commoncap: use is_fscaps_xattr()
` [PATCH v2 10/25] xattr: "
` [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps
` [PATCH v2 12/25] selinux: add hooks for fscaps operations
` [PATCH v2 13/25] smack: "
` [PATCH v2 14/25] evm: add support for fscaps security hooks
` [PATCH v2 15/25] security: call evm fscaps hooks from generic "
` [PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps
` [PATCH v2 17/25] fs: add vfs_get_fscaps()
` [PATCH v2 18/25] fs: add vfs_set_fscaps()
` [PATCH v2 19/25] fs: add vfs_remove_fscaps()
` [PATCH v2 20/25] ovl: add fscaps handlers
` [PATCH v2 21/25] ovl: use vfs_{get,set}_fscaps() for copy-up
` [PATCH v2 22/25] fs: use vfs interfaces for capabilities xattrs
` [PATCH v2 23/25] commoncap: remove cap_inode_getsecurity()
` [PATCH v2 24/25] commoncap: use vfs fscaps interfaces
` [PATCH v2 25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr()
[syzbot] [keyrings?] [lsm?] KASAN: slab-out-of-bounds Read in key_task_permission (2)
2024-02-22 10:40 UTC
TOCTOU-free exec(), chdir(), open() with O_PATH sandbox emulation support?
2024-02-22 6:41 UTC
[PATCH] LSM: Fix typos in security/security.c comment headers
2024-02-22 0:03 UTC (2+ messages)
[PATCH] landlock: Warn once if a Landlock action is requested while disabled
2024-02-21 21:35 UTC (3+ messages)
[PATCH] proc: allow restricting /proc/pid/mem writes
2024-02-21 21:06 UTC
smack: Possible NULL pointer deref in cred_free hook
2024-02-21 17:40 UTC (13+ messages)
[PATCH net-next v3 00/11] selftests: kselftest_harness: support using xfail
2024-02-21 12:03 UTC (19+ messages)
` [PATCH net-next v3 01/11] selftests: kselftest_harness: pass step via shared memory
` [PATCH net-next v3 02/11] selftests: kselftest_harness: use KSFT_* exit codes
` [PATCH net-next v3 03/11] selftests: kselftest_harness: generate test name once
` [PATCH net-next v3 04/11] selftests: kselftest_harness: save full exit code in metadata
` [PATCH net-next v3 05/11] selftests: kselftest_harness: use exit code to store skip
` [PATCH net-next v3 06/11] selftests: kselftest: add ksft_test_result_code(), handling all exit codes
` [PATCH net-next v3 07/11] selftests: kselftest_harness: print test name for SKIP
` [PATCH net-next v3 08/11] selftests: kselftest_harness: separate diagnostic message with # in ksft_test_result_code()
` [PATCH net-next v3 09/11] selftests: kselftest_harness: let PASS / FAIL provide diagnostic
` [PATCH net-next v3 10/11] selftests: kselftest_harness: support using xfail
` [PATCH net-next v3 11/11] selftests: ip_local_port_range: use XFAIL instead of SKIP
[PATCH 5.4,4.19] lsm: new security_file_ioctl_compat() hook
2024-02-21 10:52 UTC (2+ messages)
[PATCH v2 0/9] evm: Support signatures on stacked filesystem
2024-02-20 22:57 UTC (7+ messages)
` [PATCH v2 2/9] security: allow finer granularity in permitting copy-up of security xattrs
` [PATCH v2 9/9] ima: Record i_version of real_inode for change detection
[syzbot] [integrity?] [lsm?] KMSAN: uninit-value in ima_add_template_entry
2024-02-20 10:40 UTC (2+ messages)
[syzbot] [apparmor?] [ext4?] general protection fault in common_perm_cond
2024-02-20 10:00 UTC (3+ messages)
memory leak in smack since de93 e515 db30 ("Smack: Improve mount process memory use")
2024-02-20 7:40 UTC
[PATCH v9 0/8] Landlock: IOCTL support
2024-02-19 21:44 UTC (14+ messages)
` [PATCH v9 1/8] landlock: Add IOCTL access right
` [RFC PATCH] fs: Add vfs_masks_device_ioctl*() helpers
[PATCH] landlock: Fix asymmetric private inodes referring
2024-02-19 19:03 UTC
[PATCH 02/13] Add TSEM specific documentation
2024-02-19 11:16 UTC (5+ messages)
` [PATCH 2/13] "
[PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure
2024-02-16 22:34 UTC (31+ messages)
` [PATCH v10 01/25] ima: Align ima_inode_post_setattr() definition with "
` [PATCH v10 02/25] ima: Align ima_file_mprotect() "
` [PATCH v10 03/25] ima: Align ima_inode_setxattr() "
` [PATCH v10 04/25] ima: Align ima_inode_removexattr() "
` [PATCH v10 05/25] ima: Align ima_post_read_file() "
` [PATCH v10 06/25] evm: Align evm_inode_post_setattr() "
` [PATCH v10 07/25] evm: Align evm_inode_setxattr() "
` [PATCH v10 08/25] evm: Align evm_inode_post_setxattr() "
` [PATCH v10 09/25] security: Align inode_setattr hook definition with EVM
` [PATCH v10 10/25] security: Introduce inode_post_setattr hook
` [PATCH v10 11/25] security: Introduce inode_post_removexattr hook
` [PATCH v10 12/25] security: Introduce file_post_open hook
` [PATCH v10 13/25] security: Introduce file_release hook
` [PATCH v10 14/25] security: Introduce path_post_mknod hook
` [PATCH v10 15/25] security: Introduce inode_post_create_tmpfile hook
` [PATCH v10 16/25] security: Introduce inode_post_set_acl hook
` [PATCH v10 17/25] security: Introduce inode_post_remove_acl hook
` [PATCH v10 18/25] security: Introduce key_post_create_or_update hook
` [PATCH v10 19/25] integrity: Move integrity_kernel_module_request() to IMA
` [PATCH v10 20/25] ima: Move to LSM infrastructure
` [PATCH v10 21/25] ima: Move IMA-Appraisal "
` [PATCH v10 22/25] evm: Move "
` [PATCH v10 23/25] evm: Make it independent from 'integrity' LSM
` [PATCH v10 24/25] ima: "
` [PATCH v10 25/25] integrity: Remove LSM
` [PATCH v10 0/25] security: Move IMA and EVM to the LSM infrastructure
[GIT PULL] lsm/lsm-pr-20240215
2024-02-16 17:11 UTC (2+ messages)
[PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
2024-02-16 13:10 UTC (4+ messages)
` [PATCH v2] integrity: eliminate unnecessary "Problem loading X.509 certificate" msg
[PATCH v3 1/3] LSM: add security_execve_abort() hook
2024-02-15 23:47 UTC (8+ messages)
[PATCH v9 00/25] security: Move IMA and EVM to the LSM infrastructure
2024-02-15 15:02 UTC (33+ messages)
` [PATCH v9 12/25] security: Introduce file_post_open hook
` [PATCH v9 13/25] security: Introduce file_release hook
` [PATCH v9 14/25] security: Introduce path_post_mknod hook
` [PATCH v9 15/25] security: Introduce inode_post_create_tmpfile hook
` [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA
` [PATCH v9 20/25] ima: Move to LSM infrastructure
` [PATCH v9 22/25] evm: "
` [PATCH v9 23/25] evm: Make it independent from 'integrity' LSM
` [PATCH v9 24/25] ima: "
` [PATCH v9 25/25] integrity: Remove LSM
[PATCH] security: fix integer overflow in lsm_set_self_attr() syscall
2024-02-15 13:02 UTC (6+ messages)
[PATCH v1 5/5] sbm: SandBox Mode documentation
2024-02-15 8:52 UTC
[GIT PULL] Landlock fixes for v6.8-rc5
2024-02-15 0:12 UTC (2+ messages)
[RFC][PATCH 0/8] ima: Integrate with digest_cache LSM
2024-02-14 14:35 UTC (9+ messages)
` [RFC][PATCH 1/8] ima: Introduce hook DIGEST_LIST_CHECK
` [RFC][PATCH 2/8] ima: Nest iint mutex for DIGEST_LIST_CHECK hook
` [RFC][PATCH 3/8] ima: Add digest_cache policy keyword
` [RFC][PATCH 4/8] ima: Add digest_cache_measure and digest_cache_appraise boot-time policies
` [RFC][PATCH 5/8] ima: Record IMA verification result of digest lists in digest cache
` [RFC][PATCH 6/8] ima: Use digest cache for measurement
` [RFC][PATCH 7/8] ima: Use digest cache for appraisal
` [RFC][PATCH 8/8] ima: Detect if digest cache changed since last measurement/appraisal
[PATCH v5 0/6] DCP as trusted keys backend
2024-02-13 9:59 UTC (3+ messages)
[PATCH v3 00/13] security: digest_cache LSM
2024-02-12 8:02 UTC (4+ messages)
` [PATCH v3 02/13] security: Introduce the "
[PATCH] KEYS: encrypted: Add check for strsep
2024-02-12 5:11 UTC (12+ messages)
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).