messages from 2024-02-16 03:33:11 to 2024-02-29 00:59:27 UTC [more...]
[PATCH v4 00/12] selftests: kselftest_harness: support using xfail
2024-02-29 0:59 UTC
[RFC PATCH v13 00/20] Integrity Policy Enforcement LSM (IPE)
2024-02-29 0:55 UTC (21+ messages)
` [RFC PATCH v13 01/20] security: add ipe lsm
` [RFC PATCH v13 02/20] ipe: add policy parser
` [RFC PATCH v13 03/20] ipe: add evaluation loop
` [RFC PATCH v13 04/20] ipe: add LSM hooks on execution and kernel read
` [RFC PATCH v13 05/20] initramfs|security: Add a security hook to do_populate_rootfs()
` [RFC PATCH v13 06/20] ipe: introduce 'boot_verified' as a trust provider
` [RFC PATCH v13 07/20] security: add new securityfs delete function
` [RFC PATCH v13 08/20] ipe: add userspace interface
` [RFC PATCH v13 09/20] uapi|audit|ipe: add ipe auditing support
` [RFC PATCH v13 10/20] ipe: add permissive toggle
` [RFC PATCH v13 11/20] block|security: add LSM blob to block_device
` [RFC PATCH v13 12/20] dm verity: set DM_TARGET_SINGLETON feature flag
` [RFC PATCH v13 13/20] dm: add finalize hook to target_type
` [RFC PATCH v13 14/20] dm verity: consume root hash digest and signature data via LSM hook
` [RFC PATCH v13 15/20] ipe: add support for dm-verity as a trust provider
` [RFC PATCH v13 16/20] fsverity: consume builtin signature via LSM hook
` [RFC PATCH v13 17/20] ipe: enable support for fs-verity as a trust provider
` [RFC PATCH v13 18/20] scripts: add boot policy generation program
` [RFC PATCH v13 19/20] ipe: kunit test for parser
` [RFC PATCH v13 20/20] documentation: add ipe documentation
[PATCH v3 00/13] security: digest_cache LSM
2024-02-28 17:46 UTC (2+ messages)
[PATCH v9 0/8] Landlock: IOCTL support
2024-02-28 12:57 UTC (11+ messages)
` [PATCH v9 1/8] landlock: Add IOCTL access right
` [RFC PATCH] fs: Add vfs_masks_device_ioctl*() helpers
[PATCH 1/2] SELinux: Fix lsm_get_self_attr()
2024-02-28 12:53 UTC (15+ messages)
` [PATCH 2/2] AppArmor: "
[GIT PULL] lsm/lsm-pr-20240227
2024-02-28 1:02 UTC (2+ messages)
[PATCH v2 1/2] landlock: Extend documentation for kernel support
2024-02-27 16:32 UTC (3+ messages)
` [PATCH v2 2/2] landlock: Warn once if a Landlock action is requested while disabled
[syzbot] [lsm?] [reiserfs?] general protection fault in fsnotify_perm
2024-02-27 16:05 UTC (2+ messages)
[PATCH net-next] netlabel: remove impossible return value in netlbl_bitmap_walk
2024-02-27 15:54 UTC (3+ messages)
[PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities
2024-02-27 14:57 UTC (58+ messages)
` [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h
` [PATCH v2 02/25] mnt_idmapping: include cred.h
` [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data
` [PATCH v2 04/25] capability: rename cpu_vfs_cap_data to vfs_caps
` [PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids
` [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps
` [PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace
` [PATCH v2 08/25] xattr: add is_fscaps_xattr() helper
` [PATCH v2 09/25] commoncap: use is_fscaps_xattr()
` [PATCH v2 10/25] xattr: "
` [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps
` [PATCH v2 12/25] selinux: add hooks for fscaps operations
` [PATCH v2 13/25] smack: "
` [PATCH v2 14/25] evm: add support for fscaps security hooks
` [PATCH v2 15/25] security: call evm fscaps hooks from generic "
` [PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps
` [PATCH v2 17/25] fs: add vfs_get_fscaps()
` [PATCH v2 18/25] fs: add vfs_set_fscaps()
` [PATCH v2 19/25] fs: add vfs_remove_fscaps()
` [PATCH v2 20/25] ovl: add fscaps handlers
` [PATCH v2 21/25] ovl: use vfs_{get,set}_fscaps() for copy-up
` [PATCH v2 22/25] fs: use vfs interfaces for capabilities xattrs
` [PATCH v2 23/25] commoncap: remove cap_inode_getsecurity()
` [PATCH v2 24/25] commoncap: use vfs fscaps interfaces
` [PATCH v2 25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr()
[PATCH] proc: allow restricting /proc/pid/mem writes
2024-02-27 0:53 UTC (8+ messages)
[PATCH net-next v3 00/11] selftests: kselftest_harness: support using xfail
2024-02-26 20:21 UTC (28+ messages)
` [PATCH net-next v3 01/11] selftests: kselftest_harness: pass step via shared memory
` [PATCH net-next v3 02/11] selftests: kselftest_harness: use KSFT_* exit codes
` [PATCH net-next v3 03/11] selftests: kselftest_harness: generate test name once
` [PATCH net-next v3 04/11] selftests: kselftest_harness: save full exit code in metadata
` [PATCH net-next v3 05/11] selftests: kselftest_harness: use exit code to store skip
` [PATCH net-next v3 06/11] selftests: kselftest: add ksft_test_result_code(), handling all exit codes
` [PATCH net-next v3 07/11] selftests: kselftest_harness: print test name for SKIP
` [PATCH net-next v3 08/11] selftests: kselftest_harness: separate diagnostic message with # in ksft_test_result_code()
` [PATCH net-next v3 09/11] selftests: kselftest_harness: let PASS / FAIL provide diagnostic
` [PATCH net-next v3 10/11] selftests: kselftest_harness: support using xfail
` [PATCH net-next v3 11/11] selftests: ip_local_port_range: use XFAIL instead of SKIP
` [PATCH 0/2] Merge TEST_F_FORK() into TEST_F()
` [PATCH 1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK()
` [PATCH 2/2] selftests/harness: Merge TEST_F_FORK() into TEST_F()
[PATCH] landlock: Warn once if a Landlock action is requested while disabled
2024-02-26 17:16 UTC (5+ messages)
[PATCH v5 0/6] DCP as trusted keys backend
2024-02-26 9:17 UTC (5+ messages)
[PATCH v3 00/10] evm: Support signatures on stacked filesystem
2024-02-23 17:25 UTC (11+ messages)
` [PATCH v3 01/10] ima: Rename backing_inode to real_inode
` [PATCH v3 02/10] security: allow finer granularity in permitting copy-up of security xattrs
` [PATCH v3 03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr
` [PATCH v3 04/10] evm: Use the metadata inode to calculate metadata hash
` [PATCH v3 05/10] ima: Move file-change detection variables into new structure
` [PATCH v3 06/10] evm: Store and detect metadata inode attributes changes
` [PATCH v3 07/10] ima: re-evaluate file integrity on file metadata change
` [PATCH v3 08/10] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509
` [PATCH v3 09/10] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED
` [PATCH v3 10/10] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs
[PATCH] security: use default hook return value in call_int_hook()
2024-02-22 21:52 UTC (2+ messages)
[RFC 0/8] PGP key parser using SandBox Mode
2024-02-22 18:03 UTC (10+ messages)
` [RFC 0/5] PoC: convert AppArmor parser to "
` [RFC 1/5] sbm: x86: fix SBM error entry path
` [RFC 2/5] sbm: enhance buffer mapping API
` [RFC 3/5] sbm: x86: infrastructure to fix up sandbox faults
` [RFC 4/5] sbm: fix up calls to dynamic memory allocators
` [RFC 5/5] apparmor: parse profiles in sandbox mode
[syzbot] [keyrings?] [lsm?] KASAN: slab-out-of-bounds Read in key_task_permission (2)
2024-02-22 10:40 UTC
TOCTOU-free exec(), chdir(), open() with O_PATH sandbox emulation support?
2024-02-22 6:41 UTC
[PATCH] LSM: Fix typos in security/security.c comment headers
2024-02-22 0:03 UTC (2+ messages)
smack: Possible NULL pointer deref in cred_free hook
2024-02-21 17:40 UTC (13+ messages)
[PATCH 5.4,4.19] lsm: new security_file_ioctl_compat() hook
2024-02-21 10:52 UTC (2+ messages)
[PATCH v2 0/9] evm: Support signatures on stacked filesystem
2024-02-20 22:57 UTC (3+ messages)
` [PATCH v2 2/9] security: allow finer granularity in permitting copy-up of security xattrs
[syzbot] [integrity?] [lsm?] KMSAN: uninit-value in ima_add_template_entry
2024-02-20 10:40 UTC (2+ messages)
[syzbot] [apparmor?] [ext4?] general protection fault in common_perm_cond
2024-02-20 10:00 UTC (3+ messages)
memory leak in smack since de93 e515 db30 ("Smack: Improve mount process memory use")
2024-02-20 7:40 UTC
[PATCH] landlock: Fix asymmetric private inodes referring
2024-02-19 19:03 UTC
[PATCH 02/13] Add TSEM specific documentation
2024-02-19 11:16 UTC (5+ messages)
` [PATCH 2/13] "
[PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure
2024-02-16 22:34 UTC (4+ messages)
` [PATCH v10 0/25] "
[GIT PULL] lsm/lsm-pr-20240215
2024-02-16 17:11 UTC (2+ messages)
[PATCH] integrity: don't throw an error immediately when failed to add a cert to the .machine keyring
2024-02-16 13:10 UTC (4+ messages)
` [PATCH v2] integrity: eliminate unnecessary "Problem loading X.509 certificate" msg
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).