messages from 2024-03-15 18:41:19 to 2024-03-27 13:10:49 UTC [more...]
[PATCH v1 1/2] lsm: Check and handle error priority for socket_bind and socket_connect
2024-03-27 12:00 UTC (2+ messages)
` [PATCH v1 2/2] selftests/landlock: Improve AF_UNSPEC tests
[PATCH v13 00/10] Landlock: IOCTL support
2024-03-27 13:10 UTC (2+ messages)
` [PATCH v13 01/10] landlock: Add IOCTL access right for character and block devices
[PATCH] samples/landlock: Fix incorrect free in populate_ruleset_net
2024-03-27 10:45 UTC (2+ messages)
[PATCH] Do not require attributes for security_inode_init_security
2024-03-27 9:16 UTC (5+ messages)
[PATCH v7 0/6] DCP as trusted keys backend
2024-03-27 8:24 UTC (7+ messages)
` [PATCH v7 1/6] crypto: mxs-dcp: Add support for hardware-bound keys
` [PATCH v7 2/6] KEYS: trusted: improve scalability of trust source config
` [PATCH v7 3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys
` [PATCH v7 4/6] MAINTAINERS: add entry for DCP-based "
` [PATCH v7 5/6] docs: document DCP-backed trusted keys kernel params
` [PATCH v7 6/6] docs: trusted-encrypted: add DCP as new trust source
[PATCH 2/2] apparmor: fix typo in kernel doc
2024-03-26 19:18 UTC (4+ messages)
` [PATCH 1/2] yama: document function parameter
[PATCH v12 0/9] Landlock: IOCTL support
2024-03-26 18:52 UTC (19+ messages)
` [PATCH v12 1/9] security: Introduce ENOFILEOPS return value for IOCTL hooks
` [PATCH v12 2/9] landlock: Add IOCTL access right for character and block devices
` [PATCH v12 3/9] selftests/landlock: Test IOCTL support
` [PATCH v12 4/9] selftests/landlock: Test IOCTL with memfds
` [PATCH v12 5/9] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH)
` [PATCH v12 6/9] selftests/landlock: Test IOCTLs on named pipes
` [PATCH v12 7/9] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets
` [PATCH v12 8/9] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV
` [PATCH v12 9/9] landlock: Document IOCTL support
kernel crash in mknod
2024-03-26 12:53 UTC (13+ messages)
[PATCH v4 0/7] Handle faults in KUnit tests
2024-03-26 9:51 UTC (8+ messages)
` [PATCH v4 1/7] kunit: Handle thread creation error
` [PATCH v4 2/7] kunit: Fix kthread reference
` [PATCH v4 3/7] kunit: Fix timeout message
` [PATCH v4 4/7] kunit: Handle test faults
` [PATCH v4 5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests
` [PATCH v4 6/7] kunit: Print last test location on fault
` [PATCH v4 7/7] kunit: Add tests for fault
[PATCH v3 0/7] Handle faults in KUnit tests
2024-03-26 9:02 UTC (10+ messages)
` [PATCH v3 1/7] kunit: Handle thread creation error
` [PATCH v3 2/7] kunit: Fix kthread reference
` [PATCH v3 3/7] kunit: Fix timeout message
` [PATCH v3 4/7] kunit: Handle test faults
` [PATCH v3 5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests
` [PATCH v3 6/7] kunit: Print last test location on fault
` [PATCH v3 7/7] kunit: Add tests for fault
[PATCH v11 0/9] Landlock: IOCTL support
2024-03-25 13:25 UTC (12+ messages)
` [PATCH v11 1/9] fs: Add and use vfs_get_ioctl_handler()
` [PATCH v11 2/9] landlock: Add IOCTL access right for character and block devices
` [PATCH v11 3/9] selftests/landlock: Test IOCTL support
` [PATCH v11 4/9] selftests/landlock: Test IOCTL with memfds
` [PATCH v11 5/9] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH)
` [PATCH v11 6/9] selftests/landlock: Test IOCTLs on named pipes
` [PATCH v11 7/9] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets
` [PATCH v11 8/9] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV
` [PATCH v11 9/9] landlock: Document IOCTL support
[PATCH bpf-next v2 0/7] Add check for bpf lsm return value
2024-03-25 9:56 UTC (8+ messages)
` [PATCH bpf-next v2 1/7] bpf, lsm: Annotate lsm hook return integer with new macro LSM_RET_INT
` [PATCH bpf-next v2 2/7] bpf, lsm: Add return value range description for lsm hook
` [PATCH bpf-next v2 3/7] bpf, lsm: Add function to read lsm hook return value range
` [PATCH bpf-next v2 4/7] bpf, lsm: Check bpf lsm hook return values in verifier
` [PATCH bpf-next v2 5/7] bpf: Fix compare error in function retval_range_within
` [PATCH bpf-next v2 6/7] selftests/bpf: Avoid load failure for token_lsm.c
` [PATCH bpf-next v2 7/7] selftests/bpf: Add return value checks and corrections for failed progs
[PATCH v10 0/9] Landlock: IOCTL support
2024-03-22 15:04 UTC (9+ messages)
` [PATCH v10 6/9] selftests/landlock: Test IOCTLs on named pipes
` [PATCH v10 7/9] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets
[PATCH] ima: Fix use-after-free on a dentry's dname.name
2024-03-22 14:03 UTC
LSM/IMA integration denying access to inode_init_security
2024-03-21 23:31 UTC (3+ messages)
[RFC PATCH v15 00/21] Integrity Policy Enforcement LSM (IPE)
2024-03-21 17:25 UTC (41+ messages)
` [RFC PATCH v15 01/21] security: add ipe lsm
` [RFC PATCH v15 02/21] ipe: add policy parser
` [RFC PATCH v15 03/21] ipe: add evaluation loop
` [RFC PATCH v15 04/21] ipe: add LSM hooks on execution and kernel read
` [RFC PATCH v15 05/21] initramfs|security: Add a security hook to do_populate_rootfs()
` [RFC PATCH v15 06/21] ipe: introduce 'boot_verified' as a trust provider
` [RFC PATCH v15 07/21] security: add new securityfs delete function
` [RFC PATCH v15 08/21] ipe: add userspace interface
` [RFC PATCH v15 09/21] uapi|audit|ipe: add ipe auditing support
` [RFC PATCH v15 10/21] ipe: add permissive toggle
` [RFC PATCH v15 11/21] block|security: add LSM blob to block_device
` [RFC PATCH v15 12/21] security: add security_bdev_setintegrity() hook
` [PATCH RFC "
` [RFC PATCH v15 13/21] dm: add finalize hook to target_type
` [RFC PATCH v15 14/21] dm verity: consume root hash digest and signature data via LSM hook
` [PATCH RFC "
` [RFC PATCH v15 15/21] ipe: add support for dm-verity as a trust provider
` [RFC PATCH v15 16/21] security: add security_inode_setintegrity() hook
` [PATCH RFC "
` [RFC PATCH v15 17/21] fsverity: consume builtin signature via LSM hook
` [RFC PATCH v15 18/21] ipe: enable support for fs-verity as a trust provider
` [RFC PATCH v15 19/21] scripts: add boot policy generation program
` [RFC PATCH v15 20/21] ipe: kunit test for parser
` [RFC PATCH v15 21/21] documentation: add ipe documentation
[PATCH v3][next] integrity: Avoid -Wflex-array-member-not-at-end warnings
2024-03-21 15:49 UTC (3+ messages)
[PATCH v2][next] integrity: Avoid -Wflex-array-member-not-at-end warnings
2024-03-21 3:55 UTC
[PATCH][next] integrity: Avoid -Wflex-array-member-not-at-end warnings
2024-03-21 3:39 UTC (4+ messages)
[PATCH v3 00/10] evm: Support signatures on stacked filesystem
2024-03-19 23:26 UTC (17+ messages)
` [PATCH v3 01/10] ima: Rename backing_inode to real_inode
` [PATCH v3 02/10] security: allow finer granularity in permitting copy-up of security xattrs
` [PATCH v3 03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr
` [PATCH v3 04/10] evm: Use the metadata inode to calculate metadata hash
` [PATCH v3 07/10] ima: re-evaluate file integrity on file metadata change
` [PATCH v3 08/10] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509
` [PATCH v3 09/10] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED
` [PATCH v3 10/10] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs
[RFC PATCH 2/2] selinux: wire up new execstack LSM hook
2024-03-19 23:10 UTC (8+ messages)
` [RFC PATCH 1/2] lsm: introduce new hook security_vm_execstack
Systemd v254 LSM stacking issue - patch
2024-03-19 17:58 UTC
[PATCH v2 1/2] landlock: Extend documentation for kernel support
2024-03-19 11:40 UTC (6+ messages)
[PATCH bpf-next 0/5] Fix kernel panic caused by bpf lsm return value
2024-03-19 7:54 UTC (11+ messages)
` [PATCH bpf-next 1/5] bpf, lsm: Annotate lsm hook return integer with new macro LSM_RET_INT
` [PATCH bpf-next 2/5] bpf, lsm: Add return value range description for lsm hook
` [PATCH bpf-next 3/5] bpf, lsm: Add function to read lsm hook return value range
` [PATCH bpf-next 4/5] bpf, lsm: Check bpf lsm hook return values in verifier
` [PATCH bpf-next 5/5] bpf: Fix compare error in function retval_range_within
[PATCH v2 bpf-next 0/9] add new acquire/release BPF kfuncs
2024-03-18 13:24 UTC (11+ messages)
TSEM code organization
2024-03-17 19:20 UTC (2+ messages)
[PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY
2024-03-16 17:17 UTC (9+ messages)
` [PATCH 02/10] capability: add any wrappers to test for multiple caps with exactly one audit message
[PATCH 00/11] sysctl: treewide: constify ctl_table argument of sysctl handlers
2024-03-16 2:52 UTC (13+ messages)
` [PATCH 01/11] stackleak: don't modify ctl_table argument
` [PATCH 02/11] cgroup: bpf: constify ctl_table arguments and fields
` [PATCH 03/11] hugetlb: constify ctl_table arguments of utility functions
` [PATCH 04/11] utsname: constify ctl_table arguments of utility function
` [PATCH 05/11] neighbour: "
` [PATCH 06/11] ipv4/sysctl: constify ctl_table arguments of utility functions
` [PATCH 07/11] ipv6/addrconf: "
` [PATCH 08/11] ipv6/ndisc: constify ctl_table arguments of utility function
` [PATCH 09/11] ipvs: constify ctl_table arguments of utility functions
` [PATCH 10/11] sysctl: constify ctl_table arguments of utility function
` [PATCH 11/11] sysctl: treewide: constify the ctl_table argument of handlers
[PATCH 08/10] net: use new capable_any functionality
2024-03-15 23:11 UTC (2+ messages)
[PATCH] lsm: handle the NULL buffer case in lsm_fill_user_ctx()
2024-03-15 19:40 UTC (10+ messages)
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).