Audit system development

Audit system development
 help / color / mirror / Atom feed

 messages from 2024-01-19 18:00:48 to 2024-03-12 18:33:56 UTC [more...]

[RFC PATCH v14 00/19] Integrity Policy Enforcement LSM (IPE)
 2024-03-12 18:33 UTC  (33+ messages)
` [RFC PATCH v14 01/19] security: add ipe lsm
` [RFC PATCH v14 02/19] ipe: add policy parser
` [RFC PATCH v14 03/19] ipe: add evaluation loop
` [RFC PATCH v14 04/19] ipe: add LSM hooks on execution and kernel read
` [RFC PATCH v14 05/19] initramfs|security: Add a security hook to do_populate_rootfs()
` [RFC PATCH v14 06/19] ipe: introduce 'boot_verified' as a trust provider
` [RFC PATCH v14 07/19] security: add new securityfs delete function
` [RFC PATCH v14 08/19] ipe: add userspace interface
` [RFC PATCH v14 09/19] uapi|audit|ipe: add ipe auditing support
` [RFC PATCH v14 10/19] ipe: add permissive toggle
` [RFC PATCH v14 11/19] block|security: add LSM blob to block_device
` [RFC PATCH v14 12/19] dm: add finalize hook to target_type
` [RFC PATCH v14 13/19] dm verity: consume root hash digest and signature data via LSM hook
` [RFC PATCH v14 14/19] ipe: add support for dm-verity as a trust provider
` [RFC PATCH v14 15/19] fsverity: consume builtin signature via LSM hook
` [RFC PATCH v14 16/19] ipe: enable support for fs-verity as a trust provider
` [RFC PATCH v14 17/19] scripts: add boot policy generation program
` [RFC PATCH v14 18/19] ipe: kunit test for parser
` [RFC PATCH v14 19/19] documentation: add ipe documentation

[PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities
 2024-03-06 12:56 UTC  (87+ messages)
` [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h
` [PATCH v2 02/25] mnt_idmapping: include cred.h
` [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data
` [PATCH v2 04/25] capability: rename cpu_vfs_cap_data to vfs_caps
` [PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids
` [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps
` [PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace
` [PATCH v2 08/25] xattr: add is_fscaps_xattr() helper
` [PATCH v2 09/25] commoncap: use is_fscaps_xattr()
` [PATCH v2 10/25] xattr: "
` [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps
` [PATCH v2 12/25] selinux: add hooks for fscaps operations
` [PATCH v2 13/25] smack: "
` [PATCH v2 14/25] evm: add support for fscaps security hooks
` [PATCH v2 15/25] security: call evm fscaps hooks from generic "
` [PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps
` [PATCH v2 17/25] fs: add vfs_get_fscaps()
` [PATCH v2 18/25] fs: add vfs_set_fscaps()
` [PATCH v2 19/25] fs: add vfs_remove_fscaps()
` [PATCH v2 20/25] ovl: add fscaps handlers
` [PATCH v2 21/25] ovl: use vfs_{get,set}_fscaps() for copy-up
` [PATCH v2 22/25] fs: use vfs interfaces for capabilities xattrs
` [PATCH v2 23/25] commoncap: remove cap_inode_getsecurity()
` [PATCH v2 24/25] commoncap: use vfs fscaps interfaces
` [PATCH v2 25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr()

[RFC PATCH v13 00/20] Integrity Policy Enforcement LSM (IPE)
 2024-03-02 16:37 UTC  (30+ messages)
` [RFC PATCH v13 01/20] security: add ipe lsm
` [RFC PATCH v13 02/20] ipe: add policy parser
` [RFC PATCH v13 03/20] ipe: add evaluation loop
` [RFC PATCH v13 04/20] ipe: add LSM hooks on execution and kernel read
` [RFC PATCH v13 05/20] initramfs|security: Add a security hook to do_populate_rootfs()
` [RFC PATCH v13 06/20] ipe: introduce 'boot_verified' as a trust provider
` [RFC PATCH v13 07/20] security: add new securityfs delete function
` [RFC PATCH v13 08/20] ipe: add userspace interface
` [RFC PATCH v13 09/20] uapi|audit|ipe: add ipe auditing support
` [RFC PATCH v13 10/20] ipe: add permissive toggle
` [RFC PATCH v13 11/20] block|security: add LSM blob to block_device
` [RFC PATCH v13 12/20] dm verity: set DM_TARGET_SINGLETON feature flag
` [RFC PATCH v13 13/20] dm: add finalize hook to target_type
` [RFC PATCH v13 14/20] dm verity: consume root hash digest and signature data via LSM hook
` [RFC PATCH v13 15/20] ipe: add support for dm-verity as a trust provider
` [RFC PATCH v13 16/20] fsverity: consume builtin signature via LSM hook
` [RFC PATCH v13 17/20] ipe: enable support for fs-verity as a trust provider
` [RFC PATCH v13 18/20] scripts: add boot policy generation program
` [RFC PATCH v13 19/20] ipe: kunit test for parser
` [RFC PATCH v13 20/20] documentation: add ipe documentation

subscribe
 2024-02-27  6:49 UTC 

[RFC PATCH v12 00/20] Integrity Policy Enforcement LSM (IPE)
 2024-02-06 21:53 UTC  (37+ messages)
` [RFC PATCH v12 01/20] security: add ipe lsm
` [RFC PATCH v12 02/20] ipe: add policy parser
` [RFC PATCH v12 03/20] ipe: add evaluation loop
` [RFC PATCH v12 04/20] ipe: add LSM hooks on execution and kernel read
` [RFC PATCH v12 05/20] initramfs|security: Add security hook to initramfs unpack
  ` [PATCH RFC v12 5/20] "
` [RFC PATCH v12 06/20] ipe: introduce 'boot_verified' as a trust provider
  ` [PATCH RFC v12 6/20] "
` [RFC PATCH v12 07/20] security: add new securityfs delete function
` [RFC PATCH v12 08/20] ipe: add userspace interface
  ` [PATCH RFC v12 8/20] "
` [RFC PATCH v12 09/20] uapi|audit|ipe: add ipe auditing support
  ` [PATCH RFC v12 9/20] "
` [RFC PATCH v12 10/20] ipe: add permissive toggle
  ` [PATCH RFC "
` [RFC PATCH v12 11/20] block|security: add LSM blob to block_device
` [RFC PATCH v12 12/20] dm verity: set DM_TARGET_SINGLETON feature flag
` [RFC PATCH v12 13/20] dm: add finalize hook to target_type
` [RFC PATCH v12 14/20] dm verity: consume root hash digest and signature data via LSM hook
` [RFC PATCH v12 15/20] ipe: add support for dm-verity as a trust provider
  ` [PATCH RFC "
` [RFC PATCH v12 16/20] fsverity: consume builtin signature via LSM hook
` [RFC PATCH v12 17/20] ipe: enable support for fs-verity as a trust provider
  ` [PATCH RFC "
` [RFC PATCH v12 18/20] scripts: add boot policy generation program
` [RFC PATCH v12 19/20] ipe: kunit test for parser
` [RFC PATCH v12 20/20] documentation: add ipe documentation

[PATCH] audit: Use KMEM_CACHE instead of kmem_cache_create
 2024-01-25 15:13 UTC  (2+ messages)

[PATCH] kernel: auditfilter: Remove unnecessary ‘0’ values from ret
 2024-01-25 14:59 UTC  (2+ messages)

[PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL
 2024-01-23 23:58 UTC  (7+ messages)

IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions
 2024-01-22 15:15 UTC  (7+ messages)

page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox