messages from 2025-03-13 17:34:58 to 2025-03-23 08:45:18 UTC [more...]
[PATCH v4 0/3] fs: introduce getfsxattrat and setfsxattrat syscalls
2025-03-23 8:45 UTC (6+ messages)
` [PATCH v4 1/3] lsm: introduce new hooks for setting/getting inode fsxattr
` [PATCH v4 2/3] fs: split fileattr/fsxattr converters into helpers
` [PATCH v4 3/3] fs: introduce getfsxattrat and setfsxattrat syscalls
[syzbot] [apparmor?] [ext4?] INFO: rcu detected stall in sys_getdents64
2025-03-23 6:53 UTC (2+ messages)
` [syzbot] [net] "
[RFC PATCH security-next 0/4] Introducing Hornet LSM
2025-03-22 21:43 UTC (15+ messages)
` [RFC PATCH security-next 1/4] security: "
` [RFC PATCH security-next 2/4] hornet: Introduce sign-ebpf
` [RFC PATCH security-next 3/4] hornet: Add an example lskel data extactor script
` [RFC PATCH security-next 4/4] selftests/hornet: Add a selftest for the hornet LSM
[PATCH] Revert "integrity: Do not load MOK and MOKx when secure boot be disabled"
2025-03-22 21:24 UTC (6+ messages)
[RFC PATCH v3 00/13] Clavis LSM
2025-03-22 2:00 UTC (34+ messages)
[PATCH 0/2] Allow individual features to be locked down
2025-03-21 21:13 UTC (5+ messages)
` [PATCH 1/2] lockdown: Switch implementation to using bitmap
` [PATCH 2/2] lockdown/kunit: Introduce kunit tests
[PATCH v10 0/8] ima: kexec: measure events between kexec load and execute
2025-03-21 16:49 UTC (29+ messages)
` [PATCH v10 1/8] ima: rename variable the ser_file "file" to "ima_kexec_file"
` [PATCH v10 2/8] ima: define and call ima_alloc_kexec_file_buf()
` [PATCH v10 3/8] kexec: define functions to map and unmap segments
` [PATCH v10 4/8] ima: kexec: skip IMA segment validation after kexec soft reboot
` [PATCH v10 5/8] ima: kexec: define functions to copy IMA log at soft boot
` [PATCH v10 6/8] ima: kexec: move IMA log copy from kexec load to execute
` [PATCH v10 7/8] ima: make the kexec extra memory configurable
` [PATCH v10 8/8] ima: measure kexec load and exec events as critical data
[PATCH] [v2] crypto: lib/Kconfig: hide library options
2025-03-21 11:06 UTC (6+ messages)
[PATCH v2 0/8] Landlock signal scope fix and errata interface
2025-03-20 21:06 UTC (10+ messages)
` [PATCH v2 1/8] landlock: Move code to ease future backports
` [PATCH v2 2/8] landlock: Add the errata interface
` [PATCH v2 3/8] landlock: Add erratum for TCP fix
` [PATCH v2 4/8] landlock: Prepare to add second errata
` [PATCH v2 5/8] landlock: Always allow signals between threads of the same process
` [PATCH v2 6/8] selftests/landlock: Split signal_scoping_threads tests
` [PATCH v2 7/8] selftests/landlock: Add a new test for setuid()
` [PATCH v2 8/8] landlock: Document errata
[PATCH v7 00/28] Landlock audit support
2025-03-20 19:07 UTC (29+ messages)
` [PATCH v7 01/28] lsm: Add audit_log_lsm_data() helper
` [PATCH v7 02/28] landlock: Add unique ID generator
` [PATCH v7 03/28] landlock: Move domain hierarchy management
` [PATCH v7 04/28] landlock: Prepare to use credential instead of domain for filesystem
` [PATCH v7 05/28] landlock: Prepare to use credential instead of domain for network
` [PATCH v7 06/28] landlock: Prepare to use credential instead of domain for scope
` [PATCH v7 07/28] landlock: Prepare to use credential instead of domain for fowner
` [PATCH v7 08/28] landlock: Identify domain execution crossing
` [PATCH v7 09/28] landlock: Add AUDIT_LANDLOCK_ACCESS and log ptrace denials
` [PATCH v7 10/28] landlock: Add AUDIT_LANDLOCK_DOMAIN and log domain status
` [PATCH v7 11/28] landlock: Log mount-related denials
` [PATCH v7 12/28] landlock: Log file-related denials
` [PATCH v7 13/28] landlock: Factor out IOCTL hooks
` [PATCH v7 14/28] landlock: Log truncate and IOCTL denials
` [PATCH v7 15/28] landlock: Log TCP bind and connect denials
` [PATCH v7 16/28] landlock: Log scoped denials
` [PATCH v7 17/28] landlock: Add LANDLOCK_RESTRICT_SELF_LOG_*_EXEC_* flags
` [PATCH v7 18/28] landlock: Add LANDLOCK_RESTRICT_SELF_LOG_SUBDOMAINS_OFF
` [PATCH v7 19/28] samples/landlock: Enable users to log sandbox denials
` [PATCH v7 20/28] selftests/landlock: Add test for invalid ruleset file descriptor
` [PATCH v7 21/28] selftests/landlock: Extend tests for landlock_restrict_self(2)'s flags
` [PATCH v7 22/28] selftests/landlock: Add tests for audit flags and domain IDs
` [PATCH v7 23/28] selftests/landlock: Test audit with restrict flags
` [PATCH v7 24/28] selftests/landlock: Add audit tests for ptrace
` [PATCH v7 25/28] selftests/landlock: Add audit tests for abstract UNIX socket scoping
` [PATCH v7 26/28] selftests/landlock: Add audit tests for filesystem
` [PATCH v7 27/28] selftests/landlock: Add audit tests for network
` [PATCH v7 28/28] landlock: Add audit documentation
[PATCH v2] keys: Fix UAF in key_put()
2025-03-20 18:48 UTC (9+ messages)
CVE-2025-21830: landlock: Handle weird files
2025-03-20 16:00 UTC (14+ messages)
` Unprivileged filesystem mounts
[PATCH] KEYS: trusted: dcp: Use kfree_sensitive() to fix Coccinelle warnings
2025-03-20 15:16 UTC (2+ messages)
[PATCH v3 0/5] Audit: Records for multiple security contexts
2025-03-19 22:27 UTC (6+ messages)
` [PATCH v3 1/5] Audit: Create audit_stamp structure
` [PATCH v3 2/5] LSM: security_lsmblob_to_secctx module selection
` [PATCH v3 3/5] Audit: Add record for multiple task security contexts
` [PATCH v3 4/5] Audit: multiple subject lsm values for netlabel
` [PATCH v3 5/5] Audit: Add record for multiple object contexts
[syzbot] [keyrings?] [lsm?] KASAN: slab-use-after-free Read in key_put
2025-03-19 15:49 UTC (3+ messages)
[PATCH] RDMA/uverbs: Consider capability of the process that opens the file
2025-03-18 22:57 UTC (8+ messages)
[PATCH v5 0/1] ipe: add errno field to IPE policy load auditing
2025-03-18 22:50 UTC (5+ messages)
` [PATCH v5 1/1] "
[PATCH] apparmor: make __begin_current_label_crit_section() indicate whether put is needed
2025-03-18 22:06 UTC
[RFC PATCH v1 0/7] ima: get rid of hard dependency on SHA-1
2025-03-18 20:49 UTC (16+ messages)
` [RFC PATCH v1 1/7] ima: don't expose runtime_measurements for unsupported hashes
` [RFC PATCH v1 2/7] ima: always create runtime_measurements sysfs file for ima_hash
` [RFC PATCH v1 3/7] ima: move INVALID_PCR() to ima.h
` [RFC PATCH v1 4/7] ima: track the set of PCRs ever extended
` [RFC PATCH v1 5/7] tpm: enable bank selection for PCR extend
` [RFC PATCH v1 6/7] ima: invalidate unsupported PCR banks once at first use
` [RFC PATCH v1 7/7] ima: make SHA1 non-mandatory
[PATCH] keys: Fix UAF in key_put()
2025-03-18 13:27 UTC (4+ messages)
[PATCH v2 02/11] quota: reorder capability check last
2025-03-18 3:41 UTC (3+ messages)
` [PATCH v2 01/11] coccinelle: Add script to reorder capable() calls
[PATCH v9 0/7] ima: kexec: measure events between kexec load and execute
2025-03-17 18:26 UTC (6+ messages)
` [PATCH v9 2/7] kexec: define functions to map and unmap segments
apparmor NULL pointer dereference on resume
2025-03-17 8:56 UTC (15+ messages)
` apparmor NULL pointer dereference on resume [efivarfs]
` [RFC 1/1] fix NULL mnt [was Re: apparmor NULL pointer dereference on resume [efivarfs]]
[PATCH v2 0/2] smack: fix two bugs in setting task label
2025-03-15 1:57 UTC (3+ messages)
` [PATCH v2 1/2] smack: fix bug: unprivileged task can create labels
` [PATCH v2 2/2] smack: fix bug: setting task label silently ignores input garbage
[PATCH v5] hwmon: (pmbus/tps53679) Add support for TPS53685
2025-03-14 17:44 UTC (2+ messages)
[RFC PATCH v1] landlock: Allow signals between threads of the same process
2025-03-14 15:42 UTC (2+ messages)
[RFC PATCH 0/6] fs, lsm: mediate O_PATH fd creation in file_open hook
2025-03-14 1:28 UTC (5+ messages)
` [RFC PATCH 1/6] fs: invoke LSM file_open hook in do_dentry_open for O_PATH fds as well
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).