messages from 2025-07-14 15:11:34 to 2025-07-24 15:44:55 UTC [more...]
[RFC PATCH v2 0/34] Rework the LSM initialization
2025-07-24 15:44 UTC (49+ messages)
` [RFC PATCH v2 01/34] lsm: split the notifier code out into lsm_notifier.c
` [RFC PATCH v2 02/34] lsm: split the init code out into lsm_init.c
` [RFC PATCH v2 03/34] lsm: consolidate lsm_allowed() and prepare_lsm() into lsm_prepare()
` [RFC PATCH v2 04/34] lsm: introduce looping macros for the initialization code
` [RFC PATCH v2 05/34] lsm: integrate report_lsm_order() code into caller
` [RFC PATCH v2 06/34] lsm: integrate lsm_early_cred() and lsm_early_task() "
` [RFC PATCH v2 07/34] lsm: rename ordered_lsm_init() to lsm_init_ordered()
` [RFC PATCH v2 08/34] lsm: replace the name field with a pointer to the lsm_id struct
` [RFC PATCH v2 09/34] lsm: rename the lsm order variables for consistency
` [RFC PATCH v2 10/34] lsm: rework lsm_active_cnt and lsm_idlist[]
` [RFC PATCH v2 11/34] lsm: get rid of the lsm_names list and do some cleanup
` [RFC PATCH v2 12/34] lsm: rework the LSM enable/disable setter/getter functions
` [RFC PATCH v2 13/34] lsm: rename exists_ordered_lsm() to lsm_order_exists()
` [RFC PATCH v2 14/34] lsm: rename/rework append_ordered_lsm() into lsm_order_append()
` [RFC PATCH v2 15/34] lsm: rename/rework ordered_lsm_parse() to lsm_order_parse()
` [RFC PATCH v2 16/34] lsm: cleanup the LSM blob size code
` [RFC PATCH v2 17/34] lsm: cleanup initialize_lsm() and rename to lsm_init_single()
` [RFC PATCH v2 18/34] lsm: fold lsm_init_ordered() into security_init()
` [RFC PATCH v2 19/34] lsm: add/tweak function header comment blocks in lsm_init.c
` [RFC PATCH v2 20/34] lsm: cleanup the debug and console output "
` [RFC PATCH v2 21/34] lsm: output available LSMs when debugging
` [RFC PATCH v2 22/34] lsm: group lsm_order_parse() with the other lsm_order_*() functions
` [RFC PATCH v2 23/34] lsm: introduce an initcall mechanism into the LSM framework
` [RFC PATCH v2 24/34] loadpin: move initcalls to "
` [RFC PATCH v2 25/34] ipe: "
` [RFC PATCH v2 26/34] smack: "
` [RFC PATCH v2 27/34] tomoyo: "
` [RFC PATCH v2 28/34] safesetid: "
` [RFC PATCH v2 29/34] apparmor: "
` [RFC PATCH v2 30/34] lockdown: "
` [RFC PATCH v2 31/34] ima,evm: "
` [RFC PATCH v2 32/34] selinux: "
` [RFC PATCH v2 33/34] lsm: consolidate all of the LSM framework initcalls
` [RFC PATCH v2 34/34] lsm: add a LSM_STARTED_ALL notification event
[PATCH 0/2] Secure Boot lock down
2025-07-24 15:03 UTC (6+ messages)
[PATCH v3 0/4] Landlock: Disconnected directory handling
2025-07-24 14:49 UTC (8+ messages)
` [PATCH v3 1/4] landlock: Fix cosmetic change
` [PATCH v3 2/4] landlock: Fix handling of disconnected directories
` [PATCH v3 3/4] selftests/landlock: Add tests for access through disconnected paths
` [PATCH v3 4/4] selftests/landlock: Add disconnected leafs and branch test suites
[PATCH 00/19] smack: clean up xattr handling
2025-07-24 13:09 UTC (20+ messages)
` [PATCH 01/19] smack: fix bug: changing Smack xattrs requires cap_sys_admin
` [PATCH 02/19] smack: fix bug: changing Smack xattrs requires cap_mac_override
` [PATCH 03/19] smack: fix bug: setting label-containing xattrs silently ignores input garbage
` [PATCH 04/19] smack: stop polling other LSMs & VFS to getxattr() unsupported SMACK64IPIN/OUT
` [PATCH 05/19] smack: restrict getxattr() SMACK64TRANSMUTE to directories
` [PATCH 06/19] smack: fix bug: getxattr() returns invalid SMACK64EXEC/MMAP
` [PATCH 07/19] smack: deduplicate task label validation
` [PATCH 08/19] smack: smack_inode_setsecurity: prevent setting SMACK64EXEC/MMAP in other LSMs
` [PATCH 09/19] smack: smack_inode_setsecurity: prevent setting SMACK64IPIN/OUT "
` [PATCH 10/19] smack: fix bug: smack_inode_setsecurity() imports alien xattrs as labels
` [PATCH 11/19] smack: fix bug: smack_inode_setsecurity() false EINVAL for alien xattrs
` [PATCH 12/19] smack: restrict setxattr() SMACK64IPIN/IPOUT to sockets
` [PATCH 13/19] smack: restrict setxattr() SMACK64EXEC/MMAP to regular files
` [PATCH 14/19] smack: return EOPNOTSUPP for setxattr() unsupported SMACK64(TRANSMUTE)
` [PATCH 15/19] smack: smack_inode_setsecurity(): skip checks for SMACK64TRANSMUTE
` [PATCH 16/19] smack: smack_inode_notifysecctx(): reject invalid labels
` [PATCH 17/19] smack: smack_inode_post_setxattr(): find label instead of import
` [PATCH 18/19] smack: smack_inode_setsecurity(): "
` [PATCH 19/19] smack: deduplicate strcmp(name, XATTR_{,NAME_}SMACK*)
[PATCH v4 0/4] stackleak: Support Clang stack depth tracking
2025-07-24 13:08 UTC (6+ messages)
` [PATCH v4 1/4] arm64: Handle KCOV __init vs inline mismatches
` [PATCH v4 2/4] x86: "
` [PATCH v4 3/4] init.h: Disable sanitizer coverage for __init and __head
` [PATCH v4 4/4] kstack_erase: Support Clang stack depth tracking
[PATCH v2] security,fs,nfs,net: update security_inode_listsecurity() interface
2025-07-24 2:09 UTC (6+ messages)
[PATCH v2 00/13] Signed BPF programs
2025-07-23 17:11 UTC (17+ messages)
` [PATCH v2 01/13] bpf: Update the bpf_prog_calc_tag to use SHA256
` [PATCH v2 02/13] bpf: Implement exclusive map creation
` [PATCH v2 03/13] libbpf: Implement SHA256 internal helper
` [PATCH v2 04/13] libbpf: Support exclusive map creation
` [PATCH v2 05/13] selftests/bpf: Add tests for exclusive maps
` [PATCH v2 06/13] bpf: Return hashes of maps in BPF_OBJ_GET_INFO_BY_FD
` [PATCH v2 07/13] bpf: Move the signature kfuncs to helpers.c
` [PATCH v2 08/13] bpf: Implement signature verification for BPF programs
` [PATCH v2 09/13] libbpf: Update light skeleton for signing
` [PATCH v2 10/13] libbpf: Embed and verify the metadata hash in the loader
` [PATCH v2 11/13] bpftool: Add support for signing BPF programs
` [PATCH v2 12/13] selftests/bpf: Enable signature verification for all lskel tests
` [PATCH v2 13/13] selftests/bpf: Add test for signed programs
[PATCH V9 0/7] Add NUMA mempolicy support for KVM guest-memfd
2025-07-23 8:20 UTC (19+ messages)
` [PATCH V9 1/7] KVM: guest_memfd: Use guest mem inodes instead of anonymous inodes
` [PATCH V9 2/7] mm/filemap: Add NUMA mempolicy support to filemap_alloc_folio()
` [PATCH V9 3/7] mm/filemap: Extend __filemap_get_folio() to support NUMA memory policies
` [PATCH V9 5/7] KVM: guest_memfd: Add slab-allocated inode cache
` [PATCH V9 6/7] KVM: guest_memfd: Enforce NUMA mempolicy using shared policy
[PATCH RFC 0/4] landlock: add LANDLOCK_SCOPE_MEMFD_EXEC execution
2025-07-22 21:56 UTC (7+ messages)
` [PATCH RFC 1/4] landlock: add LANDLOCK_SCOPE_MEMFD_EXEC scope
` [PATCH RFC 2/4] landlock: implement memfd detection
` [PATCH RFC 3/4] landlock: add memfd exec LSM hooks and scoping
` [PATCH RFC 4/4] selftests/landlock: add memfd execution tests
[PATCH v2] lsm,selinux: Add LSM blob support for BPF objects
2025-07-22 21:21 UTC
[PATCH v3 00/13] stackleak: Support Clang stack depth tracking
2025-07-22 13:29 UTC (29+ messages)
` [PATCH v3 01/13] stackleak: Rename STACKLEAK to KSTACK_ERASE
` [PATCH v3 02/13] stackleak: Rename stackleak_track_stack to __sanitizer_cov_stack_depth
` [PATCH v3 03/13] stackleak: Split KSTACK_ERASE_CFLAGS from GCC_PLUGINS_CFLAGS
` [PATCH v3 04/13] x86: Handle KCOV __init vs inline mismatches
` [PATCH v3 05/13] arm: "
` [PATCH v3 06/13] arm64: "
` [PATCH v3 07/13] s390: "
` [PATCH v3 08/13] powerpc/mm/book3s64: Move kfence and debug_pagealloc related calls to __init section
` [PATCH v3 09/13] mips: Handle KCOV __init vs inline mismatch
` [PATCH v3 10/13] init.h: Disable sanitizer coverage for __init and __head
` [PATCH v3 11/13] kstack_erase: Support Clang stack depth tracking
` [PATCH v3 12/13] configs/hardening: Enable CONFIG_KSTACK_ERASE
` [PATCH v3 13/13] configs/hardening: Enable CONFIG_INIT_ON_FREE_DEFAULT_ON
[PATCH] landlock/ruleset: Minor comments improvements
2025-07-22 12:54 UTC (4+ messages)
[PATCH] lsm: yama: Check for PTRACE_MODE_READ_FSCREDS access
2025-07-22 8:58 UTC (6+ messages)
-Wformat-invalid-specifier after 88fec3526e84 in -next
2025-07-21 23:10 UTC
[RFC PATCH 0/29] Rework the LSM initialization
2025-07-21 21:59 UTC (6+ messages)
` [RFC PATCH 25/29] ima,evm: move initcalls to the LSM framework
[syzbot] [apparmor?] linux-next test error: WARNING in apparmor_unix_stream_connect
2025-07-21 9:35 UTC
[PATCH RFC 0/3] selftests/landlock: scoping abstractions
2025-07-19 12:41 UTC (4+ messages)
` [PATCH RFC 1/3] selftests/landlock: move sandbox_type to common
` [PATCH RFC 2/3] selftests/landlock: add cross-domain variants
` [PATCH RFC 3/3] selftests/landlock: add cross-domain signal tests
[PATCH v2 0/3] Landlock: Disconnected directory handling
2025-07-19 10:19 UTC (6+ messages)
` [PATCH v2 1/3] landlock: Fix handling of disconnected directories
[PATCH] lsm,selinux: Add LSM blob support for BPF objects
2025-07-18 15:35 UTC (8+ messages)
[syzbot] [lsm?] INFO: rcu detected stall in msr_read (2)
2025-07-17 17:02 UTC
[PATCH v5 0/5] Audit: Records for multiple security contexts
2025-07-16 21:27 UTC (6+ messages)
` [PATCH v5 1/5] Audit: Create audit_stamp structure
` [PATCH v5 2/5] LSM: security_lsmblob_to_secctx module selection
` [PATCH v5 3/5] Audit: Add record for multiple task security contexts
` [PATCH v5 4/5] Audit: Fix indentation in audit_log_exit
` [PATCH v5 5/5] Audit: Add record for multiple object contexts
[RFC] vfs: security: Parse dev_name before calling security_sb_mount
2025-07-16 17:12 UTC (14+ messages)
[PATCH v4 4/4] Audit: Add record for multiple object contexts
2025-07-15 20:40 UTC (4+ messages)
unsubscribe
2025-07-15 8:46 UTC
[PATCH v5 bpf-next 0/5] bpf path iterator
2025-07-14 21:09 UTC (4+ messages)
[PATCH 00/12] Signed BPF programs
2025-07-14 21:05 UTC (8+ messages)
` [PATCH 05/12] libbpf: Support exclusive map creation
[PATCH v5 3/3] AppArmor: add support for lsm_config_self_policy and lsm_config_system_policy
2025-07-14 18:07 UTC (2+ messages)
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).