messages from 2026-03-25 15:36:49 to 2026-04-07 20:02:53 UTC [more...]
[RFC PATCH 00/20] BPF interface for applying Landlock rulesets
2026-04-07 20:01 UTC (19+ messages)
` [RFC PATCH 01/20] landlock: Move operations from syscall into ruleset code
` [RFC PATCH 02/20] execve: Add set_nnp_on_point_of_no_return
` [RFC PATCH 03/20] landlock: Implement LANDLOCK_RESTRICT_SELF_NO_NEW_PRIVS
` [RFC PATCH 04/20] selftests/landlock: Cover LANDLOCK_RESTRICT_SELF_NO_NEW_PRIVS
` [RFC PATCH 05/20] landlock: Make ruleset deferred free RCU safe
` [RFC PATCH 06/20] bpf: lsm: Add Landlock kfuncs
` [RFC PATCH 07/20] bpf: arraymap: Implement Landlock ruleset map
` [RFC PATCH 08/20] bpf: Add Landlock ruleset map type
` [RFC PATCH 09/20] bpf: syscall: Handle Landlock ruleset maps
` [RFC PATCH 10/20] bpf: verifier: Add Landlock ruleset map support
` [RFC PATCH 11/20] selftests/bpf: Add Landlock kfunc declarations
` [RFC PATCH 12/20] selftests/landlock: Rename gettid wrapper for BPF reuse
` [RFC PATCH 13/20] selftests/bpf: Enable Landlock in selftests kernel
` [RFC PATCH 14/20] selftests/bpf: Add Landlock kfunc test program
` [RFC PATCH 15/20] selftests/bpf: Add Landlock kfunc test runner
` [RFC PATCH 16/20] landlock: Bump ABI version
` [RFC PATCH 17/20] tools: bpftool: Add documentation for landlock_ruleset
` [RFC PATCH 18/20] landlock: Document LANDLOCK_RESTRICT_SELF_NO_NEW_PRIVS
[PATCH v4 0/3] Fix incorrect overlayfs mmap() and mprotect() LSM access controls
2026-04-07 19:20 UTC (12+ messages)
` [PATCH v4 1/3] fs: prepare for adding LSM blob to backing_file
` [PATCH v4 2/3] lsm: add backing_file LSM hooks
` [PATCH v4 3/3] selinux: fix overlayfs mmap() and mprotect() access checks
[PATCH v2 1/2] landlock: Fix LOG_SUBDOMAINS_OFF inheritance across fork()
2026-04-07 19:02 UTC (3+ messages)
` [PATCH v2 2/2] landlock: Allow TSYNC with LOG_SUBDOMAINS_OFF and fd=-1
[PATCH v1 1/2] landlock: Fix log_subdomains_off inheritance across fork()
2026-04-07 19:00 UTC (7+ messages)
` [PATCH v1 2/2] landlock: Allow TSYNC with LOG_SUBDOMAINS_OFF and fd=-1
LSM: Whiteout chardev creation sidesteps mknod hook
2026-04-07 17:15 UTC (2+ messages)
[PATCH v5 0/3] Trim N entries of IMA event logs
2026-04-07 16:19 UTC (5+ messages)
` [PATCH v5 1/3] ima: make ima event log trimming configurable
` [PATCH v5 2/3] ima: trim N IMA event log records
` [PATCH v5 3/3] ima: add new critical data record to measure log trim
[PATCH v2 00/17] Landlock tracepoints
2026-04-07 13:00 UTC (20+ messages)
` [PATCH v2 01/17] landlock: Prepare ruleset and domain type split
` [PATCH v2 02/17] landlock: Move domain query functions to domain.c
` [PATCH v2 03/17] landlock: Split struct landlock_domain from struct landlock_ruleset
` [PATCH v2 04/17] landlock: Split denial logging from audit into common framework
` [PATCH v2 05/17] tracing: Add __print_untrusted_str()
` [PATCH v2 06/17] landlock: Add create_ruleset and free_ruleset tracepoints
` [PATCH v2 07/17] landlock: Add landlock_add_rule_fs and landlock_add_rule_net tracepoints
` [PATCH v2 08/17] landlock: Add restrict_self and free_domain tracepoints
` [PATCH v2 09/17] landlock: Add tracepoints for rule checking
` [PATCH v2 10/17] landlock: Set audit_net.sk for socket access checks
` [PATCH v2 11/17] landlock: Add landlock_deny_access_fs and landlock_deny_access_net
` [PATCH v2 12/17] landlock: Add tracepoints for ptrace and scope denials
` [PATCH v2 13/17] selftests/landlock: Add trace event test infrastructure and tests
` [PATCH v2 14/17] selftests/landlock: Add filesystem tracepoint tests
` [PATCH v2 15/17] selftests/landlock: Add network "
` [PATCH v2 16/17] selftests/landlock: Add scope and ptrace "
` [PATCH v2 17/17] landlock: Document tracepoints
[PATCH] evm: zero-initialize the evm_xattrs read buffer
2026-04-07 6:09 UTC
[PATCH v2] KEYS: trusted: Debugging as a feature
2026-04-07 2:42 UTC (2+ messages)
[PATCH 0/3] Add support for ML-DSA signature for EVM and IMA
2026-04-06 16:53 UTC (5+ messages)
` [PATCH 1/3] crypto: public_key: Remove check for valid hash_algo for ML-DSA keys
` [PATCH 2/3] integrity: Refactor asymmetric_verify for reusability
` [PATCH 3/3] integrity: Add support for sigv3 verification using ML-DSA keys
[PATCH v8 0/9] Implement LANDLOCK_ADD_RULE_QUIET
2026-04-06 15:52 UTC (10+ messages)
` [PATCH v8 1/9] landlock: Add a place for flags to layer rules
` [PATCH v8 2/9] landlock: Add API support and docs for the quiet flags
` [PATCH v8 3/9] landlock: Suppress logging when quiet flag is present
` [PATCH v8 4/9] samples/landlock: Add quiet flag support to sandboxer
` [PATCH v8 5/9] selftests/landlock: Replace hard-coded 16 with a constant
` [PATCH v8 6/9] selftests/landlock: add tests for quiet flag with fs rules
` [PATCH v8 7/9] selftests/landlock: add tests for quiet flag with net rules
` [PATCH v8 8/9] selftests/landlock: Add tests for quiet flag with scope
` [PATCH v8 9/9] selftests/landlock: Add tests for invalid use of quiet flag
[PATCH v3 0/3] landlock: Refactor layer masks
2026-04-06 15:14 UTC (3+ messages)
` [PATCH v3 3/3] landlock: transpose the layer masks data structure
[PATCH v3 0/5] Fix Landlock audit test flakiness
2026-04-03 17:08 UTC (13+ messages)
` [PATCH v3 1/5] selftests/landlock: Fix snprintf truncation checks in audit helpers
` [PATCH v3 2/5] selftests/landlock: Fix socket file descriptor leaks "
` [PATCH v3 3/5] selftests/landlock: Drain stale audit records on init
` [PATCH v3 4/5] selftests/landlock: Skip stale records in audit_match_record()
` [PATCH v3 5/5] selftests/landlock: Fix format warning for __u64 in net_test
[PATCH] apparmor: Fix two bugs of aa_setup_dfa_engine's fail handling
2026-04-03 3:51 UTC
LSM namespacing API
2026-04-02 21:04 UTC (11+ messages)
[PATCH] landlock: Document fallocate(2) as another truncation corner case
2026-04-02 18:16 UTC (4+ messages)
[PATCH v8 00/12] landlock: UNIX connect() control by pathname and scope
2026-04-02 18:09 UTC (22+ messages)
` [PATCH v8 01/12] lsm: Add LSM hook security_unix_find
` [PATCH v8 02/12] landlock: Use mem_is_zero() in is_layer_masks_allowed()
` [PATCH v8 03/12] landlock: Replace union access_masks_all with helper functions
` [PATCH v8 04/12] landlock: Control pathname UNIX domain socket resolution by path
` [PATCH v8 05/12] landlock: Clarify BUILD_BUG_ON check in scoping logic
` [PATCH v8 06/12] samples/landlock: Add support for named UNIX domain socket restrictions
` [PATCH v8 07/12] selftests/landlock: Replace access_fs_16 with ACCESS_ALL in fs_test
` [PATCH v8 08/12] selftests/landlock: Test LANDLOCK_ACCESS_FS_RESOLVE_UNIX
` [PATCH v8 09/12] selftests/landlock: Audit test for LANDLOCK_ACCESS_FS_RESOLVE_UNIX
` [PATCH v8 10/12] selftests/landlock: Check that coredump sockets stay unrestricted
` [PATCH v8 11/12] selftests/landlock: fs_test: Simplify ruleset creation and enforcement
` [PATCH v8 12/12] landlock: Document FS access right for pathname UNIX sockets
[PATCH v6.1] apparmor: fix unprivileged local user can do privileged policy management
2026-04-02 8:03 UTC (3+ messages)
[PATCH v5.10-v5.15] apparmor: fix unprivileged local user can do privileged policy management
2026-04-02 5:47 UTC
[RFC PATCH v1 00/11] Landlock: Namespace and capability control
2026-04-01 18:48 UTC (9+ messages)
` [RFC PATCH v1 02/11] security: Add LSM_AUDIT_DATA_NS for namespace audit records
` [RFC PATCH v1 03/11] nsproxy: Add FOR_EACH_NS_TYPE() X-macro and CLONE_NS_ALL
` (subset) "
[PATCH v4 00/13] ima: Introduce staging mechanism
2026-04-01 17:52 UTC (20+ messages)
` [PATCH v4 01/13] ima: Remove ima_h_table structure
` [PATCH v4 02/13] ima: Replace static htable queue with dynamically allocated array
` [PATCH v4 03/13] ima: Introduce per binary measurements list type ima_num_entries counter
` [PATCH v4 04/13] ima: Introduce per binary measurements list type binary_runtime_size value
` [PATCH v4 05/13] ima: Introduce _ima_measurements_start() and _ima_measurements_next()
` [PATCH v4 06/13] ima: Mediate open/release method of the measurements list
` [PATCH v4 07/13] ima: Use snprintf() in create_securityfs_measurement_lists
` [PATCH v4 08/13] ima: Introduce ima_dump_measurement()
` [PATCH v4 09/13] ima: Add support for staging measurements with prompt
` [PATCH v4 10/13] ima: Add support for flushing the hash table when staging measurements
` [PATCH v4 11/13] ima: Support staging and deleting N measurements entries
` [PATCH v4 12/13] ima: Return error on deleting staged measurements after kexec
` [PATCH v4 13/13] doc: security: Add documentation of the IMA staging mechanism
[PATCH v2 0/4] Fix Landlock audit test flakiness
2026-04-01 16:14 UTC (5+ messages)
` [PATCH v2 1/4] selftests/landlock: Fix snprintf truncation checks in audit helpers
` [PATCH v2 2/4] selftests/landlock: Fix socket file descriptor leaks "
` [PATCH v2 3/4] selftests/landlock: Drain stale audit records on init
` [PATCH v2 4/4] selftests/landlock: Skip stale records in audit_match_record()
[PATCH v3 0/9] Reintrodce Hornet LSM
2026-03-31 23:49 UTC (16+ messages)
` [PATCH v3 1/9] crypto: pkcs7: add flag for validated trust on a signed info block
` [PATCH v3 2/9] crypto: pkcs7: add ability to extract signed attributes by OID
` [PATCH v3 3/9] crypto: pkcs7: add tests for pkcs7_get_authattr
` [PATCH v3 4/9] lsm: framework for BPF integrity verification
` [PATCH v3 5/9] lsm: security: Add additional enum values for bpf integrity checks
` [PATCH v3 6/9] security: Hornet LSM
` [PATCH v3 7/9] hornet: Introduce gen_sig
` [PATCH v3 8/9] hornet: Add a light skeleton data extractor scripts
` [PATCH v3 9/9] selftests/hornet: Add a selftest for the Hornet LSM
[PATCH v3 0/2] Fix incorrect overlayfs mmap() and mprotect() LSM access controls
2026-03-31 2:13 UTC (7+ messages)
` [PATCH v3 1/2] lsm: add backing_file LSM hooks
` [PATCH v3 2/2] selinux: fix overlayfs mmap() and mprotect() access checks
[PATCH 0/7] lsm: Replace security_sb_mount with granular mount hooks
2026-03-30 20:04 UTC (19+ messages)
` [PATCH 6/7] tomoyo: Convert from sb_mount to "
[PATCH RESEND] apparmor: Fix string overrun due to missing termination
2026-03-27 11:58 UTC
[PATCH v3 0/8] module: Move 'struct module_signature' to UAPI
2026-03-26 20:06 UTC (2+ messages)
[GIT PULL] Landlock fix for v7.0-rc6
2026-03-26 19:48 UTC (2+ messages)
[PATCH v2] KEYS: trusted: Debugging as a feature
2026-03-26 17:04 UTC (2+ messages)
[RFC PATCH v2 0/2] Fix incorrect overlayfs mmap() and mprotect() LSM access controls
2026-03-26 14:14 UTC (5+ messages)
` [RFC PATCH v2 1/2] lsm: add backing_file LSM hooks
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox