Kernel Hardening
[Prev Page][Next Page]
- [PATCH v20 0/6] Script execution control (was O_MAYEXEC),
Mickaël Salaün
- [RFC PATCH v19 0/5] Script execution control (was O_MAYEXEC),
Mickaël Salaün
- [ANNOUNCE] CFP: Linux Security Summit Europe 2024, Reshetova, Elena
- [ANNOUNCE] CFP: Linux Security Summit North America 2024, James Morris
- [PATCH v3 0/1] Restrict access to TIOCLINUX,
Günther Noack
- [PATCH v2 0/1] Restrict access to TIOCLINUX,
Günther Noack
- [PATCH] slub: Introduce CONFIG_SLUB_RCU_DEBUG,
Jann Horn
- Re: [PATCH v3 0/5] Landlock: IOCTL support - TTY restrictions RFC, Mickaël Salaün
- [PATCH] sysctl: add config to make randomize_va_space RO,
Michael McCracken
- [ANNOUNCE] [CFP] Linux Security Summit Europe (LSS-EU), Reshetova, Elena
- Per-process flag set via prctl() to deny module loading?,
Topi Miettinen
- Re: [PATCH RFC] Randomized slab caches for kmalloc(), Gong Ruiqi
- [PATCH] Restrict access to TIOCLINUX,
Hanno Böck
- Re: [PATCH] mm/slab: always use cache from obj,
Vlastimil Babka
- RE: Linux guest kernel threat model for Confidential Computing,
Reshetova, Elena
- [ANNOUNCE] Linux Security Summit North Americ (LSS-NA) CfP, James Morris
- [PATCH] fs: Use CHECK_DATA_CORRUPTION() when kernel bugs are detected,
Jann Horn
- Isolating abstract sockets,
Stefan Bavendiek
- Reducing runtime complexity,
Stefan Bavendiek
- [PATCH] exit: Put an upper limit on how often we can oops,
Jann Horn
- [Self-introduction] - Paulo Almeida,
Paulo Miguel Almeida
- [PATCH v2] stack: Declare {randomize_,}kstack_offset to fix Sparse warnings,
GONG, Ruiqi
- [PATCH] stack: Declare {randomize_,}kstack_offset to fix Sparse warnings,
GONG, Ruiqi
- Re: Possibility of merge of disable icotl TIOCSTI patch,
Yann Droneaud
- [ANNOUNCE][CFP] Linux Security Summit Europe 2022, Reshetova, Elena
- [PATCH] Decouple slub_debug= from no_hash_pointers again,
Peter Gerber
- Kernel Self Protection Project: slub_debug=ZF,
Peter Gerber
- OOB accesses in ax88179_rx_fixup() (in USB network card driver) - variants,
Marcin Kozlowski
- CVE Proofs of Concept, Derrick McKee
- Large post detailing recent Linux RNG improvements,
Jason A. Donenfeld
- [ANNOUNCE][CFP] Linux Security Summit North America 2022,
James Morris
- [PATCH] Add ability to disallow idmapped mounts,
Anton V. Boyarshinov
- [PATCH v3 1/3] x86: Implement arch_prctl(ARCH_VSYSCALL_CONTROL) to disable vsyscall,
Florian Weimer
- [PATCH v18 0/4] Add trusted_for(2) (was O_MAYEXEC),
Mickaël Salaün
- [PATCH v2] x86: Implement arch_prctl(ARCH_VSYSCALL_CONTROL) to disable vsyscall,
Florian Weimer
- [PATCH] net: prestera: replace zero-length array with flexible-array member,
José Expósito
- [PATCH] x86: Implement arch_prctl(ARCH_VSYSCALL_LOCKOUT) to disable vsyscall,
Florian Weimer
- I'm Jordan; New Kernel Developer Here!, jordan
- [PATCH v17 0/3] Add trusted_for(2) (was O_MAYEXEC),
Mickaël Salaün
- [PATCH v16 0/3] Add trusted_for(2) (was O_MAYEXEC),
Mickaël Salaün
- [PATCH v2 0/2] Introduce the pkill_on_warn parameter,
Alexander Popov
- [no subject],
jannh
- [PATCH v15 0/3] Add trusted_for(2) (was O_MAYEXEC),
Mickaël Salaün
- [PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC),
Mickaël Salaün
- [PATCH v13 0/3] Add trusted_for(2) (was O_MAYEXEC),
Mickaël Salaün
- [PATCH] Introduce the pkill_on_warn boot parameter,
Alexander Popov
- Re: [PATCH] Introduce the pkill_on_warn boot parameter, Andrew Morton
Re: [PATCH] Introduce the pkill_on_warn boot parameter, Dave Hansen
Re: [PATCH] Introduce the pkill_on_warn boot parameter, Al Viro
Self introduction, Tad
Re: Landlock news #1, Mickaël Salaün
[RFC PATCH v2 00/19] PKS write protected page tables,
Rick Edgecombe
- [RFC PATCH v2 08/19] x86/mm/cpa: Add get_grouped_page_atomic(), Rick Edgecombe
- [RFC PATCH v2 06/19] x86/mm/cpa: Add perm callbacks to grouped pages, Rick Edgecombe
- [RFC PATCH v2 10/19] x86/mm: Use alloc_table() for fill_pte(), etc, Rick Edgecombe
- [RFC PATCH v2 02/19] list: Support list head not in object for list_lru, Rick Edgecombe
- [RFC PATCH v2 01/19] list: Support getting most recent element in list_lru, Rick Edgecombe
- [RFC PATCH v2 07/19] x86/cpufeatures: Add feature for pks tables, Rick Edgecombe
- [RFC PATCH v2 11/19] mm/sparsemem: Use alloc_table() for table allocations, Rick Edgecombe
- [RFC PATCH v2 04/19] mm: Explicitly zero page table lock ptr, Rick Edgecombe
- [RFC PATCH v2 03/19] x86/mm/cpa: Add grouped page allocations, Rick Edgecombe
- [RFC PATCH v2 05/19] x86, mm: Use cache of page tables, Rick Edgecombe
- [RFC PATCH v2 09/19] x86/mm: Support GFP_ATOMIC in alloc_table_node(), Rick Edgecombe
- [RFC PATCH v2 13/19] mm/debug_vm_page_table: Use setters instead of WRITE_ONCE, Rick Edgecombe
- [RFC PATCH v2 12/19] x86/mm: Use free_table in unmap path, Rick Edgecombe
- [RFC PATCH v2 15/19] x86/mm/cpa: Add set_memory_pks(), Rick Edgecombe
- [RFC PATCH v2 16/19] x86/mm: Protect page tables with PKS, Rick Edgecombe
- [RFC PATCH v2 14/19] x86/efi: Toggle table protections when copying, Rick Edgecombe
- [RFC PATCH v2 18/19] x86/mm: Add PKS table soft mode, Rick Edgecombe
- [RFC PATCH v2 17/19] x86/mm/cpa: PKS protect direct map page tables, Rick Edgecombe
- [RFC PATCH v2 19/19] x86/mm: Add PKS table debug checking, Rick Edgecombe
- Re: [RFC PATCH v2 00/19] PKS write protected page tables, Kees Cook
- Re: [RFC PATCH v2 00/19] PKS write protected page tables, Boris Lukashev
Re: [PATCH v11 5/9] Reimplement RLIMIT_MSGQUEUE on top of ucounts,
Ma, XinjianX
Re: [PATCH v8 3/8] security/brute: Detect a brute force attack,
Alexander Lobakin
[PATCH 1/2] seq_buf: fix overflow in seq_buf_putmem_hex(),
Yun Zhou
[PATCH 1/2] seq_buf: fix overflow when length is bigger than 8,
Yun Zhou
[PATCH] seq_buf: let seq_buf_putmem_hex support len larger than 8,
Yun Zhou
Re: [syzbot] KASAN: use-after-free Read in hci_chan_del, syzbot
Re: KASAN: use-after-free Read in hci_chan_del,
Jason A. Donenfeld
Re: [PATCH v4] bpf: core: fix shift-out-of-bounds in ___bpf_prog_run,
Dmitry Vyukov
[PATCH v8 0/8] Fork brute force attack mitigation,
John Wood
[PATCH v7 0/7] Fork brute force attack mitigation,
John Wood
New mailing list for Landlock LSM user space discussions, Mickaël Salaün
[PATCH RFC 0/9] PKS write protected page tables,
Rick Edgecombe
- [PATCH RFC 1/9] list: Support getting most recent element in list_lru, Rick Edgecombe
- [PATCH RFC 4/9] mm: Explicitly zero page table lock ptr, Rick Edgecombe
- [PATCH RFC 6/9] x86/mm/cpa: Add set_memory_pks(), Rick Edgecombe
- [PATCH RFC 3/9] x86/mm/cpa: Add grouped page allocations, Rick Edgecombe
- [PATCH RFC 2/9] list: Support list head not in object for list_lru, Rick Edgecombe
- [PATCH RFC 5/9] x86, mm: Use cache of page tables, Rick Edgecombe
- [PATCH RFC 9/9] x86, cpa: PKS protect direct map page tables, Rick Edgecombe
- [PATCH RFC 8/9] x86, mm: Protect page tables with PKS, Rick Edgecombe
- [PATCH RFC 7/9] x86/mm/cpa: Add perm callbacks to grouped pages, Rick Edgecombe
- Re: [PATCH RFC 0/9] PKS write protected page tables, Kees Cook
- Re: [PATCH RFC 0/9] PKS write protected page tables, Ira Weiny
- Re: [PATCH RFC 0/9] PKS write protected page tables, Vlastimil Babka
[PATCH v34 00/13] Landlock LSM,
Mickaël Salaün
- [PATCH v34 01/13] landlock: Add object management, Mickaël Salaün
- [PATCH v34 02/13] landlock: Add ruleset and domain management, Mickaël Salaün
- [PATCH v34 03/13] landlock: Set up the security framework and manage credentials, Mickaël Salaün
- [PATCH v34 04/13] landlock: Add ptrace restrictions, Mickaël Salaün
- [PATCH v34 05/13] LSM: Infrastructure management of the superblock, Mickaël Salaün
- [PATCH v34 06/13] fs,security: Add sb_delete hook, Mickaël Salaün
- [PATCH v34 07/13] landlock: Support filesystem access-control, Mickaël Salaün
- [PATCH v34 08/13] landlock: Add syscall implementations, Mickaël Salaün
- [PATCH v34 09/13] arch: Wire up Landlock syscalls, Mickaël Salaün
- [PATCH v34 10/13] selftests/landlock: Add user space tests, Mickaël Salaün
- [PATCH v34 11/13] samples/landlock: Add a sandbox manager example, Mickaël Salaün
- [PATCH v34 12/13] landlock: Add user and kernel documentation, Mickaël Salaün
- [PATCH v34 13/13] landlock: Enable user space to infer supported features, Mickaël Salaün
- Re: [PATCH v34 00/13] Landlock LSM, James Morris
[PATCH v11 0/9] Count rlimits in each user namespace,
legion
- [PATCH v11 1/9] Increase size of ucounts to atomic_long_t, legion
- [PATCH v11 2/9] Add a reference to ucounts for each cred, legion
- [PATCH v11 3/9] Use atomic_t for ucounts reference counting, legion
- [PATCH v11 4/9] Reimplement RLIMIT_NPROC on top of ucounts, legion
- [PATCH v11 5/9] Reimplement RLIMIT_MSGQUEUE on top of ucounts, legion
- [PATCH v11 6/9] Reimplement RLIMIT_SIGPENDING on top of ucounts, legion
- [PATCH v11 7/9] Reimplement RLIMIT_MEMLOCK on top of ucounts, legion
- [PATCH v11 8/9] kselftests: Add test to check for rlimit changes in different user namespaces, legion
- [PATCH v11 9/9] ucounts: Set ucount_max to the largest positive value the type can hold, legion
- Re: [PATCH v11 0/9] Count rlimits in each user namespace, Andrew Morton
Re: Notify special task kill using wait* functions,
John Wood
[PATCH v10 0/9] Count rlimits in each user namespace,
Alexey Gladkov
[PATCH v33 00/12] Landlock LSM,
Mickaël Salaün
[Index of Archives]
[Linux Samsung SoC]
[Linux Actions SoC]
[Linux Rockchip SoC]
[Linux for Synopsys ARC Processors]
[Linux USB Devel]
[Video for Linux]
[Linux SCSI]
[Yosemite Forum]