Kernel Hardening
[Prev Page][Next Page]
- [PATCH v33 06/12] fs,security: Add sb_delete hook, (continued)
- [PATCH v10 0/6] Optionally randomize kernel stack offset each syscall,
Kees Cook
- [PATCH v32 00/12] Landlock LSM,
Mickaël Salaün
- [PATCH v32 01/12] landlock: Add object management, Mickaël Salaün
- [PATCH v32 02/12] landlock: Add ruleset and domain management, Mickaël Salaün
- [PATCH v32 03/12] landlock: Set up the security framework and manage credentials, Mickaël Salaün
- [PATCH v32 04/12] landlock: Add ptrace restrictions, Mickaël Salaün
- [PATCH v32 05/12] LSM: Infrastructure management of the superblock, Mickaël Salaün
- [PATCH v32 06/12] fs,security: Add sb_delete hook, Mickaël Salaün
- [PATCH v32 07/12] landlock: Support filesystem access-control, Mickaël Salaün
- [PATCH v32 08/12] landlock: Add syscall implementations, Mickaël Salaün
- [PATCH v32 09/12] arch: Wire up Landlock syscalls, Mickaël Salaün
- [PATCH v32 10/12] selftests/landlock: Add user space tests, Mickaël Salaün
- [PATCH v32 11/12] samples/landlock: Add a sandbox manager example, Mickaël Salaün
- [PATCH v32 12/12] landlock: Add user and kernel documentation, Mickaël Salaün
- [PATCH v9 0/6] Optionally randomize kernel stack offset each syscall,
Kees Cook
- [PATCH v8 0/6] Optionally randomize kernel stack offset each syscall,
Kees Cook
- two potential randstruct improvements,
Jann Horn
- Re: [PATCH v5 1/1] fs: Allow no_new_privs tasks to call chroot(2),
Askar Safin
- [PATCH v31 00/12] Landlock LSM,
Mickaël Salaün
- [PATCH v31 01/12] landlock: Add object management, Mickaël Salaün
- [PATCH v31 02/12] landlock: Add ruleset and domain management, Mickaël Salaün
- [PATCH v31 03/12] landlock: Set up the security framework and manage credentials, Mickaël Salaün
- [PATCH v31 04/12] landlock: Add ptrace restrictions, Mickaël Salaün
- [PATCH v31 05/12] LSM: Infrastructure management of the superblock, Mickaël Salaün
- [PATCH v31 06/12] fs,security: Add sb_delete hook, Mickaël Salaün
- [PATCH v31 07/12] landlock: Support filesystem access-control, Mickaël Salaün
- [PATCH v31 08/12] landlock: Add syscall implementations, Mickaël Salaün
- [PATCH v31 09/12] arch: Wire up Landlock syscalls, Mickaël Salaün
- [PATCH v31 10/12] selftests/landlock: Add user space tests, Mickaël Salaün
- [PATCH v31 11/12] samples/landlock: Add a sandbox manager example, Mickaël Salaün
- [PATCH v31 12/12] landlock: Add user and kernel documentation, Mickaël Salaün
- [PATCH v9 0/8] Count rlimits in each user namespace,
Alexey Gladkov
- [PATCH v7 0/6] Optionally randomize kernel stack offset each syscall,
Kees Cook
- [PATCH v30 00/12] Landlock LSM,
Mickaël Salaün
- [PATCH v30 01/12] landlock: Add object management, Mickaël Salaün
- [PATCH v30 02/12] landlock: Add ruleset and domain management, Mickaël Salaün
- [PATCH v30 03/12] landlock: Set up the security framework and manage credentials, Mickaël Salaün
- [PATCH v30 04/12] landlock: Add ptrace restrictions, Mickaël Salaün
- [PATCH v30 05/12] LSM: Infrastructure management of the superblock, Mickaël Salaün
- [PATCH v30 06/12] fs,security: Add sb_delete hook, Mickaël Salaün
- [PATCH v30 07/12] landlock: Support filesystem access-control, Mickaël Salaün
- [PATCH v30 08/12] landlock: Add syscall implementations, Mickaël Salaün
- [PATCH v30 09/12] arch: Wire up Landlock syscalls, Mickaël Salaün
- [PATCH v30 10/12] selftests/landlock: Add user space tests, Mickaël Salaün
- [PATCH v30 11/12] samples/landlock: Add a sandbox manager example, Mickaël Salaün
- [PATCH v30 12/12] landlock: Add user and kernel documentation, Mickaël Salaün
- Re: [PATCH v30 00/12] Landlock LSM, James Morris
- [PATCH v5 0/1] Unprivileged chroot,
Mickaël Salaün
- [PATCH v4 0/1] Unprivileged chroot,
Mickaël Salaün
- [PATCH v6 0/6] Optionally randomize kernel stack offset each syscall,
Kees Cook
- [PATCH v3 0/1] Unprivileged chroot,
Mickaël Salaün
- [PATCH v2 0/1] Unprivileged chroot,
Mickaël Salaün
- [PATCH v1 0/1] Unprivileged chroot,
Mickaël Salaün
- [PATCH v8 0/8] Count rlimits in each user namespace,
Alexey Gladkov
- [PATCH v5 0/7] Optionally randomize kernel stack offset each syscall,
Kees Cook
- [PATCH v6 0/8] Fork brute force attack mitigation,
John Wood
- [PATCH v5 0/8] Fork brute force attack mitigation,
John Wood
- [PATCH v4 0/8] Fork brute force attack mitigation,
John Wood
- [PATCH v29 00/12] Landlock LSM,
Mickaël Salaün
- [PATCH v29 01/12] landlock: Add object management, Mickaël Salaün
- [PATCH v29 02/12] landlock: Add ruleset and domain management, Mickaël Salaün
- [PATCH v29 03/12] landlock: Set up the security framework and manage credentials, Mickaël Salaün
- [PATCH v29 04/12] landlock: Add ptrace restrictions, Mickaël Salaün
- [PATCH v29 05/12] LSM: Infrastructure management of the superblock, Mickaël Salaün
- [PATCH v29 06/12] fs,security: Add sb_delete hook, Mickaël Salaün
- [PATCH v29 07/12] landlock: Support filesystem access-control, Mickaël Salaün
- [PATCH v29 08/12] landlock: Add syscall implementations, Mickaël Salaün
- [PATCH v29 09/12] arch: Wire up Landlock syscalls, Mickaël Salaün
- [PATCH v29 10/12] selftests/landlock: Add user space tests, Mickaël Salaün
- [PATCH v29 11/12] samples/landlock: Add a sandbox manager example, Mickaël Salaün
- [PATCH v29 12/12] landlock: Add user and kernel documentation, Mickaël Salaün
- [PATCH v1 1/1] Kernel Config to make randomize_va_space read-only.,
Lan Zheng (lanzheng)
- [PATCH 00/20] Manual replacement of all strlcpy in favor of strscpy,
Romain Perier
- [PATCH 01/20] cgroup: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 02/20] crypto: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 03/20] devlink: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 04/20] dma-buf: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 05/20] kobject: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 06/20] ima: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 07/20] SUNRPC: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 08/20] kernfs: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 09/20] m68k/atari: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 10/20] module: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 11/20] hwmon: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 12/20] s390/hmcdrv: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 13/20] scsi: zfcp: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 14/20] target: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 15/20] ALSA: usb-audio: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 16/20] tracing/probe: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 17/20] vt: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 18/20] usb: gadget: f_midi: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 19/20] usbip: usbip_host: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- [PATCH 20/20] s390/watchdog: Manual replacement of the deprecated strlcpy() with return values, Romain Perier
- Re: [PATCH 00/20] Manual replacement of all strlcpy in favor of strscpy, Shuah Khan
- [PATCH v7 0/7] Count rlimits in each user namespace,
Alexey Gladkov
- [PATCH v6 0/7] Count rlimits in each user namespace,
Alexey Gladkov
- Fine-grained Forward CFI on top of Intel CET / IBT,
Joao Moreira
- [ANNOUNCE][CFP] Linux Security Summit 2021,
James Morris
- Joining the general Linux kernel hardening mailing list, Guy L
- [PATCH v28 00/12] Landlock LSM,
Mickaël Salaün
- [PATCH v28 01/12] landlock: Add object management, Mickaël Salaün
- [PATCH v28 02/12] landlock: Add ruleset and domain management, Mickaël Salaün
- [PATCH v28 03/12] landlock: Set up the security framework and manage credentials, Mickaël Salaün
- [PATCH v28 04/12] landlock: Add ptrace restrictions, Mickaël Salaün
- [PATCH v28 05/12] LSM: Infrastructure management of the superblock, Mickaël Salaün
- [PATCH v28 06/12] fs,security: Add sb_delete hook, Mickaël Salaün
- [PATCH v28 07/12] landlock: Support filesystem access-control, Mickaël Salaün
- [PATCH v28 08/12] landlock: Add syscall implementations, Mickaël Salaün
- [PATCH v28 09/12] arch: Wire up Landlock syscalls, Mickaël Salaün
- [PATCH v28 10/12] selftests/landlock: Add user space tests, Mickaël Salaün
- [PATCH v28 11/12] samples/landlock: Add a sandbox manager example, Mickaël Salaün
- [PATCH v28 12/12] landlock: Add user and kernel documentation, Mickaël Salaün
- forkat(int pidfd), execveat(int pidfd), other awful things?,
Jason A. Donenfeld
- Re: forkat(int pidfd), execveat(int pidfd), other awful things?, Jason A. Donenfeld
- Re: forkat(int pidfd), execveat(int pidfd), other awful things?, Andy Lutomirski
- Re: forkat(int pidfd), execveat(int pidfd), other awful things?, Casey Schaufler
- Re: forkat(int pidfd), execveat(int pidfd), other awful things?, Christian Brauner
- [PATCH v5 0/7] Count rlimits in each user namespace,
Alexey Gladkov
- [PATCH v4 0/7] Count rlimits in each user namespace,
Alexey Gladkov
- [PATCH v27 00/12] Landlock LSM,
Mickaël Salaün
- [PATCH v27 01/12] landlock: Add object management, Mickaël Salaün
- [PATCH v27 02/12] landlock: Add ruleset and domain management, Mickaël Salaün
- [PATCH v27 03/12] landlock: Set up the security framework and manage credentials, Mickaël Salaün
- [PATCH v27 04/12] landlock: Add ptrace restrictions, Mickaël Salaün
- [PATCH v27 05/12] LSM: Infrastructure management of the superblock, Mickaël Salaün
- [PATCH v27 06/12] fs,security: Add sb_delete hook, Mickaël Salaün
- [PATCH v27 07/12] landlock: Support filesystem access-control, Mickaël Salaün
- [PATCH v27 08/12] landlock: Add syscall implementations, Mickaël Salaün
- [PATCH v27 09/12] arch: Wire up Landlock syscalls, Mickaël Salaün
- [PATCH v27 11/12] samples/landlock: Add a sandbox manager example, Mickaël Salaün
- [PATCH v27 10/12] selftests/landlock: Add user space tests, Mickaël Salaün
- [PATCH v27 12/12] landlock: Add user and kernel documentation, Mickaël Salaün
- [PATCH kspp-next] kbuild: prevent CC_FLAGS_LTO self-bloating on recursive rebuilds,
Alexander Lobakin
- [RFC PATCH v3 0/8] Count rlimits in each user namespace,
Alexey Gladkov
- linux-hardening list archive, Solar Designer
- [RFC PATCH v2 0/8] Count rlimits in each user namespace,
Alexey Gladkov
- Re: [PATCH v2] bug: further enhance use of CHECK_DATA_CORRUPTION, Josh Poimboeuf
- [PATCH 04/13] x86/extable: Introduce _ASM_EXTABLE_UA for uaccess fixups,
Wetp Zhang
- Kernel complexity,
stefan . bavendiek
- [PATCH v9 00/16] Add support for Clang LTO,
Sami Tolvanen
- [PATCH v9 01/16] tracing: move function tracer options to Kconfig, Sami Tolvanen
- [PATCH v9 02/16] kbuild: add support for Clang LTO, Sami Tolvanen
- [PATCH v9 03/16] kbuild: lto: fix module versioning, Sami Tolvanen
- [PATCH v9 04/16] kbuild: lto: limit inlining, Sami Tolvanen
- [PATCH v9 05/16] kbuild: lto: merge module sections, Sami Tolvanen
- [PATCH v9 06/16] kbuild: lto: add a default list of used symbols, Sami Tolvanen
- [PATCH v9 07/16] init: lto: ensure initcall ordering, Sami Tolvanen
- [PATCH v9 08/16] init: lto: fix PREL32 relocations, Sami Tolvanen
- [PATCH v9 09/16] PCI: Fix PREL32 relocations for LTO, Sami Tolvanen
- [PATCH v9 10/16] modpost: lto: strip .lto from module names, Sami Tolvanen
- [PATCH v9 11/16] scripts/mod: disable LTO for empty.c, Sami Tolvanen
- [PATCH v9 12/16] efi/libstub: disable LTO, Sami Tolvanen
- [PATCH v9 13/16] drivers/misc/lkdtm: disable LTO for rodata.o, Sami Tolvanen
- [PATCH v9 14/16] arm64: vdso: disable LTO, Sami Tolvanen
- [PATCH v9 15/16] arm64: disable recordmcount with DYNAMIC_FTRACE_WITH_REGS, Sami Tolvanen
- [PATCH v9 16/16] arm64: allow LTO to be selected, Sami Tolvanen
- Re: [PATCH v9 00/16] Add support for Clang LTO, Kees Cook
- Re: [PATCH v9 00/16] Add support for Clang LTO, Kees Cook
- Re: [PATCH v9 00/16] Add support for Clang LTO, Sedat Dilek
- [PATCH v26 00/12] Landlock LSM,
Mickaël Salaün
- [PATCH v26 01/12] landlock: Add object management, Mickaël Salaün
- [PATCH v26 02/12] landlock: Add ruleset and domain management, Mickaël Salaün
- [PATCH v26 03/12] landlock: Set up the security framework and manage credentials, Mickaël Salaün
- [PATCH v26 04/12] landlock: Add ptrace restrictions, Mickaël Salaün
- [PATCH v26 05/12] LSM: Infrastructure management of the superblock, Mickaël Salaün
- [PATCH v26 06/12] fs,security: Add sb_delete hook, Mickaël Salaün
- [PATCH v26 07/12] landlock: Support filesystem access-control, Mickaël Salaün
- [PATCH v26 08/12] landlock: Add syscall implementations, Mickaël Salaün
- [PATCH v26 09/12] arch: Wire up Landlock syscalls, Mickaël Salaün
- [PATCH v26 10/12] selftests/landlock: Add user space tests, Mickaël Salaün
- [PATCH v26 11/12] samples/landlock: Add a sandbox manager example, Mickaël Salaün
- [PATCH v26 12/12] landlock: Add user and kernel documentation, Mickaël Salaün
- Re: [PATCH v26 00/12] Landlock LSM, Jann Horn
- [PRE-REVIEW PATCH 0/2] Remove all strlcpy in favor of strscpy,
Romain Perier
- [PATCH v12 0/3] Add trusted_for(2) (was O_MAYEXEC),
Mickaël Salaün
- [PATCH v8 00/16] Add support for Clang LTO,
Sami Tolvanen
- [PATCH v8 01/16] tracing: move function tracer options to Kconfig, Sami Tolvanen
- [PATCH v8 02/16] kbuild: add support for Clang LTO, Sami Tolvanen
- [PATCH v8 03/16] kbuild: lto: fix module versioning, Sami Tolvanen
- [PATCH v8 04/16] kbuild: lto: limit inlining, Sami Tolvanen
- [PATCH v8 05/16] kbuild: lto: merge module sections, Sami Tolvanen
- [PATCH v8 06/16] kbuild: lto: remove duplicate dependencies from .mod files, Sami Tolvanen
- [PATCH v8 07/16] init: lto: ensure initcall ordering, Sami Tolvanen
- [PATCH v8 08/16] init: lto: fix PREL32 relocations, Sami Tolvanen
- [PATCH v8 09/16] PCI: Fix PREL32 relocations for LTO, Sami Tolvanen
- [PATCH v8 10/16] modpost: lto: strip .lto from module names, Sami Tolvanen
- [PATCH v8 11/16] scripts/mod: disable LTO for empty.c, Sami Tolvanen
- [PATCH v8 12/16] efi/libstub: disable LTO, Sami Tolvanen
- [PATCH v8 13/16] drivers/misc/lkdtm: disable LTO for rodata.o, Sami Tolvanen
- [PATCH v8 14/16] arm64: vdso: disable LTO, Sami Tolvanen
- [PATCH v8 15/16] arm64: disable recordmcount with DYNAMIC_FTRACE_WITH_REGS, Sami Tolvanen
- [PATCH v8 16/16] arm64: allow LTO to be selected, Sami Tolvanen
- Re: [PATCH v8 00/16] Add support for Clang LTO, Nick Desaulniers
- Re: [PATCH v8 00/16] Add support for Clang LTO, Will Deacon
- Re: [PATCH v8 00/16] Add support for Clang LTO, Arnd Bergmann
- [PATCH v25 00/12] Landlock LSM,
Mickaël Salaün
[Index of Archives]
[Linux Samsung SoC]
[Linux Actions SoC]
[Linux Rockchip SoC]
[Linux for Synopsys ARC Processors]
[Linux USB Devel]
[Video for Linux]
[Linux SCSI]
[Yosemite Forum]