Kernel Hardening

Date Index

Re: [PATCH v2 09/28] kbuild: add support for Clang LTO, (continued)
[PATCH v2 0/5] Improvements of the stackleak gcc plugin, Alexander Popov
- [PATCH v2 1/5] gcc-plugins/stackleak: Don't instrument itself, Alexander Popov
  - Re: [PATCH v2 1/5] gcc-plugins/stackleak: Don't instrument itself, Kees Cook
- [PATCH v2 2/5] ARM: vdso: Don't use gcc plugins for building vgettimeofday.c, Alexander Popov
  - Re: [PATCH v2 2/5] ARM: vdso: Don't use gcc plugins for building vgettimeofday.c, Luis Chamberlain
    - Re: [PATCH v2 2/5] ARM: vdso: Don't use gcc plugins for building vgettimeofday.c, Alexander Popov
  - Re: [PATCH v2 2/5] ARM: vdso: Don't use gcc plugins for building vgettimeofday.c, Kees Cook
- [PATCH v2 3/5] arm64: vdso: Don't use gcc plugins for building vgettimeofday.c, Alexander Popov
  - Re: [PATCH v2 3/5] arm64: vdso: Don't use gcc plugins for building vgettimeofday.c, Will Deacon
  - Re: [PATCH v2 3/5] arm64: vdso: Don't use gcc plugins for building vgettimeofday.c, Kees Cook
- [PATCH v2 4/5] gcc-plugins/stackleak: Use asm instrumentation to avoid useless register saving, Alexander Popov
- [PATCH v2 5/5] gcc-plugins/stackleak: Add 'verbose' plugin parameter, Alexander Popov
  - Re: [PATCH v2 5/5] gcc-plugins/stackleak: Add 'verbose' plugin parameter, Luis Chamberlain
    - Re: [PATCH v2 5/5] gcc-plugins/stackleak: Add 'verbose' plugin parameter, Alexander Popov
      - Re: [PATCH v2 5/5] gcc-plugins/stackleak: Add 'verbose' plugin parameter, Kees Cook
  - Re: [PATCH v2 5/5] gcc-plugins/stackleak: Add 'verbose' plugin parameter, Kees Cook
- Re: [PATCH v2 0/5] Improvements of the stackleak gcc plugin, Will Deacon
[PATCH v3 00/10] Function Granular KASLR, Kristen Carlson Accardi
- [PATCH v3 01/10] objtool: Do not assume order of parent/child functions, Kristen Carlson Accardi
  - Re: [PATCH v3 01/10] objtool: Do not assume order of parent/child functions, Josh Poimboeuf
- [PATCH v3 02/10] x86: tools/relocs: Support >64K section headers, Kristen Carlson Accardi
- [PATCH v3 03/10] x86/boot: Allow a "silent" kaslr random byte fetch, Kristen Carlson Accardi
- [PATCH v3 04/10] x86: Makefile: Add build and config option for CONFIG_FG_KASLR, Kristen Carlson Accardi
- [PATCH v3 05/10] x86: Make sure _etext includes function sections, Kristen Carlson Accardi
  - Re: [PATCH v3 05/10] x86: Make sure _etext includes function sections, Kees Cook
- [PATCH v3 06/10] x86/tools: Add relative relocs for randomized functions, Kristen Carlson Accardi
- [PATCH v3 07/10] x86/boot/compressed: change definition of STATIC, Kristen Carlson Accardi
  - Re: [PATCH v3 07/10] x86/boot/compressed: change definition of STATIC, Kees Cook
- [PATCH v3 08/10] x86: Add support for function granular KASLR, Kristen Carlson Accardi
  - Re: [PATCH v3 08/10] x86: Add support for function granular KASLR, Kees Cook
- [PATCH v3 09/10] kallsyms: Hide layout, Kristen Carlson Accardi
  - Re: [PATCH v3 09/10] kallsyms: Hide layout, Kees Cook
  - Re: [PATCH v3 09/10] kallsyms: Hide layout, Kees Cook
  - Re: [PATCH v3 09/10] kallsyms: Hide layout, Jann Horn
    - Re: [PATCH v3 09/10] kallsyms: Hide layout, Kees Cook
      - Re: [PATCH v3 09/10] kallsyms: Hide layout, Kristen Carlson Accardi
      - Re: [PATCH v3 09/10] kallsyms: Hide layout, Kristen Carlson Accardi
        
        RE: [PATCH v3 09/10] kallsyms: Hide layout, Luck, Tony
        
        Re: [PATCH v3 09/10] kallsyms: Hide layout, Kristen Carlson Accardi
- [PATCH v3 10/10] module: Reorder functions, Kristen Carlson Accardi
- Re: [PATCH v3 00/10] Function Granular KASLR, Kees Cook
[RFC PATCH v2] arm64/acpi: disallow AML memory opregions to access kernel memory, Ard Biesheuvel
- Re: [RFC PATCH v2] arm64/acpi: disallow AML memory opregions to access kernel memory, Lorenzo Pieralisi
  - Re: [RFC PATCH v2] arm64/acpi: disallow AML memory opregions to access kernel memory, Ard Biesheuvel
    - Re: [RFC PATCH v2] arm64/acpi: disallow AML memory opregions to access kernel memory, Will Deacon
      - Re: [RFC PATCH v2] arm64/acpi: disallow AML memory opregions to access kernel memory, Will Deacon
        
        Re: [RFC PATCH v2] arm64/acpi: disallow AML memory opregions to access kernel memory, Ard Biesheuvel
Kernel hardening project suggestion: Normalizing ->ctor slabs and TYPESAFE_BY_RCU slabs, Jann Horn
- Re: Kernel hardening project suggestion: Normalizing ->ctor slabs and TYPESAFE_BY_RCU slabs, Dmitry Vyukov
  - Re: Kernel hardening project suggestion: Normalizing ->ctor slabs and TYPESAFE_BY_RCU slabs, Marco Elver
    - Re: Kernel hardening project suggestion: Normalizing ->ctor slabs and TYPESAFE_BY_RCU slabs, Alexander Potapenko
      - Re: Kernel hardening project suggestion: Normalizing ->ctor slabs and TYPESAFE_BY_RCU slabs, Dmitry Vyukov
        
        Re: Kernel hardening project suggestion: Normalizing ->ctor slabs and TYPESAFE_BY_RCU slabs, Alexander Potapenko
        
        Re: Kernel hardening project suggestion: Normalizing ->ctor slabs and TYPESAFE_BY_RCU slabs, Dmitry Vyukov
        
        Re: Kernel hardening project suggestion: Normalizing ->ctor slabs and TYPESAFE_BY_RCU slabs, Alexander Potapenko
- Re: Kernel hardening project suggestion: Normalizing ->ctor slabs and TYPESAFE_BY_RCU slabs, Jann Horn
[PATCH v4 0/5] Optionally randomize kernel stack offset each syscall, Kees Cook
- [PATCH v4 4/5] x86/entry: Enable random_kstack_offset support, Kees Cook
- [PATCH v4 1/5] jump_label: Provide CONFIG-driven build state defaults, Kees Cook
- [PATCH v4 2/5] init_on_alloc: Unpessimize default-on builds, Kees Cook
- [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Kees Cook
  - Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Randy Dunlap
    - Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Kees Cook
  - Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Jann Horn
    - Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Kees Cook
      - Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Jann Horn
        
        Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Kees Cook
  - Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Arvind Sankar
    - Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Kees Cook
      - Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Arvind Sankar
        
        Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Kees Cook
        
        RE: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, David Laight
  - Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall, Alexander Popov
- [PATCH v4 5/5] arm64: entry: Enable random_kstack_offset support, Kees Cook
  - Re: [PATCH v4 5/5] arm64: entry: Enable random_kstack_offset support, Mark Rutland
[RFC PATCH] arm64/acpi: disallow AML memory opregions to access kernel memory, Ard Biesheuvel
- Re: [RFC PATCH] arm64/acpi: disallow AML memory opregions to access kernel memory, Jason A. Donenfeld
  - Re: [RFC PATCH] arm64/acpi: disallow AML memory opregions to access kernel memory, Jason A. Donenfeld
- Re: [RFC PATCH] arm64/acpi: disallow AML memory opregions to access kernel memory, Will Deacon
  - Re: [RFC PATCH] arm64/acpi: disallow AML memory opregions to access kernel memory, Ard Biesheuvel
    - Re: [RFC PATCH] arm64/acpi: disallow AML memory opregions to access kernel memory, Will Deacon
[kvm-unit-tests PATCH v2] x86: Add control register pinning tests, John Andersen
[kvm-unit-tests RESEND PATCH] x86: Add control register pinning tests, John Andersen
[kvm-unit-tests PATCH] x86: Add control register pinning tests, John Andersen
- Re: [kvm-unit-tests PATCH] x86: Add control register pinning tests, Nadav Amit
  - Re: [kvm-unit-tests PATCH] x86: Add control register pinning tests, Nadav Amit
    - Re: [kvm-unit-tests PATCH] x86: Add control register pinning tests, Andersen, John
      - Re: [kvm-unit-tests PATCH] x86: Add control register pinning tests, Nadav Amit
        
        Re: [kvm-unit-tests PATCH] x86: Add control register pinning tests, Andersen, John
[PATCH] tracing: Use linker magic instead of recasting ftrace_ops_list_func(), Steven Rostedt
- Re: [PATCH] tracing: Use linker magic instead of recasting ftrace_ops_list_func(), Jann Horn
  - Re: [PATCH] tracing: Use linker magic instead of recasting ftrace_ops_list_func(), Steven Rostedt
    - Re: [PATCH] tracing: Use linker magic instead of recasting ftrace_ops_list_func(), Jann Horn
      - Re: [PATCH] tracing: Use linker magic instead of recasting ftrace_ops_list_func(), Steven Rostedt
        
        Re: [PATCH] tracing: Use linker magic instead of recasting ftrace_ops_list_func(), Jann Horn
- Re: [PATCH] tracing: Use linker magic instead of recasting ftrace_ops_list_func(), kernel test robot
- Re: [PATCH] tracing: Use linker magic instead of recasting ftrace_ops_list_func(), kernel test robot
[PATCH 0/4] Paravirtualized Control Register pinning, John Andersen
- [PATCH 1/4] X86: Update mmu_cr4_features during feature identification, John Andersen
  - Re: [PATCH 1/4] X86: Update mmu_cr4_features during feature identification, Dave Hansen
- [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, John Andersen
  - Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Dave Hansen
    - Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Andersen, John
      - Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Dave Hansen
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Sean Christopherson
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Dave Hansen
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Paolo Bonzini
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Andersen, John
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Dave Hansen
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Andy Lutomirski
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Dave Hansen
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Andy Lutomirski
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Andersen, John
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Andersen, John
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Sean Christopherson
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Andersen, John
        
        Re: [PATCH 2/4] KVM: x86: Introduce paravirt feature CR0/CR4 pinning, Kees Cook
- [PATCH 3/4] selftests: kvm: add test for CR pinning with SMM, John Andersen
- [PATCH 4/4] X86: Use KVM CR pin MSRs, John Andersen
  - Re: [PATCH 4/4] X86: Use KVM CR pin MSRs, Dave Hansen
    - Re: [PATCH 4/4] X86: Use KVM CR pin MSRs, Andersen, John
      - Re: [PATCH 4/4] X86: Use KVM CR pin MSRs, Dave Hansen
        
        Re: [PATCH 4/4] X86: Use KVM CR pin MSRs, Andersen, John
  - Re: [PATCH 4/4] X86: Use KVM CR pin MSRs, Andy Lutomirski
    - Re: [PATCH 4/4] X86: Use KVM CR pin MSRs, Andersen, John
      - Re: [PATCH 4/4] X86: Use KVM CR pin MSRs, Andersen, John
        
        Re: [PATCH 4/4] X86: Use KVM CR pin MSRs, Arvind Sankar
lockdown bypass on mainline kernel for loading unsigned modules, Jason A. Donenfeld
- [PATCH] acpi: disallow loading configfs acpi tables when locked down, Jason A. Donenfeld
  - Re: [PATCH] acpi: disallow loading configfs acpi tables when locked down, Jason A. Donenfeld
    - Re: [PATCH] acpi: disallow loading configfs acpi tables when locked down, Ard Biesheuvel
      - Re: [PATCH] acpi: disallow loading configfs acpi tables when locked down, Jason A. Donenfeld
      - RE: [PATCH] acpi: disallow loading configfs acpi tables when locked down, Kaneda, Erik
    - Re: [PATCH] acpi: disallow loading configfs acpi tables when locked down, Rafael J. Wysocki
- Re: [oss-security] lockdown bypass on mainline kernel for loading unsigned modules, John Haxby
  - Re: [oss-security] lockdown bypass on mainline kernel for loading unsigned modules, Jann Horn
    - Re: [oss-security] lockdown bypass on mainline kernel for loading unsigned modules, Jason A. Donenfeld
Re: [RFC] io_uring: add restrictions to support untrusted applications and guests, Jann Horn
- Re: [RFC] io_uring: add restrictions to support untrusted applications and guests, Stefano Garzarella
  - Re: [RFC] io_uring: add restrictions to support untrusted applications and guests, Jens Axboe
    - Re: [RFC] io_uring: add restrictions to support untrusted applications and guests, Stefano Garzarella
      - Re: [RFC] io_uring: add restrictions to support untrusted applications and guests, Jann Horn
        
        Re: [RFC] io_uring: add restrictions to support untrusted applications and guests, Stefano Garzarella
      - Re: [RFC] io_uring: add restrictions to support untrusted applications and guests, Jens Axboe
        
        Re: [RFC] io_uring: add restrictions to support untrusted applications and guests, Stefano Garzarella
- Re: [RFC] io_uring: add restrictions to support untrusted applications and guests, Christian Brauner
  - Re: [RFC] io_uring: add restrictions to support untrusted applications and guests, Jann Horn
[PATCH] ata: Eliminate usage of uninitialized_var() macro, Jason Yan
[PATCH] f2fs: Eliminate usage of uninitialized_var() macro, Jason Yan
- Re: [f2fs-dev] [PATCH] f2fs: Eliminate usage of uninitialized_var() macro, Chao Yu
  - Re: [f2fs-dev] [PATCH] f2fs: Eliminate usage of uninitialized_var() macro, Jason Yan
- <Possible follow-ups>
- [PATCH] f2fs: Eliminate usage of uninitialized_var() macro, Jason Yan
  - Re: [PATCH] f2fs: Eliminate usage of uninitialized_var() macro, Chao Yu
  - Re: [PATCH] f2fs: Eliminate usage of uninitialized_var() macro, Kees Cook
[PATCH] erofs: Eliminate usage of uninitialized_var() macro, Jason Yan
- Re: [PATCH] erofs: Eliminate usage of uninitialized_var() macro, Gao Xiang
  - Re: [PATCH] erofs: Eliminate usage of uninitialized_var() macro, Jason Yan
    - Re: [PATCH] erofs: Eliminate usage of uninitialized_var() macro, Gao Xiang
      - Re: [PATCH] erofs: Eliminate usage of uninitialized_var() macro, Chao Yu
[PATCH] ACPI: Eliminate usage of uninitialized_var() macro, Jason Yan
- Re: [PATCH] ACPI: Eliminate usage of uninitialized_var() macro, Rafael J. Wysocki
[PATCH] block: Eliminate usage of uninitialized_var() macro, Jason Yan
[PATCH] kernel/trace: Remove function callback casts, Oscar Carter
- Re: [PATCH] kernel/trace: Remove function callback casts, Steven Rostedt
  - Re: [PATCH] kernel/trace: Remove function callback casts, Steven Rostedt
    - Re: [PATCH] kernel/trace: Remove function callback casts, Steven Rostedt
      - Re: [PATCH] kernel/trace: Remove function callback casts, Oscar Carter
[PATCH AUTOSEL 5.6 103/606] gcc-common.h: Update for GCC 10, Sasha Levin
[PATCH 0/5] Improvements of the stackleak gcc plugin, Alexander Popov
- [PATCH 1/5] gcc-plugins/stackleak: Exclude alloca() from the instrumentation logic, Alexander Popov
  - Re: [PATCH 1/5] gcc-plugins/stackleak: Exclude alloca() from the instrumentation logic, Jann Horn
    - Re: [PATCH 1/5] gcc-plugins/stackleak: Exclude alloca() from the instrumentation logic, Alexander Popov
      - Re: [PATCH 1/5] gcc-plugins/stackleak: Exclude alloca() from the instrumentation logic, Kees Cook
        
        Re: [PATCH 1/5] gcc-plugins/stackleak: Exclude alloca() from the instrumentation logic, Alexander Popov
- [PATCH 2/5] gcc-plugins/stackleak: Use asm instrumentation to avoid useless register saving, Alexander Popov
  - Re: [PATCH 2/5] gcc-plugins/stackleak: Use asm instrumentation to avoid useless register saving, Miguel Ojeda
  - Re: [PATCH 2/5] gcc-plugins/stackleak: Use asm instrumentation to avoid useless register saving, Kees Cook
    - Re: [PATCH 2/5] gcc-plugins/stackleak: Use asm instrumentation to avoid useless register saving, Alexander Popov
      - Re: [PATCH 2/5] gcc-plugins/stackleak: Use asm instrumentation to avoid useless register saving, Kees Cook
        
        Re: [PATCH 2/5] gcc-plugins/stackleak: Use asm instrumentation to avoid useless register saving, Alexander Popov
- [PATCH 3/5] gcc-plugins/stackleak: Add 'verbose' plugin parameter, Alexander Popov
  - Re: [PATCH 3/5] gcc-plugins/stackleak: Add 'verbose' plugin parameter, Kees Cook
    - Re: [PATCH 3/5] gcc-plugins/stackleak: Add 'verbose' plugin parameter, Alexander Popov
      - Re: [PATCH 3/5] gcc-plugins/stackleak: Add 'verbose' plugin parameter, Kees Cook
- [PATCH 4/5] gcc-plugins/stackleak: Don't instrument itself, Alexander Popov
  - Re: [PATCH 4/5] gcc-plugins/stackleak: Don't instrument itself, Kees Cook
- [PATCH 5/5] gcc-plugins/stackleak: Don't instrument vgettimeofday.c in arm64 VDSO, Alexander Popov
  - Re: [PATCH 5/5] gcc-plugins/stackleak: Don't instrument vgettimeofday.c in arm64 VDSO, Will Deacon
    - Re: [PATCH 5/5] gcc-plugins/stackleak: Don't instrument vgettimeofday.c in arm64 VDSO, Jann Horn
      - Re: [PATCH 5/5] gcc-plugins/stackleak: Don't instrument vgettimeofday.c in arm64 VDSO, Alexander Popov
        
        Re: [PATCH 5/5] gcc-plugins/stackleak: Don't instrument vgettimeofday.c in arm64 VDSO, Jann Horn
        
        Re: [PATCH 5/5] gcc-plugins/stackleak: Don't instrument vgettimeofday.c in arm64 VDSO, Alexander Popov
    - Re: [PATCH 5/5] gcc-plugins/stackleak: Don't instrument vgettimeofday.c in arm64 VDSO, Kees Cook
      - Re: [PATCH 5/5] gcc-plugins/stackleak: Don't instrument vgettimeofday.c in arm64 VDSO, Will Deacon
        
        Re: [PATCH 5/5] gcc-plugins/stackleak: Don't instrument vgettimeofday.c in arm64 VDSO, Alexander Popov
        
        Re: [PATCH 5/5] gcc-plugins/stackleak: Don't instrument vgettimeofday.c in arm64 VDSO, Alexander Popov
- Re: [PATCH 0/5] Improvements of the stackleak gcc plugin, Kees Cook
- Re: [PATCH 0/5] Improvements of the stackleak gcc plugin, Kees Cook
  - Re: [PATCH 0/5] Improvements of the stackleak gcc plugin, Alexander Popov
[PATCH 0/5] Use per-CPU temporary mappings for patching, Christopher M. Riedl
- [PATCH 2/5] powerpc/lib: Initialize a temporary mm for code patching, Christopher M. Riedl
  - Re: [PATCH 2/5] powerpc/lib: Initialize a temporary mm for code patching, Christophe Leroy
    - Re: [PATCH 2/5] powerpc/lib: Initialize a temporary mm for code patching, Christopher M. Riedl
- [PATCH 1/5] powerpc/mm: Introduce temporary mm, Christopher M. Riedl
  - Re: [PATCH 1/5] powerpc/mm: Introduce temporary mm, Christophe Leroy
    - Re: [PATCH 1/5] powerpc/mm: Introduce temporary mm, Christopher M. Riedl
- [PATCH 3/5] powerpc/lib: Use a temporary mm for code patching, Christopher M. Riedl
  - Re: [PATCH 3/5] powerpc/lib: Use a temporary mm for code patching, Christophe Leroy
    - Re: [PATCH 3/5] powerpc/lib: Use a temporary mm for code patching, Christopher M. Riedl
- [PATCH 4/5] powerpc/lib: Add LKDTM accessor for patching addr, Christopher M. Riedl
  - Re: [PATCH 4/5] powerpc/lib: Add LKDTM accessor for patching addr, Christophe Leroy
    - Re: [PATCH 4/5] powerpc/lib: Add LKDTM accessor for patching addr, Christopher M. Riedl
- [PATCH 5/5] powerpc: Add LKDTM test to hijack a patch mapping, Christopher M. Riedl
  - Re: [PATCH 5/5] powerpc: Add LKDTM test to hijack a patch mapping, Christophe Leroy
    - Re: [PATCH 5/5] powerpc: Add LKDTM test to hijack a patch mapping, Christopher M. Riedl
  - Re: [PATCH 5/5] powerpc: Add LKDTM test to hijack a patch mapping, Christophe Leroy
- <Possible follow-ups>
- [PATCH 0/5] Use per-CPU temporary mappings for patching, Christopher M. Riedl
  - [PATCH v2 1/5] powerpc/mm: Introduce temporary mm, Christopher M. Riedl
    - Re: [PATCH v2 1/5] powerpc/mm: Introduce temporary mm, Daniel Axtens
      - Re: [PATCH v2 1/5] powerpc/mm: Introduce temporary mm, Christopher M. Riedl
  - [PATCH v2 2/5] powerpc/lib: Initialize a temporary mm for code patching, Christopher M. Riedl
    - Re: [PATCH v2 2/5] powerpc/lib: Initialize a temporary mm for code patching, kernel test robot
    - Re: [PATCH v2 2/5] powerpc/lib: Initialize a temporary mm for code patching, Daniel Axtens
      - Re: [PATCH v2 2/5] powerpc/lib: Initialize a temporary mm for code patching, Christopher M. Riedl
  - [PATCH v2 3/5] powerpc/lib: Use a temporary mm for code patching, Christopher M. Riedl
    - Re: [PATCH v2 3/5] powerpc/lib: Use a temporary mm for code patching, Christophe Leroy
      - Re: [PATCH v2 3/5] powerpc/lib: Use a temporary mm for code patching, Christopher M. Riedl
  - [PATCH v2 4/5] powerpc/lib: Add LKDTM accessor for patching addr, Christopher M. Riedl
  - [PATCH v2 5/5] powerpc: Add LKDTM test to hijack a patch mapping, Christopher M. Riedl
    - Re: [PATCH v2 5/5] powerpc: Add LKDTM test to hijack a patch mapping, Kees Cook
[PATCH v5 0/3] drivers/acpi: Remove function callback casts, Oscar Carter
- [PATCH v5 1/3] drivers/acpi: Add new macro ACPI_DECLARE_SUBTABLE_PROBE_ENTRY, Oscar Carter
- [PATCH v5 2/3] drivers/irqchip: Use new macro ACPI_DECLARE_SUBTABLE_PROBE_ENTRY, Oscar Carter
- [PATCH v5 3/3] drivers/acpi: Remove function cast, Oscar Carter
- Re: [PATCH v5 0/3] drivers/acpi: Remove function callback casts, Marc Zyngier
  - Re: [PATCH v5 0/3] drivers/acpi: Remove function callback casts, Rafael J. Wysocki
- Re: [PATCH v5 0/3] drivers/acpi: Remove function callback casts, Marc Zyngier
[PATCH v4 0/3] drivers/acpi: Remove function callback casts, Oscar Carter
- [PATCH v4 1/3] drivers/acpi: Add new macro ACPI_DECLARE_SUBTABLE_PROBE_ENTRY, Oscar Carter
- [PATCH v4 2/3] drivers/irqchip: Use new macro ACPI_DECLARE_SUBTABLE_PROBE_ENTRY, Oscar Carter
- [PATCH v4 3/3] drivers/acpi: Remove function cast, Oscar Carter
- Re: [PATCH v4 0/3] drivers/acpi: Remove function callback casts, Oscar Carter
[PATCH v3] firewire: Remove function callback casts, Oscar Carter
- Re: [PATCH v3] firewire: Remove function callback casts, Oscar Carter
- Re: [PATCH v3] firewire: Remove function callback casts, Takashi Sakamoto
  - Re: [PATCH v3] firewire: Remove function callback casts, Oscar Carter
[PATCH v3 0/2] drivers/irqchip: Remove function callback casts, Oscar Carter
- [PATCH v3 1/2] drivers/irqchip: Add new macro ACPI_DECLARE_SUBTABLE_PROBE_ENTRY, Oscar Carter
- [PATCH v3 2/2] drivers/irqchip: Use new macro ACPI_DECLARE_SUBTABLE_PROBE_ENTRY, Oscar Carter
  - Re: [PATCH v3 2/2] drivers/irqchip: Use new macro ACPI_DECLARE_SUBTABLE_PROBE_ENTRY, Marc Zyngier
    - Re: [PATCH v3 2/2] drivers/irqchip: Use new macro ACPI_DECLARE_SUBTABLE_PROBE_ENTRY, Oscar Carter
[PATCH v18 00/12] Landlock LSM, Mickaël Salaün
- [PATCH v18 01/12] landlock: Add object management, Mickaël Salaün
- [PATCH v18 02/12] landlock: Add ruleset and domain management, Mickaël Salaün
- [PATCH v18 03/12] landlock: Set up the security framework and manage credentials, Mickaël Salaün
- [PATCH v18 04/12] landlock: Add ptrace restrictions, Mickaël Salaün
- [PATCH v18 05/12] LSM: Infrastructure management of the superblock, Mickaël Salaün
- [PATCH v18 06/12] fs,security: Add sb_delete hook, Mickaël Salaün
- [PATCH v18 07/12] landlock: Support filesystem access-control, Mickaël Salaün
  - Re: [PATCH v18 07/12] landlock: Support filesystem access-control, Amir Goldstein
    - Re: [PATCH v18 07/12] landlock: Support filesystem access-control, Mickaël Salaün
- [PATCH v18 08/12] landlock: Add syscall implementation, Mickaël Salaün
- [PATCH v18 09/12] arch: Wire up landlock() syscall, Mickaël Salaün
- [PATCH v18 10/12] selftests/landlock: Add initial tests, Mickaël Salaün
- [PATCH v18 11/12] samples/landlock: Add a sandbox manager example, Mickaël Salaün
- [PATCH v18 12/12] landlock: Add user and kernel documentation, Mickaël Salaün
[PATCH v2] drivers/irqchip: Remove function callback casts, Oscar Carter
- Re: [PATCH v2] drivers/irqchip: Remove function callback casts, Marc Zyngier
  - Re: [PATCH v2] drivers/irqchip: Remove function callback casts, Oscar Carter
    - Re: [PATCH v2] drivers/irqchip: Remove function callback casts, Marc Zyngier
[PATCH v2] firewire-core: remove cast of function callback, Takashi Sakamoto
- Re: [PATCH v2] firewire-core: remove cast of function callback, Greg KH
  - Re: [PATCH v2] firewire-core: remove cast of function callback, Stefan Richter
    - Re: [PATCH v2] firewire-core: remove cast of function callback, Takashi Sakamoto
[PATCH] staging/rtl8192e: Remove function callback casts, Oscar Carter
[PATCH] drivers/irqchip: Remove function callback casts, Oscar Carter
- Re: [PATCH] drivers/irqchip: Remove function callback casts, Marc Zyngier
  - Re: [PATCH] drivers/irqchip: Remove function callback casts, Oscar Carter
    - Re: [PATCH] drivers/irqchip: Remove function callback casts, Marc Zyngier
      - Re: [PATCH] drivers/irqchip: Remove function callback casts, Oscar Carter
[PATCH v2 0/9] Function Granular KASLR, Kristen Carlson Accardi
- [PATCH v2 1/9] objtool: Do not assume order of parent/child functions, Kristen Carlson Accardi
- [PATCH v2 2/9] x86: tools/relocs: Support >64K section headers, Kristen Carlson Accardi
- [PATCH v2 3/9] x86/boot: Allow a "silent" kaslr random byte fetch, Kristen Carlson Accardi
- [PATCH v2 4/9] x86: Makefile: Add build and config option for CONFIG_FG_KASLR, Kristen Carlson Accardi
  - Re: [PATCH v2 4/9] x86: Makefile: Add build and config option for CONFIG_FG_KASLR, Kees Cook
- [PATCH v2 5/9] x86: Make sure _etext includes function sections, Kristen Carlson Accardi
  - Re: [PATCH v2 5/9] x86: Make sure _etext includes function sections, Kees Cook
- [PATCH v2 6/9] x86/tools: Add relative relocs for randomized functions, Kristen Carlson Accardi
  - Re: [PATCH v2 6/9] x86/tools: Add relative relocs for randomized functions, Kees Cook
- [PATCH v2 7/9] x86: Add support for function granular KASLR, Kristen Carlson Accardi
  - Re: [PATCH v2 7/9] x86: Add support for function granular KASLR, Kees Cook
    - Re: [PATCH v2 7/9] x86: Add support for function granular KASLR, Kristen Carlson Accardi
    - Re: [PATCH v2 7/9] x86: Add support for function granular KASLR, Kristen Carlson Accardi
      - Re: [PATCH v2 7/9] x86: Add support for function granular KASLR, Kees Cook
- [PATCH v2 8/9] kallsyms: Hide layout, Kristen Carlson Accardi
  - Re: [PATCH v2 8/9] kallsyms: Hide layout, Kees Cook
- [PATCH v2 9/9] module: Reorder functions, Kristen Carlson Accardi
  - Re: [PATCH v2 9/9] module: Reorder functions, Kees Cook
    - Re: [PATCH v2 9/9] module: Reorder functions, Kristen Carlson Accardi
      - Re: [PATCH v2 9/9] module: Reorder functions, Kees Cook
        
        Re: [PATCH v2 9/9] module: Reorder functions, Kristen Carlson Accardi
- Re: [PATCH v2 0/9] Function Granular KASLR, Kees Cook
- Re: [PATCH v2 0/9] Function Granular KASLR, Thomas Gleixner
  - Re: [PATCH v2 0/9] Function Granular KASLR, Kees Cook
    - Re: [PATCH v2 0/9] Function Granular KASLR, Thomas Gleixner
    - Re: [PATCH v2 0/9] Function Granular KASLR, Kristen Carlson Accardi
[PATCH 0/2] firewire: obsolete cast of function callback toward CFI, Takashi Sakamoto
- [PATCH 1/2] firewire-core: add kernel API to construct multichannel isoc context, Takashi Sakamoto
- [PATCH 2/2] firewire-core: obsolete cast of function callback, Takashi Sakamoto
- Re: [PATCH 0/2] firewire: obsolete cast of function callback toward CFI, Oscar Carter
[PATCH v2] firewire: Remove function callback casts, Oscar Carter
- Re: [PATCH v2] firewire: Remove function callback casts, Takashi Sakamoto
  - Re: [PATCH v2] firewire: Remove function callback casts, Oscar Carter
    - Re: [PATCH v2] firewire: Remove function callback casts, greg
    - Re: [PATCH v2] firewire: Remove function callback casts, Greg KH
      - Re: [PATCH v2] firewire: Remove function callback casts, Takashi Sakamoto
[PATCH] firewire: Remove function callback casts, Oscar Carter
- Re: [PATCH] firewire: Remove function callback casts, Lev R. Oshvang .
  - Re: [PATCH] firewire: Remove function callback casts, Oscar Carter
[PATCH AUTOSEL 4.9 02/27] gcc-common.h: Update for GCC 10, Sasha Levin
[PATCH AUTOSEL 4.14 02/39] gcc-common.h: Update for GCC 10, Sasha Levin
[PATCH AUTOSEL 4.19 02/31] gcc-common.h: Update for GCC 10, Sasha Levin
[PATCH AUTOSEL 5.4 04/49] gcc-common.h: Update for GCC 10, Sasha Levin
[PATCH AUTOSEL 5.6 04/62] gcc-common.h: Update for GCC 10, Sasha Levin
[PATCH v17 00/10] Landlock LSM, Mickaël Salaün
- [PATCH v17 01/10] landlock: Add object management, Mickaël Salaün
- [PATCH v17 02/10] landlock: Add ruleset and domain management, Mickaël Salaün
  - Re: [PATCH v17 02/10] landlock: Add ruleset and domain management, James Morris
    - Re: [PATCH v17 02/10] landlock: Add ruleset and domain management, Mickaël Salaün
- [PATCH v17 03/10] landlock: Set up the security framework and manage credentials, Mickaël Salaün
- [PATCH v17 04/10] landlock: Add ptrace restrictions, Mickaël Salaün
- [PATCH v17 05/10] fs,landlock: Support filesystem access-control, Mickaël Salaün
  - Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control, James Morris
    - Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control, Mickaël Salaün
      - Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control, Casey Schaufler
        
        Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control, Mickaël Salaün
      - Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control, James Morris
        
        Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control, Mickaël Salaün
        
        Re: [PATCH v17 05/10] fs,landlock: Support filesystem access-control, James Morris
- [PATCH v17 06/10] landlock: Add syscall implementation, Mickaël Salaün
- [PATCH v17 07/10] arch: Wire up landlock() syscall, Mickaël Salaün
- [PATCH v17 08/10] selftests/landlock: Add initial tests, Mickaël Salaün
- [PATCH v17 09/10] samples/landlock: Add a sandbox manager example, Mickaël Salaün
- [PATCH v17 10/10] landlock: Add user and kernel documentation, Mickaël Salaün
- Re: [PATCH v17 00/10] Landlock LSM, Mickaël Salaün
Open source a new kernel harden project, wzt wzt
- Re: Open source a new kernel harden project, Lionel Debroux
  - Re: Open source a new kernel harden project, wzt wzt
- Re: Open source a new kernel harden project, Greg KH
- Re: Open source a new kernel harden project, Kees Cook
[PATCH] gcc-plugins: remove always false $(if ...) in Makefile, Masahiro Yamada
- Re: [PATCH] gcc-plugins: remove always false $(if ...) in Makefile, Kees Cook
  - Re: [PATCH] gcc-plugins: remove always false $(if ...) in Makefile, Masahiro Yamada
Get involved in the KSPP, Oscar Carter
- Re: Get involved in the KSPP, Kees Cook
  - Re: Get involved in the KSPP, Oscar Carter
    - Re: Get involved in the KSPP, Kees Cook
      - Re: Get involved in the KSPP, Oscar Carter
FYI: NGI POINTER OSS Funding, Dmitry Vyukov
[PATCH v5 0/6] Add support for O_MAYEXEC, Mickaël Salaün
- [PATCH v5 1/6] fs: Add support for an O_MAYEXEC flag on openat2(2), Mickaël Salaün
  - Re: [PATCH v5 1/6] fs: Add support for an O_MAYEXEC flag on openat2(2), Kees Cook
    - Re: [PATCH v5 1/6] fs: Add support for an O_MAYEXEC flag on openat2(2), Christian Heimes
      - Re: [PATCH v5 1/6] fs: Add support for an O_MAYEXEC flag on openat2(2), Kees Cook
    - Re: [PATCH v5 1/6] fs: Add support for an O_MAYEXEC flag on openat2(2), Mickaël Salaün
- [PATCH v5 2/6] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property, Mickaël Salaün
  - Re: [PATCH v5 2/6] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property, Kees Cook
    - Re: [PATCH v5 2/6] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property, Lev R. Oshvang .
      - Re: [PATCH v5 2/6] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property, Kees Cook
        
        Re: [PATCH v5 2/6] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property, Lev R. Oshvang .
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Mickaël Salaün
  - Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Randy Dunlap
    - Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Mickaël Salaün
      - Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Randy Dunlap
  - Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Kees Cook
    - Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Mickaël Salaün
  - Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Stephen Smalley
    - Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Kees Cook
      - Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Kees Cook
        
        RE: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, David Laight
        
        Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Stephen Smalley
        
        Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Kees Cook
        
        Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Stephen Smalley
        
        Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Kees Cook
        
        Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Stephen Smalley
        
        Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Mickaël Salaün
        
        Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Tetsuo Handa
        
        How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC), Kees Cook
        
        Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC), Florian Weimer
        
        Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC), Kees Cook
        
        Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC), Florian Weimer
        
        Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC), Kees Cook
        
        Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC), Florian Weimer
        
        Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC), Aleksa Sarai
        
        Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC), Mickaël Salaün
        
        Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC), Mickaël Salaün
        
        Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC), Kees Cook
        
        Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC), Mickaël Salaün
      - Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Mickaël Salaün
- [PATCH v5 4/6] selftest/openat2: Add tests for O_MAYEXEC enforcing, Mickaël Salaün
  - Re: [PATCH v5 4/6] selftest/openat2: Add tests for O_MAYEXEC enforcing, Kees Cook
    - Re: [PATCH v5 4/6] selftest/openat2: Add tests for O_MAYEXEC enforcing, Mickaël Salaün
- [PATCH v5 5/6] doc: Add documentation for the fs.open_mayexec_enforce sysctl, Mickaël Salaün
  - Re: [PATCH v5 5/6] doc: Add documentation for the fs.open_mayexec_enforce sysctl, Kees Cook
    - Re: [PATCH v5 5/6] doc: Add documentation for the fs.open_mayexec_enforce sysctl, Mickaël Salaün
- [PATCH v5 6/6] ima: add policy support for the new file open MAY_OPENEXEC flag, Mickaël Salaün
- Re: [PATCH v5 0/6] Add support for O_MAYEXEC, Mickaël Salaün
  - Re: [PATCH v5 0/6] Add support for O_MAYEXEC, Lev R. Oshvang .
    - Re: [PATCH v5 0/6] Add support for O_MAYEXEC, Aleksa Sarai
    - Re: [PATCH v5 0/6] Add support for O_MAYEXEC, Mickaël Salaün
- RE: [PATCH v5 0/6] Add support for O_MAYEXEC, David Laight
  - Re: [PATCH v5 0/6] Add support for O_MAYEXEC, Mickaël Salaün
    - RE: [PATCH v5 0/6] Add support for O_MAYEXEC, David Laight
      - Re: [PATCH v5 0/6] Add support for O_MAYEXEC, Mickaël Salaün
        
        RE: [PATCH v5 0/6] Add support for O_MAYEXEC, David Laight
        
        Re: [PATCH v5 0/6] Add support for O_MAYEXEC, Mickaël Salaün
        
        Re: [PATCH v5 0/6] Add support for O_MAYEXEC, Lev R. Oshvang .
        
        Re: [PATCH v5 0/6] Add support for O_MAYEXEC, Mimi Zohar
[PATCH] security/keys: rewrite big_key crypto to use Zinc, Jason A. Donenfeld
- Re: [PATCH] security/keys: rewrite big_key crypto to use Zinc, Eric Biggers
  - Re: [PATCH] security/keys: rewrite big_key crypto to use Zinc, Jason A. Donenfeld
    - Re: [PATCH] security/keys: rewrite big_key crypto to use Zinc, Eric Biggers
      - Re: [PATCH] security/keys: rewrite big_key crypto to use Zinc, Jason A. Donenfeld
        
        [PATCH v2] security/keys: rewrite big_key crypto to use Zinc, Jason A. Donenfeld
        
        Re: [PATCH v2] security/keys: rewrite big_key crypto to use Zinc, Eric Biggers
        
        Re: [PATCH v2] security/keys: rewrite big_key crypto to use Zinc, Jason A. Donenfeld
        
        [PATCH v3] security/keys: rewrite big_key crypto to use library interface, Jason A. Donenfeld
        
        Re: [PATCH v3] security/keys: rewrite big_key crypto to use library interface, David Howells
        
        Re: [PATCH v3] security/keys: rewrite big_key crypto to use library interface, Jason A. Donenfeld
        
        Re: [PATCH v3] security/keys: rewrite big_key crypto to use library interface, David Howells
        
        Re: [PATCH v3] security/keys: rewrite big_key crypto to use library interface, Jason A. Donenfeld
[PATCH v4 0/5] Add support for O_MAYEXEC, Mickaël Salaün
- [PATCH v4 1/5] fs: Add support for an O_MAYEXEC flag on openat2(2), Mickaël Salaün
  - Re: [PATCH v4 1/5] fs: Add support for an O_MAYEXEC flag on openat2(2), Deven Bowers
- [PATCH v4 2/5] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property, Mickaël Salaün
- [PATCH v4 3/5] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC, Mickaël Salaün
- [PATCH v4 4/5] selftest/openat2: Add tests for O_MAYEXEC enforcing, Mickaël Salaün
- [PATCH v4 5/5] doc: Add documentation for the fs.open_mayexec_enforce sysctl, Mickaël Salaün
[RFC PATCH v2 0/5] Use per-CPU temporary mappings for patching, Christopher M. Riedl
- [RFC PATCH v2 1/5] powerpc/mm: Introduce temporary mm, Christopher M. Riedl
  - Re: [RFC PATCH v2 1/5] powerpc/mm: Introduce temporary mm, Christophe Leroy
    - Re: [RFC PATCH v2 1/5] powerpc/mm: Introduce temporary mm, Christopher M. Riedl
  - Re: [RFC PATCH v2 1/5] powerpc/mm: Introduce temporary mm, Christophe Leroy
    - Re: [RFC PATCH v2 1/5] powerpc/mm: Introduce temporary mm, Christopher M. Riedl
- [RFC PATCH v2 2/5] powerpc/lib: Initialize a temporary mm for code patching, Christopher M. Riedl
- [RFC PATCH v2 4/5] powerpc/lib: Add LKDTM accessor for patching addr, Christopher M. Riedl
- [RFC PATCH v2 3/5] powerpc/lib: Use a temporary mm for code patching, Christopher M. Riedl
  - Re: [RFC PATCH v2 3/5] powerpc/lib: Use a temporary mm for code patching, Christophe Leroy
    - Re: [RFC PATCH v2 3/5] powerpc/lib: Use a temporary mm for code patching, Christopher M. Riedl
- [RFC PATCH v2 5/5] powerpc: Add LKDTM test to hijack a patch mapping, Christopher M. Riedl
[PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, Mickaël Salaün
- [PATCH v3 1/5] fs: Add support for a RESOLVE_MAYEXEC flag on openat2(2), Mickaël Salaün
  - Re: [PATCH v3 1/5] fs: Add support for a RESOLVE_MAYEXEC flag on openat2(2), James Morris
    - Re: [PATCH v3 1/5] fs: Add support for a RESOLVE_MAYEXEC flag on openat2(2), Mickaël Salaün
- [PATCH v3 2/5] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property, Mickaël Salaün
  - Re: [PATCH v3 2/5] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property, James Morris
    - Re: [PATCH v3 2/5] fs: Add a MAY_EXECMOUNT flag to infer the noexec mount property, Mickaël Salaün
- [PATCH v3 3/5] fs: Enable to enforce noexec mounts or file exec through RESOLVE_MAYEXEC, Mickaël Salaün
  - Re: [PATCH v3 3/5] fs: Enable to enforce noexec mounts or file exec through RESOLVE_MAYEXEC, James Morris
    - Re: [PATCH v3 3/5] fs: Enable to enforce noexec mounts or file exec through RESOLVE_MAYEXEC, Mickaël Salaün
      - Re: [PATCH v3 3/5] fs: Enable to enforce noexec mounts or file exec through RESOLVE_MAYEXEC, James Morris
- [PATCH v3 4/5] selftest/openat2: Add tests for RESOLVE_MAYEXEC enforcing, Mickaël Salaün
- [PATCH v3 5/5] doc: Add documentation for the fs.open_mayexec_enforce sysctl, Mickaël Salaün
- Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, Jann Horn
  - Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, Florian Weimer
    - Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, Jann Horn
      - Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, Mickaël Salaün
      - Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, Christian Heimes
        
        Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, Mickaël Salaün
- Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, Aleksa Sarai
  - Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, Christian Brauner
    - Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, Mickaël Salaün
  - Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, Lev R. Oshvang .
- Re: [PATCH v3 0/5] Add support for RESOLVE_MAYEXEC, James Morris
Re: [PATCH] nsproxy: attach to namespaces via pidfds, Jann Horn
- Re: [PATCH] nsproxy: attach to namespaces via pidfds, Christian Brauner
  - Re: [PATCH] nsproxy: attach to namespaces via pidfds, Jann Horn
    - Re: [PATCH] nsproxy: attach to namespaces via pidfds, Christian Brauner
[PATCH v13 0/8] proc: modernize proc to support multiple private instances, Alexey Gladkov
- [PATCH v13 1/8] proc: rename struct proc_fs_info to proc_fs_opts, Alexey Gladkov
- [PATCH v13 2/8] Use proc_pid_ns() to get pid_namespace from the proc superblock, Alexey Gladkov
- [PATCH v13 3/8] proc: allow to mount many instances of proc in one pid namespace, Alexey Gladkov
- [PATCH v13 4/8] proc: instantiate only pids that we can ptrace on 'hidepid=4' mount option, Alexey Gladkov
- [PATCH v13 6/8] docs: proc: add documentation for "hidepid=4" and "subset=pid" options and new mount behavior, Alexey Gladkov
- [PATCH v13 5/8] proc: add option to mount only a pids subset, Alexey Gladkov
- [PATCH v13 8/8] proc: use named enums for better readability, Alexey Gladkov
- [PATCH v13 7/8] proc: use human-readable values for hidepid, Alexey Gladkov
Re: gcc extended format checking plugin, Masahiro Yamada
[PATCH v12 0/7] proc: modernize proc to support multiple private instances, Alexey Gladkov
- [PATCH v12 1/7] proc: rename struct proc_fs_info to proc_fs_opts, Alexey Gladkov
- [PATCH v12 2/7] proc: allow to mount many instances of proc in one pid namespace, Alexey Gladkov
  - [PATCH v13 2/7] proc: allow to mount many instances of proc in one pid namespace, Alexey Gladkov
    - Re: [PATCH v13 2/7] proc: allow to mount many instances of proc in one pid namespace, Eric W. Biederman
      - Re: [PATCH v13 2/7] proc: allow to mount many instances of proc in one pid namespace, Alexey Gladkov
- [PATCH v12 4/7] proc: add option to mount only a pids subset, Alexey Gladkov
- [PATCH v12 3/7] proc: instantiate only pids that we can ptrace on 'hidepid=4' mount option, Alexey Gladkov
- [PATCH v12 6/7] proc: use human-readable values for hidepid, Alexey Gladkov
- [PATCH v12 7/7] proc: use named enums for better readability, Alexey Gladkov
- [PATCH v12 5/7] docs: proc: add documentation for "hidepid=4" and "subset=pid" options and new mount behavior, Alexey Gladkov
[PATCH] gcc-plugins: latent_entropy: remove unneeded semicolon, Jason Yan
[PATCH] gcc-plugins: structleak: remove unneeded variable 'ret', Jason Yan
[PATCH v16 00/10] Landlock LSM, Mickaël Salaün
- [PATCH v16 01/10] landlock: Add object management, Mickaël Salaün
- [PATCH v16 02/10] landlock: Add ruleset and domain management, Mickaël Salaün
- [PATCH v16 03/10] landlock: Set up the security framework and manage credentials, Mickaël Salaün
- [PATCH v16 04/10] landlock: Add ptrace restrictions, Mickaël Salaün
- [PATCH v16 05/10] fs,landlock: Support filesystem access-control, Mickaël Salaün
- [PATCH v16 07/10] arch: Wire up landlock() syscall, Mickaël Salaün
- [PATCH v16 06/10] landlock: Add syscall implementation, Mickaël Salaün
- [PATCH v16 08/10] selftests/landlock: Add initial tests, Mickaël Salaün
- [PATCH v16 09/10] samples/landlock: Add a sandbox manager example, Mickaël Salaün
- [PATCH v16 10/10] landlock: Add user and kernel documentation, Mickaël Salaün
[PATCH 0/9] Function Granular Kernel Address Space Layout Randomization, Kristen Carlson Accardi
- [PATCH 1/9] objtool: do not assume order of parent/child functions, Kristen Carlson Accardi
  - Re: [PATCH 1/9] objtool: do not assume order of parent/child functions, Josh Poimboeuf
- [PATCH 2/9] x86: tools/relocs: Support >64K section headers, Kristen Carlson Accardi
- [PATCH 3/9] x86/boot: Allow a "silent" kaslr random byte fetch, Kristen Carlson Accardi
- [PATCH 4/9] x86: Makefile: Add build and config option for CONFIG_FG_KASLR, Kristen Carlson Accardi
- [PATCH 5/9] x86: make sure _etext includes function sections, Kristen Carlson Accardi
- [PATCH 6/9] x86/tools: Adding relative relocs for randomized functions, Kristen Carlson Accardi
- [PATCH 7/9] x86: Add support for function granular KASLR, Kristen Carlson Accardi
  - Re: [PATCH 7/9] x86: Add support for function granular KASLR, kbuild test robot
  - Re: [PATCH 7/9] x86: Add support for function granular KASLR, Baoquan He
- [PATCH 8/9] kallsyms: hide layout, Kristen Carlson Accardi
  - Re: [PATCH 8/9] kallsyms: hide layout, Ard Biesheuvel
    - Re: [PATCH 8/9] kallsyms: hide layout, Kristen Carlson Accardi
- [PATCH 9/9] module: Reorder functions, Kristen Carlson Accardi
  - Re: [PATCH 9/9] module: Reorder functions, Ard Biesheuvel
    - Re: [PATCH 9/9] module: Reorder functions, Arjan van de Ven
      - Re: [PATCH 9/9] module: Reorder functions, Ard Biesheuvel
        
        Re: [PATCH 9/9] module: Reorder functions, Arjan van de Ven
    - Re: [PATCH 9/9] module: Reorder functions, Kristen Carlson Accardi
      - Re: [PATCH 9/9] module: Reorder functions, Kristen Carlson Accardi
        
        Re: [PATCH 9/9] module: Reorder functions, Ard Biesheuvel
        
        Re: [PATCH 9/9] module: Reorder functions, Kristen Carlson Accardi
- Re: [PATCH 0/9] Function Granular Kernel Address Space Layout Randomization, Kees Cook
[PATCH v3 0/5] hardening : prevent write to proces's read-only pages, Lev Olshvang
- [PATCH v3 1/5] Hardening x86: Forbid writes to read-only memory pages of a process, Lev Olshvang
- [PATCH v3 2/5] Hardening PowerPC: Forbid writes to read-only memory pages of a process, Lev Olshvang
- [PATCH v3 3/5] Hardening um: Forbid writes to read-only memory pages of a process, Lev Olshvang
- [PATCH v3 4/5] Hardening unicore32: Forbid writes to read-only memory pages of a process, Lev Olshvang
- [PATCH v3 5/5] Hardening : PPC book3s64: Forbid writes to read-only memory pages of a process, Lev Olshvang
- Re: [PATCH v3 0/5] hardening : prevent write to proces's read-only pages, Kees Cook
- <Possible follow-ups>
- [PATCH v3 0/5] hardening : prevent write to proces's read-only pages, Lev Olshvang
  - [PATCH v4 1/2] hardening : prevent write to read-only pages of user process, Lev Olshvang
  - [PATCH v4 2/2] Hardening x86: Forbid writes to read-only memory pages of a process, Lev Olshvang
[PATCH v1 0/1] hardening : prevent write to proces's read-only pages, Lev Olshvang
[PATCH v1] prevent write to proces's read-only pages, Lev Olshvang
[PATCH RESEND v11 0/8] proc: modernize proc to support multiple private instances, Alexey Gladkov
- [PATCH RESEND v11 1/8] proc: rename struct proc_fs_info to proc_fs_opts, Alexey Gladkov
- [PATCH RESEND v11 3/8] proc: move hide_pid, pid_gid from pid_namespace to proc_fs_info, Alexey Gladkov
- [PATCH RESEND v11 2/8] proc: allow to mount many instances of proc in one pid namespace, Alexey Gladkov
  - Re: [PATCH RESEND v11 2/8] proc: allow to mount many instances of proc in one pid namespace, Eric W. Biederman
    - Re: [PATCH RESEND v11 2/8] proc: allow to mount many instances of proc in one pid namespace, Alexey Gladkov
- [PATCH RESEND v11 4/8] proc: instantiate only pids that we can ptrace on 'hidepid=4' mount option, Alexey Gladkov
- [PATCH RESEND v11 5/8] proc: add option to mount only a pids subset, Alexey Gladkov
- [PATCH RESEND v11 6/8] docs: proc: add documentation for "hidepid=4" and "subset=pid" options and new mount behavior, Alexey Gladkov
- [PATCH RESEND v11 8/8] proc: use named enums for better readability, Alexey Gladkov
- [PATCH RESEND v11 7/8] proc: use human-readable values for hidepid, Alexey Gladkov
  - Re: [PATCH RESEND v11 7/8] proc: use human-readable values for hidepid, Eric W. Biederman
    - Re: [PATCH RESEND v11 7/8] proc: use human-readable values for hidepid, Alexey Gladkov
- Re: [PATCH RESEND v11 0/8] proc: modernize proc to support multiple private instances, Eric W. Biederman
  - Re: [PATCH RESEND v11 0/8] proc: modernize proc to support multiple private instances, Alexey Gladkov
    - Re: [PATCH RESEND v11 0/8] proc: modernize proc to support multiple private instances, Eric W. Biederman
Re: [Cocci] Coccinelle rule for CVE-2019-18683, Markus Elfring
- Re: [Cocci] Coccinelle rule for CVE-2019-18683, Alexander Popov
  - Re: [Cocci] Coccinelle rule for CVE-2019-18683, Markus Elfring
Coccinelle rule for CVE-2019-18683, Alexander Popov
- Re: Coccinelle rule for CVE-2019-18683, Jann Horn
  - Re: Coccinelle rule for CVE-2019-18683, Alexander Popov
    - Re: Coccinelle rule for CVE-2019-18683, Alexander Popov
      - Re: Coccinelle rule for CVE-2019-18683, Markus Elfring
- Re: [Cocci] Coccinelle rule for CVE-2019-18683, Julia Lawall
  - Re: [Cocci] Coccinelle rule for CVE-2019-18683, Alexander Popov
    - Re: [Cocci] Coccinelle rule for CVE-2019-18683, Julia Lawall
[PATCH] gcc-common.h: 'params.h' has been dropped in GCC10, Frédéric Pierret (fepitre)
- Re: [PATCH] gcc-common.h: 'params.h' has been dropped in GCC10, Kees Cook
  - Re: [PATCH] gcc-common.h: 'params.h' has been dropped in GCC10, Frédéric Pierret
    - Re: [PATCH] gcc-common.h: 'params.h' has been dropped in GCC10, Kees Cook
[PATCH v3 0/5] Optionally randomize kernel stack offset each syscall, Kees Cook
- [PATCH v3 2/5] init_on_alloc: Unpessimize default-on builds, Kees Cook
- [PATCH v3 1/5] jump_label: Provide CONFIG-driven build state defaults, Kees Cook
- [PATCH v3 3/5] stack: Optionally randomize kernel stack offset each syscall, Kees Cook
- [PATCH v3 4/5] x86/entry: Enable random_kstack_offset support, Kees Cook
- [PATCH v3 5/5] arm64: entry: Enable random_kstack_offset support, Kees Cook
[RFC PATCH 0/5] Prevent write to read-only pages (text, PLT/GOT, Lev Olshvang
- [RFC PATCH 1/5] security : hardening : prevent write to proces's read-only pages from another process, Lev Olshvang
  - Re: [RFC PATCH 1/5] security : hardening : prevent write to proces's read-only pages from another process, Kees Cook
    - Re: [RFC PATCH 1/5] security : hardening : prevent write to proces's read-only pages from another process, Lev R. Oshvang .
      - Re: [RFC PATCH 1/5] security : hardening : prevent write to proces's read-only pages from another process, Kees Cook
- [RFC PATCH 2/5] Prevent write to read-only pages from another process, Lev Olshvang
- [RFC PATCH 3/5] Prevent write to read-only pages text, PLT/GOT tables from another process, Lev Olshvang
- [RFC PATCH 4/5] X86:Prevent write to read-only pages :text, PLT/GOT tables from another process, Lev Olshvang
- [RFC PATCH 5/5] UM:Prevent write to read-only pages :text, PLT/GOT tables from another process, Lev Olshvang
[PATCH v11 0/8] proc: modernize proc to support multiple private instances, Alexey Gladkov
- [PATCH v11 8/8] proc: use named enums for better readability, Alexey Gladkov
- [PATCH v11 7/8] proc: use human-readable values for hidepid, Alexey Gladkov
- [PATCH v11 3/8] proc: move hide_pid, pid_gid from pid_namespace to proc_fs_info, Alexey Gladkov
- [PATCH v11 6/8] docs: proc: add documentation for "hidepid=4" and "subset=pid" options and new mount behavior, Alexey Gladkov
- [PATCH v11 2/8] proc: allow to mount many instances of proc in one pid namespace, Alexey Gladkov
- [PATCH v11 4/8] proc: instantiate only pids that we can ptrace on 'hidepid=4' mount option, Alexey Gladkov
- [PATCH v11 5/8] proc: add option to mount only a pids subset, Alexey Gladkov
- [PATCH v11 1/8] proc: rename struct proc_fs_info to proc_fs_opts, Alexey Gladkov

[Index of Archives] [Linux Samsung SoC] [Linux Actions SoC] [Linux Rockchip SoC] [Linux for Synopsys ARC Processors] [Linux USB Devel] [Video for Linux] [Linux SCSI] [Yosemite Forum]