Re: [PATCH v12 0/5] overlayfs override_creds=off

On 7/30/2019 10:28 AM, Mark Salyzyn wrote: > Patch series: Please add linux-security-mod...@vger.kernel.org to the CC for all changes affecting handling of security xattrs. > > overlayfs: check CAP_DAC_READ_SEARCH before issuing exportfs_decode_fh > Add flags option to get xattr method paired to

Re: [RFC 0/7] Introduce TEE based Trusted Keys support

On 6/13/2019 3:30 AM, Sumit Garg wrote: > Add support for TEE based trusted keys where TEE provides the functionality > to seal and unseal trusted keys using hardware unique key. Also, this is > an alternative in case platform doesn't possess a TPM device. > > This series also adds some TEE feature

Re: [PATCH 06/17] doc: security: minor cleanups to build kernel-doc

On 5/13/2017 4:51 AM, Kees Cook wrote: > These fixes were needed to parse lsm_hooks.h kernel-doc. More work is > needed, but this is the first step. > > Cc: Casey Schaufler > Signed-off-by: Kees Cook Acked_by: Casey Schaufler Tell me more about the additional wor

Re: [PATCH 13/17] doc: ReSTify Smack.txt

On 5/13/2017 4:51 AM, Kees Cook wrote: > Adjusts for ReST markup and moves under LSM admin guide. > > Cc: Casey Schaufler > Signed-off-by: Kees Cook Acked-by: Casey Schaufler Thank you. > --- > .../Smack.txt => admin-guide/LSM/Sm

Re: [PATCH security-next v5 00/30] LSM: Explict ordering

On 10/23/2018 11:50 AM, Kees Cook wrote: > On Tue, Oct 23, 2018 at 9:48 AM, Casey Schaufler > wrote: >> On 10/12/2018 12:01 PM, Kees Cook wrote: >>> On Friday, October 12, 2018 3:19 AM, John Johansen >>> wrote: >>>> It isn't perfect but it manages

Re: [PATCH security-next v5 00/30] LSM: Explict ordering

On 10/23/2018 12:05 PM, Casey Schaufler wrote: > On 10/23/2018 11:50 AM, Kees Cook wrote: > >> Did you poke around at my combined series? >> https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/log/?h=lsm/ordering-v6-blob-sharing > I hope to do that on the plane

Re: [PATCH security-next v5 00/30] LSM: Explict ordering

On 10/24/2018 1:12 PM, Kees Cook wrote: > On Wed, Oct 24, 2018 at 1:56 AM, Casey Schaufler > wrote: >> On 10/23/2018 12:05 PM, Casey Schaufler wrote: >>> On 10/23/2018 11:50 AM, Kees Cook wrote: >>> >>>> Did you poke around at my combined series? >&g

Re: [PATCH security-next v5 00/30] LSM: Explict ordering

On 11/14/2018 1:04 PM, Casey Schaufler wrote: > On 10/24/2018 1:12 PM, Kees Cook wrote: >> On Wed, Oct 24, 2018 at 1:56 AM, Casey Schaufler >> wrote: >>> On 10/23/2018 12:05 PM, Casey Schaufler wrote: >>>> On 10/23/2018 11:50 AM, Kees Cook wrote: >>&

Re: [PATCH security-next v3 00/29] LSM: Explict LSM ordering

On 9/24/2018 5:18 PM, Kees Cook wrote: > v3: > - add CONFIG_LSM_ENABLE and refactor resulting logic Kees, you can add my Reviewed-by:Casey Schaufler for this entire patch set. Thank you for taking this on, it's a significant and important chunk of the LSM infrastructure update. > ...

Re: [PATCH security-next v5 00/30] LSM: Explict ordering

On 10/12/2018 12:01 PM, Kees Cook wrote: > On Friday, October 12, 2018 3:19 AM, John Johansen > wrote: >> It isn't perfect but it manages consistency across distros as best as >> can be achieved atm. > Yeah, this is why I'm okay with the current series: it provides as > consistent a view as possib

Re: [RFC PATCH 3/9] Loadpol LSM: filter kernel module request according to the policy

On 5/21/2025 7:01 AM, Simon THOBY wrote: > When a kernel module is loaded, the LSM accepts or rejects the demand > according to its policy. > > Signed-off-by: Simon THOBY > --- > security/loadpol/Makefile | 2 +- > security/loadpol/loadpol.c| 22 > security/loadpol/l