Linux Integrity - Patchwork

Show patches with: Submitter = Mimi Zohar | State = Action Required | 93 patches

Patch	A/R/T	S/W/F	Date	Submitter	State
[v6,8/8] ima: based on policy warn about loading firmware (pre-allocated buffer)	- 1 -	---	2018-07-13	Mimi Zohar	New
[v6,7/8] module: replace the existing LSM hook in init_module	3 - -	---	2018-07-13	Mimi Zohar	New
[v6,6/8] ima: add build time policy	- 1 -	---	2018-07-13	Mimi Zohar	New
[v6,5/8] ima: based on policy require signed firmware (sysfs fallback)	- 1 -	---	2018-07-13	Mimi Zohar	New
[v6,4/8] firmware: add call to LSM hook before firmware sysfs fallback	1 1 -	---	2018-07-13	Mimi Zohar	New
[v6,3/8] ima: based on policy require signed kexec kernel images	- 1 -	---	2018-07-13	Mimi Zohar	New
[v6,2/8] kexec: add call to LSM hook in original kexec_load syscall	2 - -	---	2018-07-13	Mimi Zohar	New
[v6,1/8] security: define new LSM hook named security_kernel_load_data	2 - -	---	2018-07-13	Mimi Zohar	New
[v5,8/8] module: replace the existing LSM hook in init_module	2 - -	---	2018-07-02	Mimi Zohar	New
[v5,7/8] ima: based on policy warn about loading firmware (pre-allocated buffer)	- - -	---	2018-07-02	Mimi Zohar	New
[v5,6/8] ima: add build time policy	- - -	---	2018-07-02	Mimi Zohar	New
[v5,5/8] ima: based on policy require signed firmware (sysfs fallback)	- - -	---	2018-07-02	Mimi Zohar	New
[v5,4/8] firmware: add call to LSM hook before firmware sysfs fallback	1 - -	---	2018-07-02	Mimi Zohar	New
[v5,3/8] ima: based on policy require signed kexec kernel images	- - -	---	2018-07-02	Mimi Zohar	New
[v5,2/8] kexec: add call to LSM hook in original kexec_load syscall	1 - -	---	2018-07-02	Mimi Zohar	New
[v5,1/8] security: define new LSM hook named security_kernel_load_data	1 - -	---	2018-07-02	Mimi Zohar	New
[v4a,8/8] module: replace the existing LSM hook in init_module	2 - -	---	2018-05-31	Mimi Zohar	New
[v4,8/8] module: replace the existing LSM hook in init_module	- - -	---	2018-05-29	Mimi Zohar	New
[RFC,v4,7/8] ima: based on policy prevent loading firmware (pre-allocated buffer)	- - -	---	2018-05-29	Mimi Zohar	New
[v4,6/8] ima: add build time policy	- - -	---	2018-05-29	Mimi Zohar	New
[v4,5/8] ima: based on policy require signed firmware (sysfs fallback)	- - -	---	2018-05-29	Mimi Zohar	New
[v4,4/8] firmware: add call to LSM hook before firmware sysfs fallback	1 - -	---	2018-05-29	Mimi Zohar	New
[v4,3/8] ima: based on policy require signed kexec kernel images	- - -	---	2018-05-29	Mimi Zohar	New
[v4,2/8] kexec: add call to LSM hook in original kexec_load syscall	1 - -	---	2018-05-29	Mimi Zohar	New
[v4,1/8] security: define new LSM hook named security_kernel_load_data	1 - -	---	2018-05-29	Mimi Zohar	New
[RFC,v3,7/7] ima: based on policy prevent loading firmware (pre-allocated buffer)	- - -	---	2018-05-24	Mimi Zohar	New
[v3,6/7] ima: add build time policy	- - -	---	2018-05-24	Mimi Zohar	New
[v3,5/7] ima: based on policy require signed firmware (sysfs fallback)	- - -	---	2018-05-24	Mimi Zohar	New
[v3,4/7] firmware: add call to LSM hook before firmware sysfs fallback	- - -	---	2018-05-24	Mimi Zohar	New
[v3,3/7] ima: based on policy require signed kexec kernel images	- - -	---	2018-05-24	Mimi Zohar	New
[v3,2/7] kexec: add call to LSM hook in original kexec_load syscall	- - -	---	2018-05-24	Mimi Zohar	New
[v3,1/7] security: rename security_kernel_read_file() hook	- - -	---	2018-05-24	Mimi Zohar	New
[v2,9/9] ima: based on policy prevent loading firmware (pre-allocated buffer)	- - -	---	2018-05-17	Mimi Zohar	New
[v2,8/9] ima: add build time policy	- - -	---	2018-05-17	Mimi Zohar	New
[v2,7/9] ima: based on policy require signed firmware (sysfs fallback)	- - -	---	2018-05-17	Mimi Zohar	New
[v2,6/9] firmware: add call to LSM hook before firmware sysfs fallback	- - -	---	2018-05-17	Mimi Zohar	New
[v2,5/9] ima: based on policy require signed kexec kernel images	- - -	---	2018-05-17	Mimi Zohar	New
[v2,4/9] kexec: add call to LSM hook in original kexec_load syscall	- - -	---	2018-05-17	Mimi Zohar	New
[v2,3/9] security: define security_kernel_read_blob() wrapper	- - -	---	2018-05-17	Mimi Zohar	New
[v2,2/9] ima: fix updating the ima_appraise flag	- - -	---	2018-05-17	Mimi Zohar	New
[v2,1/9] ima: based on policy verify firmware signatures (pre-allocated buffer)	- - -	---	2018-05-17	Mimi Zohar	New
[3/3] ima: based on policy require signed kexec kernel images	- - -	---	2018-05-11	Mimi Zohar	New
[2/3] kexec: call LSM hook for kexec_load syscall	- - -	---	2018-05-11	Mimi Zohar	New
[1/3] ima: based on the "secure_boot" policy limit syscalls	- - -	---	2018-05-11	Mimi Zohar	New
[RFC,6/6] ima: prevent loading firmware into a pre-allocated buffer	- - -	---	2018-05-01	Mimi Zohar	New
[5/6] ima: verify kernel firmware signatures when using a preallocated buffer	- - -	---	2018-05-01	Mimi Zohar	New
[4/6] ima: coordinate with signed regulatory.db	- - -	---	2018-05-01	Mimi Zohar	New
[3/6] firmware: differentiate between signed regulatory.db and other firmware	- - -	---	2018-05-01	Mimi Zohar	New
[2/6] ima: prevent sysfs fallback firmware loading	- - -	---	2018-05-01	Mimi Zohar	New
[1/6] firmware: permit LSMs and IMA to fail firmware sysfs fallback loading	- - -	---	2018-05-01	Mimi Zohar	New
ima: define a new policy condition based on the filesystem name	- - -	---	2018-04-30	Mimi Zohar	New
lockdown: fix coordination of kernel module signature verification	1 - -	---	2018-04-13	Mimi Zohar	New
[3/3] ima: based on policy require signed kexec kernel images	- - -	---	2018-04-12	Mimi Zohar	New
[2/3] kexec: call LSM hook for kexec_load syscall	- - -	---	2018-04-12	Mimi Zohar	New
[1/3] ima: based on the "secure_boot" policy limit syscalls	- - -	---	2018-04-12	Mimi Zohar	New
[v3,4/4] fuse: define the filesystem as untrusted	2 - -	---	2018-03-08	Mimi Zohar	New
[v3,3/4] ima: fail signature verification based on policy	2 - -	---	2018-03-08	Mimi Zohar	New
[v3,2/4] ima: re-evaluate files on privileged mounted filesystems	2 - -	---	2018-03-08	Mimi Zohar	New
[v3,1/4] ima: fail file signature verification on non-init mounted filesystems	2 - -	---	2018-03-08	Mimi Zohar	New
audit: add containerid support for IMA-audit	- - -	---	2018-03-05	Mimi Zohar	New
[v2,4/4] fuse: define the filesystem as untrusted	- - -	---	2018-02-22	Mimi Zohar	New
[v2,3/4] ima: fail signature verification based on policy	- - -	---	2018-02-22	Mimi Zohar	New
[v2,2/4] ima: re-evaluate files on privileged mounted filesystems	- - -	---	2018-02-22	Mimi Zohar	New
[v2,1/4] ima: fail file signature verification on non-init mounted filesystems	- - -	---	2018-02-22	Mimi Zohar	New
[v1,2/2] fuse: define the filesystem as untrusted	- - -	---	2018-02-19	Mimi Zohar	New
[v1,1/2] ima: fail signature verification on untrusted filesystems	- - -	---	2018-02-19	Mimi Zohar	New
[RFC,4/4] fuse: define the filesystem as untrusted	- - -	---	2018-02-14	Mimi Zohar	New
[RFC,3/4] ima: define a new policy option named "fail"	- - -	---	2018-02-14	Mimi Zohar	New
[RFC,2/4] ima: fail signature verification on unprivileged & untrusted filesystems	1 - -	---	2018-02-14	Mimi Zohar	New
[RFC,1/4] ima: define a new policy condition based on the filesystem name	- - -	---	2018-02-14	Mimi Zohar	New
[RFC] ima: force the re-evaluation of files on untrusted file systems	- - -	---	2018-02-05	Mimi Zohar	New
ima: re-initialize iint->atomic_flags	- - -	---	2018-01-23	Mimi Zohar	New
[10/10] ima-evm-utils: add support for validating multiple pcrs	- - -	---	2018-01-22	Mimi Zohar	New
[09/10] ima-evm-utils: verify IMA file hashes stored as xattrs	- - -	---	2018-01-22	Mimi Zohar	New
[08/10] ima-evm-utils: verify the measurement list signature based on the list digest	- - -	---	2018-01-22	Mimi Zohar	New
[07/10] ima-evm-utils: add support for specifying the pcr file location	- - -	---	2018-01-22	Mimi Zohar	New
[06/10] ima-evm-utils: indicate measurement list signature verification failure	- - -	---	2018-01-22	Mimi Zohar	New
[05/10] ima-evm-utils: support verifying the measurement list using multiple keys	- - -	---	2018-01-22	Mimi Zohar	New
[04/10] ima-evm-utils: remove the unnecessary display of the keyid	- - -	---	2018-01-22	Mimi Zohar	New
[03/10] ima-evm-utils: fix spelling error	- - -	---	2018-01-22	Mimi Zohar	New
[02/10] ima-evm-utils: revert the change to use printf instead of log_info()	- - -	---	2018-01-22	Mimi Zohar	New
[01/10] ima-evm-utils: fix "ima_measurement" template fields length	- - -	---	2018-01-22	Mimi Zohar	New
ima: define new policy condition based on the filesystem name	- - -	---	2018-01-15	Mimi Zohar	New
ima: define a new policy option named "force"	- - -	---	2017-12-08	Mimi Zohar	New
evm: fix portable patch	- - -	---	2017-12-04	Mimi Zohar	New
ima: support new "hash" and "dont_hash" policy actions	- - -	---	2017-11-13	Mimi Zohar	New
[RFC,v2] fw_lockdown: new micro LSM module to prevent loading unsigned firmware	- - -	---	2017-11-13	Mimi Zohar	New
MAINTAINERS: update the IMA, EVM, trusted-keys, encrypted-keys entries	- - -	---	2017-11-03	Mimi Zohar	New
[RFC] ima: require secure_boot rules in lockdown mode	- - -	---	2017-10-23	Mimi Zohar	New
vfs: fix mounting a filesystem with i_version	- - -	---	2017-10-08	Mimi Zohar	New
[RFC,3/3] fs: detect that the i_rwsem has already been taken exclusively	- - -	---	2017-09-28	Mimi Zohar	New
[RFC,2/3] integrity: use call_read_iter to calculate the file hash	- - -	---	2017-09-28	Mimi Zohar	New
[RFC,1/3] fs: define new read_iter rwf flag	- - -	---	2017-09-28	Mimi Zohar	New