Linux Integrity - Patchwork

Show patches with: State = Action Required | Archived = No | 554 patches

« 1 2 3 4 … 5 6 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	State
tpm: Define TPM2_SPACE_BUFFER_SIZE to replace the use of PAGE_SIZE	tpm: Define TPM2_SPACE_BUFFER_SIZE to replace the use of PAGE_SIZE	- 1 1	---	2020-07-02	Jarkko Sakkinen	Under Review
[RESEND,v3] tpm: st33zp24: remove pointless checks on probe	[RESEND,v3] tpm: st33zp24: remove pointless checks on probe	- 1 -	---	2022-12-07	Dmitry Torokhov	New
public_key: Add a comment to public_key_signature struct definition	public_key: Add a comment to public_key_signature struct definition	- 1 -	---	2022-12-07	Roberto Sassu	New
[v2,01/10] KEYS: Create static version of public_key_verify_signature	Add CA enforcement keyring restrictions	- 2 -	---	2022-12-07	Eric Snowberg	New
[v2,02/10] KEYS: Add missing function documentation	Add CA enforcement keyring restrictions	- 1 -	---	2022-12-07	Eric Snowberg	New
[v2,03/10] KEYS: X.509: Parse Basic Constraints for CA	Add CA enforcement keyring restrictions	- - -	---	2022-12-07	Eric Snowberg	New
[v2,04/10] KEYS: X.509: Parse Key Usage	Add CA enforcement keyring restrictions	- - -	---	2022-12-07	Eric Snowberg	New
[v2,05/10] KEYS: Introduce a CA endorsed flag	Add CA enforcement keyring restrictions	- - -	---	2022-12-07	Eric Snowberg	New
[v2,06/10] KEYS: Introduce keyring restriction that validates ca trust	Add CA enforcement keyring restrictions	- - -	---	2022-12-07	Eric Snowberg	New
[v2,07/10] KEYS: X.509: Flag Intermediate CA certs as endorsed	Add CA enforcement keyring restrictions	- - -	---	2022-12-07	Eric Snowberg	New
[v2,08/10] integrity: Use root of trust signature restriction	Add CA enforcement keyring restrictions	- - -	---	2022-12-07	Eric Snowberg	New
[v2,09/10] KEYS: CA link restriction	Add CA enforcement keyring restrictions	- - -	---	2022-12-07	Eric Snowberg	New
[v2,10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca	Add CA enforcement keyring restrictions	- - -	---	2022-12-07	Eric Snowberg	New
fsverity: don't check builtin signatures when require_signatures=0	fsverity: don't check builtin signatures when require_signatures=0	1 - -	---	2022-12-08	Eric Biggers	New
fsverity: mark builtin signatures as deprecated	fsverity: mark builtin signatures as deprecated	- - -	---	2022-12-08	Eric Biggers	New
[GIT,PULL] tpmdd updates for tpmdd-next-v6.2-rc1	[GIT,PULL] tpmdd updates for tpmdd-next-v6.2-rc1	- - -	---	2022-12-08	Jarkko Sakkinen	New
KEYS: asymmetric: Make a copy of sig and digest in vmalloced stack	KEYS: asymmetric: Make a copy of sig and digest in vmalloced stack	- - -	---	2022-12-08	Roberto Sassu	New
[v2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	[v2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	- - -	---	2022-12-09	Roberto Sassu	New
[01/11] tpm: move buffer handling from static inlines to real functions	add integrity and security to TPM2 transactions	- - -	---	2022-12-09	James Bottomley	New
[02/11] tpm: add buffer handling for TPM2B types	add integrity and security to TPM2 transactions	- - -	---	2022-12-09	James Bottomley	New
[03/11] tpm: add cursor based buffer functions for response parsing	add integrity and security to TPM2 transactions	- - -	---	2022-12-09	James Bottomley	New
[04/11] tpm: add buffer function to point to returned parameters	add integrity and security to TPM2 transactions	- - -	---	2022-12-09	James Bottomley	New
[05/11] tpm: export the context save and load commands	add integrity and security to TPM2 transactions	- - -	---	2022-12-09	James Bottomley	New
[06/11] tpm: Add full HMAC and encrypt/decrypt session handling code	add integrity and security to TPM2 transactions	- 1 -	---	2022-12-09	James Bottomley	New
[07/11] tpm: add hmac checks to tpm2_pcr_extend()	add integrity and security to TPM2 transactions	- - -	---	2022-12-09	James Bottomley	New
[08/11] tpm: add session encryption protection to tpm2_get_random()	add integrity and security to TPM2 transactions	- - -	---	2022-12-09	James Bottomley	New
[09/11] KEYS: trusted: Add session encryption protection to the seal/unseal path	add integrity and security to TPM2 transactions	- - -	---	2022-12-09	James Bottomley	New
[10/11] tpm: add the null key name as a sysfs export	add integrity and security to TPM2 transactions	- - -	---	2022-12-09	James Bottomley	New
[11/11] Documentation: add tpm-security.rst	add integrity and security to TPM2 transactions	- - -	---	2022-12-09	James Bottomley	New
tpm_crb: Add support for CRB devices based on Pluton	tpm_crb: Add support for CRB devices based on Pluton	- - -	---	2022-12-12	Matthew Garrett	New
[GIT,PULL] integrity: susbsytem updates for v6.2	[GIT,PULL] integrity: susbsytem updates for v6.2	- - -	---	2022-12-13	Mimi Zohar	New
[v3,01/10] KEYS: Create static version of public_key_verify_signature	Add CA enforcement keyring restrictions	- 2 -	---	2022-12-14	Eric Snowberg	New
[v3,02/10] KEYS: Add missing function documentation	Add CA enforcement keyring restrictions	- 1 -	---	2022-12-14	Eric Snowberg	New
[v3,03/10] KEYS: X.509: Parse Basic Constraints for CA	Add CA enforcement keyring restrictions	- - -	---	2022-12-14	Eric Snowberg	New
[v3,04/10] KEYS: X.509: Parse Key Usage	Add CA enforcement keyring restrictions	- - -	---	2022-12-14	Eric Snowberg	New
[v3,05/10] KEYS: Introduce a CA endorsed flag	Add CA enforcement keyring restrictions	- - -	---	2022-12-14	Eric Snowberg	New
[v3,06/10] KEYS: Introduce keyring restriction that validates ca trust	Add CA enforcement keyring restrictions	- - -	---	2022-12-14	Eric Snowberg	New
[v3,07/10] KEYS: X.509: Flag Intermediate CA certs as endorsed	Add CA enforcement keyring restrictions	- - -	---	2022-12-14	Eric Snowberg	New
[v3,08/10] integrity: Use root of trust signature restriction	Add CA enforcement keyring restrictions	- - -	---	2022-12-14	Eric Snowberg	New
[v3,09/10] KEYS: CA link restriction	Add CA enforcement keyring restrictions	- - -	---	2022-12-14	Eric Snowberg	New
[v3,10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca	Add CA enforcement keyring restrictions	- - -	---	2022-12-14	Eric Snowberg	New
lib/mpi: Fix buffer overrun when SG is too long	lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-20	Herbert Xu	New
libimaevm: do not crash if the certificate cannot be read	libimaevm: do not crash if the certificate cannot be read	- - -	---	2022-12-20	Alberto Mardegan	New
[v2] lib/mpi: Fix buffer overrun when SG is too long	[v2] lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-21	Herbert Xu	New
[v3,1/2] lib/mpi: Fix buffer overrun when SG is too long	[v3,1/2] lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-21	Roberto Sassu	New
[v3,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	[v3,1/2] lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-21	Roberto Sassu	New
security: Restore passing final prot to ima_file_mmap()	security: Restore passing final prot to ima_file_mmap()	- - -	---	2022-12-21	Roberto Sassu	New
[v2] security: Restore passing final prot to ima_file_mmap()	[v2] security: Restore passing final prot to ima_file_mmap()	- - -	---	2022-12-21	Roberto Sassu	New
[v1,1/1] ima: fix possible memory leak in cache allocating for namespace	[v1,1/1] ima: fix possible memory leak in cache allocating for namespace	- - -	---	2022-12-24	Denis Semakin	New
[v1,1/1] ima: fix possible memory leak in cache allocating for namespace	[v1,1/1] ima: fix possible memory leak in cache allocating for namespace	- - -	---	2022-12-24	Denis Semakin	New
[RFC,1/2] ima: created new ima template ima-dep-cgn for OCI containers attestation	[RFC,1/2] ima: created new ima template ima-dep-cgn for OCI containers attestation	- - -	---	2022-12-24	Enrico Bravi	New
[RFC,2/2] ima: created new ima template ima-cgpath for Kubernates' pods attestation	[RFC,1/2] ima: created new ima template ima-dep-cgn for OCI containers attestation	- - -	---	2022-12-24	Enrico Bravi	New
[RFC,v2] ima: fix possible memory leak in cache allocating for namespace	[RFC,v2] ima: fix possible memory leak in cache allocating for namespace	- - -	---	2022-12-26	Denis Semakin	New
[-next] evm: Support small xattr in dump_security_xattr()	[-next] evm: Support small xattr in dump_security_xattr()	- - -	---	2022-12-26	xiujianfeng	New
ima: Handle error code from security_audit_rule_match	ima: Handle error code from security_audit_rule_match	- - -	---	2022-12-27	Guozihua (Scott)	New
[1/2] ima: use the lsm policy update notifier	ima: Fix IMA mishandling of LSM based rule during	- - -	---	2022-12-27	Guozihua (Scott)	New
[2/2] ima: Handle -ESTALE returned by ima_filter_rule_match()	ima: Fix IMA mishandling of LSM based rule during	- 1 -	---	2022-12-27	Guozihua (Scott)	New
[v4,1/2] lib/mpi: Fix buffer overrun when SG is too long	[v4,1/2] lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-27	Roberto Sassu	New
[v4,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	[v4,1/2] lib/mpi: Fix buffer overrun when SG is too long	- - -	---	2022-12-27	Roberto Sassu	New
[v5,1/2] lib/mpi: Fix buffer overrun when SG is too long	KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	- 1 -	---	2022-12-27	Roberto Sassu	New
[v5,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()	- 1 -	---	2022-12-27	Roberto Sassu	New
[-next] evm: Use __vfs_setxattr() to update security.evm	[-next] evm: Use __vfs_setxattr() to update security.evm	- - -	---	2022-12-28	xiujianfeng	New
[v3,1/2] lockdown: kexec_file: prevent unsigned kernel image when KEXEC_SIG not enabled	[v3,1/2] lockdown: kexec_file: prevent unsigned kernel image when KEXEC_SIG not enabled	- 1 -	---	2022-12-30	Coiby Xu	New
[v3,2/2] selftests/kexec: enable lockdown tests	[v3,1/2] lockdown: kexec_file: prevent unsigned kernel image when KEXEC_SIG not enabled	- - -	---	2022-12-30	Coiby Xu	New
[V2] tpm_crb: Add support for CRB devices based on Pluton	[V2] tpm_crb: Add support for CRB devices based on Pluton	- 1 -	---	2022-12-31	Matthew Garrett	New
ima: fix ima_delete_rules() kernel-doc warning	ima: fix ima_delete_rules() kernel-doc warning	- 1 -	---	2023-01-02	Randy Dunlap	New
KEYS: trusted: tpm2: use correct function name in kernel-doc	KEYS: trusted: tpm2: use correct function name in kernel-doc	- 1 -	---	2023-01-02	Randy Dunlap	New
[v2,1/2] ima: use the lsm policy update notifier	ima: Fix IMA mishandling of LSM based rule during	- - -	---	2023-01-03	Guozihua (Scott)	New
[v2,2/2] ima: Handle -ESTALE returned by ima_filter_rule_match()	ima: Fix IMA mishandling of LSM based rule during	- 1 -	---	2023-01-03	Guozihua (Scott)	New
tpm: Add reserved memory event log	tpm: Add reserved memory event log	- - -	---	2023-01-03	Eddie James	New
ima: fix error handling logic when file measurement failed	ima: fix error handling logic when file measurement failed	- - -	---	2023-01-04	Matt Bobrowski	New
ima: return IMA digest value only when IMA_COLLECTED flag is set	ima: return IMA digest value only when IMA_COLLECTED flag is set	- - -	---	2023-01-04	Matt Bobrowski	New
[v3,1/3] LSM: switch to blocking policy update notifiers	ima: Fix IMA mishandling of LSM based rule during	2 - -	---	2023-01-04	Guozihua (Scott)	New
[v3,2/3] ima: use the lsm policy update notifier	ima: Fix IMA mishandling of LSM based rule during	- - -	---	2023-01-04	Guozihua (Scott)	New
[v3,3/3] ima: Handle -ESTALE returned by ima_filter_rule_match()	ima: Fix IMA mishandling of LSM based rule during	- 1 -	---	2023-01-04	Guozihua (Scott)	New
[v4,1/3] LSM: switch to blocking policy update notifiers	ima: Fix IMA mishandling of LSM based rule during	2 - -	---	2023-01-04	Guozihua (Scott)	New
[v4,2/3] ima: use the lsm policy update notifier	ima: Fix IMA mishandling of LSM based rule during	- - -	---	2023-01-04	Guozihua (Scott)	New
[v4,3/3] ima: Handle -ESTALE returned by ima_filter_rule_match()	ima: Fix IMA mishandling of LSM based rule during	- 1 -	---	2023-01-04	Guozihua (Scott)	New
[v5,1/3] LSM: switch to blocking policy update notifiers	ima: Fix IMA mishandling of LSM based rule during	2 - -	---	2023-01-05	Guozihua (Scott)	New
[v5,2/3] ima: use the lsm policy update notifier	ima: Fix IMA mishandling of LSM based rule during	- - -	---	2023-01-05	Guozihua (Scott)	New
[v5,3/3] ima: Handle -ESTALE returned by ima_filter_rule_match()	ima: Fix IMA mishandling of LSM based rule during	- 1 -	---	2023-01-05	Guozihua (Scott)	New
[v6,1/3] LSM: switch to blocking policy update notifiers	ima: Fix IMA mishandling of LSM based rule during	2 - -	---	2023-01-05	Guozihua (Scott)	New
[v6,2/3] ima: use the lsm policy update notifier	ima: Fix IMA mishandling of LSM based rule during	- - -	---	2023-01-05	Guozihua (Scott)	New
[v6,3/3] ima: Handle -ESTALE returned by ima_filter_rule_match()	ima: Fix IMA mishandling of LSM based rule during	- 1 -	---	2023-01-05	Guozihua (Scott)	New
tpm: Disable hwrng for TPM 1 if PM_SLEEP is enabled	tpm: Disable hwrng for TPM 1 if PM_SLEEP is enabled	- - -	---	2023-01-05	Jason A. Donenfeld	New
[v7,1/3] LSM: switch to blocking policy update notifiers	ima: Fix IMA mishandling of LSM based rule during	2 - -	---	2023-01-06	Guozihua (Scott)	New
[v7,2/3] ima: use the lsm policy update notifier	ima: Fix IMA mishandling of LSM based rule during	- - -	---	2023-01-06	Guozihua (Scott)	New
[v7,3/3] ima: Handle -ESTALE returned by ima_filter_rule_match()	ima: Fix IMA mishandling of LSM based rule during	- 1 -	---	2023-01-06	Guozihua (Scott)	New
[v2] tpm: Allow system suspend to continue when TPM suspend fails	[v2] tpm: Allow system suspend to continue when TPM suspend fails	- - -	---	2023-01-06	Jason A. Donenfeld	New
libimaevm: do not crash if the certificate cannot be read	libimaevm: do not crash if the certificate cannot be read	- - -	---	2023-01-09	Alberto Mardegan	New
[ima-evm-utils,1/8] Fix error messages and mdlen init in calc_evm_hmac()	Support testing with UML kernel	- - -	---	2023-01-09	Roberto Sassu	New
[ima-evm-utils,2/8] Add config for UML kernel	Support testing with UML kernel	- - -	---	2023-01-09	Roberto Sassu	New
[ima-evm-utils,3/8] Compile the UML kernel and download it in Github Actions	Support testing with UML kernel	- - -	---	2023-01-09	Roberto Sassu	New
[ima-evm-utils,4/8] Add support for UML in functions.sh	Support testing with UML kernel	- - -	---	2023-01-09	Roberto Sassu	New
[ima-evm-utils,5/8] Introduce TST_LIST variable to select a test to execute	Support testing with UML kernel	- - -	---	2023-01-09	Roberto Sassu	New
[ima-evm-utils,6/8] Add tests for EVM portable signatures	Support testing with UML kernel	- - -	---	2023-01-09	Roberto Sassu	New
[ima-evm-utils,7/8] Adapt fsverity.test to work with UML kernel	Support testing with UML kernel	- - -	---	2023-01-09	Roberto Sassu	New
[ima-evm-utils,8/8] Use in-place built fsverity binary instead of installing it	Support testing with UML kernel	- - -	---	2023-01-09	Roberto Sassu	New
[ima-evm-utils,v2,1/9] Fix error messages and mdlen init in calc_evm_hmac()	Support testing with UML kernel	- 1 -	---	2023-01-12	Roberto Sassu	New
[ima-evm-utils,v2,2/9] Add config for UML kernel	Support testing with UML kernel	1 - -	---	2023-01-12	Roberto Sassu	New

« 1 2 3 4 … 5 6 »