Show patches with: State = Action Required       |    Archived = No       |   554 patches
« 1 2 3 45 6 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
tpm: Define TPM2_SPACE_BUFFER_SIZE to replace the use of PAGE_SIZE tpm: Define TPM2_SPACE_BUFFER_SIZE to replace the use of PAGE_SIZE - 1 1 --- 2020-07-02 Jarkko Sakkinen Under Review
[RESEND,v3] tpm: st33zp24: remove pointless checks on probe [RESEND,v3] tpm: st33zp24: remove pointless checks on probe - 1 - --- 2022-12-07 Dmitry Torokhov New
public_key: Add a comment to public_key_signature struct definition public_key: Add a comment to public_key_signature struct definition - 1 - --- 2022-12-07 Roberto Sassu New
[v2,01/10] KEYS: Create static version of public_key_verify_signature Add CA enforcement keyring restrictions - 2 - --- 2022-12-07 Eric Snowberg New
[v2,02/10] KEYS: Add missing function documentation Add CA enforcement keyring restrictions - 1 - --- 2022-12-07 Eric Snowberg New
[v2,03/10] KEYS: X.509: Parse Basic Constraints for CA Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg New
[v2,04/10] KEYS: X.509: Parse Key Usage Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg New
[v2,05/10] KEYS: Introduce a CA endorsed flag Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg New
[v2,06/10] KEYS: Introduce keyring restriction that validates ca trust Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg New
[v2,07/10] KEYS: X.509: Flag Intermediate CA certs as endorsed Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg New
[v2,08/10] integrity: Use root of trust signature restriction Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg New
[v2,09/10] KEYS: CA link restriction Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg New
[v2,10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg New
fsverity: don't check builtin signatures when require_signatures=0 fsverity: don't check builtin signatures when require_signatures=0 1 - - --- 2022-12-08 Eric Biggers New
fsverity: mark builtin signatures as deprecated fsverity: mark builtin signatures as deprecated - - - --- 2022-12-08 Eric Biggers New
[GIT,PULL] tpmdd updates for tpmdd-next-v6.2-rc1 [GIT,PULL] tpmdd updates for tpmdd-next-v6.2-rc1 - - - --- 2022-12-08 Jarkko Sakkinen New
KEYS: asymmetric: Make a copy of sig and digest in vmalloced stack KEYS: asymmetric: Make a copy of sig and digest in vmalloced stack - - - --- 2022-12-08 Roberto Sassu New
[v2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() [v2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() - - - --- 2022-12-09 Roberto Sassu New
[01/11] tpm: move buffer handling from static inlines to real functions add integrity and security to TPM2 transactions - - - --- 2022-12-09 James Bottomley New
[02/11] tpm: add buffer handling for TPM2B types add integrity and security to TPM2 transactions - - - --- 2022-12-09 James Bottomley New
[03/11] tpm: add cursor based buffer functions for response parsing add integrity and security to TPM2 transactions - - - --- 2022-12-09 James Bottomley New
[04/11] tpm: add buffer function to point to returned parameters add integrity and security to TPM2 transactions - - - --- 2022-12-09 James Bottomley New
[05/11] tpm: export the context save and load commands add integrity and security to TPM2 transactions - - - --- 2022-12-09 James Bottomley New
[06/11] tpm: Add full HMAC and encrypt/decrypt session handling code add integrity and security to TPM2 transactions - 1 - --- 2022-12-09 James Bottomley New
[07/11] tpm: add hmac checks to tpm2_pcr_extend() add integrity and security to TPM2 transactions - - - --- 2022-12-09 James Bottomley New
[08/11] tpm: add session encryption protection to tpm2_get_random() add integrity and security to TPM2 transactions - - - --- 2022-12-09 James Bottomley New
[09/11] KEYS: trusted: Add session encryption protection to the seal/unseal path add integrity and security to TPM2 transactions - - - --- 2022-12-09 James Bottomley New
[10/11] tpm: add the null key name as a sysfs export add integrity and security to TPM2 transactions - - - --- 2022-12-09 James Bottomley New
[11/11] Documentation: add tpm-security.rst add integrity and security to TPM2 transactions - - - --- 2022-12-09 James Bottomley New
tpm_crb: Add support for CRB devices based on Pluton tpm_crb: Add support for CRB devices based on Pluton - - - --- 2022-12-12 Matthew Garrett New
[GIT,PULL] integrity: susbsytem updates for v6.2 [GIT,PULL] integrity: susbsytem updates for v6.2 - - - --- 2022-12-13 Mimi Zohar New
[v3,01/10] KEYS: Create static version of public_key_verify_signature Add CA enforcement keyring restrictions - 2 - --- 2022-12-14 Eric Snowberg New
[v3,02/10] KEYS: Add missing function documentation Add CA enforcement keyring restrictions - 1 - --- 2022-12-14 Eric Snowberg New
[v3,03/10] KEYS: X.509: Parse Basic Constraints for CA Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg New
[v3,04/10] KEYS: X.509: Parse Key Usage Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg New
[v3,05/10] KEYS: Introduce a CA endorsed flag Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg New
[v3,06/10] KEYS: Introduce keyring restriction that validates ca trust Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg New
[v3,07/10] KEYS: X.509: Flag Intermediate CA certs as endorsed Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg New
[v3,08/10] integrity: Use root of trust signature restriction Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg New
[v3,09/10] KEYS: CA link restriction Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg New
[v3,10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg New
lib/mpi: Fix buffer overrun when SG is too long lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-20 Herbert Xu New
libimaevm: do not crash if the certificate cannot be read libimaevm: do not crash if the certificate cannot be read - - - --- 2022-12-20 Alberto Mardegan New
[v2] lib/mpi: Fix buffer overrun when SG is too long [v2] lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-21 Herbert Xu New
[v3,1/2] lib/mpi: Fix buffer overrun when SG is too long [v3,1/2] lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-21 Roberto Sassu New
[v3,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() [v3,1/2] lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-21 Roberto Sassu New
security: Restore passing final prot to ima_file_mmap() security: Restore passing final prot to ima_file_mmap() - - - --- 2022-12-21 Roberto Sassu New
[v2] security: Restore passing final prot to ima_file_mmap() [v2] security: Restore passing final prot to ima_file_mmap() - - - --- 2022-12-21 Roberto Sassu New
[v1,1/1] ima: fix possible memory leak in cache allocating for namespace [v1,1/1] ima: fix possible memory leak in cache allocating for namespace - - - --- 2022-12-24 Denis Semakin New
[v1,1/1] ima: fix possible memory leak in cache allocating for namespace [v1,1/1] ima: fix possible memory leak in cache allocating for namespace - - - --- 2022-12-24 Denis Semakin New
[RFC,1/2] ima: created new ima template ima-dep-cgn for OCI containers attestation [RFC,1/2] ima: created new ima template ima-dep-cgn for OCI containers attestation - - - --- 2022-12-24 Enrico Bravi New
[RFC,2/2] ima: created new ima template ima-cgpath for Kubernates' pods attestation [RFC,1/2] ima: created new ima template ima-dep-cgn for OCI containers attestation - - - --- 2022-12-24 Enrico Bravi New
[RFC,v2] ima: fix possible memory leak in cache allocating for namespace [RFC,v2] ima: fix possible memory leak in cache allocating for namespace - - - --- 2022-12-26 Denis Semakin New
[-next] evm: Support small xattr in dump_security_xattr() [-next] evm: Support small xattr in dump_security_xattr() - - - --- 2022-12-26 xiujianfeng New
ima: Handle error code from security_audit_rule_match ima: Handle error code from security_audit_rule_match - - - --- 2022-12-27 Guozihua (Scott) New
[1/2] ima: use the lsm policy update notifier ima: Fix IMA mishandling of LSM based rule during - - - --- 2022-12-27 Guozihua (Scott) New
[2/2] ima: Handle -ESTALE returned by ima_filter_rule_match() ima: Fix IMA mishandling of LSM based rule during - 1 - --- 2022-12-27 Guozihua (Scott) New
[v4,1/2] lib/mpi: Fix buffer overrun when SG is too long [v4,1/2] lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-27 Roberto Sassu New
[v4,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() [v4,1/2] lib/mpi: Fix buffer overrun when SG is too long - - - --- 2022-12-27 Roberto Sassu New
[v5,1/2] lib/mpi: Fix buffer overrun when SG is too long KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() - 1 - --- 2022-12-27 Roberto Sassu New
[v5,2/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() - 1 - --- 2022-12-27 Roberto Sassu New
[-next] evm: Use __vfs_setxattr() to update security.evm [-next] evm: Use __vfs_setxattr() to update security.evm - - - --- 2022-12-28 xiujianfeng New
[v3,1/2] lockdown: kexec_file: prevent unsigned kernel image when KEXEC_SIG not enabled [v3,1/2] lockdown: kexec_file: prevent unsigned kernel image when KEXEC_SIG not enabled - 1 - --- 2022-12-30 Coiby Xu New
[v3,2/2] selftests/kexec: enable lockdown tests [v3,1/2] lockdown: kexec_file: prevent unsigned kernel image when KEXEC_SIG not enabled - - - --- 2022-12-30 Coiby Xu New
[V2] tpm_crb: Add support for CRB devices based on Pluton [V2] tpm_crb: Add support for CRB devices based on Pluton - 1 - --- 2022-12-31 Matthew Garrett New
ima: fix ima_delete_rules() kernel-doc warning ima: fix ima_delete_rules() kernel-doc warning - 1 - --- 2023-01-02 Randy Dunlap New
KEYS: trusted: tpm2: use correct function name in kernel-doc KEYS: trusted: tpm2: use correct function name in kernel-doc - 1 - --- 2023-01-02 Randy Dunlap New
[v2,1/2] ima: use the lsm policy update notifier ima: Fix IMA mishandling of LSM based rule during - - - --- 2023-01-03 Guozihua (Scott) New
[v2,2/2] ima: Handle -ESTALE returned by ima_filter_rule_match() ima: Fix IMA mishandling of LSM based rule during - 1 - --- 2023-01-03 Guozihua (Scott) New
tpm: Add reserved memory event log tpm: Add reserved memory event log - - - --- 2023-01-03 Eddie James New
ima: fix error handling logic when file measurement failed ima: fix error handling logic when file measurement failed - - - --- 2023-01-04 Matt Bobrowski New
ima: return IMA digest value only when IMA_COLLECTED flag is set ima: return IMA digest value only when IMA_COLLECTED flag is set - - - --- 2023-01-04 Matt Bobrowski New
[v3,1/3] LSM: switch to blocking policy update notifiers ima: Fix IMA mishandling of LSM based rule during 2 - - --- 2023-01-04 Guozihua (Scott) New
[v3,2/3] ima: use the lsm policy update notifier ima: Fix IMA mishandling of LSM based rule during - - - --- 2023-01-04 Guozihua (Scott) New
[v3,3/3] ima: Handle -ESTALE returned by ima_filter_rule_match() ima: Fix IMA mishandling of LSM based rule during - 1 - --- 2023-01-04 Guozihua (Scott) New
[v4,1/3] LSM: switch to blocking policy update notifiers ima: Fix IMA mishandling of LSM based rule during 2 - - --- 2023-01-04 Guozihua (Scott) New
[v4,2/3] ima: use the lsm policy update notifier ima: Fix IMA mishandling of LSM based rule during - - - --- 2023-01-04 Guozihua (Scott) New
[v4,3/3] ima: Handle -ESTALE returned by ima_filter_rule_match() ima: Fix IMA mishandling of LSM based rule during - 1 - --- 2023-01-04 Guozihua (Scott) New
[v5,1/3] LSM: switch to blocking policy update notifiers ima: Fix IMA mishandling of LSM based rule during 2 - - --- 2023-01-05 Guozihua (Scott) New
[v5,2/3] ima: use the lsm policy update notifier ima: Fix IMA mishandling of LSM based rule during - - - --- 2023-01-05 Guozihua (Scott) New
[v5,3/3] ima: Handle -ESTALE returned by ima_filter_rule_match() ima: Fix IMA mishandling of LSM based rule during - 1 - --- 2023-01-05 Guozihua (Scott) New
[v6,1/3] LSM: switch to blocking policy update notifiers ima: Fix IMA mishandling of LSM based rule during 2 - - --- 2023-01-05 Guozihua (Scott) New
[v6,2/3] ima: use the lsm policy update notifier ima: Fix IMA mishandling of LSM based rule during - - - --- 2023-01-05 Guozihua (Scott) New
[v6,3/3] ima: Handle -ESTALE returned by ima_filter_rule_match() ima: Fix IMA mishandling of LSM based rule during - 1 - --- 2023-01-05 Guozihua (Scott) New
tpm: Disable hwrng for TPM 1 if PM_SLEEP is enabled tpm: Disable hwrng for TPM 1 if PM_SLEEP is enabled - - - --- 2023-01-05 Jason A. Donenfeld New
[v7,1/3] LSM: switch to blocking policy update notifiers ima: Fix IMA mishandling of LSM based rule during 2 - - --- 2023-01-06 Guozihua (Scott) New
[v7,2/3] ima: use the lsm policy update notifier ima: Fix IMA mishandling of LSM based rule during - - - --- 2023-01-06 Guozihua (Scott) New
[v7,3/3] ima: Handle -ESTALE returned by ima_filter_rule_match() ima: Fix IMA mishandling of LSM based rule during - 1 - --- 2023-01-06 Guozihua (Scott) New
[v2] tpm: Allow system suspend to continue when TPM suspend fails [v2] tpm: Allow system suspend to continue when TPM suspend fails - - - --- 2023-01-06 Jason A. Donenfeld New
libimaevm: do not crash if the certificate cannot be read libimaevm: do not crash if the certificate cannot be read - - - --- 2023-01-09 Alberto Mardegan New
[ima-evm-utils,1/8] Fix error messages and mdlen init in calc_evm_hmac() Support testing with UML kernel - - - --- 2023-01-09 Roberto Sassu New
[ima-evm-utils,2/8] Add config for UML kernel Support testing with UML kernel - - - --- 2023-01-09 Roberto Sassu New
[ima-evm-utils,3/8] Compile the UML kernel and download it in Github Actions Support testing with UML kernel - - - --- 2023-01-09 Roberto Sassu New
[ima-evm-utils,4/8] Add support for UML in functions.sh Support testing with UML kernel - - - --- 2023-01-09 Roberto Sassu New
[ima-evm-utils,5/8] Introduce TST_LIST variable to select a test to execute Support testing with UML kernel - - - --- 2023-01-09 Roberto Sassu New
[ima-evm-utils,6/8] Add tests for EVM portable signatures Support testing with UML kernel - - - --- 2023-01-09 Roberto Sassu New
[ima-evm-utils,7/8] Adapt fsverity.test to work with UML kernel Support testing with UML kernel - - - --- 2023-01-09 Roberto Sassu New
[ima-evm-utils,8/8] Use in-place built fsverity binary instead of installing it Support testing with UML kernel - - - --- 2023-01-09 Roberto Sassu New
[ima-evm-utils,v2,1/9] Fix error messages and mdlen init in calc_evm_hmac() Support testing with UML kernel - 1 - --- 2023-01-12 Roberto Sassu New
[ima-evm-utils,v2,2/9] Add config for UML kernel Support testing with UML kernel 1 - - --- 2023-01-12 Roberto Sassu New
« 1 2 3 45 6 »