Linux Integrity - Patchwork

Show patches with: State = Action Required | Archived = No | 680 patches

« 1 2 3 4 … 6 7 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	State
integrity: Update comment for load_moklist_certs()	integrity: Update comment for load_moklist_certs()	- - -	---	2024-05-11	Yusong Gao	New
[bpf-next,v4,01/20] lsm: Refactor return value of LSM hook vm_enough_memory	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,02/20] lsm: Refactor return value of LSM hook inode_need_killpriv	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,03/20] lsm: Refactor return value of LSM hook inode_getsecurity	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,04/20] lsm: Refactor return value of LSM hook inode_listsecurity	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,05/20] lsm: Refactor return value of LSM hook inode_copy_up_xattr	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,06/20] lsm: Refactor return value of LSM hook getselfattr	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,07/20] lsm: Refactor return value of LSM hook setprocattr	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,08/20] lsm: Refactor return value of LSM hook getprocattr	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,09/20] lsm: Refactor return value of LSM hook key_getsecurity	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,10/20] lsm: Refactor return value of LSM hook audit_rule_match	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,11/20] bpf, lsm: Add disabled BPF LSM hook list	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,12/20] bpf, lsm: Enable BPF LSM prog to read/write return value parameters	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,13/20] bpf, lsm: Add check for BPF LSM return value	Add return value range check for BPF LSM	1 - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,14/20] bpf: Prevent tail call between progs attached to different hooks	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,15/20] bpf: Fix compare error in function retval_range_within	Add return value range check for BPF LSM	1 - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,16/20] bpf: Add a special case for bitwise AND on range [-1, 0]	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,17/20] selftests/bpf: Avoid load failure for token_lsm.c	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,18/20] selftests/bpf: Add return value checks for failed tests	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,19/20] selftests/bpf: Add test for lsm tail call	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[bpf-next,v4,20/20] selftests/bpf: Add verifier tests for bpf lsm	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	New
[v1,1/2] lsm: Refactor return value of LSM hook vm_enough_memory	Refactor return value of two lsm hooks	- - -	---	2024-07-24	Xu Kuohai	New
[v1,2/2] lsm: Refactor return value of LSM hook inode_copy_up_xattr	Refactor return value of two lsm hooks	- - -	---	2024-07-24	Xu Kuohai	New
[v1] tpm_tis_spi: add missing attpm20p SPI device ID entry	[v1] tpm_tis_spi: add missing attpm20p SPI device ID entry	- 2 -	---	2024-06-21	Vitor Soares	New
[v3,26/32] tpm_tis_spi: Follow renaming of SPI "master" to "controller"	spi: get rid of some legacy macros	1 1 -	---	2024-02-07	Uwe Kleine-König	New
[v5,1/8] ima: define and call ima_alloc_kexec_file_buf	ima: kexec: measure events between kexec load and execute	- - -	---	2024-02-14	Tushar Sugandhi	New
[v5,2/8] kexec: define functions to map and unmap segments	ima: kexec: measure events between kexec load and execute	- 1 -	---	2024-02-14	Tushar Sugandhi	New
[v5,3/8] ima: kexec: skip IMA segment validation after kexec soft reboot	ima: kexec: measure events between kexec load and execute	- - -	---	2024-02-14	Tushar Sugandhi	New
[v5,4/8] ima: kexec: define functions to copy IMA log at soft boot	ima: kexec: measure events between kexec load and execute	- 1 -	---	2024-02-14	Tushar Sugandhi	New
[v5,5/8] ima: kexec: move IMA log copy from kexec load to execute	ima: kexec: measure events between kexec load and execute	- - -	---	2024-02-14	Tushar Sugandhi	New
[v5,6/8] ima: suspend measurements during buffer copy at kexec execute	ima: kexec: measure events between kexec load and execute	- 1 -	---	2024-02-14	Tushar Sugandhi	New
[v5,7/8] ima: make the kexec extra memory configurable	ima: kexec: measure events between kexec load and execute	- 1 -	---	2024-02-14	Tushar Sugandhi	New
[v5,8/8] ima: measure kexec load and exec events as critical data	ima: kexec: measure events between kexec load and execute	- - -	---	2024-02-14	Tushar Sugandhi	New
TPM error path on probe	TPM error path on probe	- - -	---	2024-02-29	Tim Harvey	New
[1/5] security: allow finer granularity in permitting copy-up of security xattrs	evm: Support signatures on stacked filesystem	- - -	---	2024-01-30	Stefan Berger	New
[2/5] evm: Implement per signature type decision in security_inode_copy_up_xattr	evm: Support signatures on stacked filesystem	- - -	---	2024-01-30	Stefan Berger	New
[3/5] ima: Reset EVM status upon detecting changes to overlay backing file	evm: Support signatures on stacked filesystem	- - -	---	2024-01-30	Stefan Berger	New
[4/5] evm: Use the real inode's metadata to calculate metadata hash	evm: Support signatures on stacked filesystem	- - -	---	2024-01-30	Stefan Berger	New
[5/5] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509	evm: Support signatures on stacked filesystem	- - -	---	2024-01-30	Stefan Berger	New
[v1,ima-evm-utils,1/6] headers: Remove usage of CONFIG_IMA_EVM_ENGINE from public header	Deprecate sign_hash and add provider support	- - -	---	2024-02-05	Stefan Berger	New
[v1,ima-evm-utils,2/6] Pass ENGINE and keyid through to function using them	Deprecate sign_hash and add provider support	- - -	---	2024-02-05	Stefan Berger	New
[v1,ima-evm-utils,3/6] evmctl: Replace deprecated sign_hash with imaevm_signhash	Deprecate sign_hash and add provider support	- - -	---	2024-02-05	Stefan Berger	New
[v1,ima-evm-utils,4/6] Add support for OpenSSL provider to the library and evmctl	Deprecate sign_hash and add provider support	- - -	---	2024-02-05	Stefan Berger	New
[v1,ima-evm-utils,5/6] tests: Add pkcs11 test using provider	Deprecate sign_hash and add provider support	- - -	---	2024-02-05	Stefan Berger	New
[v1,ima-evm-utils,6/6] ci: Install pkcs11-provider where available	Deprecate sign_hash and add provider support	- - -	---	2024-02-05	Stefan Berger	New
[v2,1/9] ima: Rename backing_inode to real_inode	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-05	Stefan Berger	New
[v2,2/9] security: allow finer granularity in permitting copy-up of security xattrs	evm: Support signatures on stacked filesystem	2 - -	---	2024-02-05	Stefan Berger	New
[v2,3/9] evm: Implement per signature type decision in security_inode_copy_up_xattr	evm: Support signatures on stacked filesystem	- - -	---	2024-02-05	Stefan Berger	New
[v2,4/9] ima: Reset EVM status upon detecting changes to the real file	evm: Support signatures on stacked filesystem	- - -	---	2024-02-05	Stefan Berger	New
[v2,5/9] evm: Use the inode holding the metadata to calculate metadata hash	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-05	Stefan Berger	New
[v2,6/9] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509	evm: Support signatures on stacked filesystem	- - -	---	2024-02-05	Stefan Berger	New
[v2,7/9] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-05	Stefan Berger	New
[v2,8/9] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs	evm: Support signatures on stacked filesystem	- - -	---	2024-02-05	Stefan Berger	New
[v2,9/9] ima: Record i_version of real_inode for change detection	evm: Support signatures on stacked filesystem	- - -	---	2024-02-05	Stefan Berger	New
[v2,ima-evm-utils,1/6] headers: Remove usage of CONFIG_IMA_EVM_ENGINE from public header	Deprecate sign_hash and add provider support	- - -	---	2024-02-23	Stefan Berger	New
[v2,ima-evm-utils,2/6] Pass ENGINE and keyid through to function using them	Deprecate sign_hash and add provider support	- - -	---	2024-02-23	Stefan Berger	New
[v2,ima-evm-utils,3/6] evmctl: Replace deprecated sign_hash with imaevm_signhash	Deprecate sign_hash and add provider support	- - -	---	2024-02-23	Stefan Berger	New
[v2,ima-evm-utils,4/6] Add support for OpenSSL provider to the library and evmctl	Deprecate sign_hash and add provider support	- - -	---	2024-02-23	Stefan Berger	New
[v2,ima-evm-utils,5/6] tests: Add pkcs11 test using provider	Deprecate sign_hash and add provider support	- - -	---	2024-02-23	Stefan Berger	New
[v2,ima-evm-utils,6/6] ci: Install pkcs11-provider where available	Deprecate sign_hash and add provider support	- - -	---	2024-02-23	Stefan Berger	New
[v3,01/10] ima: Rename backing_inode to real_inode	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-23	Stefan Berger	New
[v3,02/10] security: allow finer granularity in permitting copy-up of security xattrs	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-23	Stefan Berger	New
[v3,03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	New
[v3,04/10] evm: Use the metadata inode to calculate metadata hash	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-23	Stefan Berger	New
[v3,05/10] ima: Move file-change detection variables into new structure	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	New
[v3,06/10] evm: Store and detect metadata inode attributes changes	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	New
[v3,07/10] ima: re-evaluate file integrity on file metadata change	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	New
[v3,08/10] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	New
[v3,09/10] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED	evm: Support signatures on stacked filesystem	1 - -	---	2024-02-23	Stefan Berger	New
[v3,10/10] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs	evm: Support signatures on stacked filesystem	- - -	---	2024-02-23	Stefan Berger	New
[v3,ima-evm-utils,1/7] tests: Skip pkcs11 test if no engine support in evmctl	Deprecate sign_hash and add provider support	- - -	---	2024-02-26	Stefan Berger	New
[v3,ima-evm-utils,2/7] headers: Remove usage of CONFIG_IMA_EVM_ENGINE from public header	Deprecate sign_hash and add provider support	- - -	---	2024-02-26	Stefan Berger	New
[v3,ima-evm-utils,3/7] Pass ENGINE and keyid through to function using them	Deprecate sign_hash and add provider support	- - -	---	2024-02-26	Stefan Berger	New
[v3,ima-evm-utils,4/7] evmctl: Replace deprecated sign_hash with imaevm_signhash	Deprecate sign_hash and add provider support	- - -	---	2024-02-26	Stefan Berger	New
[v3,ima-evm-utils,5/7] Add support for OpenSSL provider to the library and evmctl	Deprecate sign_hash and add provider support	- - -	---	2024-02-26	Stefan Berger	New
[v3,ima-evm-utils,6/7] tests: Add pkcs11 test using provider	Deprecate sign_hash and add provider support	- - -	---	2024-02-26	Stefan Berger	New
[v3,ima-evm-utils,7/7] ci: Install pkcs11-provider where available	Deprecate sign_hash and add provider support	- - -	---	2024-02-26	Stefan Berger	New
[v4,ima-evm-utils,1/7] tests: Skip pkcs11 test if no engine support in evmctl	Implement imaevm_signhash and add provider support	- - -	---	2024-02-28	Stefan Berger	New
[v4,ima-evm-utils,2/7] headers: Remove usage of CONFIG_IMA_EVM_ENGINE from public header	Implement imaevm_signhash and add provider support	- - -	---	2024-02-28	Stefan Berger	New
[v4,ima-evm-utils,3/7] Implement imaevm_signhash library function and deprecate sign_hash	Implement imaevm_signhash and add provider support	- - -	---	2024-02-28	Stefan Berger	New
[v4,ima-evm-utils,4/7] evmctl: Replace deprecated sign_hash with imaevm_signhash	Implement imaevm_signhash and add provider support	- - -	---	2024-02-28	Stefan Berger	New
[v4,ima-evm-utils,5/7] Add support for OpenSSL provider to the library and evmctl	Implement imaevm_signhash and add provider support	- - -	---	2024-02-28	Stefan Berger	New
[v4,ima-evm-utils,6/7] tests: Add pkcs11 test using provider	Implement imaevm_signhash and add provider support	- - -	---	2024-02-28	Stefan Berger	New
[v4,ima-evm-utils,7/7] ci: Install pkcs11-provider where available	Implement imaevm_signhash and add provider support	- - -	---	2024-02-28	Stefan Berger	New
[ima-evm-utils] Add missing newline to error message	[ima-evm-utils] Add missing newline to error message	- - -	---	2024-03-01	Stefan Berger	New
[1/2] powerpc/prom_init: Replace linux,sml-base/sml-size with linux,sml-log	Preserve TPM log across kexec	- - -	---	2024-03-06	Stefan Berger	New
[2/2] tpm: of: If available Use linux,sml-log to get the log and its size	Preserve TPM log across kexec	- - -	---	2024-03-06	Stefan Berger	New
[RFC,v2,1/3] powerpc/prom_init: Replace linux,sml-base/sml-size with linux,sml-log	Preserve TPM log across kexec	- - -	---	2024-03-11	Stefan Berger	New
[RFC,v2,2/3] dt-bindings: tpm: Add linux,sml-log to ibm,vtpm.yaml	Preserve TPM log across kexec	- - -	---	2024-03-11	Stefan Berger	New
[RFC,v2,3/3] tpm: of: If available use linux,sml-log to get the log and its size	Preserve TPM log across kexec	- - -	---	2024-03-11	Stefan Berger	New
ima: Fix use-after-free on a dentry's dname.name	ima: Fix use-after-free on a dentry's dname.name	- - -	---	2024-03-22	Stefan Berger	New
[RFC,1/2] ovl: Define D_REAL_FILEDATA for d_real to return dentry with data	ima: Fix detection of read/write violations on stacked filesystems	- - -	---	2024-04-12	Stefan Berger	New
[RFC,2/2] ima: Fix detection of read/write violations on stacked filesystems	ima: Fix detection of read/write violations on stacked filesystems	- - -	---	2024-04-12	Stefan Berger	New
[RFC,v2,1/2] ovl: Define D_REAL_FILEDATA for d_real to return dentry with data	ima: Fix detection of read/write violations on stacked filesystems	- - -	---	2024-04-22	Stefan Berger	New
[RFC,v2,2/2] ima: Fix detection of read/write violations on stacked filesystems	ima: Fix detection of read/write violations on stacked filesystems	- - -	---	2024-04-22	Stefan Berger	New
[ima-evm-utils] First try to get keyid from cert then fall back to calculating	[ima-evm-utils] First try to get keyid from cert then fall back to calculating	- - -	---	2024-04-29	Stefan Berger	New
[ima-evm-utils,1/2] evmctl: Replace OSS_PROVIDER_load with OSSL_PROVIDER_try_load (Ubuntu)	Fix issue with tests and provider on Ubuntu 24.04	- - -	---	2024-05-14	Stefan Berger	New
[ima-evm-utils,2/2] tests: Use EVMCTL_ENGINE to set engine or provider for test case	Fix issue with tests and provider on Ubuntu 24.04	- - -	---	2024-05-14	Stefan Berger	New
tpm: ibmvtpm: Call tpm2_sessions_init() to initialize session support	tpm: ibmvtpm: Call tpm2_sessions_init() to initialize session support	- - -	---	2024-06-17	Stefan Berger	New
[ima-evm-utils,1/3] Call OPENSSL_Cleanup before main exit to avoid crashes when engine was used	Enable and disable OpenSSL provider tests	- - -	---	2024-06-21	Stefan Berger	New

« 1 2 3 4 … 6 7 »