Show patches with: Archived = No       |   819 patches
« 1 2 3 48 9 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,v13,20/20] documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,19/20] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,18/20] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,17/20] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,16/20] fsverity: consume builtin signature via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,15/20] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,14/20] dm verity: consume root hash digest and signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,13/20] dm: add finalize hook to target_type Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,12/20] dm verity: set DM_TARGET_SINGLETON feature flag Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,11/20] block|security: add LSM blob to block_device Integrity Policy Enforcement LSM (IPE) - 1 - --- 2024-02-29 Fan Wu New
[RFC,v13,10/20] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,09/20] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,08/20] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,07/20] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,06/20] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,05/20] initramfs|security: Add a security hook to do_populate_rootfs() Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,04/20] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,03/20] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,02/20] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
[RFC,v13,01/20] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-02-29 Fan Wu New
TPM error path on probe TPM error path on probe - - - --- 2024-02-29 Tim Harvey New
[v4,ima-evm-utils,7/7] ci: Install pkcs11-provider where available Implement imaevm_signhash and add provider support - - - --- 2024-02-28 Stefan Berger New
[v4,ima-evm-utils,6/7] tests: Add pkcs11 test using provider Implement imaevm_signhash and add provider support - - - --- 2024-02-28 Stefan Berger New
[v4,ima-evm-utils,5/7] Add support for OpenSSL provider to the library and evmctl Implement imaevm_signhash and add provider support - - - --- 2024-02-28 Stefan Berger New
[v4,ima-evm-utils,4/7] evmctl: Replace deprecated sign_hash with imaevm_signhash Implement imaevm_signhash and add provider support - - - --- 2024-02-28 Stefan Berger New
[v4,ima-evm-utils,3/7] Implement imaevm_signhash library function and deprecate sign_hash Implement imaevm_signhash and add provider support - - - --- 2024-02-28 Stefan Berger New
[v4,ima-evm-utils,2/7] headers: Remove usage of CONFIG_IMA_EVM_ENGINE from public header Implement imaevm_signhash and add provider support - - - --- 2024-02-28 Stefan Berger New
[v4,ima-evm-utils,1/7] tests: Skip pkcs11 test if no engine support in evmctl Implement imaevm_signhash and add provider support - - - --- 2024-02-28 Stefan Berger New
[v3,ima-evm-utils,7/7] ci: Install pkcs11-provider where available Deprecate sign_hash and add provider support - - - --- 2024-02-26 Stefan Berger New
[v3,ima-evm-utils,6/7] tests: Add pkcs11 test using provider Deprecate sign_hash and add provider support - - - --- 2024-02-26 Stefan Berger New
[v3,ima-evm-utils,5/7] Add support for OpenSSL provider to the library and evmctl Deprecate sign_hash and add provider support - - - --- 2024-02-26 Stefan Berger New
[v3,ima-evm-utils,4/7] evmctl: Replace deprecated sign_hash with imaevm_signhash Deprecate sign_hash and add provider support - - - --- 2024-02-26 Stefan Berger New
[v3,ima-evm-utils,3/7] Pass ENGINE and keyid through to function using them Deprecate sign_hash and add provider support - - - --- 2024-02-26 Stefan Berger New
[v3,ima-evm-utils,2/7] headers: Remove usage of CONFIG_IMA_EVM_ENGINE from public header Deprecate sign_hash and add provider support - - - --- 2024-02-26 Stefan Berger New
[v3,ima-evm-utils,1/7] tests: Skip pkcs11 test if no engine support in evmctl Deprecate sign_hash and add provider support - - - --- 2024-02-26 Stefan Berger New
MAINTAINERS: Update W's for KEYS/KEYRINGS_INTEGRITY and TPM DEVICE RIVER MAINTAINERS: Update W's for KEYS/KEYRINGS_INTEGRITY and TPM DEVICE RIVER 1 - - --- 2024-02-26 Jarkko Sakkinen New
[v3,10/10] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger New
[v3,09/10] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED evm: Support signatures on stacked filesystem 1 - - --- 2024-02-23 Stefan Berger New
[v3,08/10] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509 evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger New
[v3,07/10] ima: re-evaluate file integrity on file metadata change evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger New
[v3,06/10] evm: Store and detect metadata inode attributes changes evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger New
[v3,05/10] ima: Move file-change detection variables into new structure evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger New
[v3,04/10] evm: Use the metadata inode to calculate metadata hash evm: Support signatures on stacked filesystem 1 - - --- 2024-02-23 Stefan Berger New
[v3,03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr evm: Support signatures on stacked filesystem - - - --- 2024-02-23 Stefan Berger New
[v3,02/10] security: allow finer granularity in permitting copy-up of security xattrs evm: Support signatures on stacked filesystem 1 - - --- 2024-02-23 Stefan Berger New
[v3,01/10] ima: Rename backing_inode to real_inode evm: Support signatures on stacked filesystem 1 - - --- 2024-02-23 Stefan Berger New
[v2,ima-evm-utils,6/6] ci: Install pkcs11-provider where available Deprecate sign_hash and add provider support - - - --- 2024-02-23 Stefan Berger New
[v2,ima-evm-utils,5/6] tests: Add pkcs11 test using provider Deprecate sign_hash and add provider support - - - --- 2024-02-23 Stefan Berger New
[v2,ima-evm-utils,4/6] Add support for OpenSSL provider to the library and evmctl Deprecate sign_hash and add provider support - - - --- 2024-02-23 Stefan Berger New
[v2,ima-evm-utils,3/6] evmctl: Replace deprecated sign_hash with imaevm_signhash Deprecate sign_hash and add provider support - - - --- 2024-02-23 Stefan Berger New
[v2,ima-evm-utils,2/6] Pass ENGINE and keyid through to function using them Deprecate sign_hash and add provider support - - - --- 2024-02-23 Stefan Berger New
[v2,ima-evm-utils,1/6] headers: Remove usage of CONFIG_IMA_EVM_ENGINE from public header Deprecate sign_hash and add provider support - - - --- 2024-02-23 Stefan Berger New
[v2,25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr() fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,24/25] commoncap: use vfs fscaps interfaces fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,23/25] commoncap: remove cap_inode_getsecurity() fs: use type-safe uid representation for filesystem capabilities 1 - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,22/25] fs: use vfs interfaces for capabilities xattrs fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,21/25] ovl: use vfs_{get,set}_fscaps() for copy-up fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,20/25] ovl: add fscaps handlers fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,19/25] fs: add vfs_remove_fscaps() fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,18/25] fs: add vfs_set_fscaps() fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,17/25] fs: add vfs_get_fscaps() fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,16/25] fs: add inode operations to get/set/remove fscaps fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,15/25] security: call evm fscaps hooks from generic security hooks fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,14/25] evm: add support for fscaps security hooks fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,13/25] smack: add hooks for fscaps operations fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,12/25] selinux: add hooks for fscaps operations fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,11/25] security: add hooks for set/get/remove of fscaps fs: use type-safe uid representation for filesystem capabilities 1 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,10/25] xattr: use is_fscaps_xattr() fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,09/25] commoncap: use is_fscaps_xattr() fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,08/25] xattr: add is_fscaps_xattr() helper fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,07/25] capability: provide a helper for converting vfs_caps to xattr for userspace fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,06/25] capability: provide helpers for converting between xattrs and vfs_caps fs: use type-safe uid representation for filesystem capabilities - - - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,05/25] capability: use vfsuid_t for vfs_caps rootids fs: use type-safe uid representation for filesystem capabilities 1 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,04/25] capability: rename cpu_vfs_cap_data to vfs_caps fs: use type-safe uid representation for filesystem capabilities 1 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,02/25] mnt_idmapping: include cred.h fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[v2,01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) New
[ima-evm-utils:,v1,1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later [ima-evm-utils:,v1,1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later 11 - - --- 2024-02-21 Dmitry Kasatkin New
[v10,25/25] integrity: Remove LSM security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu New
[v10,24/25] ima: Make it independent from 'integrity' LSM security: Move IMA and EVM to the LSM infrastructure 1 3 - --- 2024-02-15 Roberto Sassu New
[v10,23/25] evm: Make it independent from 'integrity' LSM security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu New
[v10,22/25] evm: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 3 3 - --- 2024-02-15 Roberto Sassu New
[v10,21/25] ima: Move IMA-Appraisal to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 3 3 - --- 2024-02-15 Roberto Sassu New
[v10,20/25] ima: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 5 2 - --- 2024-02-15 Roberto Sassu New
[v10,19/25] integrity: Move integrity_kernel_module_request() to IMA security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu New
[v10,18/25] security: Introduce key_post_create_or_update hook security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu New
[v10,17/25] security: Introduce inode_post_remove_acl hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu New
[v10,16/25] security: Introduce inode_post_set_acl hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu New
[v10,15/25] security: Introduce inode_post_create_tmpfile hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu New
[v10,14/25] security: Introduce path_post_mknod hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu New
[v10,13/25] security: Introduce file_release hook security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu New
[v10,12/25] security: Introduce file_post_open hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu New
[v10,11/25] security: Introduce inode_post_removexattr hook security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu New
[v10,10/25] security: Introduce inode_post_setattr hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu New
[v10,09/25] security: Align inode_setattr hook definition with EVM security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu New
[v10,08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu New
[v10,07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu New
[v10,06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 1 4 - --- 2024-02-15 Roberto Sassu New
[v10,05/25] ima: Align ima_post_read_file() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 1 4 - --- 2024-02-15 Roberto Sassu New
[v10,04/25] ima: Align ima_inode_removexattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu New
« 1 2 3 48 9 »