Linux Integrity
[Prev Page][Next Page]
[PATCH 0/2] ima: Fix IMA mishandling of LSM based rule during,
GUO Zihua
[PATCH] ima: Handle error code from security_audit_rule_match,
GUO Zihua
[PATCH -next] evm: Support small xattr in dump_security_xattr(),
Xiu Jianfeng
[RFC][PATCH 2/2] ima: created new ima template ima-cgpath for Kubernates' pods attestation, Enrico Bravi
[RFC][PATCH 1/2] ima: created new ima template ima-dep-cgn for OCI containers attestation,
Enrico Bravi
Stable backport request,
Mimi Zohar
[PATCH v2] security: Restore passing final prot to ima_file_mmap(),
Roberto Sassu
[PATCH] security: Restore passing final prot to ima_file_mmap(), Roberto Sassu
[PATCH v3 1/2] lib/mpi: Fix buffer overrun when SG is too long,
Roberto Sassu
[PATCH] libimaevm: do not crash if the certificate cannot be read,
Alberto Mardegan
Question on loading trusted key with keyctl command,
Sughosh Ganu
Re: [PATCH] ima: add check for khdr->buffer_size, Mimi Zohar
IMA & tpm_unsealdata with PCR 10,
Michaël Musset
[PATCH v3 00/10] Add CA enforcement keyring restrictions,
Eric Snowberg
- [PATCH v3 01/10] KEYS: Create static version of public_key_verify_signature, Eric Snowberg
- [PATCH v3 04/10] KEYS: X.509: Parse Key Usage, Eric Snowberg
- [PATCH v3 05/10] KEYS: Introduce a CA endorsed flag, Eric Snowberg
- [PATCH v3 07/10] KEYS: X.509: Flag Intermediate CA certs as endorsed, Eric Snowberg
- [PATCH v3 02/10] KEYS: Add missing function documentation, Eric Snowberg
- [PATCH v3 03/10] KEYS: X.509: Parse Basic Constraints for CA, Eric Snowberg
- [PATCH v3 09/10] KEYS: CA link restriction, Eric Snowberg
- [PATCH v3 10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, Eric Snowberg
- [PATCH v3 06/10] KEYS: Introduce keyring restriction that validates ca trust, Eric Snowberg
- [PATCH v3 08/10] integrity: Use root of trust signature restriction, Eric Snowberg
- Re: [PATCH v3 00/10] Add CA enforcement keyring restrictions, Mimi Zohar
[GIT PULL] integrity: susbsytem updates for v6.2,
Mimi Zohar
Firmware bug on ASRock X370/Ryzen 2600 prevents use of TPM device, Genevieve
[PATCH] tpm_crb: Add support for CRB devices based on Pluton,
Matthew Garrett
[PATCH 00/11] add integrity and security to TPM2 transactions,
James Bottomley
- [PATCH 01/11] tpm: move buffer handling from static inlines to real functions, James Bottomley
- [PATCH 03/11] tpm: add cursor based buffer functions for response parsing, James Bottomley
- [PATCH 02/11] tpm: add buffer handling for TPM2B types, James Bottomley
- [PATCH 04/11] tpm: add buffer function to point to returned parameters, James Bottomley
- [PATCH 05/11] tpm: export the context save and load commands, James Bottomley
- [PATCH 06/11] tpm: Add full HMAC and encrypt/decrypt session handling code, James Bottomley
- [PATCH 07/11] tpm: add hmac checks to tpm2_pcr_extend(), James Bottomley
- [PATCH 08/11] tpm: add session encryption protection to tpm2_get_random(), James Bottomley
- [PATCH 09/11] KEYS: trusted: Add session encryption protection to the seal/unseal path, James Bottomley
- [PATCH 10/11] tpm: add the null key name as a sysfs export, James Bottomley
- [PATCH 11/11] Documentation: add tpm-security.rst, James Bottomley
[PATCH v2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature(),
Roberto Sassu
[RFC] IMA LSM based rule race condition issue on 4.19 LTS,
Guozihua (Scott)
[PATCH] KEYS: asymmetric: Make a copy of sig and digest in vmalloced stack,
Roberto Sassu
[GIT PULL] tpmdd updates for tpmdd-next-v6.2-rc1,
Jarkko Sakkinen
[PATCH] fsverity: mark builtin signatures as deprecated,
Eric Biggers
[PATCH] fsverity: don't check builtin signatures when require_signatures=0,
Eric Biggers
[PATCH v2 00/10] Add CA enforcement keyring restrictions,
Eric Snowberg
- [PATCH v2 02/10] KEYS: Add missing function documentation, Eric Snowberg
- [PATCH v2 05/10] KEYS: Introduce a CA endorsed flag, Eric Snowberg
- [PATCH v2 06/10] KEYS: Introduce keyring restriction that validates ca trust, Eric Snowberg
- [PATCH v2 07/10] KEYS: X.509: Flag Intermediate CA certs as endorsed, Eric Snowberg
- [PATCH v2 08/10] integrity: Use root of trust signature restriction, Eric Snowberg
- [PATCH v2 01/10] KEYS: Create static version of public_key_verify_signature, Eric Snowberg
- [PATCH v2 09/10] KEYS: CA link restriction, Eric Snowberg
- [PATCH v2 04/10] KEYS: X.509: Parse Key Usage, Eric Snowberg
- [PATCH v2 10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, Eric Snowberg
- [PATCH v2 03/10] KEYS: X.509: Parse Basic Constraints for CA, Eric Snowberg
- Re: [PATCH v2 00/10] Add CA enforcement keyring restrictions, Coiby Xu
[PATCH] public_key: Add a comment to public_key_signature struct definition,
Roberto Sassu
[RESEND PATCH v3] tpm: st33zp24: remove pointless checks on probe,
Dmitry Torokhov
[PATCH v7 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes,
Roberto Sassu
[PATCH v2 0/2] ima/evm: Ensure digest to verify is in linear mapping area,
Roberto Sassu
[PATCH] tpm/ppi: use sysfs_emit() to instead of scnprintf(), ye.xingchen
[PATCH ima-evm-utils] Experimental fsverity.test related GA CI improvements,
Vitaly Chikunov
[PATCH] fsverity: simplify fsverity_get_digest(),
Eric Biggers
[PATCH v3] char: tpm: Protect tpm_pm_suspend with locks,
Jason A. Donenfeld
[REGRESSION] suspend to ram fails in 6.1 due to tpm errors,
Vlastimil Babka
[PATCH] tpm_crb: Remove a useless include, Christophe JAILLET
[PATCH v5] evm: Correct inode_init_security hooks behaviors,
Nicolas Bouchinet
[PATCH] ima: Fix hash dependency to correct algorithm,
Tianjia Zhang
[PATCH v11 00/14] TPM IRQ fixes,
Lino Sanfilippo
- [PATCH v11 10/14] tpm, tpm_tis: Request threaded interrupt handler, Lino Sanfilippo
- [PATCH v11 02/14] tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register, Lino Sanfilippo
- [PATCH v11 07/14] tpm, tpm_tis: Move interrupt mask checks into own function, Lino Sanfilippo
- [PATCH v11 05/14] tpm, tpm_tis: Claim locality before writing interrupt registers, Lino Sanfilippo
- [PATCH v11 12/14] tpm, tpm_tis: Claim locality when interrupts are reenabled on resume, Lino Sanfilippo
- [PATCH v11 03/14] tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed, Lino Sanfilippo
- [PATCH v11 04/14] tpm, tpm_tis: Do not skip reset of original interrupt vector, Lino Sanfilippo
- [PATCH v11 01/14] tpm, tpm_tis: Avoid cache incoherency in test for interrupts, Lino Sanfilippo
- [PATCH v11 13/14] tpm, tpm_tis: startup chip before testing for interrupts, Lino Sanfilippo
- [PATCH v11 06/14] tpm, tpm_tis: Only handle supported interrupts, Lino Sanfilippo
- [PATCH v11 08/14] tpm, tpm_tis: do not check for the active locality in interrupt handler, Lino Sanfilippo
- [PATCH v11 09/14] tpm, tpm: Implement usage counter for locality, Lino Sanfilippo
- [PATCH v11 14/14] tpm, tpm_tis: Enable interrupt test, Lino Sanfilippo
- [PATCH v11 11/14] tpm, tpm_tis: Claim locality in interrupt handler, Lino Sanfilippo
- Re: [PATCH v11 00/14] TPM IRQ fixes, Lino Sanfilippo
[PATCH] tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init(),
Yuan Can
[PATCH v6 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes,
Roberto Sassu
[PATCH v5 0/6] evm: Prepare for moving to the LSM infrastructure,
Roberto Sassu
[PATCH] lockdown: kexec_file: prevent unsigned kernel image when KEXEC_SIG not enabled,
Coiby Xu
[PATCH v10 00/14] TPM IRQ fixes,
Lino Sanfilippo
- [PATCH v10 03/14] tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed, Lino Sanfilippo
- [PATCH v10 08/14] tpm, tpm_tis: do not check for the active locality in interrupt handler, Lino Sanfilippo
- [PATCH v10 07/14] tpm, tpm_tis: Move interrupt mask checks into own function, Lino Sanfilippo
- [PATCH v10 01/14] tpm, tpm_tis: Avoid cache incoherency in test for interrupts, Lino Sanfilippo
- [PATCH v10 12/14] tpm, tpm_tis: Claim locality when interrupts are reenabled on resume, Lino Sanfilippo
- [PATCH v10 04/14] tpm, tpm_tis: Do not skip reset of original interrupt vector, Lino Sanfilippo
- [PATCH v10 02/14] tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register, Lino Sanfilippo
- [PATCH v10 05/14] tpm, tpm_tis: Claim locality before writing interrupt registers, Lino Sanfilippo
- [PATCH v10 06/14] tpm, tpm_tis: Only handle supported interrupts, Lino Sanfilippo
- [PATCH v10 09/14] tpm, tpm: Implement usage counter for locality, Lino Sanfilippo
- [PATCH v10 11/14] tpm, tpm_tis: Claim locality in interrupt handler, Lino Sanfilippo
- [PATCH v10 14/14] tpm, tpm_tis: Enable interrupt test, Lino Sanfilippo
- [PATCH v10 10/14] tpm, tpm_tis: Request threaded interrupt handler, Lino Sanfilippo
- [PATCH v10 13/14] tpm, tpm_tis: startup chip before testing for interrupts, Lino Sanfilippo
[PATCH] tpm: ibmvtpm: free irq on the error path in tpm_ibmvtpm_probe(), Gaosheng Cui
[PATCH 000/606] i2c: Complete conversion to i2c_probe_new,
Uwe Kleine-König
- [PATCH 003/606] tpm: tpm_i2c_infineon: Convert to i2c's .probe_new(), Uwe Kleine-König
- [PATCH 005/606] tpm: tis_i2c: Convert to i2c's .probe_new(), Uwe Kleine-König
- [PATCH 004/606] tpm: tpm_i2c_nuvoton: Convert to i2c's .probe_new(), Uwe Kleine-König
- [PATCH 001/606] tpm: st33zp24: Convert to Convert to i2c's .probe_new(), Uwe Kleine-König
- [PATCH 002/606] tpm: tpm_i2c_atmel: Convert to i2c's .probe_new(), Uwe Kleine-König
- Re: [PATCH 000/606] i2c: Complete conversion to i2c_probe_new, patchwork-bot+chrome-platform
- Re: [PATCH 000/606] i2c: Complete conversion to i2c_probe_new, patchwork-bot+chrome-platform
- Re: [PATCH 000/606] i2c: Complete conversion to i2c_probe_new, Wolfram Sang
- Re: [PATCH 000/606] i2c: Complete conversion to i2c_probe_new, Sebastian Reichel
- Re: [PATCH 000/606] i2c: Complete conversion to i2c_probe_new, Lee Jones
- Re: [PATCH 000/606] i2c: Complete conversion to i2c_probe_new, Jonathan Cameron
- Re: (subset) [PATCH 000/606] i2c: Complete conversion to i2c_probe_new, Robert Foss
- Re: (subset) [PATCH 000/606] i2c: Complete conversion to i2c_probe_new, Robert Foss
[PATCH v3 0/3] certs: Prevent spurious errors on repeated blacklisting,
Thomas Weißschuh
[PATCH v2 0/3] ACPI table release for TPM drivers,
Hanjun Guo
[RFC PATCH ima-evm-utils] Save ima-evm-utils sourceforge wiki,
Mimi Zohar
[RFC PATCH ima-evm-utils] tests: add fsverity measurement test, Mimi Zohar
[PATCH] ima: Fix misuse of dereference of pointer in template_desc_init_fields(),
Xiu Jianfeng
[PATCH v5 00/11] Encrypted Hibernation,
Evan Green
- [PATCH v5 01/11] tpm: Add support for in-kernel resetting of PCRs, Evan Green
- [PATCH v5 03/11] tpm: Allow PCR 23 to be restricted to kernel-only use, Evan Green
- [PATCH v5 02/11] tpm: Export and rename tpm2_find_and_validate_cc(), Evan Green
- [PATCH v5 04/11] security: keys: trusted: Include TPM2 creation data, Evan Green
- [PATCH v5 06/11] security: keys: trusted: Verify creation data, Evan Green
- [PATCH v5 05/11] security: keys: trusted: Allow storage of PCR values in creation data, Evan Green
- [PATCH v5 07/11] PM: hibernate: Add kernel-based encryption, Evan Green
- [PATCH v5 08/11] PM: hibernate: Use TPM-backed keys to encrypt image, Evan Green
- [PATCH v5 11/11] PM: hibernate: seal the encryption key with a PCR policy, Evan Green
- [PATCH v5 10/11] PM: hibernate: Verify the digest encryption key, Evan Green
- [PATCH v5 09/11] PM: hibernate: Mix user key in encrypted hibernate, Evan Green
- Re: [PATCH v5 00/11] Encrypted Hibernation, Evan Green
[PATCH 1/1] tpm/tpm_crb: Fix error message in __crb_relinquish_locality(),
Michael Kelley
[PATCH v2] integrity: Fix memory leakage in keyring allocation error path,
GUO Zihua
Invalid TPM_STS.x ... dumping stack for forensics... tpm_try_transmit: send(): error -62, Martin Maurer
[PATCH v9 00/12] TPM IRQ fixes,
Lino Sanfilippo
- [PATCH v9 01/12] tpm, tpm_tis: Avoid cache incoherency in test for interrupts, Lino Sanfilippo
- [PATCH v9 03/12] tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed, Lino Sanfilippo
- [PATCH v9 11/12] tpm, tpm_tis: Claim locality when interrupts are reenabled on resume, Lino Sanfilippo
- [PATCH v9 06/12] tpm, tpm_tis: Move interrupt mask checks into own function, Lino Sanfilippo
- [PATCH v9 09/12] tpm, tpm_tis: Request threaded interrupt handler, Lino Sanfilippo
- [PATCH v9 04/12] tpm, tmp_tis: Claim locality before writing interrupt registers, Lino Sanfilippo
- [PATCH v9 05/12] tpm, tpm_tis: Only handle supported interrupts, Lino Sanfilippo
- [PATCH v9 07/12] tpm, tpm_tis: do not check for the active locality in interrupt handler, Lino Sanfilippo
- [PATCH v9 10/12] tpm, tpm_tis: Claim locality in interrupt handler, Lino Sanfilippo
- [PATCH v9 02/12] tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register, Lino Sanfilippo
- [PATCH v9 12/12] tpm, tpm_tis: Enable interrupt test, Lino Sanfilippo
- [PATCH v9 08/12] tpm, tpm: Implement usage counter for locality, Lino Sanfilippo
[PATCH] KEYS: trusted: tee: Make registered shm dependency explicit,
Sumit Garg
[PATCH v4 0/5] evm: Prepare for moving to the LSM infrastructure,
Roberto Sassu
[PATCH] integrity: Free key restriction when keyring allocation fails, GUO Zihua
[PATCH 0/3] ACPI table release for TPM drivers,
Hanjun Guo
[PATCH v2 0/3] certs: Prevent spurious errors on repeated blacklisting,
Thomas Weißschuh
[PATCH v2] tpm: Add flag to use default cancellation policy,
Eddie James
Re: [PATCH] certs: Prevent spurious errors on repeated blacklisting,
Mickaël Salaün
[PATCH] integrity: iint: Remove unnecessary (void*) conversions, Li zeming
Re: [BUG] blacklist: Problem blacklisting hash (-13) during boot,
Mickaël Salaün
[PATCH] ima: Make a copy of sig and digest in asymmetric_verify(),
Roberto Sassu
[PATCH ima-evm-utils v5 00/17] address deprecated warnings,
Mimi Zohar
- [PATCH ima-evm-utils v5 02/17] log and reset 'errno' after failure to open non-critical files, Mimi Zohar
- [PATCH ima-evm-utils v5 01/17] Revert "Reset 'errno' after failure to open or access a file", Mimi Zohar
- [PATCH ima-evm-utils v5 03/17] Log and reset 'errno' on lsetxattr failure, Mimi Zohar
- [PATCH ima-evm-utils v5 04/17] travis: update dist=focal, Mimi Zohar
- [PATCH ima-evm-utils v5 06/17] Deprecate IMA signature version 1, Mimi Zohar
- [PATCH ima-evm-utils v5 05/17] Update configure.ac to address a couple of obsolete warnings, Mimi Zohar
- [PATCH ima-evm-utils v5 07/17] Replace the low level SHA1 calls when calculating the TPM 1.2 PCRs, Mimi Zohar
- [PATCH ima-evm-utils v5 08/17] Replace the low level HMAC calls when calculating the EVM HMAC, Mimi Zohar
- [PATCH ima-evm-utils v5 09/17] Add missing EVP_MD_CTX_free() call in calc_evm_hash(), Mimi Zohar
- [PATCH ima-evm-utils v5 13/17] Missing template data size lower bounds checking, Mimi Zohar
- [PATCH ima-evm-utils v5 11/17] Fix potential use after free in read_tpm_banks(), Mimi Zohar
- [PATCH ima-evm-utils v5 10/17] Disable use of OpenSSL "engine" support, Mimi Zohar
- [PATCH ima-evm-utils v5 12/17] Limit the file hash algorithm name length, Mimi Zohar
- [PATCH ima-evm-utils v5 14/17] Base sm2/sm3 test on openssl version installed, Mimi Zohar
- [PATCH ima-evm-utils v5 15/17] Compile a newer version of OpenSSL, Mimi Zohar
- [PATCH ima-evm-utils v5 17/17] Make sure the key file is a regular file, Mimi Zohar
- [PATCH ima-evm-utils v5 16/17] Build OpenSSL without engine support, Mimi Zohar
[PATCH v4 00/11] Encrypted Hibernation,
Evan Green
[Index of Archives]
[Linux Kernel]
[Linux Kernel Hardening]
[Linux NFS]
[Linux NILFS]
[Linux USB Devel]
[Video for Linux]
[Linux SCSI]
[Yosemite Forum]
