Linux Integrity

Date Index

Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, (continued)
[PATCH v4 00/16] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
- [PATCH v4 01/16] ima: Add IMA namespace support, Stefan Berger
  - Re: [PATCH v4 01/16] ima: Add IMA namespace support, Christian Brauner
    - Re: [PATCH v4 01/16] ima: Add IMA namespace support, Christian Brauner
      - Re: [PATCH v4 01/16] ima: Add IMA namespace support, Stefan Berger
- [PATCH v4 02/16] ima: Define ns_status for storing namespaced iint data, Stefan Berger
- [PATCH v4 03/16] ima: Namespace audit status flags, Stefan Berger
- [PATCH v4 04/16] ima: Move delayed work queue and variables into ima_namespace, Stefan Berger
- [PATCH v4 05/16] ima: Move IMA's keys queue related variables into ima_namespace, Stefan Berger
- [PATCH v4 06/16] ima: Move policy related variables into ima_namespace, Stefan Berger
- [PATCH v4 07/16] ima: Move ima_htable into ima_namespace, Stefan Berger
- [PATCH v4 08/16] ima: Move measurement list related variables into ima_namespace, Stefan Berger
- [PATCH v4 09/16] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now, Stefan Berger
- [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Stefan Berger
  - Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Christian Brauner
    - Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Christian Brauner
      - Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Stefan Berger
        
        Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Stefan Berger
        
        Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Mimi Zohar
        
        Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Stefan Berger
- [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Stefan Berger
  - Re: [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Christian Brauner
    - Re: [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Stefan Berger
  - Re: [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Christian Brauner
  - Re: [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Jarkko Sakkinen
    - Re: [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, James Bottomley
- [PATCH v4 12/16] securityfs: Extend securityfs with namespacing support, Stefan Berger
- [PATCH v4 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
- [PATCH v4 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, Stefan Berger
  - Re: [PATCH v4 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, Christian Brauner
- [PATCH v4 15/16] ima: Move dentries into ima_namespace, Stefan Berger
- [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Stefan Berger
  - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Christian Brauner
    - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Christian Brauner
    - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, James Bottomley
      - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Christian Brauner
    - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Stefan Berger
      - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Christian Brauner
[PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
- [PATCH v3 10/16] ima: Implement hierarchical processing of file accesses, Stefan Berger
- [PATCH v3 08/16] ima: Move measurement list related variables into ima_namespace, Stefan Berger
- [PATCH v3 15/16] ima: Move dentries into ima_namespace, Stefan Berger
- [PATCH v3 02/16] ima: Define ns_status for storing namespaced iint data, Stefan Berger
- [PATCH v3 11/16] securityfs: Move vfsmount into user_namespace, Stefan Berger
- [PATCH v3 09/16] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now, Stefan Berger
- [PATCH v3 12/16] securityfs: Extend securityfs with namespacing support, Stefan Berger
- [PATCH v3 07/16] ima: Move ima_htable into ima_namespace, Stefan Berger
- [PATCH v3 01/16] ima: Add IMA namespace support, Stefan Berger
- [PATCH v3 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, Stefan Berger
- [PATCH v3 05/16] ima: Move IMA's keys queue related variables into ima_namespace, Stefan Berger
- [PATCH v3 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
- [PATCH v3 03/16] ima: Namespace audit status flags, Stefan Berger
- [PATCH v3 16/16] ima: Setup securityfs for IMA namespace, Stefan Berger
- [PATCH v3 06/16] ima: Move policy related variables into ima_namespace, Stefan Berger
- [PATCH v3 04/16] ima: Move delayed work queue and variables into ima_namespace, Stefan Berger
- Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, James Bottomley
  - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
  - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Christian Brauner
    - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, James Bottomley
      - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, James Bottomley
        
        Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Casey Schaufler
        
        Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, James Bottomley
    - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, James Bottomley
- Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Christian Brauner
  - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
[RFC v2 00/19] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
- [RFC v2 01/19] ima: Add IMA namespace support, Stefan Berger
- [RFC v2 02/19] ima: Define ns_status for storing namespaced iint data, Stefan Berger
- [RFC v2 06/19] ima: Move policy related variables into ima_namespace, Stefan Berger
- [RFC v2 07/19] ima: Move ima_htable into ima_namespace, Stefan Berger
- [RFC v2 04/19] ima: Move delayed work queue and variables into ima_namespace, Stefan Berger
- [RFC v2 03/19] ima: Namespace audit status flags, Stefan Berger
- [RFC v2 12/19] securityfs: Pass static variables as parameters from top level functions, Stefan Berger
- [RFC v2 10/19] ima: Implement hierarchical processing of file accesses, Stefan Berger
- [RFC v2 14/19] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
- [RFC v2 08/19] ima: Move measurement list related variables into ima_namespace, Stefan Berger
- [RFC v2 11/19] securityfs: Prefix global variables with securityfs_, Stefan Berger
- [RFC v2 16/19] ima: Use integrity_admin_ns_capable() to check corresponding capability, Stefan Berger
- [RFC v2 13/19] securityfs: Extend securityfs with namespacing support, Stefan Berger
- [RFC v2 09/19] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now, Stefan Berger
- [RFC v2 15/19] capabilities: Introduce CAP_INTEGRITY_ADMIN, Stefan Berger
  - Re: [RFC v2 15/19] capabilities: Introduce CAP_INTEGRITY_ADMIN, Casey Schaufler
    - Re: [RFC v2 15/19] capabilities: Introduce CAP_INTEGRITY_ADMIN, Stefan Berger
- [RFC v2 17/19] userns: Introduce a refcount variable for calling early teardown function, Stefan Berger
- [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
  - Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
  - Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
    - Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
      - Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Casey Schaufler
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
      - Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
- [RFC v2 05/19] ima: Move IMA's keys queue related variables into ima_namespace, Stefan Berger
- [RFC v2 18/19] ima/userns: Define early teardown function for IMA namespace, Stefan Berger
[PATCH v1 0/5] ima: support fs-verity signatures stored as, Mimi Zohar
- [PATCH v1 1/5] fs-verity: define a function to return the integrity protected file digest, Mimi Zohar
  - Re: [PATCH v1 1/5] fs-verity: define a function to return the integrity protected file digest, Eric Biggers
- [PATCH v1 2/5] ima: define a new signature type named IMA_VERITY_DIGSIG, Mimi Zohar
- [PATCH v1 3/5] ima: limit including fs-verity's file digest in measurement list, Mimi Zohar
  - Re: [PATCH v1 3/5] ima: limit including fs-verity's file digest in measurement list, Eric Biggers
    - Re: [PATCH v1 3/5] ima: limit including fs-verity's file digest in measurement list, Mimi Zohar
- [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Mimi Zohar
  - Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Eric Biggers
    - Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Mimi Zohar
      - Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Eric Biggers
    - Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Mimi Zohar
      - Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Eric Biggers
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Vitaly Chikunov
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Eric Biggers
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Vitaly Chikunov
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Eric Biggers
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Stefan Berger
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Stefan Berger
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Eric Biggers
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Stefan Berger
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Mimi Zohar
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Eric Biggers
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Mimi Zohar
        
        Re: [PATCH v1 4/5] ima: support fs-verity file digest based signatures, Eric Biggers
- [PATCH v1 5/5] fsverity: update the documentation, Mimi Zohar
  - Re: [PATCH v1 5/5] fsverity: update the documentation, Eric Biggers
[RFC v2 0/3] Namespace IMA log entries, James Bottomley
- [RFC v2 1/3] userns: add ima_ns_info field containing a settable namespace label, James Bottomley
- [RFC v2 2/3] ima: show the namespace label in the ima-ns template, James Bottomley
- [RFC v2 3/3] ima: make the integrity inode cache per namespace, James Bottomley
[PATCH v4] KEYS: trusted: Fix trusted key backends when building as module, Ahmad Fatoum
- Re: [PATCH v4] KEYS: trusted: Fix trusted key backends when building as module, Jarkko Sakkinen
  - Re: [PATCH v4] KEYS: trusted: Fix trusted key backends when building as module, Ahmad Fatoum
[PATCH] char: tpm: cr50: Set TPM_FIRMWARE_POWER_MANAGED based on device property, Rob Barnes
- Re: [PATCH] char: tpm: cr50: Set TPM_FIRMWARE_POWER_MANAGED based on device property, kernel test robot
  - [PATCH v2] char: tpm: cr50: Set TPM_FIRMWARE_POWER_MANAGED based on device property, Rob Barnes
    - Re: [PATCH v2] char: tpm: cr50: Set TPM_FIRMWARE_POWER_MANAGED based on device property, Jarkko Sakkinen
      - [PATCH v3] char: tpm: cr50: Set TPM_FIRMWARE_POWER_MANAGED based on device property, Rob Barnes
        
        Re: [PATCH v3] char: tpm: cr50: Set TPM_FIRMWARE_POWER_MANAGED based on device property, Jarkko Sakkinen
- Re: [PATCH] char: tpm: cr50: Set TPM_FIRMWARE_POWER_MANAGED based on device property, Rob Barnes
[RFC 00/20] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
- [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
  - Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, James Bottomley
    - Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
      - Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, James Bottomley
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, James Bottomley
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, James Bottomley
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, James Bottomley
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
  - Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Christian Brauner
    - Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
- [RFC 01/20] ima: Add IMA namespace support, Stefan Berger
- [RFC 14/20] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
- [RFC 10/20] ima: Implement hierarchical processing of file accesses, Stefan Berger
- [RFC 09/20] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now, Stefan Berger
- [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Stefan Berger
  - Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, James Bottomley
    - Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Stefan Berger
      - Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, James Bottomley
        
        RE: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Denis Semakin
        
        Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, James Bottomley
        
        Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Stefan Berger
        
        Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Christian Brauner
        
        Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Christian Brauner
        
        Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Casey Schaufler
- [RFC 13/20] securityfs: Build securityfs_ns for namespacing support, Stefan Berger
  - Re: [RFC 13/20] securityfs: Build securityfs_ns for namespacing support, Christian Brauner
    - Re: [RFC 13/20] securityfs: Build securityfs_ns for namespacing support, Stefan Berger
- [RFC 07/20] ima: Move ima_htable into ima_namespace, Stefan Berger
- [RFC 02/20] ima: Define ns_status for storing namespaced iint data, Stefan Berger
- [RFC 16/20] ima: Use ns_capable() for namespace policy access, Stefan Berger
- [RFC 18/20] userns: Introduce a refcount variable for calling early teardown function, Stefan Berger
- [RFC 12/20] securityfs: Pass static variables as parameters from top level functions, Stefan Berger
- [RFC 03/20] ima: Namespace audit status flags, Stefan Berger
- [RFC 11/20] securityfs: Prefix global variables with securityfs_, Stefan Berger
- [RFC 15/20] capabilities: Introduce CAP_INTEGRITY_ADMIN, Stefan Berger
  - Re: [RFC 15/20] capabilities: Introduce CAP_INTEGRITY_ADMIN, Casey Schaufler
    - Re: [RFC 15/20] capabilities: Introduce CAP_INTEGRITY_ADMIN, Stefan Berger
      - Re: [RFC 15/20] capabilities: Introduce CAP_INTEGRITY_ADMIN, Casey Schaufler
- [RFC 04/20] ima: Move delayed work queue and variables into ima_namespace, Stefan Berger
- [RFC 08/20] ima: Move measurement list related variables into ima_namespace, Stefan Berger
  - Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, James Bottomley
    - Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, Stefan Berger
      - Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, James Bottomley
        
        Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, Stefan Berger
        
        Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, James Bottomley
        
        Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, Stefan Berger
        
        Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, James Bottomley
- [RFC 05/20] ima: Move IMA's keys queue related variables into ima_namespace, Stefan Berger
- [RFC 19/20] ima/userns: Define early teardown function for IMA namespace, Stefan Berger
- [RFC 06/20] ima: Move policy related variables into ima_namespace, Stefan Berger
[PATCH 0/4] ima: support fs-verity signatures stored as, Mimi Zohar
- [PATCH 3/4] ima: limit including fs-verity's file digest in measurement list, Mimi Zohar
  - Re: [PATCH 3/4] ima: limit including fs-verity's file digest in measurement list, Eric Biggers
    - Re: [PATCH 3/4] ima: limit including fs-verity's file digest in measurement list, Mimi Zohar
  - Re: [PATCH 3/4] ima: limit including fs-verity's file digest in measurement list, Lakshmi Ramasubramanian
- [PATCH 4/4] ima: support fs-verity file digest based signatures, Mimi Zohar
  - Re: [PATCH 4/4] ima: support fs-verity file digest based signatures, Lakshmi Ramasubramanian
    - Re: [PATCH 4/4] ima: support fs-verity file digest based signatures, Mimi Zohar
- [PATCH 2/4] ima: define a new signature type named IMA_VERITY_DIGSIG, Mimi Zohar
  - Re: [PATCH 2/4] ima: define a new signature type named IMA_VERITY_DIGSIG, Eric Biggers
    - Re: [PATCH 2/4] ima: define a new signature type named IMA_VERITY_DIGSIG, Mimi Zohar
      - Re: [PATCH 2/4] ima: define a new signature type named IMA_VERITY_DIGSIG, Mimi Zohar
        
        Re: [PATCH 2/4] ima: define a new signature type named IMA_VERITY_DIGSIG, Eric Biggers
        
        Re: [PATCH 2/4] ima: define a new signature type named IMA_VERITY_DIGSIG, Mimi Zohar
- [PATCH 1/4] fs-verity: define a function to return the integrity protected file digest, Mimi Zohar
  - Re: [PATCH 1/4] fs-verity: define a function to return the integrity protected file digest, kernel test robot
  - Re: [PATCH 1/4] fs-verity: define a function to return the integrity protected file digest, kernel test robot
  - Re: [PATCH 1/4] fs-verity: define a function to return the integrity protected file digest, Eric Biggers
    - Re: [PATCH 1/4] fs-verity: define a function to return the integrity protected file digest, Lakshmi Ramasubramanian
      - Re: [PATCH 1/4] fs-verity: define a function to return the integrity protected file digest, Eric Biggers
- Re: [PATCH 0/4] ima: support fs-verity signatures stored as, Eric Biggers
  - Re: [PATCH 0/4] ima: support fs-verity signatures stored as, Mimi Zohar
    - Re: [PATCH 0/4] ima: support fs-verity signatures stored as, Mimi Zohar
[PATCH] fix iint inode add race resulting in duplication of iint entries, James Bottomley
[PATCH v4 0/2] selftests: tpm2: Determine available PCR bank, Stefan Berger
- [PATCH v4 1/2] selftests: tpm2: Determine available PCR bank, Stefan Berger
  - Re: [PATCH v4 1/2] selftests: tpm2: Determine available PCR bank, Jarkko Sakkinen
    - Re: [PATCH v4 1/2] selftests: tpm2: Determine available PCR bank, Stefan Berger
      - Re: [PATCH v4 1/2] selftests: tpm2: Determine available PCR bank, Stefan Berger
        
        Re: [PATCH v4 1/2] selftests: tpm2: Determine available PCR bank, Jarkko Sakkinen
        
        Re: [PATCH v4 1/2] selftests: tpm2: Determine available PCR bank, Jarkko Sakkinen
- [PATCH v4 2/2] selftests: tpm2: Reset the dictionary attack lock, Stefan Berger
  - Re: [PATCH v4 2/2] selftests: tpm2: Reset the dictionary attack lock, Jarkko Sakkinen
    - Re: [PATCH v4 2/2] selftests: tpm2: Reset the dictionary attack lock, Stefan Berger
      - Re: [PATCH v4 2/2] selftests: tpm2: Reset the dictionary attack lock, Jarkko Sakkinen
        
        Re: [PATCH v4 2/2] selftests: tpm2: Reset the dictionary attack lock, Jarkko Sakkinen
        
        Re: [PATCH v4 2/2] selftests: tpm2: Reset the dictionary attack lock, Stefan Berger
[PATCH] tpm: make const pointer desc a static const array, Colin Ian King
- Re: [PATCH] tpm: make const pointer desc a static const array, Jarkko Sakkinen
[RFC 0/3] Namespace IMA, James Bottomley
- [RFC 1/3] userns: add uuid field, James Bottomley
  - Re: [RFC 1/3] userns: add uuid field, Serge E. Hallyn
    - Re: [RFC 1/3] userns: add uuid field, James Bottomley
      - Re: [RFC 1/3] userns: add uuid field, Serge E. Hallyn
        
        Re: [RFC 1/3] userns: add uuid field, James Bottomley
        
        Re: [RFC 1/3] userns: add uuid field, Serge E. Hallyn
        
        Re: [RFC 1/3] userns: add uuid field, James Bottomley
        
        Re: [RFC 1/3] userns: add uuid field, Serge E. Hallyn
        
        Re: [RFC 1/3] userns: add uuid field, James Bottomley
        
        Re: [RFC 1/3] userns: add uuid field, Serge E. Hallyn
        
        Re: [RFC 1/3] userns: add uuid field, Stefan Berger
        
        Re: [RFC 1/3] userns: add uuid field, Christian Brauner
        
        Re: [RFC 1/3] userns: add uuid field, Stefan Berger
        
        Re: [RFC 1/3] userns: add uuid field, James Bottomley
        
        Re: [RFC 1/3] userns: add uuid field, Christian Brauner
        
        Re: [RFC 1/3] userns: add uuid field, James Bottomley
- [RFC 2/3] ima: Namespace IMA, James Bottomley
  - Re: [RFC 2/3] ima: Namespace IMA, Serge E. Hallyn
- [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
  - Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Serge E. Hallyn
    - Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
      - Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Serge E. Hallyn
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Serge E. Hallyn
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Serge E. Hallyn
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Serge E. Hallyn
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
[PATCH v2 0/6] KEXEC_SIG with appended signature, Michal Suchanek
- [PATCH v2 1/6] s390/kexec_file: Don't opencode appended signature check., Michal Suchanek
- [PATCH v2 2/6] powerpc/kexec_file: Add KEXEC_SIG support., Michal Suchanek
  - Message not available
    - Re: [PATCH v2 2/6] powerpc/kexec_file: Add KEXEC_SIG support., Michal Suchánek
      - Re: [PATCH v2 2/6] powerpc/kexec_file: Add KEXEC_SIG support., Nayna
  - Re: [PATCH v2 2/6] powerpc/kexec_file: Add KEXEC_SIG support., Nayna
    - Re: [PATCH v2 2/6] powerpc/kexec_file: Add KEXEC_SIG support., Michal Suchánek
- [PATCH v2 6/6] module: Move duplicate mod_check_sig users code to mod_parse_sig, Michal Suchanek
  - Re: [PATCH v2 6/6] module: Move duplicate mod_check_sig users code to mod_parse_sig, Philipp Rudo
    - Re: [PATCH v2 6/6] module: Move duplicate mod_check_sig users code to mod_parse_sig, Michal Suchánek
- [PATCH v2 5/6] module: Use key_being_used_for for log messages in verify_appended_signature, Michal Suchanek
- [PATCH v2 4/6] module: strip the signature marker in the verification function., Michal Suchanek
  - Re: [PATCH v2 4/6] module: strip the signature marker in the verification function., Philipp Rudo
- [PATCH v2 3/6] kexec_file: Don't opencode appended signature verification., Michal Suchanek
- Re: [PATCH v2 0/6] KEXEC_SIG with appended signature, Heiko Carstens
- Re: [PATCH v2 0/6] KEXEC_SIG with appended signature, Baoquan He
  - Re: [PATCH v2 0/6] KEXEC_SIG with appended signature, Michal Suchánek
- Re: [PATCH v2 0/6] KEXEC_SIG with appended signature, Philipp Rudo
  - Re: [PATCH v2 0/6] KEXEC_SIG with appended signature, Michal Suchánek
    - Re: [PATCH v2 0/6] KEXEC_SIG with appended signature, Philipp Rudo
- Re: [PATCH v2 0/6] KEXEC_SIG with appended signature, Nayna
  - Re: [PATCH v2 0/6] KEXEC_SIG with appended signature, Michal Suchánek
RE: [RFC PATCH v7 11/16] ipe: add support for dm-verity as a trust provider, Roberto Sassu
- Re: [RFC PATCH v7 11/16] ipe: add support for dm-verity as a trust provider, Deven Bowers
  - [RFC][PATCH] device mapper: Add builtin function dm_get_status(), Roberto Sassu
    - RE: [RFC][PATCH] device mapper: Add builtin function dm_get_status(), Roberto Sassu
    - Re: [RFC][PATCH] device mapper: Add builtin function dm_get_status(), Christoph Hellwig
      - RE: [RFC][PATCH] device mapper: Add builtin function dm_get_status(), Roberto Sassu
        
        Re: [RFC][PATCH] device mapper: Add builtin function dm_get_status(), Christoph Hellwig
        
        RE: [RFC][PATCH] device mapper: Add builtin function dm_get_status(), Roberto Sassu
        
        Re: [RFC][PATCH] device mapper: Add builtin function dm_get_status(), Christoph Hellwig
        
        RE: [RFC][PATCH] device mapper: Add builtin function dm_get_status(), Roberto Sassu
        
        RE: [RFC][PATCH] device mapper: Add builtin function dm_get_status(), Roberto Sassu
[PATCH v3 0/3] selftests: tpm2: Probe for available PCR bank, Stefan Berger
- [PATCH v3 1/3] selftests: tpm2: Probe for available PCR bank, Stefan Berger
  - Re: [PATCH v3 1/3] selftests: tpm2: Probe for available PCR bank, Jarkko Sakkinen
    - Re: [PATCH v3 1/3] selftests: tpm2: Probe for available PCR bank, Stefan Berger
      - Re: [PATCH v3 1/3] selftests: tpm2: Probe for available PCR bank, Jarkko Sakkinen
- [PATCH v3 2/3] selftests: tpm2: Reset the dictionary attack lock, Stefan Berger
- [PATCH v3 3/3] selftests: tpm2: Add support for SHA-384 and SHA-512, Stefan Berger
[PATCH] ima: Fix trivial typos in the comments, Austin Kim
- Re: [PATCH] ima: Fix trivial typos in the comments, Austin Kim
  - Re: [PATCH] ima: Fix trivial typos in the comments, Mimi Zohar
    - Re: [PATCH] ima: Fix trivial typos in the comments, Joe Perches
      - Re: [PATCH] ima: Fix trivial typos in the comments, Mimi Zohar
        
        Re: [PATCH] ima: Fix trivial typos in the comments, Joe Perches
    - Re: [PATCH] ima: Fix trivial typos in the comments, Austin Kim
[PATCH v5 0/2] integrity: support including firmware ".platform" keys at build time, Nayna Jain
- [PATCH v5 1/2] certs: export load_certificate_list() to be used outside certs/, Nayna Jain
  - Re: [PATCH v5 1/2] certs: export load_certificate_list() to be used outside certs/, Mimi Zohar
- [PATCH v5 2/2] integrity: support including firmware ".platform" keys at build time, Nayna Jain
  - Re: [PATCH v5 2/2] integrity: support including firmware ".platform" keys at build time, Mimi Zohar
  - Re: [PATCH v5 2/2] integrity: support including firmware ".platform" keys at build time, Jarkko Sakkinen
[PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Jianglei Nie
- <Possible follow-ups>
- [PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Jianglei Nie
  - Re: [PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Serge E. Hallyn
  - Re: [PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Jarkko Sakkinen
- [PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Jianglei Nie
  - Re: [PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Jarkko Sakkinen
- [PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Jianglei Nie
  - Re: [PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Ahmad Fatoum
  - Re: [PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Jarkko Sakkinen
- [PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Jianglei Nie
  - Re: [PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Jarkko Sakkinen
  - Re: [PATCH] security:trusted_tpm2: Fix memory leak in tpm2_key_encode(), Ahmad Fatoum
[PATCH v2 0/3] selftests: tpm2: Probe for available PCR bank, Stefan Berger
- [PATCH v2 2/3] selftests: tpm2: Reset the dictionary attack lock, Stefan Berger
- [PATCH v2 3/3] selftests: tpm2: Add support for SHA-384 and SHA-512, Stefan Berger
- [PATCH v2 1/3] selftests: tpm2: Probe for available PCR bank, Stefan Berger
  - Re: [PATCH v2 1/3] selftests: tpm2: Probe for available PCR bank, Jarkko Sakkinen
    - Re: [PATCH v2 1/3] selftests: tpm2: Probe for available PCR bank, Stefan Berger
      - Re: [PATCH v2 1/3] selftests: tpm2: Probe for available PCR bank, Jarkko Sakkinen
[PATCH 1/3] selftest/kexec: fix "ignored null byte in input" warning, Nageswara R Sastry
- [PATCH 2/3] selftests/kexec: Enable secureboot tests for PowerPC, Nageswara R Sastry
  - Re: [PATCH 2/3] selftests/kexec: Enable secureboot tests for PowerPC, Mimi Zohar
  - Re: [PATCH 2/3] selftests/kexec: Enable secureboot tests for PowerPC, Nayna
- [PATCH 3/3] Add tests to verify kexec of blacklist and non blacklist kernel, Nageswara R Sastry
[PATCH v8 00/17] Enroll kernel keys thru MOK, Eric Snowberg
- [PATCH v8 04/17] integrity: Do not allow machine keyring updates following init, Eric Snowberg
  - Re: [PATCH v8 04/17] integrity: Do not allow machine keyring updates following init, Jarkko Sakkinen
- [PATCH v8 07/17] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, Eric Snowberg
  - Re: [PATCH v8 07/17] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, Darren Kenny
- [PATCH v8 05/17] X.509: Parse Basic Constraints for CA, Eric Snowberg
  - Re: [PATCH v8 05/17] X.509: Parse Basic Constraints for CA, Jarkko Sakkinen
- [PATCH v8 06/17] KEYS: CA link restriction, Eric Snowberg
  - Re: [PATCH v8 06/17] KEYS: CA link restriction, Jarkko Sakkinen
- [PATCH v8 03/17] integrity: Introduce a Linux keyring called machine, Eric Snowberg
  - Re: [PATCH v8 03/17] integrity: Introduce a Linux keyring called machine, Mimi Zohar
    - Re: [PATCH v8 03/17] integrity: Introduce a Linux keyring called machine, Eric Snowberg
  - Re: [PATCH v8 03/17] integrity: Introduce a Linux keyring called machine, Jarkko Sakkinen
- [PATCH v8 13/17] integrity: store reference to machine keyring, Eric Snowberg
  - Re: [PATCH v8 13/17] integrity: store reference to machine keyring, Darren Kenny
- [PATCH v8 12/17] KEYS: integrity: change link restriction to trust the machine keyring, Eric Snowberg
- [PATCH v8 10/17] KEYS: add a reference to machine keyring, Eric Snowberg
  - Re: [PATCH v8 10/17] KEYS: add a reference to machine keyring, Darren Kenny
- [PATCH v8 14/17] KEYS: link machine trusted keys to secondary_trusted_keys, Eric Snowberg
  - Re: [PATCH v8 14/17] KEYS: link machine trusted keys to secondary_trusted_keys, Darren Kenny
- [PATCH v8 02/17] integrity: Fix warning about missing prototypes, Eric Snowberg
- [PATCH v8 17/17] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true, Eric Snowberg
  - Re: [PATCH v8 17/17] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true, Darren Kenny
- [PATCH v8 09/17] KEYS: Rename get_builtin_and_secondary_restriction, Eric Snowberg
  - Re: [PATCH v8 09/17] KEYS: Rename get_builtin_and_secondary_restriction, Jarkko Sakkinen
    - Re: [PATCH v8 09/17] KEYS: Rename get_builtin_and_secondary_restriction, Eric Snowberg
      - Re: [PATCH v8 09/17] KEYS: Rename get_builtin_and_secondary_restriction, Jarkko Sakkinen
        
        Re: [PATCH v8 09/17] KEYS: Rename get_builtin_and_secondary_restriction, Mimi Zohar
        
        Re: [PATCH v8 09/17] KEYS: Rename get_builtin_and_secondary_restriction, Jarkko Sakkinen
        
        Re: [PATCH v8 09/17] KEYS: Rename get_builtin_and_secondary_restriction, Eric Snowberg
        
        Re: [PATCH v8 09/17] KEYS: Rename get_builtin_and_secondary_restriction, Mimi Zohar
- [PATCH v8 11/17] KEYS: Introduce link restriction for machine keys, Eric Snowberg
  - Re: [PATCH v8 11/17] KEYS: Introduce link restriction for machine keys, Darren Kenny
- [PATCH v8 15/17] efi/mokvar: move up init order, Eric Snowberg
  - Re: [PATCH v8 15/17] efi/mokvar: move up init order, Darren Kenny
- [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found, Eric Snowberg
  - Re: [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found, Darren Kenny
  - Re: [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found, Morten Linderud
    - Re: [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found, Eric Snowberg
      - Re: [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found, Morten Linderud
        
        Re: [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found, James Bottomley
        
        Re: [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found, Ard Biesheuvel
    - Re: [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found, Ard Biesheuvel
      - Re: [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found, Morten Linderud
    - Re: [PATCH v8 16/17] integrity: Trust MOK keys if MokListTrustedRT found, James Bottomley
- [PATCH v8 08/17] integrity: add new keyring handler for mok keys, Eric Snowberg
  - Re: [PATCH v8 08/17] integrity: add new keyring handler for mok keys, Jarkko Sakkinen
- [PATCH v8 01/17] KEYS: Create static version of public_key_verify_signature, Eric Snowberg
- Re: [PATCH v8 00/17] Enroll kernel keys thru MOK, Jarkko Sakkinen
[PATCH v30 15/28] LSM: Ensure the correct LSM context releaser, Casey Schaufler
[PATCH v30 13/28] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
[PATCH v30 12/28] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
[PATCH v30 11/28] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
[PATCH 0/2] selftests: tpm2: Probe for available PCR bank, Stefan Berger
- [PATCH 1/2] selftests: tpm: Probe for available PCR bank, Stefan Berger
  - Re: [PATCH 1/2] selftests: tpm: Probe for available PCR bank, Marc-André Lureau
  - Re: [PATCH 1/2] selftests: tpm: Probe for available PCR bank, Jarkko Sakkinen
- [PATCH 2/2] selftests: tpm2: Reset the dictionary attack lock, Stefan Berger
  - Re: [PATCH 2/2] selftests: tpm2: Reset the dictionary attack lock, Marc-André Lureau
[PATCH v7 00/17] Enroll kernel keys thru MOK, Eric Snowberg
- [PATCH v7 05/17] KEYS: CA link restriction, Eric Snowberg
- [PATCH v7 12/17] KEYS: integrity: change link restriction to trust the machine keyring, Eric Snowberg
  - Re: [PATCH v7 12/17] KEYS: integrity: change link restriction to trust the machine keyring, Mimi Zohar
- [PATCH v7 04/17] X.509: Parse Basic Constraints for CA, Eric Snowberg
  - Re: [PATCH v7 04/17] X.509: Parse Basic Constraints for CA, Mimi Zohar
    - Re: [PATCH v7 04/17] X.509: Parse Basic Constraints for CA, Eric Snowberg
- [PATCH v7 01/17] integrity: Introduce a Linux keyring called machine, Eric Snowberg
  - Re: [PATCH v7 01/17] integrity: Introduce a Linux keyring called machine, Mimi Zohar
- [PATCH v7 06/17] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, Eric Snowberg
  - Re: [PATCH v7 06/17] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, kernel test robot
- [PATCH v7 02/17] integrity: Do not allow machine keyring updates following init, Eric Snowberg
  - Re: [PATCH v7 02/17] integrity: Do not allow machine keyring updates following init, Mimi Zohar
- [PATCH v7 07/17] integrity: Fix warning about missing prototypes, Eric Snowberg
  - Re: [PATCH v7 07/17] integrity: Fix warning about missing prototypes, Mimi Zohar
- [PATCH v7 13/17] KEYS: link secondary_trusted_keys to machine trusted keys, Eric Snowberg
  - Re: [PATCH v7 13/17] KEYS: link secondary_trusted_keys to machine trusted keys, Mimi Zohar
    - Re: [PATCH v7 13/17] KEYS: link secondary_trusted_keys to machine trusted keys, Eric Snowberg
- [PATCH v7 15/17] efi/mokvar: move up init order, Eric Snowberg
- [PATCH v7 14/17] integrity: store reference to machine keyring, Eric Snowberg
- [PATCH v7 16/17] integrity: Trust MOK keys if MokListTrustedRT found, Eric Snowberg
- [PATCH v7 10/17] KEYS: add a reference to machine keyring, Eric Snowberg
- [PATCH v7 11/17] KEYS: Introduce link restriction for machine keys, Eric Snowberg
  - Re: [PATCH v7 11/17] KEYS: Introduce link restriction for machine keys, Mimi Zohar
    - Re: [PATCH v7 11/17] KEYS: Introduce link restriction for machine keys, Eric Snowberg
- [PATCH v7 17/17] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true, Eric Snowberg
- [PATCH v7 09/17] KEYS: Rename get_builtin_and_secondary_restriction, Eric Snowberg
  - Re: [PATCH v7 09/17] KEYS: Rename get_builtin_and_secondary_restriction, Mimi Zohar
- [PATCH v7 08/17] integrity: add new keyring handler for mok keys, Eric Snowberg
  - Re: [PATCH v7 08/17] integrity: add new keyring handler for mok keys, Mimi Zohar
- [PATCH v7 03/17] KEYS: Create static version of public_key_verify_signature, Eric Snowberg
  - Re: [PATCH v7 03/17] KEYS: Create static version of public_key_verify_signature, Mimi Zohar
    - Re: [PATCH v7 03/17] KEYS: Create static version of public_key_verify_signature, Mimi Zohar
- Re: [PATCH v7 00/17] Enroll kernel keys thru MOK, Jarkko Sakkinen
  - Re: [PATCH v7 00/17] Enroll kernel keys thru MOK, Konrad Rzeszutek Wilk
    - Re: [PATCH v7 00/17] Enroll kernel keys thru MOK, Jarkko Sakkinen
      - Re: [PATCH v7 00/17] Enroll kernel keys thru MOK, Konrad Rzeszutek Wilk
        
        Re: [PATCH v7 00/17] Enroll kernel keys thru MOK, Jarkko Sakkinen
        
        Re: [PATCH v7 00/17] Enroll kernel keys thru MOK, Jarkko Sakkinen
        
        Re: [PATCH v7 00/17] Enroll kernel keys thru MOK, Konrad Rzeszutek Wilk
        
        Re: [PATCH v7 00/17] Enroll kernel keys thru MOK, Eric Snowberg
        
        Re: [PATCH v7 00/17] Enroll kernel keys thru MOK, Jarkko Sakkinen
[PATCH v17 0/3] Add trusted_for(2) (was O_MAYEXEC), Mickaël Salaün
- [PATCH v17 3/3] selftest/interpreter: Add tests for trusted_for(2) policies, Mickaël Salaün
- [PATCH v17 2/3] arch: Wire up trusted_for(2), Mickaël Salaün
- [PATCH v17 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Mickaël Salaün
- Re: [PATCH v17 0/3] Add trusted_for(2) (was O_MAYEXEC), Mickaël Salaün
- Re: [PATCH v17 0/3] Add trusted_for(2) (was O_MAYEXEC), Florian Weimer
  - Re: [PATCH v17 0/3] Add trusted_for(2) (was O_MAYEXEC), Mickaël Salaün
    - Re: [PATCH v17 0/3] Add trusted_for(2) (was O_MAYEXEC), Mimi Zohar
- Re: [PATCH v17 0/3] Add trusted_for(2) (was O_MAYEXEC), Kees Cook
[PATCH] char: tpm: cr50_i2c: Drop if with an always false condition, Uwe Kleine-König
- Re: [PATCH] char: tpm: cr50_i2c: Drop if with an always false condition, Jarkko Sakkinen
  - Re: [PATCH] char: tpm: cr50_i2c: Drop if with an always false condition, Uwe Kleine-König
    - Re: [PATCH] char: tpm: cr50_i2c: Drop if with an always false condition, Jarkko Sakkinen
      - Re: [PATCH] char: tpm: cr50_i2c: Drop if with an always false condition, Uwe Kleine-König
        
        Re: [PATCH] char: tpm: cr50_i2c: Drop if with an always false condition, Uwe Kleine-König
        
        Re: [PATCH] char: tpm: cr50_i2c: Drop if with an always false condition, Uwe Kleine-König
        
        Re: [PATCH] char: tpm: cr50_i2c: Drop if with an always false condition, Jarkko Sakkinen
        
        [PATCH] char: tpm: cr50_i2c: Suppress duplicated error message in .remove(), Uwe Kleine-König
        
        Re: [PATCH] char: tpm: cr50_i2c: Suppress duplicated error message in .remove(), Jarkko Sakkinen
        
        Re: [PATCH] char: tpm: cr50_i2c: Suppress duplicated error message in .remove(), Jarkko Sakkinen
        
        Re: [PATCH] char: tpm: cr50_i2c: Drop if with an always false condition, Jason Gunthorpe
        
        Re: [PATCH] char: tpm: cr50_i2c: Drop if with an always false condition, Jarkko Sakkinen
[RFC][PATCH 0/5] shmem/fsverity: Prepare for mandatory integrity enforcement, Roberto Sassu
- [RFC][PATCH 1/5] fsverity: Introduce fsverity_get_file_digest(), Roberto Sassu
- [RFC][PATCH 2/5] fsverity: Revalidate built-in signatures at file open, Roberto Sassu
  - Re: [RFC][PATCH 2/5] fsverity: Revalidate built-in signatures at file open, Eric Biggers
    - RE: [RFC][PATCH 2/5] fsverity: Revalidate built-in signatures at file open, Roberto Sassu
- [RFC][PATCH 3/5] fsverity: Do initialization earlier, Roberto Sassu
- [RFC][PATCH 4/5] shmem: Avoid segfault in shmem_read_mapping_page_gfp(), Roberto Sassu
  - Re: [RFC][PATCH 4/5] shmem: Avoid segfault in shmem_read_mapping_page_gfp(), Ajay Garg
    - RE: [RFC][PATCH 4/5] shmem: Avoid segfault in shmem_read_mapping_page_gfp(), Roberto Sassu
  - Re: [RFC][PATCH 4/5] shmem: Avoid segfault in shmem_read_mapping_page_gfp(), Eric Biggers
    - RE: [RFC][PATCH 4/5] shmem: Avoid segfault in shmem_read_mapping_page_gfp(), Roberto Sassu
- [RFC][PATCH 5/5] shmem: Add fsverity support, Roberto Sassu
  - Re: [RFC][PATCH 5/5] shmem: Add fsverity support, Eric Biggers
    - RE: [RFC][PATCH 5/5] shmem: Add fsverity support, Roberto Sassu
      - Re: [RFC][PATCH 5/5] shmem: Add fsverity support, Eric Biggers
        
        RE: [RFC][PATCH 5/5] shmem: Add fsverity support, Roberto Sassu
[PATCH v4 0/2] integrity: support including firmware ".platform" keys at build time, Nayna Jain
- [PATCH v4 1/2] certs: export load_certificate_list() to be used outside certs/, Nayna Jain
- [PATCH v4 2/2] integrity: support including firmware ".platform" keys at build time, Nayna Jain
  - Re: [PATCH v4 2/2] integrity: support including firmware ".platform" keys at build time, Mimi Zohar
[PATCH v16 0/3] Add trusted_for(2) (was O_MAYEXEC), Mickaël Salaün
- [PATCH v16 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Mickaël Salaün
  - Re: [PATCH v16 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Alejandro Colomar (man-pages)
    - Re: [PATCH v16 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Mickaël Salaün
      - Re: [PATCH v16 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Alejandro Colomar (man-pages)
        
        Re: [PATCH v16 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Mickaël Salaün
        
        Re: [PATCH v16 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Geert Uytterhoeven
        
        Re: [PATCH v16 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Alejandro Colomar (man-pages)
- [PATCH v16 2/3] arch: Wire up trusted_for(2), Mickaël Salaün
- [PATCH v16 3/3] selftest/interpreter: Add tests for trusted_for(2) policies, Mickaël Salaün
[RFC PATCH] ima: differentiate overlay, pivot_root, and other pathnames, Mimi Zohar
- <Possible follow-ups>
- Re: [RFC PATCH] ima: differentiate overlay, pivot_root, and other pathnames, Mimi Zohar
[PATCH] tpm_tis: Fix an error handling path in 'tpm_tis_core_init()', Christophe JAILLET
- Re: [PATCH] tpm_tis: Fix an error handling path in 'tpm_tis_core_init()', Jarkko Sakkinen
[PATCH 0/2] Additional appended signature cleanup, Michal Suchanek
- [PATCH 2/2] module: Move duplicate mod_check_sig users code to mod_parse_sig, Michal Suchanek
- [PATCH 1/2] module: Use key_being_used_for for log messages in verify_appended_signature, Michal Suchanek
ima-evm-utils: version 1.4 released, Mimi Zohar
- Re: ima-evm-utils: version 1.4 released, Petr Vorel
  - Re: ima-evm-utils: version 1.4 released, Lakshmi Ramasubramanian
    - Re: ima-evm-utils: version 1.4 released, Mimi Zohar
      - Re: ima-evm-utils: version 1.4 released, Petr Vorel
        
        Re: ima-evm-utils: version 1.4 released, Mimi Zohar
        
        Re: ima-evm-utils: version 1.4 released, Petr Vorel
        
        Re: ima-evm-utils: version 1.4 released, Mimi Zohar
        
        Re: ima-evm-utils: version 1.4 released, Petr Vorel
    - Re: ima-evm-utils: version 1.4 released, Petr Vorel
    - Re: ima-evm-utils: version 1.4 released, Ken Goldman
      - Re: ima-evm-utils: version 1.4 released, Lakshmi Ramasubramanian
        
        Re: ima-evm-utils: version 1.4 released, Mimi Zohar
[PATCH RFC] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
- Re: [PATCH RFC] integrity: disassociate ima_filter_rule from security_audit_rule, Mimi Zohar
Disassociating ima_filter_rule* from security_audit_rule*, Casey Schaufler
- Re: Disassociating ima_filter_rule* from security_audit_rule*, Paul Moore
[PATCH v19 0/5] Add tpm i2c ptp driver, amirmizi6
- [PATCH v19 2/5] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", amirmizi6
  - Re: [PATCH v19 2/5] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", Jarkko Sakkinen
- [PATCH v19 5/5] tpm: Add YAML schema for TPM TIS I2C options, amirmizi6
- [PATCH v19 3/5] tpm: tpm_tis: Verify TPM_STS register is valid after locality request, amirmizi6
  - Re: [PATCH v19 3/5] tpm: tpm_tis: Verify TPM_STS register is valid after locality request, Jarkko Sakkinen
  - Re: [PATCH v19 3/5] tpm: tpm_tis: Verify TPM_STS register is valid after locality request, Jarkko Sakkinen
- [PATCH v19 4/5] tpm: tpm_tis: Add tpm_tis_i2c driver, amirmizi6
  - Re: [PATCH v19 4/5] tpm: tpm_tis: Add tpm_tis_i2c driver, Jarkko Sakkinen
  - Re: [PATCH v19 4/5] tpm: tpm_tis: Add tpm_tis_i2c driver, Joel Stanley
- [PATCH v19 1/5] tpm_tis: Fix expected bit handling, amirmizi6
RE: [RFC PATCH v7 14/16] scripts: add boot policy generation program, Roberto Sassu
- RE: [RFC PATCH v7 14/16] scripts: add boot policy generation program, Roberto Sassu
  - Re: [RFC PATCH v7 14/16] scripts: add boot policy generation program, Deven Bowers
RE: [RFC PATCH v7 04/16] ipe: add userspace interface, Roberto Sassu
- Re: [RFC PATCH v7 04/16] ipe: add userspace interface, Deven Bowers
[PATCH ima-evm-utils] travis: use alt:sisyphus from docker.io, Mimi Zohar
- Re: [PATCH ima-evm-utils] travis: use alt:sisyphus from docker.io, Vitaly Chikunov
  - Re: [PATCH ima-evm-utils] travis: use alt:sisyphus from docker.io, Mimi Zohar
    - Re: [PATCH ima-evm-utils] travis: use alt:sisyphus from docker.io, Mimi Zohar
    - Re: [PATCH ima-evm-utils] travis: use alt:sisyphus from docker.io, Vitaly Chikunov
[PATCH v18 0/6] Add tpm i2c ptp driver, amirmizi6
- [PATCH v18 4/6] tpm: tpm_tis: Verify TPM_STS register is valid after locality request, amirmizi6
  - Re: [PATCH v18 4/6] tpm: tpm_tis: Verify TPM_STS register is valid after locality request, Jarkko Sakkinen
- [PATCH v18 3/6] tpm: Handle an exception for TPM Firmware Update mode., amirmizi6
  - Re: [PATCH v18 3/6] tpm: Handle an exception for TPM Firmware Update mode., Jarkko Sakkinen
- [PATCH v18 2/6] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", amirmizi6
- [PATCH v18 5/6] tpm: tpm_tis: Add tpm_tis_i2c driver, amirmizi6
  - Re: [PATCH v18 5/6] tpm: tpm_tis: Add tpm_tis_i2c driver, Jarkko Sakkinen
- [PATCH v18 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, amirmizi6
  - Re: [PATCH v18 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, Jarkko Sakkinen
- [PATCH v18 6/6] tpm: Add YAML schema for TPM TIS I2C options, amirmizi6
[GIT PULL] integrity subsystem updates for v5.16, Mimi Zohar
- Re: [GIT PULL] integrity subsystem updates for v5.16, pr-tracker-bot
[PATCH RESEND] KEYS: trusted: Fix trusted key backends when building as module, andreas
- Re: [PATCH RESEND] KEYS: trusted: Fix trusted key backends when building as module, Ahmad Fatoum
IMA testsuite?, Casey Schaufler
- Re: IMA testsuite?, Mimi Zohar
[PATCH v2] tpm: tpm_tis_spi_cr50: Add default RNG quality, AngeloGioacchino Del Regno
- Re: [PATCH v2] tpm: tpm_tis_spi_cr50: Add default RNG quality, Jarkko Sakkinen
  - Re: [PATCH v2] tpm: tpm_tis_spi_cr50: Add default RNG quality, Jarkko Sakkinen
[PATCH] evm: mark evm_fixmode as __ro_after_init, Austin Kim
- Re: [PATCH] evm: mark evm_fixmode as __ro_after_init, Mimi Zohar
[RESEND PATCH] tpm: tpm_tis_spi_cr50: Add default RNG quality, AngeloGioacchino Del Regno
[PATCH] tpm: tpm_tis_spi_cr50: Add default RNG quality, AngeloGioacchino Del Regno
- Re: [PATCH] tpm: tpm_tis_spi_cr50: Add default RNG quality, Jarkko Sakkinen
  - Re: [PATCH] tpm: tpm_tis_spi_cr50: Add default RNG quality, AngeloGioacchino Del Regno
    - Re: [PATCH] tpm: tpm_tis_spi_cr50: Add default RNG quality, Jarkko Sakkinen
      - Re: [PATCH] tpm: tpm_tis_spi_cr50: Add default RNG quality, AngeloGioacchino Del Regno
[PATCH] ima/evm: mark evm_fixmode as __ro_after_init, Austin Kim
- Re: [PATCH] ima/evm: mark evm_fixmode as __ro_after_init, Mimi Zohar
  - Re: [PATCH] ima/evm: mark evm_fixmode as __ro_after_init, Austin Kim
[PATCH v3 0/2] use SM3 instead of SM3_256, Tianjia Zhang
- [PATCH v3 1/2] crypto: use SM3 instead of SM3_256, Tianjia Zhang
  - Re: [PATCH v3 1/2] crypto: use SM3 instead of SM3_256, Jarkko Sakkinen
- [PATCH v3 2/2] tpm: use SM3 instead of SM3_256, Tianjia Zhang
  - Re: [PATCH v3 2/2] tpm: use SM3 instead of SM3_256, James Bottomley
- Re: [PATCH v3 0/2] use SM3 instead of SM3_256, Ard Biesheuvel
  - Re: [PATCH v3 0/2] use SM3 instead of SM3_256, James Bottomley
  - Re: [PATCH v3 0/2] use SM3 instead of SM3_256, Tianjia Zhang
[PATCH ima-evm-utils 1/2] switch to using crun for podman, Mimi Zohar
- [PATCH ima-evm-utils 2/2] upgrade to glibc-2.34 uses clone3 causing CI to fail, Mimi Zohar
  - Re: [PATCH ima-evm-utils 2/2] upgrade to glibc-2.34 uses clone3 causing CI to fail, Vitaly Chikunov
    - Re: [PATCH ima-evm-utils 2/2] upgrade to glibc-2.34 uses clone3 causing CI to fail, Petr Vorel
    - Re: [PATCH ima-evm-utils 2/2] upgrade to glibc-2.34 uses clone3 causing CI to fail, Dmitry V. Levin
- Re: [PATCH ima-evm-utils 1/2] switch to using crun for podman, Petr Vorel
  - Re: [PATCH ima-evm-utils 1/2] switch to using crun for podman, Mimi Zohar
[GIT PULL] TPM DEVICE DRIVER changes for v5.16, Jarkko Sakkinen
- Re: [GIT PULL] TPM DEVICE DRIVER changes for v5.16, pr-tracker-bot
RE: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE), Roberto Sassu
- Re: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE), Deven Bowers
  - RE: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE), Roberto Sassu
    - Re: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE), Deven Bowers
[PATCH v17 0/6] Add tpm i2c ptp driver, amirmizi6
- [PATCH v17 3/6] tpm: Handle an exception for TPM Firmware Update mode., amirmizi6
- [PATCH v17 6/6] tpm: Add YAML schema for TPM TIS I2C options, amirmizi6
- [PATCH v17 5/6] tpm: tpm_tis: Add tpm_tis_i2c driver, amirmizi6
  - Re: [PATCH v17 5/6] tpm: tpm_tis: Add tpm_tis_i2c driver, Randy Dunlap
- [PATCH v17 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, amirmizi6
  - Re: [PATCH v17 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, Jarkko Sakkinen
- [PATCH v17 2/6] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", amirmizi6
  - Re: [PATCH v17 2/6] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", Jarkko Sakkinen
- [PATCH v17 4/6] tpm: tpm_tis: Verify TPM_STS register is valid after locality request, amirmizi6
  - Re: [PATCH v17 4/6] tpm: tpm_tis: Verify TPM_STS register is valid after locality request, Jarkko Sakkinen
RE: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature, Roberto Sassu
- Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature, Deven Bowers
  - RE: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature, Roberto Sassu
- <Possible follow-ups>
- RE: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature, Roberto Sassu
  - Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature, Deven Bowers
[PATCH v16 0/6] Add tpm i2c ptp driver, amirmizi6
- [PATCH v16 3/6] tpm: Handle an exception for TPM Firmware Update mode., amirmizi6
- [PATCH v16 2/6] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", amirmizi6
  - Re: [PATCH v16 2/6] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", Jarkko Sakkinen
- [PATCH v16 4/6] tpm: tpm_tis: verify TPM_STS register is valid after locality request, amirmizi6
- [PATCH v16 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, amirmizi6
  - Re: [PATCH v16 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, Jarkko Sakkinen
- [PATCH v16 5/6] tpm: tpm_tis: add tpm_tis_i2c driver, amirmizi6
- [PATCH v16 6/6] tpm: Add YAML schema for TPM TIS I2C options, amirmizi6
[PATCH v2 0/2] use SM3 instead of SM3_256, Tianjia Zhang
- [PATCH v2 1/2] crypto: use SM3 instead of SM3_256, Tianjia Zhang
  - Re: [PATCH v2 1/2] crypto: use SM3 instead of SM3_256, Jarkko Sakkinen
    - Re: [PATCH v2 1/2] crypto: use SM3 instead of SM3_256, Tianjia Zhang
- [PATCH v2 2/2] tpm: use SM3 instead of SM3_256, Tianjia Zhang
[PATCH v1 1/3] ima: define ima_trusted_for hook, Mimi Zohar
- [PATCH v1 3/3] security: define a trusted_for hook, Mimi Zohar
- [PATCH v1 2/3] fs: extend the trusted_for syscall to call IMA, Mimi Zohar
[PATCH 1/2] ima: define ima_trusted_for hook, Mimi Zohar
- [PATCH 2/2] fs: extend the trusted_for syscall to call IMA, Mimi Zohar
  - Re: [PATCH 2/2] fs: extend the trusted_for syscall to call IMA, Mickaël Salaün
    - Re: [PATCH 2/2] fs: extend the trusted_for syscall to call IMA, Mimi Zohar
      - Re: [PATCH 2/2] fs: extend the trusted_for syscall to call IMA, Casey Schaufler
- Re: [PATCH 1/2] ima: define ima_trusted_for hook, Mimi Zohar
[PATCH] tpm/st33zp24: drop unneeded over-commenting, Sohaib Mohamed
- Re: [PATCH] tpm/st33zp24: drop unneeded over-commenting, Jarkko Sakkinen
- Re: [PATCH] tpm/st33zp24: drop unneeded over-commenting, Jarkko Sakkinen
[PATCH v15 0/3] Add trusted_for(2) (was O_MAYEXEC), Mickaël Salaün

[Index of Archives] [Linux Kernel] [Linux Kernel Hardening] [Linux NFS] [Linux NILFS] [Linux USB Devel] [Video for Linux] [Linux SCSI] [Yosemite Forum]