Linux Integrity

Date Index

[PATCH v3 1/2] crypto: use SM3 instead of SM3_256, (continued)
- [PATCH v3 1/2] crypto: use SM3 instead of SM3_256, Tianjia Zhang
  - Re: [PATCH v3 1/2] crypto: use SM3 instead of SM3_256, Jarkko Sakkinen
- [PATCH v3 2/2] tpm: use SM3 instead of SM3_256, Tianjia Zhang
  - Re: [PATCH v3 2/2] tpm: use SM3 instead of SM3_256, James Bottomley
- Re: [PATCH v3 0/2] use SM3 instead of SM3_256, Ard Biesheuvel
  - Re: [PATCH v3 0/2] use SM3 instead of SM3_256, James Bottomley
  - Re: [PATCH v3 0/2] use SM3 instead of SM3_256, Tianjia Zhang
[PATCH ima-evm-utils 1/2] switch to using crun for podman, Mimi Zohar
- [PATCH ima-evm-utils 2/2] upgrade to glibc-2.34 uses clone3 causing CI to fail, Mimi Zohar
  - Re: [PATCH ima-evm-utils 2/2] upgrade to glibc-2.34 uses clone3 causing CI to fail, Vitaly Chikunov
    - Re: [PATCH ima-evm-utils 2/2] upgrade to glibc-2.34 uses clone3 causing CI to fail, Petr Vorel
    - Re: [PATCH ima-evm-utils 2/2] upgrade to glibc-2.34 uses clone3 causing CI to fail, Dmitry V. Levin
- Re: [PATCH ima-evm-utils 1/2] switch to using crun for podman, Petr Vorel
  - Re: [PATCH ima-evm-utils 1/2] switch to using crun for podman, Mimi Zohar
[GIT PULL] TPM DEVICE DRIVER changes for v5.16, Jarkko Sakkinen
- Re: [GIT PULL] TPM DEVICE DRIVER changes for v5.16, pr-tracker-bot
RE: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE), Roberto Sassu
- Re: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE), Deven Bowers
  - RE: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE), Roberto Sassu
    - Re: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE), Deven Bowers
[PATCH v17 0/6] Add tpm i2c ptp driver, amirmizi6
- [PATCH v17 3/6] tpm: Handle an exception for TPM Firmware Update mode., amirmizi6
- [PATCH v17 6/6] tpm: Add YAML schema for TPM TIS I2C options, amirmizi6
- [PATCH v17 5/6] tpm: tpm_tis: Add tpm_tis_i2c driver, amirmizi6
  - Re: [PATCH v17 5/6] tpm: tpm_tis: Add tpm_tis_i2c driver, Randy Dunlap
- [PATCH v17 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, amirmizi6
  - Re: [PATCH v17 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, Jarkko Sakkinen
- [PATCH v17 2/6] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", amirmizi6
  - Re: [PATCH v17 2/6] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", Jarkko Sakkinen
- [PATCH v17 4/6] tpm: tpm_tis: Verify TPM_STS register is valid after locality request, amirmizi6
  - Re: [PATCH v17 4/6] tpm: tpm_tis: Verify TPM_STS register is valid after locality request, Jarkko Sakkinen
RE: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature, Roberto Sassu
- Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature, Deven Bowers
  - RE: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature, Roberto Sassu
- <Possible follow-ups>
- RE: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature, Roberto Sassu
  - Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature, Deven Bowers
[PATCH v16 0/6] Add tpm i2c ptp driver, amirmizi6
- [PATCH v16 3/6] tpm: Handle an exception for TPM Firmware Update mode., amirmizi6
- [PATCH v16 2/6] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", amirmizi6
  - Re: [PATCH v16 2/6] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", Jarkko Sakkinen
- [PATCH v16 4/6] tpm: tpm_tis: verify TPM_STS register is valid after locality request, amirmizi6
- [PATCH v16 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, amirmizi6
  - Re: [PATCH v16 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, Jarkko Sakkinen
- [PATCH v16 5/6] tpm: tpm_tis: add tpm_tis_i2c driver, amirmizi6
- [PATCH v16 6/6] tpm: Add YAML schema for TPM TIS I2C options, amirmizi6
[PATCH v2 0/2] use SM3 instead of SM3_256, Tianjia Zhang
- [PATCH v2 1/2] crypto: use SM3 instead of SM3_256, Tianjia Zhang
  - Re: [PATCH v2 1/2] crypto: use SM3 instead of SM3_256, Jarkko Sakkinen
    - Re: [PATCH v2 1/2] crypto: use SM3 instead of SM3_256, Tianjia Zhang
- [PATCH v2 2/2] tpm: use SM3 instead of SM3_256, Tianjia Zhang
[PATCH v1 1/3] ima: define ima_trusted_for hook, Mimi Zohar
- [PATCH v1 3/3] security: define a trusted_for hook, Mimi Zohar
- [PATCH v1 2/3] fs: extend the trusted_for syscall to call IMA, Mimi Zohar
[PATCH 1/2] ima: define ima_trusted_for hook, Mimi Zohar
- [PATCH 2/2] fs: extend the trusted_for syscall to call IMA, Mimi Zohar
  - Re: [PATCH 2/2] fs: extend the trusted_for syscall to call IMA, Mickaël Salaün
    - Re: [PATCH 2/2] fs: extend the trusted_for syscall to call IMA, Mimi Zohar
      - Re: [PATCH 2/2] fs: extend the trusted_for syscall to call IMA, Casey Schaufler
- Re: [PATCH 1/2] ima: define ima_trusted_for hook, Mimi Zohar
[PATCH] tpm/st33zp24: drop unneeded over-commenting, Sohaib Mohamed
- Re: [PATCH] tpm/st33zp24: drop unneeded over-commenting, Jarkko Sakkinen
- Re: [PATCH] tpm/st33zp24: drop unneeded over-commenting, Jarkko Sakkinen
[PATCH v15 0/3] Add trusted_for(2) (was O_MAYEXEC), Mickaël Salaün
- [PATCH v15 3/3] selftest/interpreter: Add tests for trusted_for(2) policies, Mickaël Salaün
- [PATCH v15 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Mickaël Salaün
  - Message not available
    - Re: [fs] a0918006f9: netperf.Throughput_tps -11.6% regression, Kees Cook
      - Re: [fs] a0918006f9: netperf.Throughput_tps -11.6% regression, Yin Fengwei
      - Re: [fs] a0918006f9: netperf.Throughput_tps -11.6% regression, Mickaël Salaün
        
        Re: [fs] a0918006f9: netperf.Throughput_tps -11.6% regression, Yin Fengwei
      - Re: [fs] a0918006f9: netperf.Throughput_tps -11.6% regression, Yin Fengwei
- [PATCH v15 2/3] arch: Wire up trusted_for(2), Mickaël Salaün
[PATCH v2 00/20] Make some spi device drivers return zero in .remove(), Uwe Kleine-König
- [PATCH v2 20/20] tpm: st33zp24: Make st33zp24_remove() return void, Uwe Kleine-König
[PATCH v2 1/1] tpm: add request_locality before write TPM_INT_ENABLE, Chen Jun
- Re: [PATCH v2 1/1] tpm: add request_locality before write TPM_INT_ENABLE, Jarkko Sakkinen
- <Possible follow-ups>
- [PATCH v2 1/1] tpm: add request_locality before write TPM_INT_ENABLE, Chen Jun
  - Re: [PATCH v2 1/1] tpm: add request_locality before write TPM_INT_ENABLE, Jarkko Sakkinen
  - Re: [PATCH v2 1/1] tpm: add request_locality before write TPM_INT_ENABLE, Jarkko Sakkinen
[PATCH v2] tpm: ibmvtpm: Make use of dma_alloc_noncoherent(), Cai Huoqing
- Re: [PATCH v2] tpm: ibmvtpm: Make use of dma_alloc_noncoherent(), kernel test robot
[PATCH 13/13] tpm: st33zp24: Make st33zp24_remove() return void, Uwe Kleine-König
- Re: [PATCH 13/13] tpm: st33zp24: Make st33zp24_remove() return void, Jarkko Sakkinen
  - Re: [PATCH 13/13] tpm: st33zp24: Make st33zp24_remove() return void, Uwe Kleine-König
    - Re: [PATCH 13/13] tpm: st33zp24: Make st33zp24_remove() return void, Jarkko Sakkinen
[PATCH v4 0/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys, Ahmad Fatoum
- [PATCH v4 3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material, Ahmad Fatoum
- [PATCH v4 1/5] KEYS: trusted: allow use of TEE as backend without TCG_TPM support, Ahmad Fatoum
  - Re: [PATCH v4 1/5] KEYS: trusted: allow use of TEE as backend without TCG_TPM support, Jarkko Sakkinen
- [PATCH v4 2/5] KEYS: trusted: allow users to use kernel RNG for key material, Ahmad Fatoum
  - Re: [PATCH v4 2/5] KEYS: trusted: allow users to use kernel RNG for key material, Jarkko Sakkinen
    - Re: [PATCH v4 2/5] KEYS: trusted: allow users to use kernel RNG for key material, Ahmad Fatoum
  - RE: [EXT] [PATCH v4 2/5] KEYS: trusted: allow users to use kernel RNG for key material, Pankaj Gupta
- [PATCH v4 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys, Ahmad Fatoum
  - Re: [PATCH v4 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys, Ahmad Fatoum
  - Re: [PATCH v4 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys, Matthias Schiffer
    - Re: [PATCH v4 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys, Ahmad Fatoum
      - Re: [PATCH v4 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys, Matthias Schiffer
        
        RE: [EXT] Re: [PATCH v4 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys, Pankaj Gupta
        
        Re: [EXT] Re: [PATCH v4 5/5] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys, Ahmad Fatoum
- [PATCH v4 4/5] crypto: caam - add in-kernel interface for blob generator, Ahmad Fatoum
  - Re: [PATCH v4 4/5] crypto: caam - add in-kernel interface for blob generator, Ahmad Fatoum
    - Re: [PATCH v4 4/5] crypto: caam - add in-kernel interface for blob generator, Ahmad Fatoum
  - Re: [PATCH v4 4/5] crypto: caam - add in-kernel interface for blob generator, Jarkko Sakkinen
    - Re: [PATCH v4 4/5] crypto: caam - add in-kernel interface for blob generator, Ahmad Fatoum
  - RE: [EXT] [PATCH v4 4/5] crypto: caam - add in-kernel interface for blob generator, Pankaj Gupta (OSS)
[PATCH] tpm: ibmvtpm: Make use of dma_alloc_coherent(), Cai Huoqing
- Re: [PATCH] tpm: ibmvtpm: Make use of dma_alloc_coherent(), Jarkko Sakkinen
  - Re: [PATCH] tpm: ibmvtpm: Make use of dma_alloc_coherent(), Jason Gunthorpe
    - Re: [PATCH] tpm: ibmvtpm: Make use of dma_alloc_coherent(), Jarkko Sakkinen
      - RE: [PATCH] tpm: ibmvtpm: Make use of dma_alloc_coherent(), David Laight
[PATCH 0/2] tpm: use SM3 instead of SM3_256, Tianjia Zhang
- [PATCH 1/2] crypto: use SM3 instead of SM3_256, Tianjia Zhang
  - Re: [PATCH 1/2] crypto: use SM3 instead of SM3_256, James Bottomley
    - Re: [PATCH 1/2] crypto: use SM3 instead of SM3_256, Jarkko Sakkinen
      - Re: [PATCH 1/2] crypto: use SM3 instead of SM3_256, James Bottomley
        
        Re: [PATCH 1/2] crypto: use SM3 instead of SM3_256, Jarkko Sakkinen
        
        Re: [PATCH 1/2] crypto: use SM3 instead of SM3_256, Tianjia Zhang
    - Re: [PATCH 1/2] crypto: use SM3 instead of SM3_256, Tianjia Zhang
- [PATCH 2/2] tpm: use SM3 instead of SM3_256, Tianjia Zhang
  - Re: [PATCH 2/2] tpm: use SM3 instead of SM3_256, Jarkko Sakkinen
    - Re: [PATCH 2/2] tpm: use SM3 instead of SM3_256, Tianjia Zhang
      - Re: [PATCH 2/2] tpm: use SM3 instead of SM3_256, Jarkko Sakkinen
        
        Re: [PATCH 2/2] tpm: use SM3 instead of SM3_256, Tianjia Zhang
        
        Re: [PATCH 2/2] tpm: use SM3 instead of SM3_256, Jarkko Sakkinen
- Re: [PATCH 0/2] tpm: use SM3 instead of SM3_256, James Bottomley
  - Re: [PATCH 0/2] tpm: use SM3 instead of SM3_256, Tianjia Zhang
    - Re: [PATCH 0/2] tpm: use SM3 instead of SM3_256, Ken Goldman
      - Re: [PATCH 0/2] tpm: use SM3 instead of SM3_256, Tianjia Zhang
[PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC), Mickaël Salaün
- [PATCH v14 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Mickaël Salaün
  - Re: [PATCH v14 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Florian Weimer
    - Re: [PATCH v14 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Mickaël Salaün
    - Re: [PATCH v14 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Mimi Zohar
- [PATCH v14 2/3] arch: Wire up trusted_for(2), Mickaël Salaün
- [PATCH v14 3/3] selftest/interpreter: Add tests for trusted_for(2) policies, Mickaël Salaün
  - Re: [PATCH v14 3/3] selftest/interpreter: Add tests for trusted_for(2) policies, Kees Cook
- Re: [PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC), Kees Cook
- Re: [PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC), Andrew Morton
  - Re: [PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC), Mickaël Salaün
    - Re: [PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC), Andrew Morton
[PATCH v6 0/2] IMA checkpatch fixes, Petr Vorel
- [PATCH v6 1/2] ima_policy: Remove duplicate 'the' in docs comment, Petr Vorel
- [PATCH v6 2/2] ima: Use strscpy instead of strlcpy, Petr Vorel
- Re: [PATCH v6 0/2] IMA checkpatch fixes, Petr Vorel
- Re: [PATCH v6 0/2] IMA checkpatch fixes, Mimi Zohar
  - Re: [PATCH v6 0/2] IMA checkpatch fixes, Petr Vorel
  - Re: [PATCH v6 0/2] IMA checkpatch fixes, Alex Henrie
[PATCH] tpm/st33zp24: Fix typo in st33zp24.c, Sohaib Mohamed
- Re: [PATCH] tpm/st33zp24: Fix typo in st33zp24.c, Jarkko Sakkinen
[PATCH v3 1/2] ima: fix uid code style problems, Alex Henrie
- [PATCH v3 2/2] ima: add gid support, Alex Henrie
  - Re: [PATCH v3 2/2] ima: add gid support, Petr Vorel
- Re: [PATCH v3 1/2] ima: fix uid code style problems, Petr Vorel
[PATCH v13 0/3] Add trusted_for(2) (was O_MAYEXEC), Mickaël Salaün
- [PATCH v13 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Mickaël Salaün
  - Re: [PATCH v13 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Kees Cook
    - Re: [PATCH v13 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl, Mickaël Salaün
- [PATCH v13 2/3] arch: Wire up trusted_for(2), Mickaël Salaün
  - Re: [PATCH v13 2/3] arch: Wire up trusted_for(2), Kees Cook
- [PATCH v13 3/3] selftest/interpreter: Add tests for trusted_for(2) policies, Mickaël Salaün
  - Re: [PATCH v13 3/3] selftest/interpreter: Add tests for trusted_for(2) policies, Kees Cook
    - Re: [PATCH v13 3/3] selftest/interpreter: Add tests for trusted_for(2) policies, Mickaël Salaün
      - Re: [PATCH v13 3/3] selftest/interpreter: Add tests for trusted_for(2) policies, Kees Cook
[PATCH v8 0/3] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
- [PATCH v8 1/3] IMA: Move check_policy_writable() to ima_setup.sh and rename it, Petr Vorel
- [PATCH v8 2/3] IMA: Move ima_check to ima_setup.sh, Petr Vorel
- [PATCH v8 3/3] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
- Re: [PATCH v8 0/3] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
[PATCH] IMA: make runtime measurement list pollable, Daiki Ueno
- Re: [PATCH] IMA: make runtime measurement list pollable, Mimi Zohar
  - Re: [PATCH] IMA: make runtime measurement list pollable, Daiki Ueno
- [PATCH v2] IMA: make runtime measurement list pollable, Daiki Ueno
[PATCH v2] ima: add gid support, Alex Henrie
- Re: [PATCH v2] ima: add gid support, Mimi Zohar
  - Re: [PATCH v2] ima: add gid support, Petr Vorel
  - Re: [PATCH v2] ima: add gid support, Alex Henrie
[PATCH v3] integrity: support including firmware ".platform" keys at build time, Nayna Jain
- Re: [PATCH v3] integrity: support including firmware ".platform" keys at build time, Nayna
  - Re: [PATCH v3] integrity: support including firmware ".platform" keys at build time, Mimi Zohar
- Re: [PATCH v3] integrity: support including firmware ".platform" keys at build time, Dimitri John Ledkov
  - Re: [PATCH v3] integrity: support including firmware ".platform" keys at build time, Nayna
[PATCH v6] tpm: Add Upgrade/Reduced mode support for TPM2 modules, Borys Movchan
- Re: [PATCH v6] tpm: Add Upgrade/Reduced mode support for TPM2 modules, Jarkko Sakkinen
  - Re: [PATCH v6] tpm: Add Upgrade/Reduced mode support for TPM2 modules, Jarkko Sakkinen
  - [PATCH v6] tpm: Add Upgrade/Reduced mode support for TPM2 modules, Axel Jonsson
  - [PATCH v7] tpm: Add Upgrade/Reduced mode support for TPM2 modules, Axel Jonsson
    - Re: [PATCH v7] tpm: Add Upgrade/Reduced mode support for TPM2 modules, Jarkko Sakkinen
      - Re: [PATCH v7] tpm: Add Upgrade/Reduced mode support for TPM2 modules, Axel Jonsson
      - [PATCH v8] tpm: Add Upgrade/Reduced mode support for TPM2 modules, Axel Jonsson
        
        Re: [PATCH v8] tpm: Add Upgrade/Reduced mode support for TPM2 modules, Jarkko Sakkinen
- Re: [PATCH v6] tpm: Add Upgrade/Reduced mode support for TPM2 modules, Borys Movchan
DIGLIM demo, Roberto Sassu
[RFC][PATCH 0/7] ima: Measure and appraise files with DIGLIM, Roberto Sassu
- [RFC][PATCH 1/7] integrity: Change type of IMA rule-related flags to u64, Roberto Sassu
- [RFC][PATCH 2/7] ima: Introduce new policy keyword use_diglim, Roberto Sassu
- [RFC][PATCH 3/7] ima: Introduce diglim and appraise_diglim policies, Roberto Sassu
- [RFC][PATCH 4/7] ima: Query file digest and retrieve info from its digest lists, Roberto Sassu
- [RFC][PATCH 5/7] ima: Query metadata digest and retrieve info from its digest lists, Roberto Sassu
- [RFC][PATCH 6/7] ima: Skip measurement of files found in DIGLIM hash table, Roberto Sassu
- [RFC][PATCH 7/7] ima: Add support for appraisal with digest lists, Roberto Sassu
[PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Lino Sanfilippo
- Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Mark Brown
  - Aw: Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Lino Sanfilippo
- Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Mark Brown
  - Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Lino Sanfilippo
    - Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Mark Brown
      - Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Jason Gunthorpe
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Mark Brown
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Jason Gunthorpe
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Mark Brown
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Florian Fainelli
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Jason Gunthorpe
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Florian Fainelli
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Jason Gunthorpe
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Mark Brown
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Jason Gunthorpe
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Florian Fainelli
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Mark Brown
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Mark Brown
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Mark Brown
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Florian Fainelli
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Lino Sanfilippo
        
        Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown handler, Jason Gunthorpe
[PATCH v29 15/28] LSM: Ensure the correct LSM context releaser, Casey Schaufler
[PATCH v29 13/28] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
[PATCH v29 12/28] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
[PATCH v29 11/28] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
[PATCH v29 10/28] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
[PATCH v29 05/28] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
[PATCH v2] tpm_tis_spi: Add missing SPI ID, Mark Brown
- Re: [PATCH v2] tpm_tis_spi: Add missing SPI ID, Jarkko Sakkinen
[bug report] tpm/tpm_i2c_stm_st33: Split tpm_i2c_tpm_st33 in 2 layers (core + phy), Dan Carpenter
[PATCH] tpm_tis_spi: Add missing SPI ID, Mark Brown
- Re: [PATCH] tpm_tis_spi: Add missing SPI ID, Jarkko Sakkinen
- Re: [PATCH] tpm_tis_spi: Add missing SPI ID, Javier Martinez Canillas
[PATCH ltp v7 1/3] IMA: Move check_policy_writable() to ima_setup.sh and rename it, Alex Henrie
- [PATCH ltp v7 2/3] IMA: Move ima_check to ima_setup.sh, Alex Henrie
- [PATCH ltp v7 3/3] IMA: Add tests for uid, gid, fowner, and fgroup options, Alex Henrie
[PATCH v6 0/3] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
- [PATCH v6 1/3] IMA: Move check_policy_writable() to ima_setup.sh and rename it, Petr Vorel
- [PATCH v6 2/3] IMA: Move ima_check to ima_setup.sh, Petr Vorel
- [PATCH v6 3/3] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
  - Re: [PATCH v6 3/3] IMA: Add tests for uid, gid, fowner, and fgroup options, Alex Henrie
    - Re: [PATCH v6 3/3] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
[PATCH ltp v5 1/3] IMA: Move check_policy_writable to ima_setup.sh and rename it, Alex Henrie
- [PATCH ltp v5 3/3] IMA: Add tests for uid, gid, fowner, and fgroup options, Alex Henrie
- [PATCH ltp v5 2/3] IMA: Move ima_check to ima_setup.sh, Alex Henrie
  - Re: [PATCH ltp v5 2/3] IMA: Move ima_check to ima_setup.sh, Petr Vorel
[PATCH ltp v4 1/3] IMA: Move check_policy_writable to ima_setup.sh and rename it, Alex Henrie
- [PATCH ltp v4 2/3] IMA: Move ima_check to ima_setup.sh, Alex Henrie
- [PATCH ltp v4 3/3] IMA: Add tests for uid, gid, fowner, and fgroup options, Alex Henrie
  - Re: [PATCH ltp v4 3/3] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
[PATCH] tpm/eventlog: Don't abort tpm_read_log on faulty ACPI config, Morten Linderud
- Re: [PATCH] tpm/eventlog: Don't abort tpm_read_log on faulty ACPI config, Jarkko Sakkinen
  - Re: [PATCH] tpm/eventlog: Don't abort tpm_read_log on faulty ACPI config, Morten Linderud
- Re: [PATCH] tpm/eventlog: Don't abort tpm_read_log on faulty ACPI config, Jarkko Sakkinen
  - Re: [PATCH] tpm/eventlog: Don't abort tpm_read_log on faulty ACPI config, Morten Linderud
    - Re: [PATCH] tpm/eventlog: Don't abort tpm_read_log on faulty ACPI config, Jarkko Sakkinen
[PATCH v2] integrity: support including firmware ".platform" keys at build time, Nayna Jain
- Re: [PATCH v2] integrity: support including firmware ".platform" keys at build time, Jarkko Sakkinen
  - Re: [PATCH v2] integrity: support including firmware ".platform" keys at build time, Nayna
[RFC][PATCH 0/9] integrity: Introduce DIGLIM advanced features, Roberto Sassu
- [RFC][PATCH 2/9] diglim: Loader, Roberto Sassu
- [RFC][PATCH 5/9] diglim: Compact digest list generator, Roberto Sassu
- [RFC][PATCH 6/9] diglim: RPM digest list generator, Roberto Sassu
- [RFC][PATCH 7/9] diglim: Digest list uploader, Roberto Sassu
- [RFC][PATCH 8/9] diglim: RPM parser, Roberto Sassu
- [RFC][PATCH 9/9] diglim: Admin guide, Roberto Sassu
- [RFC][PATCH 1/9] ima: Introduce new hook DIGEST_LIST_CHECK, Roberto Sassu
- [RFC][PATCH 4/9] diglim: Tests - LSM, Roberto Sassu
- [RFC][PATCH 3/9] diglim: LSM, Roberto Sassu
[zohar-integrity:next-integrity-testing 1/1] security/integrity/ima/ima_policy.c:684:25: sparse: sparse: incompatible types in comparison expression (different address spaces):, kernel test robot
- Re: [zohar-integrity:next-integrity-testing 1/1] security/integrity/ima/ima_policy.c:684:25: sparse: sparse: incompatible types in comparison expression (different address spaces):, liqiong
  - Re: [zohar-integrity:next-integrity-testing 1/1] security/integrity/ima/ima_policy.c:684:25: sparse: sparse: incompatible types in comparison expression (different address spaces):, Mimi Zohar
    - Re: [zohar-integrity:next-integrity-testing 1/1] security/integrity/ima/ima_policy.c:684:25: sparse: sparse: incompatible types in comparison expression (different address spaces):, liqiong
[PATCH v6 00/13] Enroll kernel keys thru MOK, Eric Snowberg
- [PATCH v6 01/13] integrity: Introduce a Linux keyring called machine, Eric Snowberg
- [PATCH v6 07/13] KEYS: add a reference to machine keyring, Eric Snowberg
- [PATCH v6 03/13] KEYS: CA link restriction, Eric Snowberg
  - Re: [PATCH v6 03/13] KEYS: CA link restriction, kernel test robot
  - Re: [PATCH v6 03/13] KEYS: CA link restriction, kernel test robot
  - Re: [PATCH v6 03/13] KEYS: CA link restriction, Nayna
- [PATCH v6 02/13] integrity: Do not allow machine keyring updates following init, Eric Snowberg
- [PATCH v6 05/13] integrity: add new keyring handler for mok keys, Eric Snowberg
  - Re: [PATCH v6 05/13] integrity: add new keyring handler for mok keys, kernel test robot
- [PATCH v6 08/13] KEYS: Introduce link restriction for machine keys, Eric Snowberg
- [PATCH v6 12/13] integrity: Trust MOK keys if MokListTrustedRT found, Eric Snowberg
  - Re: [PATCH v6 12/13] integrity: Trust MOK keys if MokListTrustedRT found, Peter Jones
    - Re: [PATCH v6 12/13] integrity: Trust MOK keys if MokListTrustedRT found, Eric Snowberg
      - Re: [PATCH v6 12/13] integrity: Trust MOK keys if MokListTrustedRT found, Peter Jones
        
        Re: [PATCH v6 12/13] integrity: Trust MOK keys if MokListTrustedRT found, Eric Snowberg
- [PATCH v6 04/13] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, Eric Snowberg
- [PATCH v6 13/13] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true, Eric Snowberg
- [PATCH v6 06/13] KEYS: Rename get_builtin_and_secondary_restriction, Eric Snowberg
- [PATCH v6 10/13] KEYS: link secondary_trusted_keys to machine trusted keys, Eric Snowberg
- [PATCH v6 11/13] integrity: store reference to machine keyring, Eric Snowberg
- [PATCH v6 09/13] KEYS: integrity: change link restriction to trust the machine keyring, Eric Snowberg
- Re: [PATCH v6 00/13] Enroll kernel keys thru MOK, Jarkko Sakkinen
  - Re: [PATCH v6 00/13] Enroll kernel keys thru MOK, Eric Snowberg
    - Re: [PATCH v6 00/13] Enroll kernel keys thru MOK, Jarkko Sakkinen
      - Re: [PATCH v6 00/13] Enroll kernel keys thru MOK, Peter Jones
        
        Re: [PATCH v6 00/13] Enroll kernel keys thru MOK, Eric Snowberg
        
        Re: [PATCH v6 00/13] Enroll kernel keys thru MOK, Jarkko Sakkinen
- Re: [PATCH v6 00/13] Enroll kernel keys thru MOK, Nayna
  - Re: [PATCH v6 00/13] Enroll kernel keys thru MOK, Eric Snowberg
    - Re: [PATCH v6 00/13] Enroll kernel keys thru MOK, Mimi Zohar
[PATCH v3 00/13] integrity: Introduce DIGLIM, Roberto Sassu
- [PATCH v3 01/13] diglim: Overview, Roberto Sassu
  - Re: [PATCH v3 01/13] diglim: Overview, Jarkko Sakkinen
    - RE: [PATCH v3 01/13] diglim: Overview, Roberto Sassu
- [PATCH v3 03/13] diglim: Objects, Roberto Sassu
- [PATCH v3 04/13] diglim: Methods, Roberto Sassu
- [PATCH v3 02/13] diglim: Basic definitions, Roberto Sassu
- [PATCH v3 05/13] diglim: Parser, Roberto Sassu
- [PATCH v3 06/13] diglim: IMA info, Roberto Sassu
- [PATCH v3 07/13] diglim: Interfaces - digest_list_add, digest_list_del, Roberto Sassu
- [PATCH v3 09/13] diglim: Interfaces - digest_list_label, Roberto Sassu
- [PATCH v3 08/13] diglim: Interfaces - digest_lists_loaded, Roberto Sassu
- [PATCH v3 10/13] diglim: Interfaces - digest_query, Roberto Sassu
- [PATCH v3 11/13] diglim: Interfaces - digests_count, Roberto Sassu
- [PATCH v3 12/13] diglim: Remote Attestation, Roberto Sassu
- [PATCH v3 13/13] diglim: Tests, Roberto Sassu
- RE: [PATCH v3 00/13] integrity: Introduce DIGLIM, Roberto Sassu
[PATCH ltp v3 1/2] IMA: Move check_policy_writable to ima_setup.sh and rename it, Alex Henrie
- [PATCH ltp v3 2/2] IMA: Add tests for uid, gid, fowner, and fgroup options, Alex Henrie
  - Re: [PATCH ltp v3 2/2] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
  - Re: [PATCH ltp v3 2/2] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
- Re: [PATCH ltp v3 1/2] IMA: Move check_policy_writable to ima_setup.sh and rename it, Petr Vorel
[PATCH v15 0/6] Add tpm i2c ptp driver, amirmizi6
- [PATCH v15 3/6] tpm: Handle an exception for TPM Firmware Update mode., amirmizi6
- [PATCH v15 4/6] tpm: tpm_tis: verify TPM_STS register is valid after locality request, amirmizi6
- [PATCH v15 2/6] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", amirmizi6
- [PATCH v15 6/6] tpm: Add YAML schema for TPM TIS I2C options, amirmizi6
  - Re: [PATCH v15 6/6] tpm: Add YAML schema for TPM TIS I2C options, Rob Herring
- [PATCH v15 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, amirmizi6
  - Re: [PATCH v15 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, Jarkko Sakkinen
    - Re: [PATCH v15 1/6] tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, Amir Mizinski
- [PATCH v15 5/6] tpm: tpm_tis: add tpm_tis_i2c driver, amirmizi6
[PATCH v4 0/9] ima-evm-utils: Add support for signing with pkcs11 URIs, Stefan Berger
- [PATCH v4 2/9] evmctl: Handle failure to initialize the openssl engine, Stefan Berger
- [PATCH v4 1/9] evmctl: Implement support for EVMCTL_KEY_PASSWORD environment variable, Stefan Berger
- [PATCH v4 3/9] evmctl: Implement function for setting up an OpenSSL engine, Stefan Berger
- [PATCH v4 4/9] evmctl: Define and use an ENGINE field in libimaevm_params, Stefan Berger
- [PATCH v4 5/9] evmctl: use the pkcs11 engine for pkcs11: prefixed URIs, Stefan Berger
- [PATCH v4 6/9] libimaevm: Add support for pkcs11 private keys for signing a v2 hash, Stefan Berger
- [PATCH v4 7/9] tests: Import softhsm_setup script to enable pkcs11 test case, Stefan Berger
- [PATCH v4 9/9] tests: Get the packages for pkcs11 testing on the CI/CD system, Stefan Berger
- [PATCH v4 8/9] tests: Extend sign_verify test with pkcs11-specific test, Stefan Berger
- Re: [PATCH v4 0/9] ima-evm-utils: Add support for signing with pkcs11 URIs, Mimi Zohar
[PATCH v14 0/7] Add tpm i2c ptp driver, amirmizi6
- [PATCH v14 4/7] tpm: Handle an exception for TPM Firmware Update mode., amirmizi6
- [PATCH v14 5/7] tpm: tpm_tis: verify TPM_STS register is valid after locality request, amirmizi6
- [PATCH v14 6/7] tpm: tpm_tis: add tpm_tis_i2c driver, amirmizi6
- [PATCH v14 7/7] \tpm: Add YAML schema for TPM TIS I2C options, amirmizi6
- [PATCH v14 1/7] tpm: Make read{16, 32}() and write32() in tpm_tis_phy_ops optional, amirmizi6
  - Re: [PATCH v14 1/7] tpm: Make read{16, 32}() and write32() in tpm_tis_phy_ops optional, Jarkko Sakkinen
- [PATCH v14 3/7] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", amirmizi6
- [PATCH v14 2/7] tpm: tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, amirmizi6
  - Re: [PATCH v14 2/7] tpm: tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, Jarkko Sakkinen
[PATCH v2 1/1] tpm/tpm_i2c_infineon: Fix init endian vendor check, Florian Eckert
- Re: [PATCH v2 1/1] tpm/tpm_i2c_infineon: Fix init endian vendor check, Jason Gunthorpe
  - Re: [PATCH v2 1/1] tpm/tpm_i2c_infineon: Fix init endian vendor check, Florian Eckert
    - Re: [PATCH v2 1/1] tpm/tpm_i2c_infineon: Fix init endian vendor check, Jason Gunthorpe
- Re: [PATCH v2 1/1] tpm/tpm_i2c_infineon: Fix init endian vendor check, kernel test robot
- Re: [PATCH v2 1/1] tpm/tpm_i2c_infineon: Fix init endian vendor check, Jarkko Sakkinen
[PATCH v6 0/1] NAX (No Anonymous Execution) LSM, Igor Zhbanov
- [PATCH v6 1/1] NAX LSM: Add initial support, Igor Zhbanov
[PATCH v7 ima-evm-utils 0/2] make default hash algorithm dynamic, Bruno Meneguele
- [PATCH v7 ima-evm-utils 1/2] set default hash algorithm in configuration time, Bruno Meneguele
  - Re: [PATCH v7 ima-evm-utils 1/2] set default hash algorithm in configuration time, Mimi Zohar
    - Re: [PATCH v7 ima-evm-utils 1/2] set default hash algorithm in configuration time, Bruno Meneguele
- [PATCH v7 ima-evm-utils 2/2] make SHA-256 the default hash algorithm, Bruno Meneguele
[PATCH] tpm: fix potential NULL pointer access in tpm_del_char_device(), Lino Sanfilippo
- Re: [PATCH] tpm: fix potential NULL pointer access in tpm_del_char_device(), Jarkko Sakkinen
  - Aw: Re: [PATCH] tpm: fix potential NULL pointer access in tpm_del_char_device(), Lino Sanfilippo
    - Re: Aw: Re: [PATCH] tpm: fix potential NULL pointer access in tpm_del_char_device(), Jarkko Sakkinen
      - Re: [PATCH] tpm: fix potential NULL pointer access in tpm_del_char_device(), Lino Sanfilippo
        
        Re: [PATCH] tpm: fix potential NULL pointer access in tpm_del_char_device(), Jason Gunthorpe
        
        Re: [PATCH] tpm: fix potential NULL pointer access in tpm_del_char_device(), Lino Sanfilippo
        
        Re: [PATCH] tpm: fix potential NULL pointer access in tpm_del_char_device(), Jason Gunthorpe
        
        Re: Re: [PATCH] tpm: fix potential NULL pointer access in tpm_del_char_device(), Lino Sanfilippo
[PATCH] integrity: support including firmware ".platform" keys at build time, Nayna Jain
- Re: [PATCH] integrity: support including firmware ".platform" keys at build time, kernel test robot
- Re: [PATCH] integrity: support including firmware ".platform" keys at build time, kernel test robot
- Re: [PATCH] integrity: support including firmware ".platform" keys at build time, kernel test robot
- Re: [PATCH] integrity: support including firmware ".platform" keys at build time, Jarkko Sakkinen
[PATCH ltp v2] IMA: Add tests for uid, gid, fowner, and fgroup options, Alex Henrie
- Re: [PATCH ltp v2] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
[PATCH linux rebase] ima: add gid support, Alex Henrie
- [PATCH ltp] IMA: Add tests for uid, gid, fowner, and fgroup options, Alex Henrie
  - Re: [PATCH ltp] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
    - Re: [PATCH ltp] IMA: Add tests for uid, gid, fowner, and fgroup options, Alex Henrie
      - Re: [PATCH ltp] IMA: Add tests for uid, gid, fowner, and fgroup options, Petr Vorel
- Re: [PATCH linux rebase] ima: add gid support, Mimi Zohar
[PATCH v3 0/9] ima-evm-utils: Add support for signing with pkcs11 URIs, Stefan Berger
- [PATCH v3 1/9] evmctl: Implement support for EVMCTL_KEY_PASSWORD environment variable, Stefan Berger
- [PATCH v3 2/9] evmctl: Handle failure to initialize the openssl engine, Stefan Berger
- [PATCH v3 5/9] evmctl: use the pkcs11 engine for pkcs11: prefixed URIs, Stefan Berger
- [PATCH v3 6/9] libimaevm: Add support for pkcs11 private keys for signing a v2 hash, Stefan Berger
- [PATCH v3 4/9] evmctl: Define and use an ENGINE field in libimaevm_params, Stefan Berger
- [PATCH v3 3/9] evmctl: Implement function for setting up an OpenSSL engine, Stefan Berger
  - Re: [PATCH v3 3/9] evmctl: Implement function for setting up an OpenSSL engine, Mimi Zohar
- [PATCH v3 9/9] tests: Get the packages for pkcs11 testing on the CI/CD system, Stefan Berger
  - Re: [PATCH v3 9/9] tests: Get the packages for pkcs11 testing on the CI/CD system, Mimi Zohar
- [PATCH v3 7/9] tests: Import softhsm_setup script to enable pkcs11 test case, Stefan Berger
  - Re: [PATCH v3 7/9] tests: Import softhsm_setup script to enable pkcs11 test case, Mimi Zohar
- [PATCH v3 8/9] tests: Extend sign_verify test with pkcs11-specific test, Stefan Berger
  - Re: [PATCH v3 8/9] tests: Extend sign_verify test with pkcs11-specific test, Mimi Zohar
- Re: [PATCH v3 0/9] ima-evm-utils: Add support for signing with pkcs11 URIs, Mimi Zohar
[PATCH] tpm/tpm_i2c_infineon: Fix init endian vendor check, Florian Eckert
- Re: [PATCH] tpm/tpm_i2c_infineon: Fix init endian vendor check, Jason Gunthorpe
  - Re: [PATCH] tpm/tpm_i2c_infineon: Fix init endian vendor check, Florian Eckert
[PATCH v6] tpm: fix Atmel TPM crash caused by too frequent queries, Hao Wu
- Re: [PATCH v6] tpm: fix Atmel TPM crash caused by too frequent queries, Hao Wu
- <Possible follow-ups>
- [PATCH v6] tpm: fix Atmel TPM crash caused by too frequent queries, Hao Wu
  - Re: [PATCH v6] tpm: fix Atmel TPM crash caused by too frequent queries, Jarkko Sakkinen
    - Re: [PATCH v6] tpm: fix Atmel TPM crash caused by too frequent queries, Hao Wu
[PATCH] tpm: Check for integer overflow in tpm2_map_response_body(), Dan Carpenter
- Re: [PATCH] tpm: Check for integer overflow in tpm2_map_response_body(), Jarkko Sakkinen
[PATCH v5 00/12] Enroll kernel keys thru MOK, Eric Snowberg
- [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, Eric Snowberg
  - Re: [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, Jarkko Sakkinen
  - Re: [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, Mimi Zohar
    - Re: [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, Eric Snowberg
      - Re: [PATCH v5 04/12] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca, Mimi Zohar
- [PATCH v5 07/12] KEYS: Introduce link restriction to include builtin, secondary and machine keys, Eric Snowberg
  - Re: [PATCH v5 07/12] KEYS: Introduce link restriction to include builtin, secondary and machine keys, Mimi Zohar
    - Re: [PATCH v5 07/12] KEYS: Introduce link restriction to include builtin, secondary and machine keys, Eric Snowberg
      - Re: [PATCH v5 07/12] KEYS: Introduce link restriction to include builtin, secondary and machine keys, Mimi Zohar
- [PATCH v5 03/12] KEYS: CA link restriction, Eric Snowberg
- [PATCH v5 05/12] integrity: add new keyring handler for mok keys, Eric Snowberg
- [PATCH v5 10/12] integrity: store reference to machine keyring, Eric Snowberg
- [PATCH v5 08/12] KEYS: integrity: change link restriction to trust the machine keyring, Eric Snowberg
  - Re: [PATCH v5 08/12] KEYS: integrity: change link restriction to trust the machine keyring, Mimi Zohar
- [PATCH v5 01/12] integrity: Introduce a Linux keyring called machine, Eric Snowberg
  - Re: [PATCH v5 01/12] integrity: Introduce a Linux keyring called machine, Jarkko Sakkinen
  - Re: [PATCH v5 01/12] integrity: Introduce a Linux keyring called machine, Mimi Zohar
    - Re: [PATCH v5 01/12] integrity: Introduce a Linux keyring called machine, Eric Snowberg
- [PATCH v5 11/12] integrity: Trust MOK keys if MokListTrustedRT found, Eric Snowberg
- [PATCH v5 06/12] KEYS: add a reference to machine keyring, Eric Snowberg
- [PATCH v5 02/12] integrity: Do not allow machine keyring updates following init, Eric Snowberg
  - Re: [PATCH v5 02/12] integrity: Do not allow machine keyring updates following init, Jarkko Sakkinen
- [PATCH v5 09/12] KEYS: link secondary_trusted_keys to machine trusted keys, Eric Snowberg
- [PATCH v5 12/12] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true, Eric Snowberg
  - Re: [PATCH v5 12/12] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true, Jarkko Sakkinen
- Re: [PATCH v5 00/12] Enroll kernel keys thru MOK, Jarkko Sakkinen
  - Re: [PATCH v5 00/12] Enroll kernel keys thru MOK, Jarkko Sakkinen
    - Re: [PATCH v5 00/12] Enroll kernel keys thru MOK, Eric Snowberg
      - Re: [PATCH v5 00/12] Enroll kernel keys thru MOK, Mimi Zohar
  - Re: [PATCH v5 00/12] Enroll kernel keys thru MOK, Eric Snowberg
[PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords, Vitaly Chikunov
- Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords, Stefan Berger
  - Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords, Vitaly Chikunov
    - Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords, Stefan Berger
- Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords, Mimi Zohar
  - Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords, Vitaly Chikunov
    - Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords, Mimi Zohar
      - Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords, Vitaly Chikunov
  - Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords, Mimi Zohar
[PATCH v5 ima-evm-utils 0/2] make default hash algorithm dynamic, Bruno Meneguele
- [PATCH v5 ima-evm-utils 1/2] set default hash algorithm in configuration time, Bruno Meneguele
  - Re: [PATCH v5 ima-evm-utils 1/2] set default hash algorithm in configuration time, Mimi Zohar
    - Re: [PATCH v5 ima-evm-utils 1/2] set default hash algorithm in configuration time, Bruno Meneguele
  - [PATCH v6 ima-evm-utils 1/2] set default hash algorithm in configuration time, Bruno Meneguele
- [PATCH v5 ima-evm-utils 2/2] make SHA-256 the default hash algorithm, Bruno Meneguele
IMA namespaces, Denis Semakin
- Re: IMA namespaces, Stefan Berger
  - Re: IMA namespaces, Denis Semakin
    - Re: IMA namespaces, Stefan Berger
[GIT PULL] integrity subsystem updates for v5.15, Mimi Zohar
- Re: [GIT PULL] integrity subsystem updates for v5.15, pr-tracker-bot
[PATCH v4 00/14] x86: Trenchboot secure dynamic launch Linux kernel support, Ross Philipson
- [PATCH v4 03/14] x86/boot: Place kernel_info at a fixed offset, Ross Philipson
- [PATCH v4 05/14] x86: Secure Launch Kconfig, Ross Philipson
- [PATCH v4 04/14] Documentation/x86: Secure Launch kernel documentation, Ross Philipson
  - Re: [PATCH v4 04/14] Documentation/x86: Secure Launch kernel documentation, Robin Murphy
    - Re: [PATCH v4 04/14] Documentation/x86: Secure Launch kernel documentation, Ross Philipson
      - Re: [PATCH v4 04/14] Documentation/x86: Secure Launch kernel documentation, Robin Murphy
        
        Re: [PATCH v4 04/14] Documentation/x86: Secure Launch kernel documentation, Ross Philipson
- [PATCH v4 10/14] x86: Secure Launch SMP bringup support, Ross Philipson
- [PATCH v4 11/14] kexec: Secure Launch kexec SEXIT support, Ross Philipson
- [PATCH v4 12/14] reboot: Secure Launch SEXIT support on reboot paths, Ross Philipson
- [PATCH v4 07/14] x86: Add early SHA support for Secure Launch early measurements, Ross Philipson
- [PATCH v4 02/14] x86/boot: Add setup_indirect support in early_memremap_is_setup_data, Ross Philipson
  - Re: [PATCH v4 02/14] x86/boot: Add setup_indirect support in early_memremap_is_setup_data, Daniel Kiper
- [PATCH v4 06/14] x86: Secure Launch main header file, Ross Philipson
- [PATCH v4 01/14] x86/boot: Fix memremap of setup_indirect structures, Ross Philipson
  - Re: [PATCH v4 01/14] x86/boot: Fix memremap of setup_indirect structures, Daniel Kiper
- [PATCH v4 14/14] tpm: Allow locality 2 to be set when initializing the TPM for Secure Launch, Ross Philipson
  - Re: [PATCH v4 14/14] tpm: Allow locality 2 to be set when initializing the TPM for Secure Launch, Jason Gunthorpe
    - Re: [PATCH v4 14/14] tpm: Allow locality 2 to be set when initializing the TPM for Secure Launch, Daniel P. Smith
- [PATCH v4 09/14] x86: Secure Launch kernel late boot stub, Ross Philipson
- [PATCH v4 13/14] x86: Secure Launch late initcall platform module, Ross Philipson
- [PATCH v4 08/14] x86: Secure Launch kernel early boot stub, Ross Philipson
- Re: [PATCH v4 00/14] x86: Trenchboot secure dynamic launch Linux kernel support, Paul Moore
  - Re: [PATCH v4 00/14] x86: Trenchboot secure dynamic launch Linux kernel support, Daniel P. Smith
    - Re: [PATCH v4 00/14] x86: Trenchboot secure dynamic launch Linux kernel support, Paul Moore
      - Re: [PATCH v4 00/14] x86: Trenchboot secure dynamic launch Linux kernel support, Paul Moore
        
        Re: [PATCH v4 00/14] x86: Trenchboot secure dynamic launch Linux kernel support, Daniel P. Smith
[PATCH v13 0/7] Add tpm i2c ptp driver, amirmizi6
- [PATCH v13 4/7] tpm: Handle an exception for TPM Firmware Update mode., amirmizi6
  - Re: [PATCH v13 4/7] tpm: Handle an exception for TPM Firmware Update mode., Jarkko Sakkinen
- [PATCH v13 5/7] tpm: tpm_tis: verify TPM_STS register is valid after locality request, amirmizi6
  - Re: [PATCH v13 5/7] tpm: tpm_tis: verify TPM_STS register is valid after locality request, Jarkko Sakkinen
- [PATCH v13 3/7] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", amirmizi6
  - Re: [PATCH v13 3/7] tpm: tpm_tis: Rewrite "tpm_tis_req_canceled()", Jarkko Sakkinen
- [PATCH v13 1/7] tpm: Make read{16, 32}() and write32() in tpm_tis_phy_ops optional, amirmizi6
  - Re: [PATCH v13 1/7] tpm: Make read{16, 32}() and write32() in tpm_tis_phy_ops optional, Jarkko Sakkinen
- [PATCH v13 2/7] tpm: tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, amirmizi6
  - Re: [PATCH v13 2/7] tpm: tpm_tis: Fix expected bit handling and send all bytes in one shot without last byte in exception, Jarkko Sakkinen
- [PATCH v13 6/7] tpm: tpm_tis: add tpm_tis_i2c driver, amirmizi6
  - Re: [PATCH v13 6/7] tpm: tpm_tis: add tpm_tis_i2c driver, Jarkko Sakkinen
- [PATCH v13 7/7] tpm: Add YAML schema for TPM TIS I2C options, amirmizi6
  - Re: [PATCH v13 7/7] tpm: Add YAML schema for TPM TIS I2C options, Rob Herring
  - Re: [PATCH v13 7/7] tpm: Add YAML schema for TPM TIS I2C options, Jarkko Sakkinen
[PATCH v2] tpm: tis: Kconfig: Add helper dependency on COMPILE_TEST, Cai Huoqing
- Re: [PATCH v2] tpm: tis: Kconfig: Add helper dependency on COMPILE_TEST, Jarkko Sakkinen
[PATCH] tpm: tis: Kconfig: Add helper dependency on COMPILE_TEST, Cai Huoqing
- Re: [PATCH] tpm: tis: Kconfig: Add helper dependency on COMPILE_TEST, Jarkko Sakkinen
Writes to /proc/self/mem and file_mprotect() LSM hook, Igor Zhbanov
[PATCH linux-next] char:tpm: fix boolreturn.cocci warnings, CGEL
[GIT PULL] TPM DEVICE DRIVER changes for v5.15, Jarkko Sakkinen
- Re: [GIT PULL] TPM DEVICE DRIVER changes for v5.15, pr-tracker-bot
[PATCH] IMA: reject unknown hash algorithms in ima_get_hash_algo, THOBY Simon
- Re: [PATCH] IMA: reject unknown hash algorithms in ima_get_hash_algo, THOBY Simon
  - Re: [PATCH] IMA: reject unknown hash algorithms in ima_get_hash_algo, Mimi Zohar
[PATCH ima-evm-utils v3] Use secure heap for private keys and passwords, Vitaly Chikunov
- Re: [PATCH ima-evm-utils v3] Use secure heap for private keys and passwords, Bruno Meneguele
  - Re: [PATCH ima-evm-utils v3] Use secure heap for private keys and passwords, Vitaly Chikunov
    - Re: [PATCH ima-evm-utils v3] Use secure heap for private keys and passwords, Bruno Meneguele
- Re: [PATCH ima-evm-utils v3] Use secure heap for private keys and passwords, Mimi Zohar
  - Re: [PATCH ima-evm-utils v3] Use secure heap for private keys and passwords, Vitaly Chikunov
    - Re: [PATCH ima-evm-utils v3] Use secure heap for private keys and passwords, Mimi Zohar
[PATCH v5 0/1] NAX (No Anonymous Execution) LSM, Igor Zhbanov
- [PATCH v5 1/1] NAX LSM: Add initial support, Igor Zhbanov
  - Re: [PATCH v5 1/1] NAX LSM: Add initial support, J Freyensee
    - Re: [PATCH v5 1/1] NAX LSM: Add initial support, THOBY Simon
[PATCH v4 ima-evm-utils 0/2] make default hash algorithm dynamic, Bruno Meneguele
- [PATCH v4 ima-evm-utils 1/2] set default hash algorithm in configuration time, Bruno Meneguele
  - Re: [PATCH v4 ima-evm-utils 1/2] set default hash algorithm in configuration time, Mimi Zohar
    - Re: [PATCH v4 ima-evm-utils 1/2] set default hash algorithm in configuration time, Bruno Meneguele
- [PATCH v4 ima-evm-utils 2/2] make SHA-256 the default hash algorithm, Bruno Meneguele
[PATCH v3 ima-evm-utils 0/2] make default hash algorithm dynamic, Bruno Meneguele
- [PATCH v3 ima-evm-utils 1/2] set default hash algorithm in configuration time, Bruno Meneguele
  - Re: [PATCH v3 ima-evm-utils 1/2] set default hash algorithm in configuration time, Bruno Meneguele
- [PATCH v3 ima-evm-utils 2/2] make SHA-256 the default hash algorithm, Bruno Meneguele
[PATCH v4 0/1] NAX (No Anonymous Execution) LSM, Igor Zhbanov
- [PATCH v4 1/1] NAX LSM: Add initial support, Igor Zhbanov
  - Re: [PATCH v4 1/1] NAX LSM: Add initial support, kernel test robot
[PATCH] IMA: set a default value for unknown digsig algorithms, THOBY Simon
- Re: [PATCH] IMA: set a default value for unknown digsig algorithms, Lakshmi Ramasubramanian
- Re: [PATCH] IMA: set a default value for unknown digsig algorithms, Mimi Zohar
[PATCH v3 0/1] NAX (No Anonymous Execution) LSM, Igor Zhbanov
- [PATCH v3 1/1] NAX LSM: Add initial support, Igor Zhbanov
  - Re: [PATCH v3 1/1] NAX LSM: Add initial support, Randy Dunlap
- Re: [PATCH v3 0/1] NAX (No Anonymous Execution) LSM, THOBY Simon
[syzbot] UBSAN: array-index-out-of-bounds in ima_inode_setxattr, syzbot
[PATCH] ima: fix infinite loop within "ima_match_policy" function., liqiong
- Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., THOBY Simon
  - Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., Mimi Zohar
    - Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., Mimi Zohar
  - Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., 李力琼
    - Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., THOBY Simon
      - Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., Mimi Zohar
        
        Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., 李力琼
        
        Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., 李力琼
        
        Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., liqiong
        
        Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., THOBY Simon
        
        Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., Mimi Zohar
        
        Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., THOBY Simon
        
        Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., Mimi Zohar
        
        Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., liqiong
        
        Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., Mimi Zohar
      - Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., liqiong
        
        Re: [PATCH] ima: fix infinite loop within "ima_match_policy" function., THOBY Simon
- [PATCH] ima: fix deadlock within "ima_match_policy" function., liqiong
  - Re: [PATCH] ima: fix deadlock within "ima_match_policy" function., THOBY Simon
    - Re: [PATCH] ima: fix deadlock within "ima_match_policy" function., liqiong
      - Re: [PATCH] ima: fix deadlock within "ima_match_policy" function., Mimi Zohar
        
        Re: [PATCH] ima: fix deadlock within RCU list of ima_rules, liqiong
        
        Re: [PATCH] ima: fix deadlock within RCU list of ima_rules, liqiong
        
        Re: [PATCH] ima: fix deadlock within RCU list of ima_rules, THOBY Simon
        
        Re: [PATCH] ima: fix deadlock within RCU list of ima_rules, liqiong
        
        Re: [PATCH] ima: fix deadlock within RCU list of ima_rules, THOBY Simon
        
        Re: [PATCH] ima: fix deadlock within RCU list of ima_rules, liqiong
        
        Re: [PATCH] ima: fix deadlock within RCU list of ima_rules, THOBY Simon
        
        Re: [PATCH] ima: fix deadlock within RCU list of ima_rules, liqiong
        
        Re: [PATCH] ima: fix deadlock within RCU list of ima_rules, THOBY Simon
  - [PATCH] ima: fix deadlock when traversing "ima_default_rules"., liqiong
    - Re: [PATCH] ima: fix deadlock when traversing "ima_default_rules"., Mimi Zohar
    - [PATCH] ima: fix deadlock when traversing "ima_default_rules"., liqiong
      - Re: [PATCH] ima: fix deadlock when traversing "ima_default_rules"., Mimi Zohar
      - [PATCH] ima: fix deadlock when traversing "ima_default_rules"., liqiong
[PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Vitaly Chikunov
- Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Mimi Zohar
  - Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Vitaly Chikunov
    - Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Bruno Meneguele
      - Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Mimi Zohar
    - Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Mimi Zohar
- Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Bruno Meneguele
  - Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Vitaly Chikunov
    - Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Bruno Meneguele
- Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Vitaly Chikunov
- Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Vitaly Chikunov
  - Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords, Vitaly Chikunov
[PATCH v4 00/12] Enroll kernel keys thru MOK, Eric Snowberg
- [PATCH v4 06/12] KEYS: add a reference to mok keyring, Eric Snowberg
- [PATCH v4 07/12] KEYS: Introduce link restriction to include builtin, secondary and mok keys, Eric Snowberg
- [PATCH v4 03/12] KEYS: CA link restriction, Eric Snowberg
- [PATCH v4 05/12] integrity: add new keyring handler for mok keys, Eric Snowberg
- [PATCH v4 01/12] integrity: Introduce a Linux keyring for the Machine Owner Key (MOK), Eric Snowberg
- [PATCH v4 08/12] KEYS: integrity: change link restriction to trust the mok keyring, Eric Snowberg
- [PATCH v4 04/12] integrity: restrict INTEGRITY_KEYRING_MOK to restrict_link_by_ca, Eric Snowberg
- [PATCH v4 02/12] integrity: Do not allow mok keyring updates following init, Eric Snowberg
- [PATCH v4 09/12] KEYS: link secondary_trusted_keys to mok trusted keys, Eric Snowberg
- [PATCH v4 10/12] integrity: store reference to mok keyring, Eric Snowberg
- [PATCH v4 11/12] integrity: Trust MOK keys if MokListTrustedRT found, Eric Snowberg
- [PATCH v4 12/12] integrity: Only use mok keyring when uefi_check_trust_mok_keys is true, Eric Snowberg
- Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Jarkko Sakkinen
  - Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Mimi Zohar
    - Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Eric Snowberg
      - Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Mimi Zohar
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Jarkko Sakkinen
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Nayna
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Mimi Zohar
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Jarkko Sakkinen
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, James Bottomley
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Nayna
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Eric Snowberg
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Nayna
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Eric Snowberg
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Mimi Zohar
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Jarkko Sakkinen
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Jarkko Sakkinen
        
        Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Jarkko Sakkinen
      - Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Jarkko Sakkinen
    - Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Jarkko Sakkinen
      - Re: [PATCH v4 00/12] Enroll kernel keys thru MOK, Eric Snowberg
[PATCH v2 ima-evm-utils] libimaevm: make SHA-256 the default hash algorithm, Bruno Meneguele
- Re: [PATCH v2 ima-evm-utils] libimaevm: make SHA-256 the default hash algorithm, THOBY Simon
  - Re: [PATCH v2 ima-evm-utils] libimaevm: make SHA-256 the default hash algorithm, Mimi Zohar
    - Re: [PATCH v2 ima-evm-utils] libimaevm: make SHA-256 the default hash algorithm, Bruno Meneguele
[PATCH] libimaevm: make SHA-256 the default hash algorithm, Bruno Meneguele
[PATCH v2 0/1] NAX (No Anonymous Execution) LSM, Igor Zhbanov
- [PATCH v2 1/1] NAX LSM: Add initial support support, Igor Zhbanov
  - Re: [PATCH v2 1/1] NAX LSM: Add initial support support, THOBY Simon
[PATCH v2 ima-evm-utils] evmctl: fix memory leak in get_password, Bruno Meneguele
- [PATCH v2 ima-evm-utils] evmctl: fix memory leak in get_password, Bruno Meneguele
[PATCH v8 0/6] IMA: restrict the accepted digest algorithms for the security.ima xattr, THOBY Simon
- [PATCH v8 1/6] IMA: remove the dependency on CRYPTO_MD5, THOBY Simon
- [PATCH v8 6/6] IMA: prevent SETXATTR_CHECK policy rules with unavailable algorithms, THOBY Simon
  - Re: [PATCH v8 6/6] IMA: prevent SETXATTR_CHECK policy rules with unavailable algorithms, Mimi Zohar
    - Re: [PATCH v8 6/6] IMA: prevent SETXATTR_CHECK policy rules with unavailable algorithms, THOBY Simon
- [PATCH v8 2/6] IMA: block writes of the security.ima xattr with unsupported algorithms, THOBY Simon
- [PATCH v8 4/6] IMA: add a policy option to restrict xattr hash algorithms on appraisal, THOBY Simon
- [PATCH v8 5/6] IMA: introduce a new policy option func=SETXATTR_CHECK, THOBY Simon
- [PATCH v8 3/6] IMA: add support to restrict the hash algorithms used for file appraisal, THOBY Simon
[PATCH 1/1] ima: check control characters in policy file path, Tianxing Zhang
- Re: [PATCH 1/1] ima: check control characters in policy file path, Mimi Zohar
[PATCH 0/1] ima: check control characters in policy path, Tianxing Zhang
- Re: [PATCH 0/1] ima: check control characters in policy path, James Bottomley
[PATCH 0/6] updates to device mapper target measurement using ima, Tushar Sugandhi
- [PATCH 1/6] dm ima: prefix dm table hashes in ima log with hash algorithm, Tushar Sugandhi
- [PATCH 2/6] dm ima: add version info to dm related events in ima log, Tushar Sugandhi
- [PATCH 3/6] dm ima: prefix ima event name related to device mapper with dm_, Tushar Sugandhi
- [PATCH 4/6] dm ima: add a warning in dm_init if duplicate ima events are not measured, Tushar Sugandhi

[Index of Archives] [Linux Kernel] [Linux Kernel Hardening] [Linux NFS] [Linux NILFS] [Linux USB Devel] [Video for Linux] [Linux SCSI] [Yosemite Forum]