Linux Integrity

Date Index

Re: [PATCH 3/4] ima: don't ignore INTEGRITY_UNKNOWN EVM status, (continued)
- [PATCH 4/4] ima: only audit failed appraisal verifications, Roberto Sassu
  - Re: [PATCH 4/4] ima: only audit failed appraisal verifications, Mimi Zohar
    - Re: [PATCH 4/4] ima: only audit failed appraisal verifications, Roberto Sassu
- Re: [PATCH 1/4] evm: check hash algorithm passed to init_desc(), Mimi Zohar
[PATCH v2] ima: fix wrong signed policy requirement when not appraising, Petr Vorel
[PATCH] ima: fix wrong signed policy requirement when not appraising, Petr Vorel
- Re: [PATCH] ima: fix wrong signed policy requirement when not appraising, Mimi Zohar
- <Possible follow-ups>
- [PATCH] ima: fix wrong signed policy requirement when not appraising, Petr Vorel
[PATCH 2/2] public key: IMA signer logging: Add a new template ima-sigkey to store/read the public, key of ima signature signer, Lakshmi
[PATCH 1/2] public key: IMA signer logging: Add support for querying public key from a given key, Lakshmi
[PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log, Lakshmi
- Re: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log, Mimi Zohar
  - Re: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log, Lakshmi
    - Re: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log, Mimi Zohar
- Re: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log, Ken Goldman
  - Re: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log, Lakshmi
    - Re: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log, Ken Goldman
      - Re: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log, Lakshmi
        
        Re: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log, Ken Goldman
        
        Re: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log, Lakshmi
[PATCH 0/5] integrity: improve ima measurement accuracy, Janne Karhunen
- [PATCH 2/5] integrity: update the file measurement on truncate, Janne Karhunen
- [PATCH 1/5] integrity: keep the integrity state of open files up to date, Janne Karhunen
- [PATCH 3/5] integrity: update the file measurement on write, Janne Karhunen
- [PATCH 4/5] integrity: measure the file on sync, Janne Karhunen
- [PATCH 5/5] integrity: measure the file on msync, Janne Karhunen
IMA signature generated by evmctl has unexpected key identifier, nramas
- Re: IMA signature generated by evmctl has unexpected key identifier, Lakshmi
  - Re: IMA signature generated by evmctl has unexpected key identifier, Mimi Zohar
    - Re: IMA signature generated by evmctl has unexpected key identifier, Lakshmi
      - Re: IMA signature generated by evmctl has unexpected key identifier, Mimi Zohar
        
        Re: IMA signature generated by evmctl has unexpected key identifier, Lakshmi
        
        Re: IMA signature generated by evmctl has unexpected key identifier, Lakshmi
        
        Re: IMA signature generated by evmctl has unexpected key identifier, Mimi Zohar
        
        Re: IMA signature generated by evmctl has unexpected key identifier, Lakshmi
        
        Re: IMA signature generated by evmctl has unexpected key identifier, Lakshmi
        
        Re: IMA signature generated by evmctl has unexpected key identifier, Lakshmi
        
        Re: IMA signature generated by evmctl has unexpected key identifier, Mimi Zohar
        
        Re: IMA signature generated by evmctl has unexpected key identifier, Lakshmi
Whitelisting with IMA, m3hm00d
- Re: Whitelisting with IMA, Roberto Sassu
  - Re: Whitelisting with IMA, m3hm00d
Carrying over the ima log during kexec_file_load, prakhar srivastava
[PATCH 0/3 v5] Kexec cmdline bufffer measure, Prakhar Srivastava
- [PATCH 3/3 v5] call ima_kexec_cmdline from kexec_file_load path, Prakhar Srivastava
- [PATCH 1/3 v5] add a new ima hook and policy to measure the cmdline, Prakhar Srivastava
- [PATCH 2/3 v5] add a new template field buf to contain the buffer, Prakhar Srivastava
- <Possible follow-ups>
- [PATCH 0/3 v5] Kexec cmdline bufffer measure, Prakhar Srivastava
  - [PATCH 1/3 v5] add a new ima hook and policy to measure the cmdline, Prakhar Srivastava
    - Re: [PATCH 1/3 v5] add a new ima hook and policy to measure the cmdline, Mimi Zohar
      - Re: [PATCH 1/3 v5] add a new ima hook and policy to measure the cmdline, prakhar srivastava
        
        Re: [PATCH 1/3 v5] add a new ima hook and policy to measure the cmdline, Mimi Zohar
  - [PATCH 3/3 v5] call ima_kexec_cmdline from kexec_file_load path, Prakhar Srivastava
    - Re: [PATCH 3/3 v5] call ima_kexec_cmdline from kexec_file_load path, Mimi Zohar
  - [PATCH 2/3 v5] add a new template field buf to contain the buffer, Prakhar Srivastava
    - Re: [PATCH 2/3 v5] add a new template field buf to contain the buffer, Roberto Sassu
      - Re: [PATCH 2/3 v5] add a new template field buf to contain the buffer, prakhar srivastava
        
        Re: [PATCH 2/3 v5] add a new template field buf to contain the buffer, Roberto Sassu
        
        Re: [PATCH 2/3 v5] add a new template field buf to contain the buffer, prakhar srivastava
        
        Re: [PATCH 2/3 v5] add a new template field buf to contain the buffer, Roberto Sassu
[PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Roberto Sassu
- [PATCH v2 1/3] fs: add ksys_lsetxattr() wrapper, Roberto Sassu
  - Re: [PATCH v2 1/3] fs: add ksys_lsetxattr() wrapper, Jann Horn
- [PATCH v2 2/3] initramfs: set extended attributes, Roberto Sassu
- [PATCH v2 3/3] initramfs: introduce do_readxattrs(), Roberto Sassu
  - Re: [PATCH v2 3/3] initramfs: introduce do_readxattrs(), Jann Horn
    - Re: [PATCH v2 3/3] initramfs: introduce do_readxattrs(), Roberto Sassu
- Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Rob Landley
  - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Roberto Sassu
    - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Mimi Zohar
      - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Rob Landley
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Mimi Zohar
- Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Andy Lutomirski
  - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Rob Landley
    - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Rob Landley
- Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Dominik Brodowski
  - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, hpa
    - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Dominik Brodowski
      - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Mimi Zohar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, hpa
      - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, hpa
  - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Mimi Zohar
    - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Rob Landley
      - Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Roberto Sassu
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Rob Landley
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Mimi Zohar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Roberto Sassu
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Mimi Zohar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Mimi Zohar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Rob Landley
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Rob Landley
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Roberto Sassu
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Rob Landley
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Roberto Sassu
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Andy Lutomirski
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Roberto Sassu
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Greg KH
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Roberto Sassu
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, James Bottomley
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Rob Landley
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, James Bottomley
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Roberto Sassu
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Roberto Sassu
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Arvind Sankar
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Roberto Sassu
        
        Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk, Mimi Zohar
[PATCH 00/16] treewide: fix match_string() helper when array size, Alexandru Ardelean
- [PATCH 01/16] lib: fix match_string() helper on -1 array size, Alexandru Ardelean
  - Re: [PATCH 01/16] lib: fix match_string() helper on -1 array size, Ardelean, Alexandru
- [PATCH 06/16] x86/mtrr: use new match_string() helper + add gaps == minor fix, Alexandru Ardelean
- [PATCH 13/16] drm/edid: use new match_string() helper/macro, Alexandru Ardelean
- [PATCH 16/16] sched: debug: use new match_string() helper/macro, Alexandru Ardelean
- [PATCH 14/16] staging: gdm724x: use new match_string() helper/macro, Alexandru Ardelean
- [PATCH 15/16] video: fbdev: pxafb: use new match_string() helper/macro, Alexandru Ardelean
- [PATCH 12/16] rdmacg: use new match_string() helper/macro, Alexandru Ardelean
- [PATCH 11/16] mm/vmpressure.c: use new match_string() helper/macro, Alexandru Ardelean
- [PATCH 08/16] cpufreq/intel_pstate: remove NULL entry + use match_string(), Alexandru Ardelean
- [PATCH 09/16] mmc: sdhci-xenon: use new match_string() helper/macro, Alexandru Ardelean
  - Re: [PATCH 09/16] mmc: sdhci-xenon: use new match_string() helper/macro, Dan Carpenter
- [PATCH 10/16] pinctrl: armada-37xx: use new match_string() helper/macro, Alexandru Ardelean
- [PATCH 07/16] device connection: use new match_string() helper/macro, Alexandru Ardelean
- [PATCH 02/16] treewide: rename match_string() -> __match_string(), Alexandru Ardelean
- [PATCH 03/16] lib,treewide: add new match_string() helper/macro, Alexandru Ardelean
  - Re: [PATCH 03/16] lib,treewide: add new match_string() helper/macro, Andy Shevchenko
    - Re: [PATCH 03/16] lib,treewide: add new match_string() helper/macro, Greg KH
      - Re: [PATCH 03/16] lib,treewide: add new match_string() helper/macro, Ardelean, Alexandru
        
        Re: [PATCH 03/16] lib,treewide: add new match_string() helper/macro, Ardelean, Alexandru
        
        Re: [PATCH 03/16] lib,treewide: add new match_string() helper/macro, andriy.shevchenko@xxxxxxxxxxxxxxx
        
        Re: [PATCH 03/16] lib,treewide: add new match_string() helper/macro, Ardelean, Alexandru
- [PATCH 04/16] powerpc/xmon: use new match_string() helper/macro, Alexandru Ardelean
- [PATCH 05/16] ALSA: oxygen: use new match_string() helper/macro, Alexandru Ardelean
- [PATCH 01/16] lib: fix match_string() helper when array size is positive, Alexandru Ardelean
- [PATCH 1/3][V2] lib: fix match_string() helper on -1 array size, Alexandru Ardelean
  - [PATCH 2/3][V2] treewide: rename match_string() -> __match_string(), Alexandru Ardelean
  - [PATCH 3/3][V2] lib: re-introduce new match_string() helper/macro, Alexandru Ardelean
[PATCH AUTOSEL 4.14 41/95] ima: open a new file instance if no read permissions, Sasha Levin
[PATCH 0/3] ima: addressing mmap/mprotect concerns, Mimi Zohar
- [PATCH 3/3] ima: prevent a file already mmap'ed read|execute to be mmap'ed write, Mimi Zohar
- [PATCH 1/3] ima: verify mprotect change is consistent with mmap policy, Mimi Zohar
- [PATCH 2/3] ima: prevent a file already mmap'ed write to be mmap'ed execute, Mimi Zohar
Friendly reminder, Mimi Zohar
[PATCH] integrity: keep the integrity state of open files up to date, Janne Karhunen
- Re: [PATCH] integrity: keep the integrity state of open files up to date, Mimi Zohar
  - Re: [PATCH] integrity: keep the integrity state of open files up to date, Janne Karhunen
[PATCH 0/5 v4] Kexec cmdline bufffer measure, Prakhar Srivastava
- [PATCH 5/5 v4] removed the LSM hook made available, and renamed the ima_policy to be KEXEC_CMDLINE, Prakhar Srivastava
  - Re: [PATCH 5/5 v4] removed the LSM hook made available, and renamed the ima_policy to be KEXEC_CMDLINE, Mimi Zohar
- [PATCH 4/5 v4] added LSM hook to call ima_buffer_check, Prakhar Srivastava
- [PATCH 3/5 v4] add kexec_cmdline used to ima, Prakhar Srivastava
- [PATCH 2/5 v4] add the buffer to the xattr, Prakhar Srivastava
  - Re: [PATCH 2/5 v4] add the buffer to the xattr, Mimi Zohar
- [PATCH 1/5 v4] added a new ima policy func buffer_check, and ima hook to measure the buffer hash into ima, Prakhar Srivastava
  - Re: [PATCH 1/5 v4] added a new ima policy func buffer_check, and ima hook to measure the buffer hash into ima, Mimi Zohar
- Re: [PATCH 0/5 v4] Kexec cmdline bufffer measure, Mimi Zohar
setfattr to set security.ima fails with error "Invalid argument", Lakshmi Ramasubramanian
- Re: setfattr to set security.ima fails with error "Invalid argument", Ignaz Forster
[ANNOUNCE][CFP] Linux Security Summit Europe 2019, Elena Reshetova
[PATCH v3 0/4] Add a new ima_hook buffer_check to measure buffers critical for attestation, Prakhar Srivastava
- [PATCH v3 4/4] added LSM hook to call ima_buffer_check, Prakhar Srivastava
  - Re: [PATCH v3 4/4] added LSM hook to call ima_buffer_check, Mimi Zohar
- [PATCH v3 3/4] add kexec_cmdline used to ima, Prakhar Srivastava
  - Re: [PATCH v3 3/4] add kexec_cmdline used to ima, Mimi Zohar
    - Re: [PATCH v3 3/4] add kexec_cmdline used to ima, Al Viro
- [PATCH v3 1/4] added a new ima policy func buffer_check, and ima hook to measure the buffer hash into ima, Prakhar Srivastava
  - Re: [PATCH v3 1/4] added a new ima policy func buffer_check, and ima hook to measure the buffer hash into ima, Mimi Zohar
- [PATCH v3 2/4] add the buffer to the xattr, Prakhar Srivastava
  - Re: [PATCH v3 2/4] add the buffer to the xattr, Mimi Zohar
[PATCH v6 00/24] x86: text_poke() fixes and executable lockdowns, nadav . amit
- [PATCH v6 21/24] x86/kprobes: Use vmalloc special flag, nadav . amit
- [PATCH v6 24/24] bpf: Fail bpf_probe_write_user() while mm is switched, nadav . amit
- [PATCH v6 23/24] mm/tlb: Provide default nmi_uaccess_okay(), nadav . amit
- [PATCH v6 22/24] x86/alternative: Comment about module removal races, nadav . amit
- [PATCH v6 19/24] bpf: Use vmalloc special flag, nadav . amit
- [PATCH v6 20/24] x86/ftrace: Use vmalloc special flag, nadav . amit
- [PATCH v6 16/24] mm: Make hibernate handle unmapped pages, nadav . amit
- [PATCH v6 18/24] modules: Use vmalloc special flag, nadav . amit
- [PATCH v6 17/24] vmalloc: Add flag for free of special permsissions, nadav . amit
- [PATCH v6 15/24] x86/mm/cpa: Add set_direct_map_ functions, nadav . amit
- [PATCH v6 10/24] x86/ftrace: Set trampoline pages as executable, nadav . amit
- [PATCH v6 12/24] x86/module: Avoid breaking W^X while loading modules, nadav . amit
- [PATCH v6 14/24] x86/alternative: Remove the return value of text_poke_*(), nadav . amit
- [PATCH v6 13/24] x86/jump-label: Remove support for custom poker, nadav . amit
- [PATCH v6 09/24] x86/kgdb: Avoid redundant comparison of patched code, nadav . amit
- [PATCH v6 11/24] x86/kprobes: Set instruction page as executable, nadav . amit
- [PATCH v6 08/24] x86/alternative: Use temporary mm for text poking, nadav . amit
- [PATCH v6 03/24] x86/mm: Introduce temporary mm structs, nadav . amit
- [PATCH v6 06/24] fork: Provide a function for copying init_mm, nadav . amit
- [PATCH v6 07/24] x86/alternative: Initialize temporary mm for patching, nadav . amit
- [PATCH v6 05/24] uprobes: Initialize uprobes earlier, nadav . amit
- [PATCH v6 01/24] Fix "x86/alternatives: Lockdep-enforce text_mutex in text_poke*()", nadav . amit
- [PATCH v6 04/24] x86/mm: Save debug registers when loading a temporary mm, nadav . amit
- [PATCH v6 02/24] x86/jump_label: Use text_poke_early() during early init, nadav . amit
- Re: [PATCH v6 00/24] x86: text_poke() fixes and executable lockdowns, Ingo Molnar
- Re: [PATCH v6 00/24] x86: text_poke() fixes and executable lockdowns, Peter Zijlstra
[PATCH AUTOSEL 5.0 52/79] KEYS: trusted: fix -Wvarags warning, Sasha Levin
[PATCH AUTOSEL 5.0 51/79] tpm: fix an invalid condition in tpm_common_poll, Sasha Levin
[PATCH v5 00/23] x86: text_poke() fixes and executable lockdowns, Nadav Amit
- [PATCH v5 02/23] x86/jump_label: Use text_poke_early() during early init, Nadav Amit
- [PATCH v5 08/23] x86/kgdb: Avoid redundant comparison of patched code, Nadav Amit
- [PATCH v5 14/23] x86/mm/cpa: Add set_direct_map_ functions, Nadav Amit
  - Re: [PATCH v5 14/23] x86/mm/cpa: Add set_direct_map_ functions, Linus Torvalds
    - Re: [PATCH v5 14/23] x86/mm/cpa: Add set_direct_map_ functions, Nadav Amit
- [PATCH v5 10/23] x86/kprobes: Set instruction page as executable, Nadav Amit
- [PATCH v5 13/23] x86/alternative: Remove the return value of text_poke_*(), Nadav Amit
- [PATCH v5 23/23] bpf: Fail bpf_probe_write_user() while mm is switched, Nadav Amit
- [PATCH v5 20/23] x86/kprobes: Use vmalloc special flag, Nadav Amit
- [PATCH v5 21/23] x86/alternative: Comment about module removal races, Nadav Amit
- [PATCH v5 16/23] vmalloc: Add flag for free of special permsissions, Nadav Amit
- [PATCH v5 12/23] x86/jump-label: Remove support for custom poker, Nadav Amit
- [PATCH v5 17/23] modules: Use vmalloc special flag, Nadav Amit
- [PATCH v5 18/23] bpf: Use vmalloc special flag, Nadav Amit
- [PATCH v5 09/23] x86/ftrace: Set trampoline pages as executable, Nadav Amit
- [PATCH v5 06/23] x86/alternative: Initialize temporary mm for patching, Nadav Amit
- [PATCH v5 01/23] Fix "x86/alternatives: Lockdep-enforce text_mutex in text_poke*()", Nadav Amit
- [PATCH v5 03/23] x86/mm: Introduce temporary mm structs, Nadav Amit
- [PATCH v5 11/23] x86/module: Avoid breaking W^X while loading modules, Nadav Amit
- [PATCH v5 05/23] fork: Provide a function for copying init_mm, Nadav Amit
- [PATCH v5 19/23] x86/ftrace: Use vmalloc special flag, Nadav Amit
- [PATCH v5 22/23] mm/tlb: Provide default nmi_uaccess_okay(), Nadav Amit
- [PATCH v5 15/23] mm: Make hibernate handle unmapped pages, Nadav Amit
- [PATCH v5 04/23] x86/mm: Save debug registers when loading a temporary mm, Nadav Amit
- [PATCH v5 07/23] x86/alternative: Use temporary mm for text poking, Nadav Amit
- Re: [PATCH v5 00/23] x86: text_poke() fixes and executable lockdowns, Peter Zijlstra
linux-tpmdd self signed kernel failing to boot with secreboot on, Jordan
- Re: linux-tpmdd self signed kernel failing to boot with secreboot on, Matthew Garrett
  - Re: linux-tpmdd self signed kernel failing to boot with secreboot on, Jordan Hand
    - Re: linux-tpmdd self signed kernel failing to boot with secreboot on, Matthew Garrett
      - Re: linux-tpmdd self signed kernel failing to boot with secreboot on, Jordan Hand
        
        Re: linux-tpmdd self signed kernel failing to boot with secreboot on, Matthew Garrett
        
        Re: linux-tpmdd self signed kernel failing to boot with secreboot on, Jordan Hand
        
        Re: linux-tpmdd self signed kernel failing to boot with secreboot on, Matthew Garrett
        
        Re: linux-tpmdd self signed kernel failing to boot with secreboot on, Jordan Hand
        
        Re: linux-tpmdd self signed kernel failing to boot with secreboot on, Matthew Garrett
[PATCH v2] KEYS: Make use of platform keyring for module signature verify, Robert Holmes
- Message not available
  - Re: [PATCH v2] KEYS: Make use of platform keyring for module signature verify, Robert Holmes
- Re: [PATCH v2] KEYS: Make use of platform keyring for module signature verify, Mimi Zohar
  - Re: [PATCH v2] KEYS: Make use of platform keyring for module signature verify, Jeremy Cline
  - Re: [PATCH v2] KEYS: Make use of platform keyring for module signature verify, James Bottomley
[PATCH v1 1/1] Return the verified kernel image signature in kexec_file_load, nramas
[PATCH v2 1/5 RFC] added ima hook for buffer, being enabled as a policy, Prakhar Srivastava
- [PATCH v2 4/5 RFC] added a buffer_check LSM hook, Prakhar Srivastava
- [PATCH v2 5/5 RFC] add the buffer to the event data in ima free entry data if store_template failed added check in templates for buffer, Prakhar Srivastava
- [PATCH v2 2/5 RFC] use event name instead of enum to make the call generic, Prakhar Srivastava
  - Re: [PATCH v2 2/5 RFC] use event name instead of enum to make the call generic, Nayna
    - Re: [PATCH v2 2/5 RFC] use event name instead of enum to make the call generic, prsriva
      - Re: [PATCH v2 2/5 RFC] use event name instead of enum to make the call generic, Linus Torvalds
        
        Re: [PATCH v2 2/5 RFC] use event name instead of enum to make the call generic, James Morris
        
        Re: [PATCH v2 2/5 RFC] use event name instead of enum to make the call generic, James Bottomley
        
        Re: [PATCH v2 2/5 RFC] use event name instead of enum to make the call generic, James Morris
        
        Re: [PATCH v2 2/5 RFC] use event name instead of enum to make the call generic, Linus Torvalds
      - Re: [PATCH v2 2/5 RFC] use event name instead of enum to make the call generic, Nayna
- [PATCH v2 3/5 RFC] since cmdline args can be same for multiple kexec, log entry hash will collide. Prepend the kernel file name to the cmdline args to distinguish between cmdline args passed to subsequent kexec calls, Prakhar Srivastava
[PATCH] x86/ima: Check EFI_RUNTIME_SERVICES before using, Scott Wood
- Re: [PATCH] x86/ima: Check EFI_RUNTIME_SERVICES before using, Mimi Zohar
[PATCH v4 00/23] Merge text_poke fixes and executable lockdowns, Rick Edgecombe
- [PATCH v4 14/23] x86/mm/cpa: Add set_direct_map_ functions, Rick Edgecombe
- [PATCH v4 23/23] bpf: Fail bpf_probe_write_user() while mm is switched, Rick Edgecombe
- [PATCH v4 22/23] tlb: provide default nmi_uaccess_okay(), Rick Edgecombe
- [PATCH v4 21/23] x86/alternative: Comment about module removal races, Rick Edgecombe
- [PATCH v4 20/23] x86/kprobes: Use vmalloc special flag, Rick Edgecombe
- [PATCH v4 15/23] mm: Make hibernate handle unmapped pages, Rick Edgecombe
- [PATCH v4 18/23] bpf: Use vmalloc special flag, Rick Edgecombe
- [PATCH v4 19/23] x86/ftrace: Use vmalloc special flag, Rick Edgecombe
  - Re: [PATCH v4 19/23] x86/ftrace: Use vmalloc special flag, Steven Rostedt
    - Re: [PATCH v4 19/23] x86/ftrace: Use vmalloc special flag, Edgecombe, Rick P
- [PATCH v4 17/23] modules: Use vmalloc special flag, Rick Edgecombe
- [PATCH v4 16/23] vmalloc: Add flag for free of special permsissions, Rick Edgecombe
  - Re: [PATCH v4 16/23] vmalloc: Add flag for free of special permsissions, Peter Zijlstra
    - Re: [PATCH v4 16/23] vmalloc: Add flag for free of special permsissions, Edgecombe, Rick P
- [PATCH v4 12/23] x86/jump-label: Remove support for custom poker, Rick Edgecombe
- [PATCH v4 11/23] x86/module: Avoid breaking W^X while loading modules, Rick Edgecombe
- [PATCH v4 10/23] x86/kprobes: Set instruction page as executable, Rick Edgecombe
- [PATCH v4 13/23] x86/alternative: Remove the return value of text_poke_*(), Rick Edgecombe
- [PATCH v4 06/23] x86/alternative: Initialize temporary mm for patching, Rick Edgecombe
- [PATCH v4 03/23] x86/mm: Introduce temporary mm structs, Rick Edgecombe
  - Re: [PATCH v4 03/23] x86/mm: Introduce temporary mm structs, Borislav Petkov
    - Re: [PATCH v4 03/23] x86/mm: Introduce temporary mm structs, Nadav Amit
      - Re: [PATCH v4 03/23] x86/mm: Introduce temporary mm structs, Andy Lutomirski
- [PATCH v4 08/23] x86/kgdb: Avoid redundant comparison of patched code, Rick Edgecombe
- [PATCH v4 09/23] x86/ftrace: Set trampoline pages as executable, Rick Edgecombe
- [PATCH v4 07/23] x86/alternative: Use temporary mm for text poking, Rick Edgecombe
- [PATCH v4 04/23] x86/mm: Save DRs when loading a temporary mm, Rick Edgecombe
  - Re: [PATCH v4 04/23] x86/mm: Save DRs when loading a temporary mm, Borislav Petkov
  - Re: [PATCH v4 04/23] x86/mm: Save DRs when loading a temporary mm, Peter Zijlstra
- [PATCH v4 05/23] fork: Provide a function for copying init_mm, Rick Edgecombe
- [PATCH v4 01/23] Fix "x86/alternatives: Lockdep-enforce text_mutex in text_poke*()", Rick Edgecombe
- [PATCH v4 02/23] x86/jump_label: Use text_poke_early() during early init, Rick Edgecombe
- Re: [PATCH v4 00/23] Merge text_poke fixes and executable lockdowns, Peter Zijlstra
  - Re: [PATCH v4 00/23] Merge text_poke fixes and executable lockdowns, Peter Zijlstra
[PATCH v2 1/3 RFC] added ima hook for buffer, being enabled as a policy, Prakhar Srivastava
- [PATCH v2 2/3 RFC] use event name instead of enum to make the call generic, Prakhar Srivastava
- [PATCH v2 3/3 RFC] since cmdline args can be same for multiple kexec, log entry hash will collide. Prepend the kernel file name to the cmdline args to distinguish between cmdline args passed to subsequent kexec calls, Prakhar Srivastava
Can we enforce "IMA Policy" based on file type, Kavitha Sivagnanam
- Re: Can we enforce "IMA Policy" based on file type, Matthew Garrett
  - Re: Can we enforce "IMA Policy" based on file type, Kavitha Sivagnanam
- Re: Can we enforce "IMA Policy" based on file type, Mimi Zohar
  - RE: Can we enforce "IMA Policy" based on file type, Kavitha Sivagnanam
    - Re: Can we enforce "IMA Policy" based on file type, Nayna
  - Re: Can we enforce "IMA Policy" based on file type, Kavitha Sivagnanam
    - Re: Can we enforce "IMA Policy" based on file type, Mimi Zohar
[PATCH v10 00/12] Appended signatures support for IMA appraisal, Thiago Jung Bauermann
- [PATCH v10 01/12] MODSIGN: Export module signature definitions, Thiago Jung Bauermann
  - Re: [PATCH v10 01/12] MODSIGN: Export module signature definitions, Mimi Zohar
    - Re: [PATCH v10 01/12] MODSIGN: Export module signature definitions, Thiago Jung Bauermann
- [PATCH v10 02/12] PKCS#7: Refactor verify_pkcs7_signature(), Thiago Jung Bauermann
  - Re: [PATCH v10 02/12] PKCS#7: Refactor verify_pkcs7_signature(), Mimi Zohar
- [PATCH v10 03/12] PKCS#7: Introduce pkcs7_get_digest(), Thiago Jung Bauermann
  - Re: [PATCH v10 03/12] PKCS#7: Introduce pkcs7_get_digest(), Mimi Zohar
- [PATCH v10 04/12] integrity: Introduce struct evm_xattr, Thiago Jung Bauermann
- [PATCH v10 05/12] integrity: Select CONFIG_KEYS instead of depending on it, Thiago Jung Bauermann
- [PATCH v10 06/12] ima: Use designated initializers for struct ima_event_data, Thiago Jung Bauermann
  - Re: [PATCH v10 06/12] ima: Use designated initializers for struct ima_event_data, Mimi Zohar
- [PATCH v10 07/12] ima: Add modsig appraise_type option for module-style appended signatures, Thiago Jung Bauermann
- [PATCH v10 08/12] ima: Factor xattr_verify() out of ima_appraise_measurement(), Thiago Jung Bauermann
  - Re: [PATCH v10 08/12] ima: Factor xattr_verify() out of ima_appraise_measurement(), Mimi Zohar
- [PATCH v10 09/12] ima: Implement support for module-style appended signatures, Thiago Jung Bauermann
  - Re: [PATCH v10 09/12] ima: Implement support for module-style appended signatures, Mimi Zohar
    - Re: [PATCH v10 09/12] ima: Implement support for module-style appended signatures, Thiago Jung Bauermann
      - Re: [PATCH v10 09/12] ima: Implement support for module-style appended signatures, Mimi Zohar
  - Re: [PATCH v10 09/12] ima: Implement support for module-style appended signatures, Mimi Zohar
    - Re: [PATCH v10 09/12] ima: Implement support for module-style appended signatures, Thiago Jung Bauermann
- [PATCH v10 10/12] ima: Collect modsig, Thiago Jung Bauermann
- [PATCH v10 12/12] ima: Store the measurement again when appraising a modsig, Thiago Jung Bauermann
  - Re: [PATCH v10 12/12] ima: Store the measurement again when appraising a modsig, Mimi Zohar
    - Re: [PATCH v10 12/12] ima: Store the measurement again when appraising a modsig, Thiago Jung Bauermann
- [PATCH v10 11/12] ima: Define ima-modsig template, Thiago Jung Bauermann
  - Re: [PATCH v10 11/12] ima: Define ima-modsig template, Mimi Zohar
    - Re: [PATCH v10 11/12] ima: Define ima-modsig template, Thiago Jung Bauermann
on leave next week, Jarkko Sakkinen
- Re: on leave next week, Jarkko Sakkinen
  - Re: on leave next week, Jarkko Sakkinen
- <Possible follow-ups>
- On leave next week, Jarkko Sakkinen
[PATCH v3 00/26] compat_ioctl: cleanups, Arnd Bergmann
- [PATCH v3 09/26] compat_ioctl: move drivers to compat_ptr_ioctl, Arnd Bergmann
  - Re: [PATCH v3 09/26] compat_ioctl: move drivers to compat_ptr_ioctl, Jiri Kosina
  - Re: [PATCH v3 09/26] compat_ioctl: move drivers to compat_ptr_ioctl, Stefan Hajnoczi
  - Re: [PATCH v3 09/26] compat_ioctl: move drivers to compat_ptr_ioctl, Michael S. Tsirkin
- Re: [PATCH v3 00/26] compat_ioctl: cleanups, Douglas Gilbert
[PATCH v3 0/2] ftpm: a firmware based TPM driver, Sasha Levin
- [PATCH v3 2/2] ftpm: add documentation for ftpm driver, Sasha Levin
  - Re: [PATCH v3 2/2] ftpm: add documentation for ftpm driver, Enrico Weigelt, metux IT consult
    - Re: [PATCH v3 2/2] ftpm: add documentation for ftpm driver, Sasha Levin
  - Re: [PATCH v3 2/2] ftpm: add documentation for ftpm driver, Jarkko Sakkinen
- [PATCH v3 1/2] ftpm: firmware TPM running in TEE, Sasha Levin
  - Re: [PATCH v3 1/2] ftpm: firmware TPM running in TEE, Jarkko Sakkinen
    - Re: [PATCH v3 1/2] ftpm: firmware TPM running in TEE, Sasha Levin
      - Re: [PATCH v3 1/2] ftpm: firmware TPM running in TEE, Jarkko Sakkinen
  - Re: [PATCH v3 1/2] ftpm: firmware TPM running in TEE, Igor Opaniuk
- Re: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Sasha Levin
  - Re: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Sumit Garg
    - Re: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Daniel Thompson
      - Re: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Sumit Garg
  - Re: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Jarkko Sakkinen
    - Re: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Sasha Levin
      - Re: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Sumit Garg
        
        RE: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Thirupathaiah Annapureddy
        
        Re: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Sumit Garg
        
        RE: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Thirupathaiah Annapureddy
        
        Re: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Sumit Garg
        
        RE: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Thirupathaiah Annapureddy
        
        Re: [PATCH v3 0/2] ftpm: a firmware based TPM driver, Sumit Garg
[PATCH v2] MAINTAINERS: fix style in KEYS-TRUSTED entry, Lukas Bulwahn
- Re: [PATCH v2] MAINTAINERS: fix style in KEYS-TRUSTED entry, Jarkko Sakkinen
[PATCH] kexec_buffer measure, prsriva02
- Re: [PATCH] kexec_buffer measure, Mimi Zohar
- <Possible follow-ups>
- Re: [PATCH] kexec_buffer measure, prakhar srivastava
  - Re: [PATCH] kexec_buffer measure, Mimi Zohar
    - Re: [PATCH] kexec_buffer measure, Mimi Zohar
      - Re: [PATCH] kexec_buffer measure, Casey Schaufler
      - Re: [PATCH] kexec_buffer measure, Casey Schaufler
        
        Re: [PATCH] kexec_buffer measure, Tetsuo Handa
        
        Re: [PATCH] kexec_buffer measure, Mimi Zohar
[GIT PULL] linux-integrity patches for Linux 5.2, Mimi Zohar
- Re: [GIT PULL] linux-integrity patches for Linux 5.2, James Morris
[PATCH v9 00/10] crypto: add EC-RDSA (GOST 34.10) algorithm, Vitaly Chikunov
- [PATCH v9 01/10] crypto: akcipher - default implementations for request callbacks, Vitaly Chikunov
- [PATCH v9 04/10] KEYS: do not kmemdup digest in {public,tpm}_key_verify_signature, Vitaly Chikunov
- [PATCH v9 07/10] crypto: ecc - make ecc into separate module, Vitaly Chikunov
- [PATCH v9 10/10] integrity: support EC-RDSA signatures for asymmetric_verify, Vitaly Chikunov
- [PATCH v9 08/10] crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm, Vitaly Chikunov
- [PATCH v9 09/10] crypto: ecrdsa - add EC-RDSA test vectors to testmgr, Vitaly Chikunov
- [PATCH v9 02/10] crypto: rsa - unimplement sign/verify for raw RSA backends, Vitaly Chikunov
- [PATCH v9 03/10] crypto: akcipher - new verify API for public key algorithms, Vitaly Chikunov
- [PATCH v9 05/10] X.509: parse public key parameters from x509 for akcipher, Vitaly Chikunov
  - Re: [PATCH v9 05/10] X.509: parse public key parameters from x509 for akcipher, Denis Kenzior
- [PATCH v9 06/10] crypto: Kconfig - create Public-key cryptography section, Vitaly Chikunov
- Re: [PATCH v9 00/10] crypto: add EC-RDSA (GOST 34.10) algorithm, Herbert Xu
[PATCH] integrity: make 'sync' update the inode integrity state, Janne Karhunen
- Re: [PATCH] integrity: make 'sync' update the inode integrity state, Mimi Zohar
  - Re: [PATCH] integrity: make 'sync' update the inode integrity state, Janne Karhunen
    - Message not available
      - Message not available
        
        Message not available
        
        Message not available
        
        Re: [PATCH] integrity: make 'sync' update the inode integrity state, Janne Karhunen
        
        Re: [PATCH] integrity: make 'sync' update the inode integrity state, Janne Karhunen
  - Re: [PATCH] integrity: make 'sync' update the inode integrity state, Janne Karhunen
    - Re: [PATCH] integrity: make 'sync' update the inode integrity state, Janne Karhunen
      - Re: [PATCH] integrity: make 'sync' update the inode integrity state, Mimi Zohar
        
        Re: [PATCH] integrity: make 'sync' update the inode integrity state, Janne Karhunen
  - Re: [PATCH] integrity: make 'sync' update the inode integrity state, Mimi Zohar
[ANNOUNCE][CFP] Linux Security Summit North America 2019, James Morris
[PATCH v2 0/3] ftpm: a firmware based TPM driver, Sasha Levin
- [PATCH v2 3/3] ftpm: add documentation for ftpm driver, Sasha Levin
- [PATCH v2 2/3] ftpm: firmware TPM running in TEE, Sasha Levin
  - Re: [PATCH v2 2/3] ftpm: firmware TPM running in TEE, Jason Gunthorpe
- [PATCH v2 1/3] ftpm: dt-binding: add dts documentation for fTPM driver, Sasha Levin
  - Re: [PATCH v2 1/3] ftpm: dt-binding: add dts documentation for fTPM driver, Rob Herring
    - Re: [PATCH v2 1/3] ftpm: dt-binding: add dts documentation for fTPM driver, Sasha Levin
      - Re: [PATCH v2 1/3] ftpm: dt-binding: add dts documentation for fTPM driver, Rob Herring
        
        Re: [PATCH v2 1/3] ftpm: dt-binding: add dts documentation for fTPM driver, Jason Gunthorpe
        
        Re: [PATCH v2 1/3] ftpm: dt-binding: add dts documentation for fTPM driver, Sasha Levin
        
        Re: [PATCH v2 1/3] ftpm: dt-binding: add dts documentation for fTPM driver, Jason Gunthorpe
        
        RE: [PATCH v2 1/3] ftpm: dt-binding: add dts documentation for fTPM driver, Thirupathaiah Annapureddy
[PATCH v2 0/3] powerpc: Enabling secure boot on powernv systems - Part 1, Nayna Jain
- [PATCH v2 1/3] powerpc/powernv: Add support for OPAL_SECVAR_GET, Nayna Jain
- [PATCH v2 2/3] powerpc/powernv: detect the secure boot mode of the system, Nayna Jain
- [PATCH v2 3/3] powerpc: Add support to initialize ima policy rules, Nayna Jain
[PATCH ghau85 v1] ima: add support for AUDIT_INTEGRITY_EVM_XATTR records, Richard Guy Briggs
[PATCH v2 0/3] LTP reproducer on broken IMA on overlayfs, Petr Vorel
- [PATCH v2 1/3] ima: Call test's cleanup inside ima_setup.sh cleanup, Petr Vorel
  - Re: [PATCH v2 1/3] ima: Call test's cleanup inside ima_setup.sh cleanup, Mimi Zohar
    - Re: [PATCH v2 1/3] ima: Call test's cleanup inside ima_setup.sh cleanup, Petr Vorel
      - Re: [PATCH v2 1/3] ima: Call test's cleanup inside ima_setup.sh cleanup, Mimi Zohar
        
        Re: [PATCH v2 1/3] ima: Call test's cleanup inside ima_setup.sh cleanup, Petr Vorel
- [PATCH v2 2/3] shell: Add $TST_DEVICE as default parameter to tst_umount, Petr Vorel
- [PATCH v2 3/3] ima: Add overlay test, Petr Vorel
  - Re: [PATCH v2 3/3] ima: Add overlay test, Ignaz Forster
    - Re: [PATCH v2 3/3] ima: Add overlay test, Petr Vorel
- Re: [PATCH v2 0/3] LTP reproducer on broken IMA on overlayfs, Petr Vorel
  - Re: [PATCH v2 0/3] LTP reproducer on broken IMA on overlayfs, Ignaz Forster
    - Re: [PATCH v2 0/3] LTP reproducer on broken IMA on overlayfs, Petr Vorel
  - Re: [PATCH v2 0/3] LTP reproducer on broken IMA on overlayfs, Mimi Zohar
    - Re: [PATCH v2 0/3] LTP reproducer on broken IMA on overlayfs, Petr Vorel
      - Re: [PATCH v2 0/3] LTP reproducer on broken IMA on overlayfs, Mimi Zohar
        
        Re: [PATCH v2 0/3] LTP reproducer on broken IMA on overlayfs, Petr Vorel
        
        Re: [PATCH v2 0/3] LTP reproducer on broken IMA on overlayfs, Mimi Zohar
        
        Re: [PATCH v2 0/3] LTP reproducer on broken IMA on overlayfs, Petr Vorel
appraisal reset safety, Janne Karhunen
- Re: appraisal reset safety, Janne Karhunen
  - Re: appraisal reset safety, Janne Karhunen
    - Re: appraisal reset safety, Mimi Zohar
      - Re: appraisal reset safety, Janne Karhunen
      - Re: appraisal reset safety, Janne Karhunen
        
        Re: appraisal reset safety, Janne Karhunen
        
        Re: appraisal reset safety, Mimi Zohar
        
        Re: appraisal reset safety, Janne Karhunen
        
        Re: appraisal reset safety, Mimi Zohar
        
        Re: appraisal reset safety, Janne Karhunen
[PATCH] x86/ima: add missing include, Mimi Zohar
[PATCH] doc/kernel-parameters.txt: Deprecate ima_appraise_tcb, Petr Vorel
- Re: [PATCH] doc/kernel-parameters.txt: Deprecate ima_appraise_tcb, Mimi Zohar
Re: Unable to suspend lenovo t61, Roberto Sassu
[PATCH V32 24/27] kexec: Allow kexec_file() with appropriate IMA policy when locked down, Matthew Garrett
[PATCH] efi: Include tpm_eventlog.h after asm/efi.h to avoid memcpy breakage, Matthew Garrett
- Re: [PATCH] efi: Include tpm_eventlog.h after asm/efi.h to avoid memcpy breakage, Jarkko Sakkinen
- Re: [PATCH] efi: Include tpm_eventlog.h after asm/efi.h to avoid memcpy breakage, Ard Biesheuvel
- Re: [PATCH] efi: Include tpm_eventlog.h after asm/efi.h to avoid memcpy breakage, Jarkko Sakkinen
[PATCH] TCG2 log support build fixes for non-x86_64, Matthew Garrett
- [PATCH 2/2] tpm: Fix builds on platforms that lack early_memremap(), Matthew Garrett
  - Re: [PATCH 2/2] tpm: Fix builds on platforms that lack early_memremap(), Jarkko Sakkinen
- [PATCH 1/2] efi: Fix cast to pointer from integer of different size in TPM log code, Matthew Garrett
  - RE: [PATCH 1/2] efi: Fix cast to pointer from integer of different size in TPM log code, David Laight
    - Re: [PATCH 1/2] efi: Fix cast to pointer from integer of different size in TPM log code, Matthew Garrett
  - Re: [PATCH 1/2] efi: Fix cast to pointer from integer of different size in TPM log code, Jarkko Sakkinen
  - Re: [PATCH 1/2] efi: Fix cast to pointer from integer of different size in TPM log code, Ard Biesheuvel
    - Re: [PATCH 1/2] efi: Fix cast to pointer from integer of different size in TPM log code, Matthew Garrett
- Re: [PATCH] TCG2 log support build fixes for non-x86_64, Jarkko Sakkinen
  - Re: [PATCH] TCG2 log support build fixes for non-x86_64, Matthew Garrett
- Re: [PATCH] TCG2 log support build fixes for non-x86_64, Jarkko Sakkinen
[PATCH 1/2] ftpm: dt-binding: add dts documentation for fTPM driver, Sasha Levin
- [PATCH 2/2] ftpm: firmware TPM running in TEE, Sasha Levin
  - Re: [PATCH 2/2] ftpm: firmware TPM running in TEE, Stephen Hemminger
    - Re: [PATCH 2/2] ftpm: firmware TPM running in TEE, Jarkko Sakkinen
  - Re: [PATCH 2/2] ftpm: firmware TPM running in TEE, Jason Gunthorpe
  - Re: [PATCH 2/2] ftpm: firmware TPM running in TEE, Jarkko Sakkinen
    - Re: [PATCH 2/2] ftpm: firmware TPM running in TEE, Jarkko Sakkinen
      - Re: [PATCH 2/2] ftpm: firmware TPM running in TEE, Sasha Levin
        
        Re: [PATCH 2/2] ftpm: firmware TPM running in TEE, Jarkko Sakkinen
        
        Re: [PATCH 2/2] ftpm: firmware TPM running in TEE, Sasha Levin
        
        Re: [PATCH 2/2] ftpm: firmware TPM running in TEE, Jarkko Sakkinen
- Re: [PATCH 1/2] ftpm: dt-binding: add dts documentation for fTPM driver, Greg KH
  - Re: [PATCH 1/2] ftpm: dt-binding: add dts documentation for fTPM driver, Sasha Levin
- Re: [PATCH 1/2] ftpm: dt-binding: add dts documentation for fTPM driver, Jarkko Sakkinen
[PATCH 0/4] Enabling secure boot on PowerNV systems, Claudio Carvalho
- [PATCH 2/4] powerpc/powernv: Add support for OPAL secure variables, Claudio Carvalho
- [PATCH 3/4] powerpc/powernv: Detect the secure boot mode of the system, Claudio Carvalho
- [PATCH 4/4] powerpc: Add support to initialize ima policy rules, Claudio Carvalho
- [PATCH 1/4] powerpc/include: Override unneeded early ioremap functions, Claudio Carvalho
- Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Matthew Garrett
  - Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Claudio Carvalho
    - Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Matthew Garrett
      - Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Claudio Carvalho
        
        Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Matthew Garrett
        
        Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Claudio Carvalho
        
        Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Matthew Garrett
        
        Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Claudio Carvalho
        
        Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Matthew Garrett
        
        Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Claudio Carvalho
        
        Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Matthew Garrett
- Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Michael Ellerman
  - Re: [PATCH 0/4] Enabling secure boot on PowerNV systems, Claudio Carvalho
[PATCH v3] tpm: Actually fail on TPM errors during "get random", Kees Cook
- Re: [PATCH v3] tpm: Actually fail on TPM errors during "get random", Jason Gunthorpe
  - Re: [PATCH v3] tpm: Actually fail on TPM errors during "get random", Kees Cook
- RE: [PATCH v3] tpm: Actually fail on TPM errors during "get random", Winkler, Tomas
- Re: [PATCH v3] tpm: Actually fail on TPM errors during "get random", Jarkko Sakkinen
  - Re: [PATCH v3] tpm: Actually fail on TPM errors during "get random", Jarkko Sakkinen
    - RE: [PATCH v3] tpm: Actually fail on TPM errors during "get random", Winkler, Tomas
      - Re: [PATCH v3] tpm: Actually fail on TPM errors during "get random", Jarkko Sakkinen
        
        Re: [PATCH v3] tpm: Actually fail on TPM errors during "get random", Laura Abbott
        
        Re: [PATCH v3] tpm: Actually fail on TPM errors during "get random", Jarkko Sakkinen
[PATCH v2] tpm: Actually fail on TPM errors during "get random", Kees Cook
- Re: [PATCH v2] tpm: Actually fail on TPM errors during "get random", James Bottomley
[PATCH] tpm: Actually fail on TPM errors during "get random", Kees Cook
- Re: [PATCH] tpm: Actually fail on TPM errors during "get random", Jason Gunthorpe
  - Re: [PATCH] tpm: Actually fail on TPM errors during "get random", Kees Cook
- Re: [PATCH] tpm: Actually fail on TPM errors during "get random", James Bottomley
  - Re: [PATCH] tpm: Actually fail on TPM errors during "get random", Kees Cook
[GIT PULL] tpmdd fixes for Linux v5.1, Jarkko Sakkinen
- Re: [GIT PULL] tpmdd fixes for Linux v5.1, James Morris
  - Re: [GIT PULL] tpmdd fixes for Linux v5.1, Jarkko Sakkinen
  - Re: [GIT PULL] tpmdd fixes for Linux v5.1, Dan Williams
    - Re: [GIT PULL] tpmdd fixes for Linux v5.1, James Morris
[PATCH v4] tpm: fix an invalid condition in tpm_common_poll, Tadeusz Struk
- Re: [PATCH v4] tpm: fix an invalid condition in tpm_common_poll, Jarkko Sakkinen
  - Re: [PATCH v4] tpm: fix an invalid condition in tpm_common_poll, Tadeusz Struk
    - Re: [PATCH v4] tpm: fix an invalid condition in tpm_common_poll, Thibaut Sautereau
      - Re: [PATCH v4] tpm: fix an invalid condition in tpm_common_poll, Jarkko Sakkinen
        
        Re: [PATCH v4] tpm: fix an invalid condition in tpm_common_poll, Jonas Witschel
        
        Re: [PATCH v4] tpm: fix an invalid condition in tpm_common_poll, Sasha Levin
        
        Re: [PATCH v4] tpm: fix an invalid condition in tpm_common_poll, Jonas Witschel
        
        Re: [PATCH v4] tpm: fix an invalid condition in tpm_common_poll, Jarkko Sakkinen
[PATCH 0/3] LTP reproducer on broken IMA on overlayfs, Petr Vorel
- [PATCH 3/3] ima: Add overlay test, Petr Vorel
  - Re: [PATCH 3/3] ima: Add overlay test, Ignaz Forster
    - Re: [PATCH 3/3] ima: Add overlay test, Petr Vorel
  - Re: [PATCH 3/3] ima: Add overlay test, Mimi Zohar
    - Re: [PATCH 3/3] ima: Add overlay test, Petr Vorel
      - Re: [PATCH 3/3] ima: Add overlay test, Mimi Zohar
- Re: [PATCH 0/3] LTP reproducer on broken IMA on overlayfs, Petr Vorel
[REGRESSION] 5.1-rc1: tpm_try_transmit: send(): error -5, Domenico Andreoli
- Re: [REGRESSION] 5.1-rc1: tpm_try_transmit: send(): error -5, Jarkko Sakkinen
  - Re: [REGRESSION] 5.1-rc1: tpm_try_transmit: send(): error -5, Domenico Andreoli
    - Re: [REGRESSION] 5.1-rc1: tpm_try_transmit: send(): error -5, Jarkko Sakkinen
[PATCH ghak109 V2] audit: link integrity evm_write_xattrs record to syscall event, Richard Guy Briggs
- Re: [PATCH ghak109 V2] audit: link integrity evm_write_xattrs record to syscall event, Mimi Zohar
  - Re: [PATCH ghak109 V2] audit: link integrity evm_write_xattrs record to syscall event, Paul Moore
    - Re: [PATCH ghak109 V2] audit: link integrity evm_write_xattrs record to syscall event, Mimi Zohar
      - Re: [PATCH ghak109 V2] audit: link integrity evm_write_xattrs record to syscall event, Paul Moore
[PATCH v5 0/9] selftests/kexec: add kexec tests, Mimi Zohar
- [PATCH v5 8/9] selftests/kexec: check kexec_load and kexec_file_load are enabled, Mimi Zohar
  - Re: [PATCH v5 8/9] selftests/kexec: check kexec_load and kexec_file_load are enabled, Petr Vorel
- [PATCH v5 4/9] selftests/kexec: define common logging functions, Mimi Zohar
- [PATCH v5 9/9] selftests/kexec: make kexec_load test independent of IMA being enabled, Mimi Zohar
  - Re: [PATCH v5 9/9] selftests/kexec: make kexec_load test independent of IMA being enabled, Petr Vorel
- [PATCH v5 6/9] selftests/kexec: kexec_file_load syscall test, Mimi Zohar
- [PATCH v5 7/9] selftests/kexec: Add missing '=y' to config options, Mimi Zohar
- [PATCH v5 1/9] selftests/kexec: move the IMA kexec_load selftest to selftests/kexec, Mimi Zohar
  - Re: [PATCH v5 1/9] selftests/kexec: move the IMA kexec_load selftest to selftests/kexec, Petr Vorel
- [PATCH v5 5/9] kselftest/kexec: define "require_root_privileges", Mimi Zohar
- [PATCH v5 3/9] selftests/kexec: define a set of common functions, Mimi Zohar
- [PATCH v5 2/9] selftests/kexec: cleanup the kexec selftest, Mimi Zohar
- [PATCH] selftests/kexec: update get_secureboot_mode, Mimi Zohar
  - Re: [PATCH] selftests/kexec: update get_secureboot_mode, Petr Vorel
    - Re: [PATCH] selftests/kexec: update get_secureboot_mode, Mimi Zohar
[PATCH v8 00/10] crypto: add EC-RDSA (GOST 34.10) algorithm, Vitaly Chikunov
- [PATCH v8 01/10] crypto: akcipher - default implementations for request callbacks, Vitaly Chikunov
- [PATCH v8 02/10] crypto: rsa - unimplement sign/verify for raw RSA backends, Vitaly Chikunov
- [PATCH v8 03/10] crypto: akcipher - new verify API for public key algorithms, Vitaly Chikunov
  - Re: [PATCH v8 03/10] crypto: akcipher - new verify API for public key algorithms, Denis Kenzior
- [PATCH v8 04/10] KEYS: do not kmemdup digest in {public,tpm}_key_verify_signature, Vitaly Chikunov
- [PATCH v8 05/10] X.509: parse public key parameters from x509 for akcipher, Vitaly Chikunov
  - Re: [PATCH v8 05/10] X.509: parse public key parameters from x509 for akcipher, Denis Kenzior
- [PATCH v8 06/10] crypto: Kconfig - create Public-key cryptography section, Vitaly Chikunov
- [PATCH v8 07/10] crypto: ecc - make ecc into separate module, Vitaly Chikunov
- [PATCH v8 08/10] crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm, Vitaly Chikunov
- [PATCH v8 09/10] crypto: ecrdsa - add EC-RDSA test vectors to testmgr, Vitaly Chikunov
- [PATCH v8 10/10] integrity: support EC-RDSA signatures for asymmetric_verify, Vitaly Chikunov
  - Re: [PATCH v8 10/10] integrity: support EC-RDSA signatures for asymmetric_verify, Mimi Zohar
    - Re: [PATCH v8 10/10] integrity: support EC-RDSA signatures for asymmetric_verify, Vitaly Chikunov
      - Re: [PATCH v8 10/10] integrity: support EC-RDSA signatures for asymmetric_verify, Mimi Zohar
        
        Re: [PATCH v8 10/10] integrity: support EC-RDSA signatures for asymmetric_verify, Vitaly Chikunov
[PATCH v3] KEYS: trusted: allow trusted.ko to initialize w/o a TPM, Jarkko Sakkinen
- Re: [PATCH v3] KEYS: trusted: allow trusted.ko to initialize w/o a TPM, Dan Williams
  - Re: [PATCH v3] KEYS: trusted: allow trusted.ko to initialize w/o a TPM, Jarkko Sakkinen
[PATCH v2] KEYS: trusted: allow trusted.ko to initialize w/o a TPM, Jarkko Sakkinen
[PATCH 27/27] kexec: Allow kexec_file() with appropriate IMA policy when locked down, Matthew Garrett
- Re: [PATCH 27/27] kexec: Allow kexec_file() with appropriate IMA policy when locked down, Mimi Zohar
Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED', Joe Perches
- Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED', Jarkko Sakkinen
  - Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED', Mimi Zohar
    - Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED', James Bottomley
      - Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED', Denis Kenzior
        
        Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED', James Bottomley
        
        Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED', Jarkko Sakkinen
      - Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED', Jarkko Sakkinen
- Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED', Denis Efremov
  - Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED', Jarkko Sakkinen
    - [RESEND PATCH] MAINTAINERS: keys: Update path to trusted.h, Denis Efremov
      - Re: [RESEND PATCH] MAINTAINERS: keys: Update path to trusted.h, Jarkko Sakkinen
        
        Re: [RESEND PATCH] MAINTAINERS: keys: Update path to trusted.h, Denis Efremov
        
        Re: [RESEND PATCH] MAINTAINERS: keys: Update path to trusted.h, Jarkko Sakkinen
[PATCH] KEYS: trusted: allow trusted.ko to initialize w/o a TPM, Jarkko Sakkinen
- Re: [PATCH] KEYS: trusted: allow trusted.ko to initialize w/o a TPM, Dan Williams
  - Re: [PATCH] KEYS: trusted: allow trusted.ko to initialize w/o a TPM, Jarkko Sakkinen
- Re: [PATCH] KEYS: trusted: allow trusted.ko to initialize w/o a TPM, Jarkko Sakkinen
[PATCH v3] ima-evm-utils: Convert sign v2 from RSA to EVP_PKEY API, Vitaly Chikunov
- Re: [PATCH v3] ima-evm-utils: Convert sign v2 from RSA to EVP_PKEY API, Mimi Zohar
  - Re: [PATCH v3] ima-evm-utils: Convert sign v2 from RSA to EVP_PKEY API, Vitaly Chikunov
    - Re: [PATCH v3] ima-evm-utils: Convert sign v2 from RSA to EVP_PKEY API, Mimi Zohar
      - Re: [PATCH v3] ima-evm-utils: Convert sign v2 from RSA to EVP_PKEY API, Mimi Zohar
        
        Re: [PATCH v3] ima-evm-utils: Convert sign v2 from RSA to EVP_PKEY API, Vitaly Chikunov
[PATCH v3] ima-evm-utils: Rework openssl init, Vitaly Chikunov
- Re: [PATCH v3] ima-evm-utils: Rework openssl init, Mimi Zohar
[PATCH 0/2] ima-evm-utils: rebase of digest algo resolving, Vitaly Chikunov
- [PATCH 1/2] ima-evm-utils: Extract digest algorithms from hash_info.h, Vitaly Chikunov
- [PATCH 2/2] ima-evm-utils: try to load digest by its alias, Vitaly Chikunov
  - Re: [PATCH 2/2] ima-evm-utils: try to load digest by its alias, Mimi Zohar
    - Re: [PATCH 2/2] ima-evm-utils: try to load digest by its alias, Vitaly Chikunov
      - Re: [PATCH 2/2] ima-evm-utils: try to load digest by its alias, Mimi Zohar
        
        Re: [PATCH 2/2] ima-evm-utils: try to load digest by its alias, Vitaly Chikunov
        
        Re: [PATCH 2/2] ima-evm-utils: try to load digest by its alias, Mimi Zohar
        
        Re: [PATCH 2/2] ima-evm-utils: try to load digest by its alias, Vitaly Chikunov
        
        Re: [PATCH 2/2] ima-evm-utils: try to load digest by its alias, Mimi Zohar
[PATCH v4a 1/2] selftests/kexec: make tests independent of IMA being enabled, Mimi Zohar
- [PATCH v4a 2/2] selftests/kexec: testing CONFIG_KEXEC_BZIMAGE_VERIFY_SIG is not enough, Mimi Zohar
- Re: [PATCH v4a 1/2] selftests/kexec: make tests independent of IMA being enabled, Dave Young
  - Re: [PATCH v4a 1/2] selftests/kexec: make tests independent of IMA being enabled, Mimi Zohar
    - Re: [PATCH v4a 1/2] selftests/kexec: make tests independent of IMA being enabled, Dave Young
      - Re: [PATCH v4a 1/2] selftests/kexec: make tests independent of IMA being enabled, Mimi Zohar
[PATCH] KEYS: trusted: defer execution of TPM-specific code until key instantiate, Roberto Sassu
- Re: [PATCH] KEYS: trusted: defer execution of TPM-specific code until key instantiate, Dan Williams
- Re: [PATCH] KEYS: trusted: defer execution of TPM-specific code until key instantiate, Jarkko Sakkinen
Portable Executable (PE) Signature Validation and Measurement for KEXEC system call using IMA, Lakshmi Ramasubramanian
- RE: Portable Executable (PE) Signature Validation and Measurement for KEXEC system call using IMA, Lakshmi Ramasubramanian
- Re: Portable Executable (PE) Signature Validation and Measurement for KEXEC system call using IMA, Mimi Zohar
  - RE: Portable Executable (PE) Signature Validation and Measurement for KEXEC system call using IMA, Lakshmi Ramasubramanian
Adding cmldine args measure to ima, Prakhar Srivastava
- Re: Adding cmldine args measure to ima, Mimi Zohar
[PATCH RESEND v3] tpm: fix an invalid condition in tpm_common_poll, Tadeusz Struk
- Re: [PATCH RESEND v3] tpm: fix an invalid condition in tpm_common_poll, Jarkko Sakkinen
  - Re: [PATCH RESEND v3] tpm: fix an invalid condition in tpm_common_poll, Jarkko Sakkinen
    - Re: [PATCH RESEND v3] tpm: fix an invalid condition in tpm_common_poll, Tadeusz Struk
      - Re: [PATCH RESEND v3] tpm: fix an invalid condition in tpm_common_poll, Jarkko Sakkinen
[PATCH] tpm: turn on TPM on suspend for TPM 1.x, Jarkko Sakkinen
- Re: [PATCH] tpm: turn on TPM on suspend for TPM 1.x, Domenico Andreoli
  - Re: [PATCH] tpm: turn on TPM on suspend for TPM 1.x, Jarkko Sakkinen
[PATCH v2 1/8] evmtest: Regression testing integrity subsystem, djacobs7
- [PATCH v2 8/8] evmtest: virtual machine compatibility, djacobs7
- [PATCH v2 7/8] emvtest: Add ability to run all tests, djacobs7
- [PATCH v2 6/8] evmtest: test the preservation of extended attributes, djacobs7
- [PATCH v2 3/8] evmtest: test kernel module loading, djacobs7
- [PATCH v2 5/8] evmtest: validate boot record, djacobs7
- [PATCH v2 4/8] evmtest: test kexec signature policy, djacobs7
- [PATCH v2 2/8] evmtest: test loading IMA policies, djacobs7

[Index of Archives] [Linux Kernel] [Linux Kernel Hardening] [Linux NFS] [Linux NILFS] [Linux USB Devel] [Video for Linux] [Linux SCSI] [Yosemite Forum]