Linux Integrity
[Prev Page][Next Page]
- Re: [PATCH RFC 1/8] certs: Introduce ability to link to a system key, (continued)
- [RFC PATCH v2 0/3] Preserve TPM log across kexec,
Stefan Berger
- [PATCH v4] ima: add crypto agility support for template-hash algorithm,
Enrico Bravi
- [PATCH] evm: Change vfs_getxattr() with __vfs_getxattr() in evm_calc_hmac_or_hash(),
Roberto Sassu
- [PATCH 0/1] Fix TPM chip hanging system before suspend/shutdown,
Adam Alves
- [RFC PATCH v14 00/19] Integrity Policy Enforcement LSM (IPE),
Fan Wu
- [RFC PATCH v14 01/19] security: add ipe lsm, Fan Wu
- [RFC PATCH v14 04/19] ipe: add LSM hooks on execution and kernel read, Fan Wu
- [RFC PATCH v14 03/19] ipe: add evaluation loop, Fan Wu
- [RFC PATCH v14 02/19] ipe: add policy parser, Fan Wu
- [RFC PATCH v14 05/19] initramfs|security: Add a security hook to do_populate_rootfs(), Fan Wu
- [RFC PATCH v14 07/19] security: add new securityfs delete function, Fan Wu
- [RFC PATCH v14 10/19] ipe: add permissive toggle, Fan Wu
- [RFC PATCH v14 06/19] ipe: introduce 'boot_verified' as a trust provider, Fan Wu
- [RFC PATCH v14 12/19] dm: add finalize hook to target_type, Fan Wu
- [RFC PATCH v14 09/19] uapi|audit|ipe: add ipe auditing support, Fan Wu
- [RFC PATCH v14 13/19] dm verity: consume root hash digest and signature data via LSM hook, Fan Wu
- [RFC PATCH v14 15/19] fsverity: consume builtin signature via LSM hook, Fan Wu
- [RFC PATCH v14 18/19] ipe: kunit test for parser, Fan Wu
- [RFC PATCH v14 14/19] ipe: add support for dm-verity as a trust provider, Fan Wu
- [RFC PATCH v14 11/19] block|security: add LSM blob to block_device, Fan Wu
- [RFC PATCH v14 08/19] ipe: add userspace interface, Fan Wu
- [RFC PATCH v14 17/19] scripts: add boot policy generation program, Fan Wu
- [RFC PATCH v14 16/19] ipe: enable support for fs-verity as a trust provider, Fan Wu
- [RFC PATCH v14 19/19] documentation: add ipe documentation, Fan Wu
- Re: [RFC PATCH v14 00/19] Integrity Policy Enforcement LSM (IPE), Paul Moore
- [PATCH] Fix TPM chip hanging system before suspend/shutdown,
Adam Alves
- [PATCH 0/2] Preserve TPM log across kexec,
Stefan Berger
- Issue with TPM2 Encrypt/Decrypt Functionality and TSS API Integration,
Samuel Lee
- [PATCH] xattr: restrict vfs_getxattr_alloc() allocation size,
Christian Brauner
- [GIT PULL] integrity: subsystem update for v6.8-rcX,
Mimi Zohar
- [PATCH] Documentation: tpm_tis,
Jarkko Sakkinen
- [PATCH v2] MAINTAINERS: Update W's for KEYS/KEYRINGS_INTEGRITY and TPM DEVICE DRIVER, Jarkko Sakkinen
- [PATCH][next] integrity: Avoid -Wflex-array-member-not-at-end warnings,
Gustavo A. R. Silva
- [ima-evm-utils PATCH] Add missing newline to error message, Stefan Berger
- [RFC PATCH v13 00/20] Integrity Policy Enforcement LSM (IPE),
Fan Wu
- [RFC PATCH v13 03/20] ipe: add evaluation loop, Fan Wu
- [RFC PATCH v13 02/20] ipe: add policy parser, Fan Wu
- [RFC PATCH v13 04/20] ipe: add LSM hooks on execution and kernel read, Fan Wu
- [RFC PATCH v13 01/20] security: add ipe lsm, Fan Wu
- [RFC PATCH v13 05/20] initramfs|security: Add a security hook to do_populate_rootfs(), Fan Wu
- [RFC PATCH v13 06/20] ipe: introduce 'boot_verified' as a trust provider, Fan Wu
- [RFC PATCH v13 07/20] security: add new securityfs delete function, Fan Wu
- [RFC PATCH v13 10/20] ipe: add permissive toggle, Fan Wu
- [RFC PATCH v13 14/20] dm verity: consume root hash digest and signature data via LSM hook, Fan Wu
- [RFC PATCH v13 13/20] dm: add finalize hook to target_type, Fan Wu
- [RFC PATCH v13 11/20] block|security: add LSM blob to block_device, Fan Wu
- [RFC PATCH v13 12/20] dm verity: set DM_TARGET_SINGLETON feature flag, Fan Wu
- [RFC PATCH v13 16/20] fsverity: consume builtin signature via LSM hook, Fan Wu
- [RFC PATCH v13 08/20] ipe: add userspace interface, Fan Wu
- [RFC PATCH v13 18/20] scripts: add boot policy generation program, Fan Wu
- [RFC PATCH v13 19/20] ipe: kunit test for parser, Fan Wu
- [RFC PATCH v13 09/20] uapi|audit|ipe: add ipe auditing support, Fan Wu
- [RFC PATCH v13 15/20] ipe: add support for dm-verity as a trust provider, Fan Wu
- [RFC PATCH v13 17/20] ipe: enable support for fs-verity as a trust provider, Fan Wu
- [RFC PATCH v13 20/20] documentation: add ipe documentation, Fan Wu
- TPM error path on probe,
Tim Harvey
- [PATCH v4 ima-evm-utils 0/7] Implement imaevm_signhash and add provider support,
Stefan Berger
- [PATCH v3 ima-evm-utils 0/7] Deprecate sign_hash and add provider support,
Stefan Berger
- [PATCH] MAINTAINERS: Update W's for KEYS/KEYRINGS_INTEGRITY and TPM DEVICE RIVER,
Jarkko Sakkinen
- [PATCH v3 00/10] evm: Support signatures on stacked filesystem,
Stefan Berger
- [PATCH v3 07/10] ima: re-evaluate file integrity on file metadata change, Stefan Berger
- [PATCH v3 04/10] evm: Use the metadata inode to calculate metadata hash, Stefan Berger
- [PATCH v3 01/10] ima: Rename backing_inode to real_inode, Stefan Berger
- [PATCH v3 06/10] evm: Store and detect metadata inode attributes changes, Stefan Berger
- [PATCH v3 05/10] ima: Move file-change detection variables into new structure, Stefan Berger
- [PATCH v3 08/10] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509, Stefan Berger
- [PATCH v3 02/10] security: allow finer granularity in permitting copy-up of security xattrs, Stefan Berger
- [PATCH v3 03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr, Stefan Berger
- [PATCH v3 09/10] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED, Stefan Berger
- [PATCH v3 10/10] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs, Stefan Berger
- Re: [PATCH v3 00/10] evm: Support signatures on stacked filesystem, Mimi Zohar
- [PATCH v2 ima-evm-utils 0/6] Deprecate sign_hash and add provider support,
Stefan Berger
- [PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities,
Seth Forshee (DigitalOcean)
- [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h, Seth Forshee (DigitalOcean)
- [PATCH v2 04/25] capability: rename cpu_vfs_cap_data to vfs_caps, Seth Forshee (DigitalOcean)
- [PATCH v2 02/25] mnt_idmapping: include cred.h, Seth Forshee (DigitalOcean)
- [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data, Seth Forshee (DigitalOcean)
- [PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids, Seth Forshee (DigitalOcean)
- [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
- [PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace, Seth Forshee (DigitalOcean)
- [PATCH v2 08/25] xattr: add is_fscaps_xattr() helper, Seth Forshee (DigitalOcean)
- [PATCH v2 12/25] selinux: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
- [PATCH v2 13/25] smack: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
- [PATCH v2 10/25] xattr: use is_fscaps_xattr(), Seth Forshee (DigitalOcean)
- [PATCH v2 14/25] evm: add support for fscaps security hooks, Seth Forshee (DigitalOcean)
- [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Seth Forshee (DigitalOcean)
- [PATCH v2 09/25] commoncap: use is_fscaps_xattr(), Seth Forshee (DigitalOcean)
- [PATCH v2 22/25] fs: use vfs interfaces for capabilities xattrs, Seth Forshee (DigitalOcean)
- [PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps, Seth Forshee (DigitalOcean)
- [PATCH v2 17/25] fs: add vfs_get_fscaps(), Seth Forshee (DigitalOcean)
- [PATCH v2 20/25] ovl: add fscaps handlers, Seth Forshee (DigitalOcean)
- [PATCH v2 18/25] fs: add vfs_set_fscaps(), Seth Forshee (DigitalOcean)
- [PATCH v2 19/25] fs: add vfs_remove_fscaps(), Seth Forshee (DigitalOcean)
- [PATCH v2 21/25] ovl: use vfs_{get,set}_fscaps() for copy-up, Seth Forshee (DigitalOcean)
- [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks, Seth Forshee (DigitalOcean)
- [PATCH v2 23/25] commoncap: remove cap_inode_getsecurity(), Seth Forshee (DigitalOcean)
- [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
- [PATCH v2 25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr(), Seth Forshee (DigitalOcean)
- Re: [PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities, Christian Brauner
- [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later,
Dmitry Kasatkin
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Matthew Garrett
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Dmitry Kasatkin
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Mimi Zohar
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Vitaly Chikunov
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Ken Goldman
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Bruno Meneguele
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Roberto Sassu
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, George Wilson
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Tergel Myanganbayar
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, André Draszik
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Frank Sorenson
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Stephen Smalley
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Vivek Goyal
- [syzbot] [integrity?] [lsm?] KMSAN: uninit-value in ima_add_template_entry,
syzbot
- Re: [syzbot] [lsm?] [integrity?] KMSAN: uninit-value in ima_add_template_entry, syzbot
[PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure,
Roberto Sassu
- [PATCH v10 01/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 03/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 04/25] ima: Align ima_inode_removexattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 05/25] ima: Align ima_post_read_file() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 09/25] security: Align inode_setattr hook definition with EVM, Roberto Sassu
- [PATCH v10 10/25] security: Introduce inode_post_setattr hook, Roberto Sassu
- [PATCH v10 11/25] security: Introduce inode_post_removexattr hook, Roberto Sassu
- [PATCH v10 12/25] security: Introduce file_post_open hook, Roberto Sassu
- [PATCH v10 13/25] security: Introduce file_release hook, Roberto Sassu
- [PATCH v10 14/25] security: Introduce path_post_mknod hook, Roberto Sassu
- [PATCH v10 15/25] security: Introduce inode_post_create_tmpfile hook, Roberto Sassu
- [PATCH v10 16/25] security: Introduce inode_post_set_acl hook, Roberto Sassu
- [PATCH v10 18/25] security: Introduce key_post_create_or_update hook, Roberto Sassu
- [PATCH v10 19/25] integrity: Move integrity_kernel_module_request() to IMA, Roberto Sassu
- [PATCH v10 20/25] ima: Move to LSM infrastructure, Roberto Sassu
- [PATCH v10 02/25] ima: Align ima_file_mprotect() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 21/25] ima: Move IMA-Appraisal to LSM infrastructure, Roberto Sassu
- [PATCH v10 22/25] evm: Move to LSM infrastructure, Roberto Sassu
- [PATCH v10 23/25] evm: Make it independent from 'integrity' LSM, Roberto Sassu
- [PATCH v10 24/25] ima: Make it independent from 'integrity' LSM, Roberto Sassu
- [PATCH v10 25/25] integrity: Remove LSM, Roberto Sassu
- [PATCH v10 17/25] security: Introduce inode_post_remove_acl hook, Roberto Sassu
- Re: [PATCH v10 0/25] security: Move IMA and EVM to the LSM infrastructure, Paul Moore
- Re: [PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure, Eric Snowberg
[PATCH v8 00/15] x86: Trenchboot secure dynamic launch Linux kernel support,
Ross Philipson
- [PATCH v8 03/15] x86: Secure Launch Kconfig, Ross Philipson
- [PATCH v8 04/15] x86: Secure Launch Resource Table header file, Ross Philipson
- [PATCH v8 01/15] x86/boot: Place kernel_info at a fixed offset, Ross Philipson
- [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements, Ross Philipson
- [PATCH v8 05/15] x86: Secure Launch main header file, Ross Philipson
- [PATCH v8 14/15] x86: Secure Launch late initcall platform module, Ross Philipson
- [PATCH v8 08/15] x86: Secure Launch kernel late boot stub, Ross Philipson
- [PATCH v8 15/15] x86: EFI stub DRTM launch support for Secure Launch, Ross Philipson
- [PATCH v8 02/15] Documentation/x86: Secure Launch kernel documentation, Ross Philipson
- [PATCH v8 07/15] x86: Secure Launch kernel early boot stub, Ross Philipson
- [PATCH v8 09/15] x86: Secure Launch SMP bringup support, Ross Philipson
- [PATCH v8 10/15] kexec: Secure Launch kexec SEXIT support, Ross Philipson
- [PATCH v8 12/15] tpm: Add ability to set the preferred locality the TPM chip uses, Ross Philipson
- [PATCH v8 11/15] reboot: Secure Launch SEXIT support on reboot paths, Ross Philipson
- [PATCH v8 13/15] tpm: Add sysfs interface to allow setting and querying the preferred locality, Ross Philipson
[PATCH v5 0/8] ima: kexec: measure events between kexec load and execute,
Tushar Sugandhi
init_tis() takes 50 ms on Dell XPS 13 9360 – almost 10 % of whole time until initrd,
Paul Menzel
[RFC][PATCH 0/8] ima: Integrate with digest_cache LSM,
Roberto Sassu
[PATCH v7 00/21] add integrity and security to TPM2 transactions,
James Bottomley
- [PATCH v7 01/21] tpm: Remove unused tpm_buf_tag(), James Bottomley
- [PATCH v7 02/21] tpm: Remove tpm_send(), James Bottomley
- [PATCH v7 03/21] tpm: Move buffer handling from static inlines to real functions, James Bottomley
- [PATCH v7 04/21] tpm: Update struct tpm_buf documentation comments, James Bottomley
- [PATCH v7 05/21] tpm: Store the length of the tpm_buf data separately., James Bottomley
- [PATCH v7 06/21] tpm: TPM2B formatted buffers, James Bottomley
- [PATCH v7 07/21] tpm: Add tpm_buf_read_{u8,u16,u32}, James Bottomley
- [PATCH v7 08/21] KEYS: trusted: tpm2: Use struct tpm_buf for sized buffers, James Bottomley
- [PATCH v7 09/21] crypto: lib - implement library version of AES in CFB mode, James Bottomley
- [PATCH v7 10/21] tpm: add buffer function to point to returned parameters, James Bottomley
- [PATCH v7 11/21] tpm: export the context save and load commands, James Bottomley
- [PATCH v7 12/21] tpm: Add NULL primary creation, James Bottomley
- [PATCH v7 13/21] tpm: Add HMAC session start and end functions, James Bottomley
- [PATCH v7 14/21] tpm: Add HMAC session name/handle append, James Bottomley
- [PATCH v7 15/21] tpm: Add the rest of the session HMAC API, James Bottomley
- [PATCH v7 16/21] tpm: add hmac checks to tpm2_pcr_extend(), James Bottomley
- [PATCH v7 17/21] tpm: add session encryption protection to tpm2_get_random(), James Bottomley
- [PATCH v7 18/21] KEYS: trusted: Add session encryption protection to the seal/unseal path, James Bottomley
- [PATCH v7 19/21] tpm: add the null key name as a sysfs export, James Bottomley
- [PATCH v7 20/21] Documentation: add tpm-security.rst, James Bottomley
- [PATCH v7 21/21] tpm: disable the TPM if NULL name changes, James Bottomley
- Re: [PATCH v7 00/21] add integrity and security to TPM2 transactions, Jarkko Sakkinen
[PATCH v3 00/13] security: digest_cache LSM,
Roberto Sassu
- [PATCH v3 01/13] lib: Add TLV parser, Roberto Sassu
- [PATCH v3 02/13] security: Introduce the digest_cache LSM, Roberto Sassu
- [PATCH v3 03/13] digest_cache: Add securityfs interface, Roberto Sassu
- [PATCH v3 04/13] digest_cache: Add hash tables and operations, Roberto Sassu
- [PATCH v3 05/13] digest_cache: Populate the digest cache from a digest list, Roberto Sassu
- [PATCH v3 06/13] digest_cache: Parse tlv digest lists, Roberto Sassu
- [PATCH v3 07/13] digest_cache: Parse rpm digest lists, Roberto Sassu
- [PATCH v3 08/13] digest_cache: Add management of verification data, Roberto Sassu
- [PATCH v3 09/13] digest_cache: Add support for directories, Roberto Sassu
- [PATCH v3 10/13] digest cache: Prefetch digest lists if requested, Roberto Sassu
- [PATCH v3 11/13] digest_cache: Reset digest cache on file/directory change, Roberto Sassu
- [PATCH v3 12/13] selftests/digest_cache: Add selftests for digest_cache LSM, Roberto Sassu
- [PATCH v3 13/13] docs: Add documentation of the digest_cache LSM, Roberto Sassu
- Re: [PATCH v3 00/13] security: digest_cache LSM, Roberto Sassu
[PATCH v3 00/32] spi: get rid of some legacy macros,
Uwe Kleine-König
[PATCH v2 0/9] evm: Support signatures on stacked filesystem,
Stefan Berger
[PATCH v1 ima-evm-utils 0/6] Deprecate sign_hash and add provider support,
Stefan Berger
[ANNOUNCE] CFP: Linux Security Summit Europe 2024, Reshetova, Elena
[PATCH 0/2] Decomplicate file_dentry(),
Amir Goldstein
[PATCH] tpm,tpm_tis: Avoid warning splat at shutdown,
Lino Sanfilippo
[PATCH 1/3] tpm: protect against locality counter underflow,
Daniel P. Smith
[PATCH 3/3] tpm: make locality request return value consistent,
Daniel P. Smith
[PATCH v2 0/3] tpm: make locality handling resilient, Daniel P. Smith
[no subject], Daniel P. Smith
[PATCH 2/3] tpm: ensure tpm is in known state at startup,
Daniel P. Smith
[Index of Archives]
[Linux Kernel]
[Linux Kernel Hardening]
[Linux NFS]
[Linux NILFS]
[Linux USB Devel]
[Video for Linux]
[Linux SCSI]
[Yosemite Forum]
