Linux Integrity
[Prev Page][Next Page]
- Re: [PATCH 33/34] drivers: remove incorrect of_match_ptr/ACPI_PTR annotations, (continued)
- [PATCH v8 0/6] DCP as trusted keys backend,
David Gstir
- [GIT PULL] security changes for v6.9-rc3,
Roberto Sassu
- [PATCH v2] security: Handle dentries without inode in security_path_post_mknod(), Roberto Sassu
- [PATCH v4][next] integrity: Avoid -Wflex-array-member-not-at-end warnings, Gustavo A. R. Silva
- [PATCH 1/2] security: Handle dentries without inode in security_path_post_mknod(),
Roberto Sassu
- [PATCH v16 00/20] Integrity Policy Enforcement LSM (IPE),
Fan Wu
- [PATCH v16 03/20] ipe: add evaluation loop, Fan Wu
- [PATCH v16 01/20] security: add ipe lsm, Fan Wu
- [PATCH v16 04/20] ipe: add LSM hooks on execution and kernel read, Fan Wu
- [PATCH v16 02/20] ipe: add policy parser, Fan Wu
- [PATCH v16 05/20] initramfs|security: Add a security hook to do_populate_rootfs(), Fan Wu
- [PATCH v16 06/20] ipe: introduce 'boot_verified' as a trust provider, Fan Wu
- [PATCH v16 13/20] dm verity: consume root hash digest and signature data via LSM hook, Fan Wu
- [PATCH v16 08/20] ipe: add userspace interface, Fan Wu
- [PATCH v16 12/20] dm: add finalize hook to target_type, Fan Wu
- [PATCH v16 10/20] ipe: add permissive toggle, Fan Wu
- [PATCH v16 15/20] security: add security_inode_setintegrity() hook, Fan Wu
- [PATCH v16 11/20] block|security: add LSM blob to block_device, Fan Wu
- [PATCH v16 14/20] ipe: add support for dm-verity as a trust provider, Fan Wu
- [PATCH v16 17/20] ipe: enable support for fs-verity as a trust provider, Fan Wu
- [PATCH v16 07/20] security: add new securityfs delete function, Fan Wu
- [PATCH v16 19/20] ipe: kunit test for parser, Fan Wu
- [PATCH v16 16/20] fsverity: consume fsverity built-in signatures via LSM hook, Fan Wu
- [PATCH v16 18/20] scripts: add boot policy generation program, Fan Wu
- [PATCH v16 09/20] uapi|audit|ipe: add ipe auditing support, Fan Wu
- [PATCH v16 20/20] documentation: add ipe documentation, Fan Wu
- Re: [PATCH v16 00/20] Integrity Policy Enforcement LSM (IPE), Jarkko Sakkinen
- [PATCH] ima: define an init_module critical data record,
Mimi Zohar
- [PATCH v7 0/6] DCP as trusted keys backend,
David Gstir
- [GIT PULL] tpmdd changes for v6.9-rc2,
Jarkko Sakkinen
- RE: kernel crash in mknod,
Roberto Sassu
- Re: kernel crash in mknod, Paul Moore
[PATCH] ima: Fix use-after-free on a dentry's dname.name,
Stefan Berger
[PATCH v4] Documentation: tpm_tis,
Jarkko Sakkinen
[PATCH v3] Documentation: tpm_tis,
Jarkko Sakkinen
[PATCH v3][next] integrity: Avoid -Wflex-array-member-not-at-end warnings,
Gustavo A. R. Silva
[PATCH v2][next] integrity: Avoid -Wflex-array-member-not-at-end warnings, Gustavo A. R. Silva
[PATCH v2] Documentation: tpm_tis,
Jarkko Sakkinen
[PATCH v2] MAINTAINERS: Update URL's for KEYS/KEYRINGS_INTEGRITY and TPM DEVICE DRIVER, Jarkko Sakkinen
[ima-evm-utils: PATCH v2 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later,
Dmitry Kasatkin
[RFC PATCH v15 00/21] Integrity Policy Enforcement LSM (IPE),
Fan Wu
- [RFC PATCH v15 03/21] ipe: add evaluation loop, Fan Wu
- [RFC PATCH v15 04/21] ipe: add LSM hooks on execution and kernel read, Fan Wu
- [RFC PATCH v15 01/21] security: add ipe lsm, Fan Wu
- [RFC PATCH v15 02/21] ipe: add policy parser, Fan Wu
- [RFC PATCH v15 05/21] initramfs|security: Add a security hook to do_populate_rootfs(), Fan Wu
- [RFC PATCH v15 06/21] ipe: introduce 'boot_verified' as a trust provider, Fan Wu
- [RFC PATCH v15 07/21] security: add new securityfs delete function, Fan Wu
- [RFC PATCH v15 11/21] block|security: add LSM blob to block_device, Fan Wu
- [RFC PATCH v15 14/21] dm verity: consume root hash digest and signature data via LSM hook, Fan Wu
- [RFC PATCH v15 12/21] security: add security_bdev_setintegrity() hook, Fan Wu
- [RFC PATCH v15 18/21] ipe: enable support for fs-verity as a trust provider, Fan Wu
- [RFC PATCH v15 10/21] ipe: add permissive toggle, Fan Wu
- [RFC PATCH v15 17/21] fsverity: consume builtin signature via LSM hook, Fan Wu
- [RFC PATCH v15 15/21] ipe: add support for dm-verity as a trust provider, Fan Wu
- [RFC PATCH v15 16/21] security: add security_inode_setintegrity() hook, Fan Wu
- [RFC PATCH v15 08/21] ipe: add userspace interface, Fan Wu
- [RFC PATCH v15 13/21] dm: add finalize hook to target_type, Fan Wu
- [RFC PATCH v15 20/21] ipe: kunit test for parser, Fan Wu
- [RFC PATCH v15 19/21] scripts: add boot policy generation program, Fan Wu
- [RFC PATCH v15 09/21] uapi|audit|ipe: add ipe auditing support, Fan Wu
- [RFC PATCH v15 21/21] documentation: add ipe documentation, Fan Wu
[GIT PULL] tpmdd changes for v6.9,
Jarkko Sakkinen
[PATCH RFC 0/8] Clavis LSM,
Eric Snowberg
[RFC PATCH v2 0/3] Preserve TPM log across kexec,
Stefan Berger
[PATCH v4] ima: add crypto agility support for template-hash algorithm,
Enrico Bravi
[PATCH] evm: Change vfs_getxattr() with __vfs_getxattr() in evm_calc_hmac_or_hash(),
Roberto Sassu
[PATCH 0/1] Fix TPM chip hanging system before suspend/shutdown,
Adam Alves
[RFC PATCH v14 00/19] Integrity Policy Enforcement LSM (IPE),
Fan Wu
- [RFC PATCH v14 01/19] security: add ipe lsm, Fan Wu
- [RFC PATCH v14 04/19] ipe: add LSM hooks on execution and kernel read, Fan Wu
- [RFC PATCH v14 03/19] ipe: add evaluation loop, Fan Wu
- [RFC PATCH v14 02/19] ipe: add policy parser, Fan Wu
- [RFC PATCH v14 05/19] initramfs|security: Add a security hook to do_populate_rootfs(), Fan Wu
- [RFC PATCH v14 07/19] security: add new securityfs delete function, Fan Wu
- [RFC PATCH v14 10/19] ipe: add permissive toggle, Fan Wu
- [RFC PATCH v14 06/19] ipe: introduce 'boot_verified' as a trust provider, Fan Wu
- [RFC PATCH v14 12/19] dm: add finalize hook to target_type, Fan Wu
- [RFC PATCH v14 09/19] uapi|audit|ipe: add ipe auditing support, Fan Wu
- [RFC PATCH v14 13/19] dm verity: consume root hash digest and signature data via LSM hook, Fan Wu
- [RFC PATCH v14 15/19] fsverity: consume builtin signature via LSM hook, Fan Wu
- [RFC PATCH v14 18/19] ipe: kunit test for parser, Fan Wu
- [RFC PATCH v14 14/19] ipe: add support for dm-verity as a trust provider, Fan Wu
- [RFC PATCH v14 11/19] block|security: add LSM blob to block_device, Fan Wu
- [RFC PATCH v14 08/19] ipe: add userspace interface, Fan Wu
- [RFC PATCH v14 17/19] scripts: add boot policy generation program, Fan Wu
- [RFC PATCH v14 16/19] ipe: enable support for fs-verity as a trust provider, Fan Wu
- [RFC PATCH v14 19/19] documentation: add ipe documentation, Fan Wu
- Re: [RFC PATCH v14 00/19] Integrity Policy Enforcement LSM (IPE), Paul Moore
[PATCH] Fix TPM chip hanging system before suspend/shutdown,
Adam Alves
[PATCH 0/2] Preserve TPM log across kexec,
Stefan Berger
Issue with TPM2 Encrypt/Decrypt Functionality and TSS API Integration,
Samuel Lee
[PATCH] xattr: restrict vfs_getxattr_alloc() allocation size,
Christian Brauner
[GIT PULL] integrity: subsystem update for v6.8-rcX,
Mimi Zohar
[PATCH] Documentation: tpm_tis,
Jarkko Sakkinen
[PATCH v2] MAINTAINERS: Update W's for KEYS/KEYRINGS_INTEGRITY and TPM DEVICE DRIVER, Jarkko Sakkinen
[PATCH][next] integrity: Avoid -Wflex-array-member-not-at-end warnings,
Gustavo A. R. Silva
[ima-evm-utils PATCH] Add missing newline to error message, Stefan Berger
[RFC PATCH v13 00/20] Integrity Policy Enforcement LSM (IPE),
Fan Wu
- [RFC PATCH v13 03/20] ipe: add evaluation loop, Fan Wu
- [RFC PATCH v13 02/20] ipe: add policy parser, Fan Wu
- [RFC PATCH v13 04/20] ipe: add LSM hooks on execution and kernel read, Fan Wu
- [RFC PATCH v13 01/20] security: add ipe lsm, Fan Wu
- [RFC PATCH v13 05/20] initramfs|security: Add a security hook to do_populate_rootfs(), Fan Wu
- [RFC PATCH v13 06/20] ipe: introduce 'boot_verified' as a trust provider, Fan Wu
- [RFC PATCH v13 07/20] security: add new securityfs delete function, Fan Wu
- [RFC PATCH v13 10/20] ipe: add permissive toggle, Fan Wu
- [RFC PATCH v13 14/20] dm verity: consume root hash digest and signature data via LSM hook, Fan Wu
- [RFC PATCH v13 13/20] dm: add finalize hook to target_type, Fan Wu
- [RFC PATCH v13 11/20] block|security: add LSM blob to block_device, Fan Wu
- [RFC PATCH v13 12/20] dm verity: set DM_TARGET_SINGLETON feature flag, Fan Wu
- [RFC PATCH v13 16/20] fsverity: consume builtin signature via LSM hook, Fan Wu
- [RFC PATCH v13 08/20] ipe: add userspace interface, Fan Wu
- [RFC PATCH v13 18/20] scripts: add boot policy generation program, Fan Wu
- [RFC PATCH v13 19/20] ipe: kunit test for parser, Fan Wu
- [RFC PATCH v13 09/20] uapi|audit|ipe: add ipe auditing support, Fan Wu
- [RFC PATCH v13 15/20] ipe: add support for dm-verity as a trust provider, Fan Wu
- [RFC PATCH v13 17/20] ipe: enable support for fs-verity as a trust provider, Fan Wu
- [RFC PATCH v13 20/20] documentation: add ipe documentation, Fan Wu
TPM error path on probe,
Tim Harvey
[PATCH v4 ima-evm-utils 0/7] Implement imaevm_signhash and add provider support,
Stefan Berger
[PATCH v3 ima-evm-utils 0/7] Deprecate sign_hash and add provider support,
Stefan Berger
[PATCH] MAINTAINERS: Update W's for KEYS/KEYRINGS_INTEGRITY and TPM DEVICE RIVER,
Jarkko Sakkinen
[PATCH v3 00/10] evm: Support signatures on stacked filesystem,
Stefan Berger
- [PATCH v3 07/10] ima: re-evaluate file integrity on file metadata change, Stefan Berger
- [PATCH v3 04/10] evm: Use the metadata inode to calculate metadata hash, Stefan Berger
- [PATCH v3 01/10] ima: Rename backing_inode to real_inode, Stefan Berger
- [PATCH v3 06/10] evm: Store and detect metadata inode attributes changes, Stefan Berger
- [PATCH v3 05/10] ima: Move file-change detection variables into new structure, Stefan Berger
- [PATCH v3 08/10] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509, Stefan Berger
- [PATCH v3 02/10] security: allow finer granularity in permitting copy-up of security xattrs, Stefan Berger
- [PATCH v3 03/10] evm: Implement per signature type decision in security_inode_copy_up_xattr, Stefan Berger
- [PATCH v3 09/10] fs: Rename SB_I_EVM_UNSUPPORTED to SB_I_EVM_HMAC_UNSUPPORTED, Stefan Berger
- [PATCH v3 10/10] evm: Rename is_unsupported_fs to is_unsupported_hmac_fs, Stefan Berger
- Re: [PATCH v3 00/10] evm: Support signatures on stacked filesystem, Mimi Zohar
[PATCH v2 ima-evm-utils 0/6] Deprecate sign_hash and add provider support,
Stefan Berger
[PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities,
Seth Forshee (DigitalOcean)
- [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h, Seth Forshee (DigitalOcean)
- [PATCH v2 04/25] capability: rename cpu_vfs_cap_data to vfs_caps, Seth Forshee (DigitalOcean)
- [PATCH v2 02/25] mnt_idmapping: include cred.h, Seth Forshee (DigitalOcean)
- [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data, Seth Forshee (DigitalOcean)
- [PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids, Seth Forshee (DigitalOcean)
- [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
- [PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace, Seth Forshee (DigitalOcean)
- [PATCH v2 08/25] xattr: add is_fscaps_xattr() helper, Seth Forshee (DigitalOcean)
- [PATCH v2 12/25] selinux: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
- [PATCH v2 13/25] smack: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
- [PATCH v2 10/25] xattr: use is_fscaps_xattr(), Seth Forshee (DigitalOcean)
- [PATCH v2 14/25] evm: add support for fscaps security hooks, Seth Forshee (DigitalOcean)
- [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Seth Forshee (DigitalOcean)
- [PATCH v2 09/25] commoncap: use is_fscaps_xattr(), Seth Forshee (DigitalOcean)
- [PATCH v2 22/25] fs: use vfs interfaces for capabilities xattrs, Seth Forshee (DigitalOcean)
- [PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps, Seth Forshee (DigitalOcean)
- [PATCH v2 17/25] fs: add vfs_get_fscaps(), Seth Forshee (DigitalOcean)
- [PATCH v2 20/25] ovl: add fscaps handlers, Seth Forshee (DigitalOcean)
- [PATCH v2 18/25] fs: add vfs_set_fscaps(), Seth Forshee (DigitalOcean)
- [PATCH v2 19/25] fs: add vfs_remove_fscaps(), Seth Forshee (DigitalOcean)
- [PATCH v2 21/25] ovl: use vfs_{get,set}_fscaps() for copy-up, Seth Forshee (DigitalOcean)
- [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks, Seth Forshee (DigitalOcean)
- [PATCH v2 23/25] commoncap: remove cap_inode_getsecurity(), Seth Forshee (DigitalOcean)
- [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
- [PATCH v2 25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr(), Seth Forshee (DigitalOcean)
- Re: [PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities, Christian Brauner
[ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later,
Dmitry Kasatkin
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Matthew Garrett
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Dmitry Kasatkin
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Mimi Zohar
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Vitaly Chikunov
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Ken Goldman
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Bruno Meneguele
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Roberto Sassu
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, George Wilson
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Tergel Myanganbayar
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, André Draszik
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Frank Sorenson
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Stephen Smalley
- Re: [ima-evm-utils: PATCH v1 1/1] Change license to LGPL-2.0-or-later and GPL-2.0-or-later, Vivek Goyal
[syzbot] [integrity?] [lsm?] KMSAN: uninit-value in ima_add_template_entry,
syzbot
Re: [syzbot] [lsm?] [integrity?] KMSAN: uninit-value in ima_add_template_entry, syzbot
[PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure,
Roberto Sassu
- [PATCH v10 01/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 03/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 04/25] ima: Align ima_inode_removexattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 05/25] ima: Align ima_post_read_file() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 09/25] security: Align inode_setattr hook definition with EVM, Roberto Sassu
- [PATCH v10 10/25] security: Introduce inode_post_setattr hook, Roberto Sassu
- [PATCH v10 11/25] security: Introduce inode_post_removexattr hook, Roberto Sassu
- [PATCH v10 12/25] security: Introduce file_post_open hook, Roberto Sassu
- [PATCH v10 13/25] security: Introduce file_release hook, Roberto Sassu
- [PATCH v10 14/25] security: Introduce path_post_mknod hook, Roberto Sassu
- [PATCH v10 15/25] security: Introduce inode_post_create_tmpfile hook, Roberto Sassu
- [PATCH v10 16/25] security: Introduce inode_post_set_acl hook, Roberto Sassu
- [PATCH v10 18/25] security: Introduce key_post_create_or_update hook, Roberto Sassu
- [PATCH v10 19/25] integrity: Move integrity_kernel_module_request() to IMA, Roberto Sassu
- [PATCH v10 20/25] ima: Move to LSM infrastructure, Roberto Sassu
- [PATCH v10 02/25] ima: Align ima_file_mprotect() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 21/25] ima: Move IMA-Appraisal to LSM infrastructure, Roberto Sassu
- [PATCH v10 22/25] evm: Move to LSM infrastructure, Roberto Sassu
- [PATCH v10 23/25] evm: Make it independent from 'integrity' LSM, Roberto Sassu
- [PATCH v10 24/25] ima: Make it independent from 'integrity' LSM, Roberto Sassu
- [PATCH v10 25/25] integrity: Remove LSM, Roberto Sassu
- [PATCH v10 17/25] security: Introduce inode_post_remove_acl hook, Roberto Sassu
- Re: [PATCH v10 0/25] security: Move IMA and EVM to the LSM infrastructure, Paul Moore
- Re: [PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure, Eric Snowberg
[PATCH v8 00/15] x86: Trenchboot secure dynamic launch Linux kernel support,
Ross Philipson
- [PATCH v8 03/15] x86: Secure Launch Kconfig, Ross Philipson
- [PATCH v8 04/15] x86: Secure Launch Resource Table header file, Ross Philipson
- [PATCH v8 01/15] x86/boot: Place kernel_info at a fixed offset, Ross Philipson
- [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements, Ross Philipson
- [PATCH v8 05/15] x86: Secure Launch main header file, Ross Philipson
- [PATCH v8 14/15] x86: Secure Launch late initcall platform module, Ross Philipson
- [PATCH v8 08/15] x86: Secure Launch kernel late boot stub, Ross Philipson
- [PATCH v8 15/15] x86: EFI stub DRTM launch support for Secure Launch, Ross Philipson
- [PATCH v8 02/15] Documentation/x86: Secure Launch kernel documentation, Ross Philipson
- [PATCH v8 07/15] x86: Secure Launch kernel early boot stub, Ross Philipson
- [PATCH v8 09/15] x86: Secure Launch SMP bringup support, Ross Philipson
- [PATCH v8 10/15] kexec: Secure Launch kexec SEXIT support, Ross Philipson
- [PATCH v8 12/15] tpm: Add ability to set the preferred locality the TPM chip uses, Ross Philipson
- [PATCH v8 11/15] reboot: Secure Launch SEXIT support on reboot paths, Ross Philipson
- [PATCH v8 13/15] tpm: Add sysfs interface to allow setting and querying the preferred locality, Ross Philipson
[PATCH v5 0/8] ima: kexec: measure events between kexec load and execute,
Tushar Sugandhi
[Index of Archives]
[Linux Kernel]
[Linux Kernel Hardening]
[Linux NFS]
[Linux NILFS]
[Linux USB Devel]
[Video for Linux]
[Linux SCSI]
[Yosemite Forum]
