Show patches with: Submitter = Eric Snowberg       |   233 patches
« 1 2 3 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,v3,13/13] clavis: Kunit support Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,12/13] clavis: Add function redirection for Kunit support Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,11/13] clavis: Prevent boot param change during kexec Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,10/13] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,09/13] clavis: Allow user to define acl at build time Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,08/13] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,07/13] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,06/13] clavis: Populate clavis keyring acl with kernel module signature Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,05/13] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,04/13] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,03/13] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,02/13] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v3,01/13] certs: Remove CONFIG_INTEGRITY_PLATFORM_KEYRING check Clavis LSM - - - --- 2024-10-17 Eric Snowberg pcmoore New
[RFC,v2,8/8] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,7/8] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,6/8] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,5/8] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,4/8] clavis: Prevent clavis boot param from changing during kexec Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,3/8] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,2/8] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,v2,1/8] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-05-31 Eric Snowberg pcmoore Superseded
[RFC,8/8] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore Changes Requested
[RFC,7/8] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore Changes Requested
[RFC,6/8] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore Changes Requested
[RFC,5/8] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore Changes Requested
[RFC,4/8] clavis: Prevent clavis boot param from changing during kexec Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore Changes Requested
[RFC,3/8] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore Changes Requested
[RFC,2/8] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore Changes Requested
[RFC,1/8] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore Changes Requested
[v2,2/2] ima: Remove EXPERIMENTAL from Kconfig ima: IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY cleanup 1 1 - --- 2023-11-06 Eric Snowberg Handled Elsewhere
[v2,1/2] ima: Reword IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY ima: IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY cleanup - - - --- 2023-11-06 Eric Snowberg Handled Elsewhere
[2/2] ima: Remove EXPERIMENTAL from IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY ima: IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY cleanup 1 1 - --- 2023-11-02 Eric Snowberg Handled Elsewhere
[1/2] ima: Add machine keyring reference to IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY ima: IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY cleanup - - - --- 2023-11-02 Eric Snowberg Handled Elsewhere
[v4] integrity: Always reference the blacklist keyring with appraisal [v4] integrity: Always reference the blacklist keyring with appraisal - 1 - --- 2023-07-26 Eric Snowberg Handled Elsewhere
[v3] integrity: Always reference the blacklist keyring with apprasial [v3] integrity: Always reference the blacklist keyring with apprasial - - - --- 2023-07-14 Eric Snowberg Handled Elsewhere
[v2] integrity: Always reference the blacklist keyring with apprasial [v2] integrity: Always reference the blacklist keyring with apprasial - - - --- 2023-07-05 Eric Snowberg Handled Elsewhere
integrity: Always reference the blacklist keyring with apprasial integrity: Always reference the blacklist keyring with apprasial - - - --- 2023-06-30 Eric Snowberg Handled Elsewhere
[v2,3/3] integrity: Remove EXPERIMENTAL from Kconfig Add digitalSignature enforcement keyring restrictions 1 1 - --- 2023-05-22 Eric Snowberg pcmoore Handled Elsewhere
[v2,2/3] integrity: Enforce digitalSignature usage in the ima and evm keyrings Add digitalSignature enforcement keyring restrictions 1 - - --- 2023-05-22 Eric Snowberg pcmoore Handled Elsewhere
[v2,1/3] KEYS: DigitalSignature link restriction Add digitalSignature enforcement keyring restrictions - 1 - --- 2023-05-22 Eric Snowberg pcmoore Handled Elsewhere
[3/3] integrity: Remove EXPERIMENTAL from Kconfig Add digitalSignature enforcement keyring restrictions 1 1 - --- 2023-05-08 Eric Snowberg Handled Elsewhere
[2/3] integrity: Enforce digitalSignature usage in the ima and evm keyrings Add digitalSignature enforcement keyring restrictions 1 - - --- 2023-05-08 Eric Snowberg Handled Elsewhere
[1/3] KEYS: DigitalSignature link restriction Add digitalSignature enforcement keyring restrictions - 1 - --- 2023-05-08 Eric Snowberg Handled Elsewhere
[v6,6/6] integrity: machine keyring CA configuration Add CA enforcement keyring restrictions 1 - - --- 2023-03-22 Eric Snowberg pcmoore Handled Elsewhere
[v6,5/6] KEYS: CA link restriction Add CA enforcement keyring restrictions - 1 - --- 2023-03-22 Eric Snowberg pcmoore Handled Elsewhere
[v6,4/6] KEYS: X.509: Parse Key Usage Add CA enforcement keyring restrictions - 2 - --- 2023-03-22 Eric Snowberg pcmoore Handled Elsewhere
[v6,3/6] KEYS: X.509: Parse Basic Constraints for CA Add CA enforcement keyring restrictions - 2 - --- 2023-03-22 Eric Snowberg pcmoore Handled Elsewhere
[v6,2/6] KEYS: Add missing function documentation Add CA enforcement keyring restrictions - 3 - --- 2023-03-22 Eric Snowberg pcmoore Handled Elsewhere
[v6,1/6] KEYS: Create static version of public_key_verify_signature Add CA enforcement keyring restrictions - 3 - --- 2023-03-22 Eric Snowberg pcmoore Handled Elsewhere
[v5,6/6] integrity: machine keyring CA configuration Add CA enforcement keyring restrictions 1 - - --- 2023-03-02 Eric Snowberg Handled Elsewhere
[v5,5/6] KEYS: CA link restriction Add CA enforcement keyring restrictions - 1 - --- 2023-03-02 Eric Snowberg Handled Elsewhere
[v5,4/6] KEYS: X.509: Parse Key Usage Add CA enforcement keyring restrictions - 2 - --- 2023-03-02 Eric Snowberg Handled Elsewhere
[v5,3/6] KEYS: X.509: Parse Basic Constraints for CA Add CA enforcement keyring restrictions - 2 - --- 2023-03-02 Eric Snowberg Handled Elsewhere
[v5,2/6] KEYS: Add missing function documentation Add CA enforcement keyring restrictions - 4 - --- 2023-03-02 Eric Snowberg Handled Elsewhere
[v5,1/6] KEYS: Create static version of public_key_verify_signature Add CA enforcement keyring restrictions - 3 - --- 2023-03-02 Eric Snowberg Handled Elsewhere
[v4,6/6] integrity: machine keyring CA configuration Add CA enforcement keyring restrictions - - - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v4,5/6] KEYS: CA link restriction Add CA enforcement keyring restrictions - 1 - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v4,4/6] KEYS: X.509: Parse Key Usage Add CA enforcement keyring restrictions - 1 - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v4,3/6] KEYS: X.509: Parse Basic Constraints for CA Add CA enforcement keyring restrictions - 2 - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v4,2/6] KEYS: Add missing function documentation Add CA enforcement keyring restrictions - 3 - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v4,1/6] KEYS: Create static version of public_key_verify_signature Add CA enforcement keyring restrictions - 2 - --- 2023-02-07 Eric Snowberg Handled Elsewhere
[v3,10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg Handled Elsewhere
[v3,09/10] KEYS: CA link restriction Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg Handled Elsewhere
[v3,08/10] integrity: Use root of trust signature restriction Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg Handled Elsewhere
[v3,07/10] KEYS: X.509: Flag Intermediate CA certs as endorsed Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg Handled Elsewhere
[v3,06/10] KEYS: Introduce keyring restriction that validates ca trust Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg Handled Elsewhere
[v3,05/10] KEYS: Introduce a CA endorsed flag Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg Handled Elsewhere
[v3,04/10] KEYS: X.509: Parse Key Usage Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg Handled Elsewhere
[v3,03/10] KEYS: X.509: Parse Basic Constraints for CA Add CA enforcement keyring restrictions - - - --- 2022-12-14 Eric Snowberg Handled Elsewhere
[v3,02/10] KEYS: Add missing function documentation Add CA enforcement keyring restrictions - 1 - --- 2022-12-14 Eric Snowberg Handled Elsewhere
[v3,01/10] KEYS: Create static version of public_key_verify_signature Add CA enforcement keyring restrictions - 2 - --- 2022-12-14 Eric Snowberg Handled Elsewhere
[v2,10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg Handled Elsewhere
[v2,09/10] KEYS: CA link restriction Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg Handled Elsewhere
[v2,08/10] integrity: Use root of trust signature restriction Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg Handled Elsewhere
[v2,07/10] KEYS: X.509: Flag Intermediate CA certs as endorsed Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg Handled Elsewhere
[v2,06/10] KEYS: Introduce keyring restriction that validates ca trust Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg Handled Elsewhere
[v2,05/10] KEYS: Introduce a CA endorsed flag Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg Handled Elsewhere
[v2,04/10] KEYS: X.509: Parse Key Usage Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg Handled Elsewhere
[v2,03/10] KEYS: X.509: Parse Basic Constraints for CA Add CA enforcement keyring restrictions - - - --- 2022-12-07 Eric Snowberg Handled Elsewhere
[v2,02/10] KEYS: Add missing function documentation Add CA enforcement keyring restrictions - 1 - --- 2022-12-07 Eric Snowberg Handled Elsewhere
[v2,01/10] KEYS: Create static version of public_key_verify_signature Add CA enforcement keyring restrictions - 2 - --- 2022-12-07 Eric Snowberg Handled Elsewhere
[v2,1/1] lockdown: Fix kexec lockdown bypass with ima policy lockdown: Fix kexec lockdown bypass with ima policy 1 1 - --- 2022-07-20 Eric Snowberg Handled Elsewhere
lockdown: Fix kexec lockdown bypass with ima policy lockdown: Fix kexec lockdown bypass with ima policy 1 1 - --- 2022-07-19 Eric Snowberg Handled Elsewhere
integrity: Allow ima_appraise bootparam to be set when SB is enabled integrity: Allow ima_appraise bootparam to be set when SB is enabled - - - --- 2022-04-25 Eric Snowberg New
[7/7] integrity: Use root of trust signature restriction Add CA enforcement keyring restrictions - - - --- 2022-04-06 Eric Snowberg New
[6/7] KEYS: X.509: Flag Intermediate CA certs as built in Add CA enforcement keyring restrictions - - - --- 2022-04-06 Eric Snowberg New
[5/7] KEYS: Introduce sig restriction that validates root of trust Add CA enforcement keyring restrictions - - - --- 2022-04-06 Eric Snowberg New
[4/7] KEYS: Introduce a builtin root of trust key flag Add CA enforcement keyring restrictions - - - --- 2022-04-06 Eric Snowberg New
[3/7] KEYS: X.509: Parse Key Usage Add CA enforcement keyring restrictions - - - --- 2022-04-06 Eric Snowberg New
[2/7] KEYS: X.509: Parse Basic Constraints for CA Add CA enforcement keyring restrictions - - - --- 2022-04-06 Eric Snowberg New
[1/7] KEYS: Create static version of public_key_verify_signature Add CA enforcement keyring restrictions - 1 - --- 2022-04-06 Eric Snowberg New
[4/4] integrity: CA enforcement in machine keyring Add CA enforcement in the machine keyring - - - --- 2022-03-01 Eric Snowberg New
[3/4] KEYS: CA link restriction Add CA enforcement in the machine keyring - - - --- 2022-03-01 Eric Snowberg New
[2/4] X.509: Parse Basic Constraints for CA Add CA enforcement in the machine keyring - - - --- 2022-03-01 Eric Snowberg New
[1/4] KEYS: Create static version of public_key_verify_signature Add CA enforcement in the machine keyring - 1 - --- 2022-03-01 Eric Snowberg New
[v10,8/8] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true Enroll kernel keys thru MOK - 1 - --- 2022-01-26 Eric Snowberg New
[v10,7/8] integrity: Trust MOK keys if MokListTrustedRT found Enroll kernel keys thru MOK - 1 - --- 2022-01-26 Eric Snowberg New
[v10,6/8] efi/mokvar: move up init order Enroll kernel keys thru MOK - 1 - --- 2022-01-26 Eric Snowberg New
[v10,5/8] KEYS: Introduce link restriction for machine keys Enroll kernel keys thru MOK - 1 1 --- 2022-01-26 Eric Snowberg New
[v10,4/8] KEYS: store reference to machine keyring Enroll kernel keys thru MOK - 1 1 --- 2022-01-26 Eric Snowberg New
« 1 2 3 »