Toggle navigation
Patchwork
Security modules development
Patches
Bundles
About this project
Login
Register
Mail settings
Show patches with
: Submitter =
Eric Snowberg
| 233 patches
Series
Submitter
State
any
Action Required
New
Under Review
Accepted
Rejected
RFC
Not Applicable
Changes Requested
Awaiting Upstream
Superseded
Deferred
Mainlined
Queued
Needs ACK
Handled Elsewhere
In Next
Search
Archived
No
Yes
Both
Delegate
------
Nobody
holtmann
holtmann
holtmann
agk
mchehab
mchehab
gregkh
gregkh
mtosatti
lethal
lethal
avi
cvaroqui
jbrassow
mikulas
dtor
bmarzins
tmlind
jmberg
jmberg
mcgrof
mcgrof
mcgrof
lenb
lenb
kyle
felipebalbi
varenet
helge
helge
khilman
khilman
khilman
khilman
jwoithe
mlin
Zhang Rui
Zhang Rui
iksaif
cjackiewicz
hmh
jbarnes
jbarnes
jbarnes
willy
snitzer
iwamatsu
dougsland
mjg59
rafael
rafael
rafael
ericvh@gmail.com
ykzhao
venkip
sandeen
pwsan
lucho@ionkov.net
rminnich
anholt
aystarik
roland
shefty
mason
glikely
krh
djbw
djbw
djbw
cmarinas
doyu
jrn
sage
tomba
mmarek
cjb
trondmy
jikos
bcousson
jic23
olof
olof
olof
nsekhar
weiny2
horms
horms
bwidawsk
bwidawsk
shemminger
eulfhan
josef
josef
josef
dianders
jpan9
hal
kdave
bleung
evalenti
jlbec
wsa
bhelgaas
vkoul
vkoul
szlin
davejiang
markgross
tagr
tiwai
vireshk
mmind
dledford
geert
geert
herbert
herbert
kvalo
kvalo
kvalo
bentiss
arend
rzwisler
stellarhopper
stellarhopper
jejb
matthias_bgg
dvhart
axboe
axboe
pcmoore
pcmoore
pcmoore
mkp
mkp
stefan_schmidt
leon
lucvoo
jsakkine
jsakkine
jsakkine
bamse
bamse
demarchi
krzk
groeck
groeck
sboyd
sboyd
mturquette
mturquette
0andriy
carlocaione
luca
dgc
kbingham
derosier
narmstrong
narmstrong
atull
tytso
tytso
djwong
bvanassche
omos
jpirko
jpirko
GustavoARSilva
pkshih
patersonc
brauner
shuahkh
shuahkh
shuahkh
palmer
palmer
jgg
Kishon
idosch
labbott
jsimmons
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
broonie
broonie
broonie
mricon
mricon
mricon
kees
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
arnd
linusw
perfinion
bbrezillon
bachradsusi
rostedt
rostedt
kholk
nbd
ebiggers
ebiggers
pavelm
sds
m0reeze
ganis
jwcart2
matttbe
andmur01
lorpie01
chanwoochoi
dlezcano
jhedberg
vudentz
robertfoss
bgix
tedd_an
tsbogend
wens
wcrobert
robher
kstewart
kwilczynski
hansg
bpf
netdev
dsa
ethtool
netdrv
martineau
abelloni
trix
pabeni
mani_sadhasivam
mlimonci
liusong6
mjp
tohojo
pmalani
prestwoj
prestwoj
dhowells
tzungbi
conchuod
paulmck
jes
mtkaczyk
colyli
cem
pateldipen1984
iweiny
iweiny
bjorn
mhiramat
JanKiszka
jaegeuk
mraynal
aring
konradybcio
ij
Hailan
jstitt007
denkenz
denkenz
mkorenbl
jjohnson
frank_li
geliang
mdraidci
mdraidci
peluse
joelgranados
Apply
«
1
2
3
»
Patch
Series
A/R/T
S/W/F
Date
Submitter
Delegate
State
[RFC,v3,13/13] clavis: Kunit support
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,12/13] clavis: Add function redirection for Kunit support
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,11/13] clavis: Prevent boot param change during kexec
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,10/13] efi: Make clavis boot param persist across kexec
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,09/13] clavis: Allow user to define acl at build time
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,08/13] clavis: Introduce new LSM called clavis
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,07/13] keys: Add ability to track intended usage of the public key
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,06/13] clavis: Populate clavis keyring acl with kernel module signature
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,05/13] clavis: Introduce a new key type called clavis_key_acl
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,04/13] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE)
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,03/13] clavis: Introduce a new system keyring called clavis
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,02/13] certs: Introduce ability to link to a system key
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v3,01/13] certs: Remove CONFIG_INTEGRITY_PLATFORM_KEYRING check
Clavis LSM
- - -
-
-
-
2024-10-17
Eric Snowberg
pcmoore
New
[RFC,v2,8/8] clavis: Introduce new LSM called clavis
Clavis LSM
- - -
-
-
-
2024-05-31
Eric Snowberg
pcmoore
Superseded
[RFC,v2,7/8] clavis: Introduce a new key type called clavis_key_acl
Clavis LSM
- - -
-
-
-
2024-05-31
Eric Snowberg
pcmoore
Superseded
[RFC,v2,6/8] keys: Add ability to track intended usage of the public key
Clavis LSM
- - -
-
-
-
2024-05-31
Eric Snowberg
pcmoore
Superseded
[RFC,v2,5/8] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE)
Clavis LSM
- - -
-
-
-
2024-05-31
Eric Snowberg
pcmoore
Superseded
[RFC,v2,4/8] clavis: Prevent clavis boot param from changing during kexec
Clavis LSM
- - -
-
-
-
2024-05-31
Eric Snowberg
pcmoore
Superseded
[RFC,v2,3/8] efi: Make clavis boot param persist across kexec
Clavis LSM
- - -
-
-
-
2024-05-31
Eric Snowberg
pcmoore
Superseded
[RFC,v2,2/8] clavis: Introduce a new system keyring called clavis
Clavis LSM
- - -
-
-
-
2024-05-31
Eric Snowberg
pcmoore
Superseded
[RFC,v2,1/8] certs: Introduce ability to link to a system key
Clavis LSM
- - -
-
-
-
2024-05-31
Eric Snowberg
pcmoore
Superseded
[RFC,8/8] clavis: Introduce new LSM called clavis
Clavis LSM
- - -
-
-
-
2024-03-11
Eric Snowberg
pcmoore
Changes Requested
[RFC,7/8] clavis: Introduce a new key type called clavis_key_acl
Clavis LSM
- - -
-
-
-
2024-03-11
Eric Snowberg
pcmoore
Changes Requested
[RFC,6/8] keys: Add ability to track intended usage of the public key
Clavis LSM
- - -
-
-
-
2024-03-11
Eric Snowberg
pcmoore
Changes Requested
[RFC,5/8] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE)
Clavis LSM
- - -
-
-
-
2024-03-11
Eric Snowberg
pcmoore
Changes Requested
[RFC,4/8] clavis: Prevent clavis boot param from changing during kexec
Clavis LSM
- - -
-
-
-
2024-03-11
Eric Snowberg
pcmoore
Changes Requested
[RFC,3/8] efi: Make clavis boot param persist across kexec
Clavis LSM
- - -
-
-
-
2024-03-11
Eric Snowberg
pcmoore
Changes Requested
[RFC,2/8] clavis: Introduce a new system keyring called clavis
Clavis LSM
- - -
-
-
-
2024-03-11
Eric Snowberg
pcmoore
Changes Requested
[RFC,1/8] certs: Introduce ability to link to a system key
Clavis LSM
- - -
-
-
-
2024-03-11
Eric Snowberg
pcmoore
Changes Requested
[v2,2/2] ima: Remove EXPERIMENTAL from Kconfig
ima: IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY cleanup
1 1 -
-
-
-
2023-11-06
Eric Snowberg
Handled Elsewhere
[v2,1/2] ima: Reword IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY
ima: IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY cleanup
- - -
-
-
-
2023-11-06
Eric Snowberg
Handled Elsewhere
[2/2] ima: Remove EXPERIMENTAL from IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY
ima: IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY cleanup
1 1 -
-
-
-
2023-11-02
Eric Snowberg
Handled Elsewhere
[1/2] ima: Add machine keyring reference to IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY
ima: IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY cleanup
- - -
-
-
-
2023-11-02
Eric Snowberg
Handled Elsewhere
[v4] integrity: Always reference the blacklist keyring with appraisal
[v4] integrity: Always reference the blacklist keyring with appraisal
- 1 -
-
-
-
2023-07-26
Eric Snowberg
Handled Elsewhere
[v3] integrity: Always reference the blacklist keyring with apprasial
[v3] integrity: Always reference the blacklist keyring with apprasial
- - -
-
-
-
2023-07-14
Eric Snowberg
Handled Elsewhere
[v2] integrity: Always reference the blacklist keyring with apprasial
[v2] integrity: Always reference the blacklist keyring with apprasial
- - -
-
-
-
2023-07-05
Eric Snowberg
Handled Elsewhere
integrity: Always reference the blacklist keyring with apprasial
integrity: Always reference the blacklist keyring with apprasial
- - -
-
-
-
2023-06-30
Eric Snowberg
Handled Elsewhere
[v2,3/3] integrity: Remove EXPERIMENTAL from Kconfig
Add digitalSignature enforcement keyring restrictions
1 1 -
-
-
-
2023-05-22
Eric Snowberg
pcmoore
Handled Elsewhere
[v2,2/3] integrity: Enforce digitalSignature usage in the ima and evm keyrings
Add digitalSignature enforcement keyring restrictions
1 - -
-
-
-
2023-05-22
Eric Snowberg
pcmoore
Handled Elsewhere
[v2,1/3] KEYS: DigitalSignature link restriction
Add digitalSignature enforcement keyring restrictions
- 1 -
-
-
-
2023-05-22
Eric Snowberg
pcmoore
Handled Elsewhere
[3/3] integrity: Remove EXPERIMENTAL from Kconfig
Add digitalSignature enforcement keyring restrictions
1 1 -
-
-
-
2023-05-08
Eric Snowberg
Handled Elsewhere
[2/3] integrity: Enforce digitalSignature usage in the ima and evm keyrings
Add digitalSignature enforcement keyring restrictions
1 - -
-
-
-
2023-05-08
Eric Snowberg
Handled Elsewhere
[1/3] KEYS: DigitalSignature link restriction
Add digitalSignature enforcement keyring restrictions
- 1 -
-
-
-
2023-05-08
Eric Snowberg
Handled Elsewhere
[v6,6/6] integrity: machine keyring CA configuration
Add CA enforcement keyring restrictions
1 - -
-
-
-
2023-03-22
Eric Snowberg
pcmoore
Handled Elsewhere
[v6,5/6] KEYS: CA link restriction
Add CA enforcement keyring restrictions
- 1 -
-
-
-
2023-03-22
Eric Snowberg
pcmoore
Handled Elsewhere
[v6,4/6] KEYS: X.509: Parse Key Usage
Add CA enforcement keyring restrictions
- 2 -
-
-
-
2023-03-22
Eric Snowberg
pcmoore
Handled Elsewhere
[v6,3/6] KEYS: X.509: Parse Basic Constraints for CA
Add CA enforcement keyring restrictions
- 2 -
-
-
-
2023-03-22
Eric Snowberg
pcmoore
Handled Elsewhere
[v6,2/6] KEYS: Add missing function documentation
Add CA enforcement keyring restrictions
- 3 -
-
-
-
2023-03-22
Eric Snowberg
pcmoore
Handled Elsewhere
[v6,1/6] KEYS: Create static version of public_key_verify_signature
Add CA enforcement keyring restrictions
- 3 -
-
-
-
2023-03-22
Eric Snowberg
pcmoore
Handled Elsewhere
[v5,6/6] integrity: machine keyring CA configuration
Add CA enforcement keyring restrictions
1 - -
-
-
-
2023-03-02
Eric Snowberg
Handled Elsewhere
[v5,5/6] KEYS: CA link restriction
Add CA enforcement keyring restrictions
- 1 -
-
-
-
2023-03-02
Eric Snowberg
Handled Elsewhere
[v5,4/6] KEYS: X.509: Parse Key Usage
Add CA enforcement keyring restrictions
- 2 -
-
-
-
2023-03-02
Eric Snowberg
Handled Elsewhere
[v5,3/6] KEYS: X.509: Parse Basic Constraints for CA
Add CA enforcement keyring restrictions
- 2 -
-
-
-
2023-03-02
Eric Snowberg
Handled Elsewhere
[v5,2/6] KEYS: Add missing function documentation
Add CA enforcement keyring restrictions
- 4 -
-
-
-
2023-03-02
Eric Snowberg
Handled Elsewhere
[v5,1/6] KEYS: Create static version of public_key_verify_signature
Add CA enforcement keyring restrictions
- 3 -
-
-
-
2023-03-02
Eric Snowberg
Handled Elsewhere
[v4,6/6] integrity: machine keyring CA configuration
Add CA enforcement keyring restrictions
- - -
-
-
-
2023-02-07
Eric Snowberg
Handled Elsewhere
[v4,5/6] KEYS: CA link restriction
Add CA enforcement keyring restrictions
- 1 -
-
-
-
2023-02-07
Eric Snowberg
Handled Elsewhere
[v4,4/6] KEYS: X.509: Parse Key Usage
Add CA enforcement keyring restrictions
- 1 -
-
-
-
2023-02-07
Eric Snowberg
Handled Elsewhere
[v4,3/6] KEYS: X.509: Parse Basic Constraints for CA
Add CA enforcement keyring restrictions
- 2 -
-
-
-
2023-02-07
Eric Snowberg
Handled Elsewhere
[v4,2/6] KEYS: Add missing function documentation
Add CA enforcement keyring restrictions
- 3 -
-
-
-
2023-02-07
Eric Snowberg
Handled Elsewhere
[v4,1/6] KEYS: Create static version of public_key_verify_signature
Add CA enforcement keyring restrictions
- 2 -
-
-
-
2023-02-07
Eric Snowberg
Handled Elsewhere
[v3,10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-14
Eric Snowberg
Handled Elsewhere
[v3,09/10] KEYS: CA link restriction
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-14
Eric Snowberg
Handled Elsewhere
[v3,08/10] integrity: Use root of trust signature restriction
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-14
Eric Snowberg
Handled Elsewhere
[v3,07/10] KEYS: X.509: Flag Intermediate CA certs as endorsed
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-14
Eric Snowberg
Handled Elsewhere
[v3,06/10] KEYS: Introduce keyring restriction that validates ca trust
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-14
Eric Snowberg
Handled Elsewhere
[v3,05/10] KEYS: Introduce a CA endorsed flag
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-14
Eric Snowberg
Handled Elsewhere
[v3,04/10] KEYS: X.509: Parse Key Usage
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-14
Eric Snowberg
Handled Elsewhere
[v3,03/10] KEYS: X.509: Parse Basic Constraints for CA
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-14
Eric Snowberg
Handled Elsewhere
[v3,02/10] KEYS: Add missing function documentation
Add CA enforcement keyring restrictions
- 1 -
-
-
-
2022-12-14
Eric Snowberg
Handled Elsewhere
[v3,01/10] KEYS: Create static version of public_key_verify_signature
Add CA enforcement keyring restrictions
- 2 -
-
-
-
2022-12-14
Eric Snowberg
Handled Elsewhere
[v2,10/10] integrity: restrict INTEGRITY_KEYRING_MACHINE to restrict_link_by_ca
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-07
Eric Snowberg
Handled Elsewhere
[v2,09/10] KEYS: CA link restriction
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-07
Eric Snowberg
Handled Elsewhere
[v2,08/10] integrity: Use root of trust signature restriction
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-07
Eric Snowberg
Handled Elsewhere
[v2,07/10] KEYS: X.509: Flag Intermediate CA certs as endorsed
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-07
Eric Snowberg
Handled Elsewhere
[v2,06/10] KEYS: Introduce keyring restriction that validates ca trust
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-07
Eric Snowberg
Handled Elsewhere
[v2,05/10] KEYS: Introduce a CA endorsed flag
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-07
Eric Snowberg
Handled Elsewhere
[v2,04/10] KEYS: X.509: Parse Key Usage
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-07
Eric Snowberg
Handled Elsewhere
[v2,03/10] KEYS: X.509: Parse Basic Constraints for CA
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-12-07
Eric Snowberg
Handled Elsewhere
[v2,02/10] KEYS: Add missing function documentation
Add CA enforcement keyring restrictions
- 1 -
-
-
-
2022-12-07
Eric Snowberg
Handled Elsewhere
[v2,01/10] KEYS: Create static version of public_key_verify_signature
Add CA enforcement keyring restrictions
- 2 -
-
-
-
2022-12-07
Eric Snowberg
Handled Elsewhere
[v2,1/1] lockdown: Fix kexec lockdown bypass with ima policy
lockdown: Fix kexec lockdown bypass with ima policy
1 1 -
-
-
-
2022-07-20
Eric Snowberg
Handled Elsewhere
lockdown: Fix kexec lockdown bypass with ima policy
lockdown: Fix kexec lockdown bypass with ima policy
1 1 -
-
-
-
2022-07-19
Eric Snowberg
Handled Elsewhere
integrity: Allow ima_appraise bootparam to be set when SB is enabled
integrity: Allow ima_appraise bootparam to be set when SB is enabled
- - -
-
-
-
2022-04-25
Eric Snowberg
New
[7/7] integrity: Use root of trust signature restriction
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-04-06
Eric Snowberg
New
[6/7] KEYS: X.509: Flag Intermediate CA certs as built in
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-04-06
Eric Snowberg
New
[5/7] KEYS: Introduce sig restriction that validates root of trust
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-04-06
Eric Snowberg
New
[4/7] KEYS: Introduce a builtin root of trust key flag
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-04-06
Eric Snowberg
New
[3/7] KEYS: X.509: Parse Key Usage
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-04-06
Eric Snowberg
New
[2/7] KEYS: X.509: Parse Basic Constraints for CA
Add CA enforcement keyring restrictions
- - -
-
-
-
2022-04-06
Eric Snowberg
New
[1/7] KEYS: Create static version of public_key_verify_signature
Add CA enforcement keyring restrictions
- 1 -
-
-
-
2022-04-06
Eric Snowberg
New
[4/4] integrity: CA enforcement in machine keyring
Add CA enforcement in the machine keyring
- - -
-
-
-
2022-03-01
Eric Snowberg
New
[3/4] KEYS: CA link restriction
Add CA enforcement in the machine keyring
- - -
-
-
-
2022-03-01
Eric Snowberg
New
[2/4] X.509: Parse Basic Constraints for CA
Add CA enforcement in the machine keyring
- - -
-
-
-
2022-03-01
Eric Snowberg
New
[1/4] KEYS: Create static version of public_key_verify_signature
Add CA enforcement in the machine keyring
- 1 -
-
-
-
2022-03-01
Eric Snowberg
New
[v10,8/8] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true
Enroll kernel keys thru MOK
- 1 -
-
-
-
2022-01-26
Eric Snowberg
New
[v10,7/8] integrity: Trust MOK keys if MokListTrustedRT found
Enroll kernel keys thru MOK
- 1 -
-
-
-
2022-01-26
Eric Snowberg
New
[v10,6/8] efi/mokvar: move up init order
Enroll kernel keys thru MOK
- 1 -
-
-
-
2022-01-26
Eric Snowberg
New
[v10,5/8] KEYS: Introduce link restriction for machine keys
Enroll kernel keys thru MOK
- 1 1
-
-
-
2022-01-26
Eric Snowberg
New
[v10,4/8] KEYS: store reference to machine keyring
Enroll kernel keys thru MOK
- 1 1
-
-
-
2022-01-26
Eric Snowberg
New
«
1
2
3
»