Revision tags: v6.7-rc5, v6.7-rc4, v6.7-rc3, v6.7-rc2, v6.7-rc1, v6.6, v6.6-rc7, v6.6-rc6, v6.6-rc5, v6.6-rc4, v6.6-rc3, v6.6-rc2, v6.6-rc1, v6.5, v6.5-rc7, v6.5-rc6, v6.5-rc5, v6.5-rc4, v6.5-rc3, v6.5-rc2, v6.5-rc1, v6.4, v6.4-rc7, v6.4-rc6, v6.4-rc5, v6.4-rc4, v6.4-rc3, v6.4-rc2, v6.4-rc1, v6.3, v6.3-rc7, v6.3-rc6, v6.3-rc5, v6.3-rc4, v6.3-rc3, v6.3-rc2, v6.3-rc1, v6.2, v6.2-rc8, v6.2-rc7, v6.2-rc6, v6.2-rc5, v6.2-rc4, v6.2-rc3, v6.2-rc2, v6.2-rc1 |
|
#
4f2c0a4a |
| 14-Dec-2022 |
Nick Terrell <terrelln@fb.com> |
Merge branch 'main' into zstd-linus
|
Revision tags: v6.1, v6.1-rc8, v6.1-rc7, v6.1-rc6, v6.1-rc5, v6.1-rc4, v6.1-rc3, v6.1-rc2 |
|
#
14e77332 |
| 22-Oct-2022 |
Nick Terrell <terrelln@fb.com> |
Merge branch 'main' into zstd-next
|
Revision tags: v6.1-rc1 |
|
#
97acb6a8 |
| 03-Oct-2022 |
Tvrtko Ursulin <tvrtko.ursulin@intel.com> |
Merge drm/drm-next into drm-intel-gt-next
Daniele needs 84d4333c1e28 ("misc/mei: Add NULL check to component match callback functions") in order to merge the DG2 HuC patches.
Signed-off-by: Tvrtko
Merge drm/drm-next into drm-intel-gt-next
Daniele needs 84d4333c1e28 ("misc/mei: Add NULL check to component match callback functions") in order to merge the DG2 HuC patches.
Signed-off-by: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
show more ...
|
Revision tags: v6.0, v6.0-rc7, v6.0-rc6, v6.0-rc5, v6.0-rc4, v6.0-rc3, v6.0-rc2, v6.0-rc1 |
|
#
fc30eea1 |
| 04-Aug-2022 |
Rodrigo Vivi <rodrigo.vivi@intel.com> |
Merge drm/drm-next into drm-intel-next
Sync up. In special to get the drm-intel-gt-next stuff.
Signed-off-by: Rodrigo Vivi <rodrigo.vivi@intel.com>
|
#
8bb5e7f4 |
| 02-Aug-2022 |
Dmitry Torokhov <dmitry.torokhov@gmail.com> |
Merge branch 'next' into for-linus
Prepare input updates for 5.20 (or 6.0) merge window.
|
Revision tags: v5.19, v5.19-rc8, v5.19-rc7 |
|
#
f83d9396 |
| 14-Jul-2022 |
Thomas Zimmermann <tzimmermann@suse.de> |
Merge drm/drm-next into drm-misc-next-fixes
Backmerging from drm/drm-next for the final fixes that will go into v5.20.
Signed-off-by: Thomas Zimmermann <tzimmermann@suse.de>
|
Revision tags: v5.19-rc6 |
|
#
a63f7778 |
| 08-Jul-2022 |
Dmitry Torokhov <dmitry.torokhov@gmail.com> |
Merge tag 'v5.19-rc5' into next
Merge with mainline to bring up the latest definition from MFD subsystem needed for Mediatek keypad driver.
|
#
dd84cfff |
| 04-Jul-2022 |
Takashi Iwai <tiwai@suse.de> |
Merge tag 'asoc-fix-v5.19-rc3' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus
ASoC: Fixes for v5.19
A collection of fixes for v5.19, quite large but nothing major -
Merge tag 'asoc-fix-v5.19-rc3' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus
ASoC: Fixes for v5.19
A collection of fixes for v5.19, quite large but nothing major - a good chunk of it is more stuff that was identified by mixer-test regarding event generation.
show more ...
|
Revision tags: v5.19-rc5, v5.19-rc4 |
|
#
2b1333b8 |
| 20-Jun-2022 |
Thomas Zimmermann <tzimmermann@suse.de> |
Merge drm/drm-next into drm-misc-next
Backmerging to get new regmap APIs of v5.19-rc1.
Signed-off-by: Thomas Zimmermann <tzimmermann@suse.de>
|
Revision tags: v5.19-rc3 |
|
#
f777316e |
| 15-Jun-2022 |
Takashi Iwai <tiwai@suse.de> |
Merge branch 'topic/ctl-enhancements' into for-next
Pull ALSA control enhancement patches. One is the faster lookup of control elements, and another is to introduce the input data validation.
Signe
Merge branch 'topic/ctl-enhancements' into for-next
Pull ALSA control enhancement patches. One is the faster lookup of control elements, and another is to introduce the input data validation.
Signed-off-by: Takashi Iwai <tiwai@suse.de>
show more ...
|
Revision tags: v5.19-rc2 |
|
#
66da6500 |
| 09-Jun-2022 |
Paolo Bonzini <pbonzini@redhat.com> |
Merge tag 'kvm-riscv-fixes-5.19-1' of https://github.com/kvm-riscv/linux into HEAD
KVM/riscv fixes for 5.19, take #1
- Typo fix in arch/riscv/kvm/vmid.c
- Remove broken reference pattern from MAIN
Merge tag 'kvm-riscv-fixes-5.19-1' of https://github.com/kvm-riscv/linux into HEAD
KVM/riscv fixes for 5.19, take #1
- Typo fix in arch/riscv/kvm/vmid.c
- Remove broken reference pattern from MAINTAINERS entry
show more ...
|
#
6e2b347d |
| 08-Jun-2022 |
Maxime Ripard <maxime@cerno.tech> |
Merge v5.19-rc1 into drm-misc-fixes
Let's kick-off the start of the 5.19 fix cycle
Signed-off-by: Maxime Ripard <maxime@cerno.tech>
|
#
073350da |
| 07-Jun-2022 |
Mark Brown <broonie@kernel.org> |
Merge tag 'v5.19-rc1' into asoc-5.19
Linux 5.19-rc1
|
Revision tags: v5.19-rc1 |
|
#
0350785b |
| 24-May-2022 |
Linus Torvalds <torvalds@linux-foundation.org> |
Merge tag 'integrity-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull IMA updates from Mimi Zohar: "New is IMA support for including fs-verity file digests and sig
Merge tag 'integrity-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull IMA updates from Mimi Zohar: "New is IMA support for including fs-verity file digests and signatures in the IMA measurement list as well as verifying the fs-verity file digest based signatures, both based on policy.
In addition, are two bug fixes:
- avoid reading UEFI variables, which cause a page fault, on Apple Macs with T2 chips.
- remove the original "ima" template Kconfig option to address a boot command line ordering issue.
The rest is a mixture of code/documentation cleanup"
* tag 'integrity-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: integrity: Fix sparse warnings in keyring_handler evm: Clean up some variables evm: Return INTEGRITY_PASS for enum integrity_status value '0' efi: Do not import certificates from UEFI Secure Boot for T2 Macs fsverity: update the documentation ima: support fs-verity file digest based version 3 signatures ima: permit fsverity's file digests in the IMA measurement list ima: define a new template field named 'd-ngv2' and templates fs-verity: define a function to return the integrity protected file digest ima: use IMA default hash algorithm for integrity violations ima: fix 'd-ng' comments and documentation ima: remove the IMA_TEMPLATE Kconfig option ima: remove redundant initialization of pointer 'file'.
show more ...
|
Revision tags: v5.18, v5.18-rc7 |
|
#
c46d541a |
| 13-May-2022 |
Mimi Zohar <zohar@linux.ibm.com> |
Merge branch 'next-integrity.fsverity-v9' into next-integrity
Support for including fs-verity file digests and signatures in the IMA measurement list as well as verifying the fs-verity file digest b
Merge branch 'next-integrity.fsverity-v9' into next-integrity
Support for including fs-verity file digests and signatures in the IMA measurement list as well as verifying the fs-verity file digest based signatures.
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
show more ...
|
Revision tags: v5.18-rc6, v5.18-rc5, v5.18-rc4, v5.18-rc3, v5.18-rc2, v5.18-rc1, v5.17, v5.17-rc8, v5.17-rc7, v5.17-rc6, v5.17-rc5, v5.17-rc4, v5.17-rc3, v5.17-rc2, v5.17-rc1, v5.16, v5.16-rc8, v5.16-rc7, v5.16-rc6, v5.16-rc5, v5.16-rc4, v5.16-rc3 |
|
#
398c42e2 |
| 24-Nov-2021 |
Mimi Zohar <zohar@linux.ibm.com> |
ima: support fs-verity file digest based version 3 signatures
IMA may verify a file's integrity against a "good" value stored in the 'security.ima' xattr or as an appended signature, based on policy
ima: support fs-verity file digest based version 3 signatures
IMA may verify a file's integrity against a "good" value stored in the 'security.ima' xattr or as an appended signature, based on policy. When the "good value" is stored in the xattr, the xattr may contain a file hash or signature. In either case, the "good" value is preceded by a header. The first byte of the xattr header indicates the type of data - hash, signature - stored in the xattr. To support storing fs-verity signatures in the 'security.ima' xattr requires further differentiating the fs-verity signature from the existing IMA signature.
In addition the signatures stored in 'security.ima' xattr, need to be disambiguated. Instead of directly signing the fs-verity digest, a new signature format version 3 is defined as the hash of the ima_file_id structure, which identifies the type of signature and the digest.
The IMA policy defines "which" files are to be measured, verified, and/or audited. For those files being verified, the policy rules indicate "how" the file should be verified. For example to require a file be signed, the appraise policy rule must include the 'appraise_type' option.
appraise_type:= [imasig] | [imasig|modsig] | [sigv3] where 'imasig' is the original or signature format v2 (default), where 'modsig' is an appended signature, where 'sigv3' is the signature format v3.
The policy rule must also indicate the type of digest, if not the IMA default, by first specifying the digest type:
digest_type:= [verity]
The following policy rule requires fsverity signatures. The rule may be constrained, for example based on a fsuuid or LSM label.
appraise func=BPRM_CHECK digest_type=verity appraise_type=sigv3
Acked-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
show more ...
|
#
54f03916 |
| 23-Dec-2021 |
Mimi Zohar <zohar@linux.ibm.com> |
ima: permit fsverity's file digests in the IMA measurement list
Permit fsverity's file digest (a hash of struct fsverity_descriptor) to be included in the IMA measurement list, based on the new meas
ima: permit fsverity's file digests in the IMA measurement list
Permit fsverity's file digest (a hash of struct fsverity_descriptor) to be included in the IMA measurement list, based on the new measurement policy rule 'digest_type=verity' option.
To differentiate between a regular IMA file hash from an fsverity's file digest, use the new d-ngv2 format field included in the ima-ngv2 template.
The following policy rule requires fsverity file digests and specifies the new 'ima-ngv2' template, which contains the new 'd-ngv2' field. The policy rule may be constrained, for example based on a fsuuid or LSM label.
measure func=FILE_CHECK digest_type=verity template=ima-ngv2
Acked-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
show more ...
|
#
989dc725 |
| 23-Dec-2021 |
Mimi Zohar <zohar@linux.ibm.com> |
ima: define a new template field named 'd-ngv2' and templates
In preparation to differentiate between unsigned regular IMA file hashes and fs-verity's file digests in the IMA measurement list, defin
ima: define a new template field named 'd-ngv2' and templates
In preparation to differentiate between unsigned regular IMA file hashes and fs-verity's file digests in the IMA measurement list, define a new template field named 'd-ngv2'.
Also define two new templates named 'ima-ngv2' and 'ima-sigv2', which include the new 'd-ngv2' field.
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
show more ...
|
#
64466462 |
| 14-Apr-2022 |
Mimi Zohar <zohar@linux.ibm.com> |
ima: fix 'd-ng' comments and documentation
Initially the 'd-ng' template field did not prefix the digest with either "md5" or "sha1" hash algorithms. Prior to being upstreamed this changed, but the
ima: fix 'd-ng' comments and documentation
Initially the 'd-ng' template field did not prefix the digest with either "md5" or "sha1" hash algorithms. Prior to being upstreamed this changed, but the comments and documentation were not updated. Fix the comments and documentation.
Fixes: 4d7aeee73f53 ("ima: define new template ima-ng and template fields d-ng and n-ng") Reported-by: Eric Biggers <ebiggers@kernel.org> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
show more ...
|
#
762f99f4 |
| 15-Jan-2022 |
Dmitry Torokhov <dmitry.torokhov@gmail.com> |
Merge branch 'next' into for-linus
Prepare input updates for 5.17 merge window.
|
#
5d8dfaa7 |
| 09-Dec-2021 |
Dmitry Torokhov <dmitry.torokhov@gmail.com> |
Merge tag 'v5.15' into next
Sync up with the mainline to get the latest APIs and DT bindings.
|
Revision tags: v5.16-rc2, v5.16-rc1, v5.15, v5.15-rc7, v5.15-rc6, v5.15-rc5, v5.15-rc4, v5.15-rc3, v5.15-rc2, v5.15-rc1, v5.14 |
|
#
46466ae3 |
| 26-Aug-2021 |
Ingo Molnar <mingo@kernel.org> |
Merge branch 'perf/urgent' into perf/core, to pick up fixes
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
Revision tags: v5.14-rc7 |
|
#
c87866ed |
| 17-Aug-2021 |
Ingo Molnar <mingo@kernel.org> |
Merge tag 'v5.14-rc6' into locking/core, to pick up fixes
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
Revision tags: v5.14-rc6, v5.14-rc5, v5.14-rc4 |
|
#
ca31fef1 |
| 27-Jul-2021 |
Maarten Lankhorst <maarten.lankhorst@linux.intel.com> |
Backmerge remote-tracking branch 'drm/drm-next' into drm-misc-next
Required bump from v5.13-rc3 to v5.14-rc3, and to pick up sysfb compilation fixes.
Signed-off-by: Maarten Lankhorst <maarten.lankh
Backmerge remote-tracking branch 'drm/drm-next' into drm-misc-next
Required bump from v5.13-rc3 to v5.14-rc3, and to pick up sysfb compilation fixes.
Signed-off-by: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
show more ...
|
Revision tags: v5.14-rc3, v5.14-rc2 |
|
#
611ac726 |
| 13-Jul-2021 |
Rodrigo Vivi <rodrigo.vivi@intel.com> |
Merge drm/drm-next into drm-intel-gt-next
Catching up with 5.14-rc1 and also preparing for a needed common topic branch for the "Minor revid/stepping and workaround cleanup"
Reference: https://patc
Merge drm/drm-next into drm-intel-gt-next
Catching up with 5.14-rc1 and also preparing for a needed common topic branch for the "Minor revid/stepping and workaround cleanup"
Reference: https://patchwork.freedesktop.org/series/92299/ Signed-off-by: Rodrigo Vivi <rodrigo.vivi@intel.com>
show more ...
|