linux

mirror of https://github.com/torvalds/linux synced 2024-10-14 15:29:13 +00:00

History

Linus Torvalds f2586d921c Hi, Contents: - Restrict linking of keys to .ima and .evm keyrings based on digitalSignature attribute in the certificate. - PowerVM: load machine owner keys into the .machine [1] keyring. - PowerVM: load module signing keys into the secondary trusted keyring (keys blessed by the vendor). - tpm_tis_spi: half-duplex transfer mode - tpm_tis: retry corrupted transfers - Apply revocation list (.mokx) to an all system keyrings (e.g. .machine keyring). [1] https://blogs.oracle.com/linux/post/the-machine-keyring BR, Jarkko -----BEGIN PGP SIGNATURE----- iIgEABYIADAWIQRE6pSOnaBC00OEHEIaerohdGur0gUCZN5/qBIcamFya2tvQGtl cm5lbC5vcmcACgkQGnq6IXRrq9J4GQEAstTtQfGGrx5KInOTMWOvaq/Cum5iW4AD NefVfbUtCCQBANvFtxoPYQS5u6+rIdxzIwFiNUlOyt2uR2bkk4UUiPML =Vvs8 -----END PGP SIGNATURE----- Merge tag 'tpmdd-v6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd Pull tpm updates from Jarkko Sakkinen: - Restrict linking of keys to .ima and .evm keyrings based on digitalSignature attribute in the certificate - PowerVM: load machine owner keys into the .machine [1] keyring - PowerVM: load module signing keys into the secondary trusted keyring (keys blessed by the vendor) - tpm_tis_spi: half-duplex transfer mode - tpm_tis: retry corrupted transfers - Apply revocation list (.mokx) to an all system keyrings (e.g. .machine keyring) Link: https://blogs.oracle.com/linux/post/the-machine-keyring [1] * tag 'tpmdd-v6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd: certs: Reference revocation list for all keyrings tpm/tpm_tis_synquacer: Use module_platform_driver macro to simplify the code tpm: remove redundant variable len tpm_tis: Resend command to recover from data transfer errors tpm_tis: Use responseRetry to recover from data transfer errors tpm_tis: Move CRC check to generic send routine tpm_tis_spi: Add hardware wait polling KEYS: Replace all non-returning strlcpy with strscpy integrity: PowerVM support for loading third party code signing keys integrity: PowerVM machine keyring enablement integrity: check whether imputed trust is enabled integrity: remove global variable from machine_keyring.c integrity: ignore keys failing CA restrictions on non-UEFI platform integrity: PowerVM support for loading CA keys on machine keyring integrity: Enforce digitalSignature usage in the ima and evm keyrings KEYS: DigitalSignature link restriction tpm_tis: Revert "tpm_tis: Disable interrupts on ThinkPad T490s"		2023-08-29 08:05:18 -07:00
..
apparmor	apparmor: convert to ctime accessor functions	2023-07-24 10:30:08 +02:00
bpf
integrity	Hi,	2023-08-29 08:05:18 -07:00
keys	KEYS: Replace all non-returning strlcpy with strscpy	2023-08-17 20:12:35 +00:00
landlock	hostfs: Fix ephemeral inodes	2023-06-12 21:26:19 +02:00
loadpin	LoadPin: Annotate struct dm_verity_loadpin_trusted_root_digest with __counted_by	2023-08-25 16:07:30 -07:00
lockdown
safesetid	SafeSetID: fix UID printed instead of GID	2023-06-20 20:26:00 -04:00
selinux	v6.6-vfs.misc	2023-08-28 10:17:14 -07:00
smack	vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing	2023-08-15 08:32:30 +02:00
tomoyo	mm/gup: remove vmas parameter from get_user_pages_remote()	2023-06-09 16:25:26 -07:00
yama
commoncap.c	lsm: fix a number of misspellings	2023-05-25 17:52:15 -04:00
device_cgroup.c	device_cgroup: Fix kernel-doc warnings in device_cgroup	2023-06-21 09:30:49 -04:00
inode.c	security: convert to ctime accessor functions	2023-07-24 10:30:08 +02:00
Kconfig	mm/slab: remove HAVE_HARDENED_USERCOPY_ALLOCATOR	2023-05-24 15:38:17 +02:00
Kconfig.hardening	hardening: Move BUG_ON_DATA_CORRUPTION to hardening options	2023-08-15 14:57:25 -07:00
lsm_audit.c	lsm: fix a number of misspellings	2023-05-25 17:52:15 -04:00
Makefile
min_addr.c
security.c	vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing	2023-08-15 08:32:30 +02:00