1. b1c3d2b certs: Fix build error when PKCS#11 URI contains semicolon by Jan Luebbe · 1 year, 11 months ago
  2. 2154aca certs: make system keyring depend on built-in x509 parser by Masahiro Yamada · 2 years, 4 months ago
  3. 0af5cb3 Merge tag 'kbuild-v5.20' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild by Linus Torvalds · 2 years, 5 months ago
  4. 31f6d95 certs: unify blacklist_hashes.c and blacklist_nohashes.c by Masahiro Yamada · 2 years, 7 months ago
  5. 9008a67 certs: move scripts/check-blacklist-hashes.awk to certs/ by Masahiro Yamada · 2 years, 7 months ago
  6. e908862 certs: make system keyring depend on x509 parser by Adam Borowski · 2 years, 6 months ago
  7. 0273fd4 Merge tag 'certs-20220621' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs by Linus Torvalds · 2 years, 6 months ago
  8. 60050ff certs: Move load_certificate_list() to be with the asymmetric keys code by David Howells · 2 years, 8 months ago
  9. 27b5b22 certs: fix and refactor CONFIG_SYSTEM_BLACKLIST_HASH_LIST build by Masahiro Yamada · 2 years, 7 months ago
  10. 6a1c376 certs/blacklist_hashes.c: fix const confusion in certs blacklist by Masahiro Yamada · 2 years, 7 months ago
  11. d56fd98 certs: Convert spaces in certs/Makefile to a tab by David Howells · 2 years, 7 months ago
  12. 6bfb56e cert host tools: Stop complaining about deprecated OpenSSL functions by Linus Torvalds · 2 years, 7 months ago
  13. df202b4 Merge tag 'kbuild-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild by Linus Torvalds · 2 years, 7 months ago
  14. 4d99750 certs: Explain the rationale to call panic() by Mickaël Salaün · 2 years, 9 months ago
  15. 6364d10 certs: Allow root user to append signed hashes to the blacklist keyring by Mickaël Salaün · 3 years, 6 months ago
  16. addf466 certs: Check that builtin blacklist hashes are valid by Mickaël Salaün · 3 years, 6 months ago
  17. bf21dc5 certs: Make blacklist_vet_description() more strict by Mickaël Salaün · 3 years, 6 months ago
  18. 141e523 certs: Factor out the blacklist hash creation by Mickaël Salaün · 3 years, 6 months ago
  19. d5ea4fe kbuild: Allow kernel installation packaging to override pkg-config by Chun-Tse Shao · 2 years, 9 months ago
  20. b8321ed Merge tag 'kbuild-v5.18-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild by Linus Torvalds · 2 years, 9 months ago
  21. 087aa4e KEYS: Introduce link restriction for machine keys by Eric Snowberg · 3 years ago
  22. 56edb6c KEYS: store reference to machine keyring by Eric Snowberg · 3 years ago
  23. f44b645 certs: simplify empty certs creation in certs/Makefile by Masahiro Yamada · 2 years, 11 months ago
  24. 6ce019f certs: include certs/signing_key.x509 unconditionally by Masahiro Yamada · 2 years, 11 months ago
  25. e6340b6 certs: Fix build error when CONFIG_MODULE_SIG_KEY is empty by Masahiro Yamada · 3 years ago
  26. ad29a2f certs: Fix build error when CONFIG_MODULE_SIG_KEY is PKCS#11 URI by Masahiro Yamada · 3 years ago
  27. 340a025 certs: move scripts/extract-cert to certs/ by Masahiro Yamada · 3 years, 1 month ago
  28. 129ab0d kbuild: do not quote string values in include/config/auto.conf by Masahiro Yamada · 3 years, 1 month ago
  29. b8c96a6 certs: simplify $(srctree)/ handling and remove config_filename macro by Masahiro Yamada · 3 years, 1 month ago
  30. 5410f3e certs: remove misleading comments about GCC PR by Masahiro Yamada · 3 years, 1 month ago
  31. 5cca360 certs: refactor file cleaning by Masahiro Yamada · 3 years, 1 month ago
  32. 3958f21 certs: remove unneeded -I$(srctree) option for system_certificates.o by Masahiro Yamada · 3 years, 1 month ago
  33. 1c4bd9f certs: unify duplicated cmd_extract_certs and improve the log by Masahiro Yamada · 3 years, 1 month ago
  34. c537e4d certs: use $< and $@ to simplify the key generation rule by Masahiro Yamada · 3 years, 1 month ago
  35. e06a61a certs: use if_changed to re-generate the key when the key type is changed by Masahiro Yamada · 3 years, 2 months ago
  36. 54c8b51 certs: use 'cmd' to hide openssl output in silent builds more simply by Masahiro Yamada · 3 years, 2 months ago
  37. f8487d2 certs: remove noisy messages while generating the signing key by Masahiro Yamada · 3 years, 2 months ago
  38. f3a2ba4 certs: check-in the default x509 config file by Masahiro Yamada · 3 years, 2 months ago
  39. 54e2c77 certs: remove meaningless $(error ...) in certs/Makefile by Masahiro Yamada · 3 years, 2 months ago
  40. be0d5fa7 certs: move the 'depends on' to the choice of module signing keys by Masahiro Yamada · 3 years, 3 months ago
  41. a4aed36 certs: Add support for using elliptic curve keys for signing modules by Stefan Berger · 3 years, 6 months ago
  42. ea35e0d certs: Trigger creation of RSA module signing key if it's not an RSA key by Stefan Berger · 3 years, 6 months ago
  43. 0f979d8 Merge tag 'kbuild-v5.13-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild by Linus Torvalds · 3 years, 8 months ago
  44. e6f0bf0 Merge tag 'integrity-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity by Linus Torvalds · 3 years, 8 months ago
  45. 9009b45 .gitignore: prefix local generated files with a slash by Masahiro Yamada · 3 years, 8 months ago
  46. 781a573 ima: ensure IMA_APPRAISE_MODSIG has necessary dependencies by Nayna Jain · 3 years, 8 months ago
  47. 81f20231 certs: add 'x509_revocation_list' to gitignore by Linus Torvalds · 3 years, 8 months ago
  48. 6cbdfb3 ima: enable loading of build time generated key on .ima keyring by Nayna Jain · 3 years, 9 months ago
  49. 0165f4c ima: enable signing of modules with build time generated key by Nayna Jain · 3 years, 9 months ago
  50. d1f0441 certs: Add ability to preload revocation certs by Eric Snowberg · 4 years ago
  51. 2565ca7 certs: Move load_system_certificate_list to a common function by Eric Snowberg · 4 years ago
  52. 56c5812 certs: Add EFI_CERT_X509_GUID support for dbx entries by Eric Snowberg · 4 years ago
  53. a6cb0ab certs: Replace K{U,G}IDT_INIT() with GLOBAL_ROOT_{U,G}ID by Mickaël Salaün · 4 years, 1 month ago
  54. 4993e1f certs: Fix blacklist flag type confusion by David Howells · 4 years, 1 month ago
  55. 84ffbef certs: Fix blacklisted hexadecimal hash string check by Mickaël Salaün · 4 years, 1 month ago
  56. 0b2d443 certs/blacklist: fix kernel doc interface issue by Alex Shi · 4 years, 2 months ago
  57. d198b34f .gitignore: add SPDX License Identifier by Masahiro Yamada · 4 years, 10 months ago
  58. 2985bed6 .gitignore: remove too obvious comments by Masahiro Yamada · 4 years, 10 months ago
  59. 2434f7d certs: Add wrapper function to check blacklisted binary hash by Nayna Jain · 5 years ago
  60. 2a7bf67 PKCS#7: Refactor verify_pkcs7_signature() by Thiago Jung Bauermann · 6 years ago
  61. 028db3e Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" by Linus Torvalds · 5 years ago
  62. 0f75ef6 Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs by Linus Torvalds · 5 years ago
  63. c84ca91 Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs by Linus Torvalds · 5 years ago
  64. 2e12256 keys: Replace uid/gid/perm permissions checking with an ACL by David Howells · 6 years ago
  65. dcf49db keys: Add a 'recurse' flag for keyring searches by David Howells · 6 years ago
  66. b4d0d23 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 by Thomas Gleixner · 6 years ago
  67. 278311e kexec, KEYS: Make use of platform keyring for signature verify by Kairui Song · 6 years ago
  68. 219a3e8 integrity, KEYS: add a reference to platform keyring by Kairui Song · 6 years ago
  69. 172caf1 kbuild: remove redundant target cleaning on failure by Masahiro Yamada · 6 years ago
  70. c4df32c export.h: remove VMLINUX_SYMBOL() and VMLINUX_SYMBOL_STR() by Masahiro Yamada · 6 years ago
  71. 817aef2 Replace magic for trusting the secondary keyring with #define by Yannik Sembritzki · 6 years ago
  72. 2e20ce4 certs/blacklist: fix const confusion by Nick Desaulniers · 7 years ago
  73. 5fb94e9 docs: Fix some broken references by Mauro Carvalho Chehab · 7 years ago
  74. 2be04df certs/blacklist_nohashes.c: fix const confusion in certs blacklist by Andi Kleen · 7 years ago
  75. b244131 License cleanup: add SPDX GPL-2.0 license identifier to files with no license by Greg Kroah-Hartman · 7 years ago
  76. 5ccbdbf9 modsign: add markers to endif-statements in certs/Makefile by Jarkko Sakkinen · 7 years ago
  77. 6e7c2b4 scripts/spelling.txt: add "intialise(d)" pattern and fix typo instances by Masahiro Yamada · 8 years ago
  78. 2b6aa41 KEYS: Use structure to capture key restriction function and data by Mat Martineau · 8 years ago
  79. aaf66c8 KEYS: Split role of the keyring pointer for keyring restrict functions by Mat Martineau · 8 years ago
  80. 734114f KEYS: Add a system blacklist keyring by David Howells · 8 years ago
  81. d3bfe84 certs: Add a secondary system keyring that can be added to dynamically by David Howells · 9 years ago
  82. 77f68ba KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTED by David Howells · 9 years ago
  83. a511e1a KEYS: Move the point of trust determination to __key_link() by David Howells · 9 years ago
  84. 99716b7 KEYS: Make the system trusted keyring depend on the asymmetric key type by David Howells · 9 years ago
  85. 5ac7eac KEYS: Add a facility to restrict new links into a keyring by David Howells · 9 years ago
  86. bda850c PKCS#7: Make trust determination dependent on contents of trust keyring by David Howells · 9 years ago
  87. e68503b KEYS: Generalise system_verify_data() to provide access to internal content by David Howells · 9 years ago
  88. 0d1db3e certs: Fix misaligned data in extra certificate list by David Howells · 9 years ago
  89. c4c3610 KEYS: Reserve an extra certificate symbol for inserting without recompiling by Mehmet Kayaalp · 9 years ago
  90. 5d06ee2 modsign: hide openssl output in silent builds by Arnd Bergmann · 9 years ago
  91. 5d2787c KEYS: Add an alloc flag to convey the builtinness of a key by David Howells · 9 years ago
  92. 48dbc16 certs: add .gitignore to stop git nagging about x509_certificate_list by Paul Gortmaker · 9 years ago
  93. 3ee550f modsign: Handle signing key in source tree by David Woodhouse · 9 years ago
  94. 62172c8 modsign: Use if_changed rule for extracting cert from module signing key by David Woodhouse · 9 years ago
  95. cfc411e Move certificate handling to its own directory by David Howells · 9 years ago