From: Quirin Gylstorff <quirin.gylstorff@...> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...> --- doc/README.tpm2.encryption.md | 55 +++++++++++++++++++++++++++++++++++ 1 file changed, 55 inser

From: Quirin Gylstorff <quirin.gylstorff@...> If /var shall be encrypted encrypt_partition needs to be executed before the overlay script. If the prerequisite is not available the overlay script will

From: Quirin Gylstorff <quirin.gylstorff@...> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...> --- .gitlab-ci.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.gitlab-ci.yml

From: Quirin Gylstorff <quirin.gylstorff@...> This encrypts a partition with LUKS and uses the TPM2 to unlock the partition during boot. Adapt start-qemu to support tpm2. The implementation uses syste

From: Quirin Gylstorff <quirin.gylstorff@...> This creates a new luks encrypted ext4 partition with a the key stored in the tpm2. The initial key is randomly generated and removed from the LUKS partit

From: Quirin Gylstorff <quirin.gylstorff@...> Systemd >= 251 is required for systemd-cryptenroll. This version is part of backports. Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...> --- conf/dis

From: Quirin Gylstorff <quirin.gylstorff@...> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...> --- doc/README.tpm2.encryption.md | 55 +++++++++++++++++++++++++++++++++++ 1 file changed, 55 inser

From: Quirin Gylstorff <quirin.gylstorff@...> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...> --- .gitlab-ci.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.gitlab-ci.yml

From: Quirin Gylstorff <quirin.gylstorff@...> This creates a new luks encrypted ext4 partition with a the key stored in the tpm2. The initial key is randomly generated and removed from the LUKS partit

From: Quirin Gylstorff <quirin.gylstorff@...> This allows testing the partition encryption with qemu. Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...> --- start-qemu.sh | 27 ++++++++++++++++++++

From: Quirin Gylstorff <quirin.gylstorff@...> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...> --- Kconfig | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/Kconfig b/Kconfig index 7

From: Quirin Gylstorff <quirin.gylstorff@...> If /var shall be encrypted encrypt_partition needs to be executed before the overlay script. If the prerequisite is not available the overlay script will

From: Quirin Gylstorff <quirin.gylstorff@...> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...> --- Kconfig | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/Kconfig b/Kconfig index

Hi all, Kindly be reminded to attend the weekly meeting through IRC to discuss technical topics with CIP kernel today. Our channel is the following: irc:irc.libera.chat:6667/cip The IRC meeting is sch

Hi ! It's this week's CVE report. This week reported 11 new CVEs and 4 updated CVEs. * New CVEs CVE-2023-23002: Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe CVSS v3 score i

Why do you keep adding linux-mm to the Cc list of random threads that are not about MM?

Yeah. Really just posting the code and the results seems like the best way forward to me too. That's how syzbot does it and it's the only realistic way forward. The good thing is that static checker w

On Thu, Jan 19, 2023 at 09:14:53AM +0900, Masami Ichikawa wrote: > CVE-2023-0210: ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in > ksmbd_decode_ntlmssp_auth_blob > > 5.15, 6.0, and 6.1 were fi

From: Quirin Gylstorff <quirin.gylstorff@...> If /var shall be encrypted encrypt_partition needs to be executed before the overlay script. If the prerequisite is not available the overlay script will

From: Quirin Gylstorff <quirin.gylstorff@...> Systemd >= 251 is required for systemd-cryptenroll. This version is part of backports. Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...> --- conf/dis