forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/security/integrity/evm
History
Mimi Zohar bb7f9e5c38 evm: prohibit userspace writing 'security.evm' HMAC value 
commit 2fb1c9a4f2 upstream.

Calculating the 'security.evm' HMAC value requires access to the
EVM encrypted key.  Only the kernel should have access to it.  This
patch prevents userspace tools(eg. setfattr, cp --preserve=xattr)
from setting/modifying the 'security.evm' HMAC value directly.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-06-26 15:12:37 -04:00
..
evm.h evm: add file system uuid to EVM hmac 2013-02-06 10:40:28 -05:00
evm_crypto.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2013-02-21 08:18:12 -08:00
evm_main.c evm: prohibit userspace writing 'security.evm' HMAC value 2014-06-26 15:12:37 -04:00
evm_posix_acl.c evm: posix acls modify i_mode 2011-09-14 15:24:51 -04:00
evm_secfs.c evm: remove unused cleanup functions 2013-01-16 15:47:05 -05:00
Kconfig evm: add file system uuid to EVM hmac 2013-02-06 10:40:28 -05:00
Makefile evm: posix acls modify i_mode 2011-09-14 15:24:51 -04:00