forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/security/integrity
History
Mimi Zohar bb7f9e5c38 evm: prohibit userspace writing 'security.evm' HMAC value 
commit 2fb1c9a4f2 upstream.

Calculating the 'security.evm' HMAC value requires access to the
EVM encrypted key.  Only the kernel should have access to it.  This
patch prevents userspace tools(eg. setfattr, cp --preserve=xattr)
from setting/modifying the 'security.evm' HMAC value directly.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-06-26 15:12:37 -04:00
..
evm evm: prohibit userspace writing 'security.evm' HMAC value 2014-06-26 15:12:37 -04:00
ima ima: introduce ima_kernel_read() 2014-06-26 15:12:37 -04:00
digsig.c ima: digital signature verification using asymmetric keys 2013-02-06 21:22:18 -05:00
digsig_asymmetric.c ima: digital signature verification using asymmetric keys 2013-02-06 21:22:18 -05:00
iint.c ima: per hook cache integrity appraisal status 2013-01-22 16:10:36 -05:00
integrity.h ima: digital signature verification using asymmetric keys 2013-02-06 21:22:18 -05:00
Kconfig ima: digital signature verification using asymmetric keys 2013-02-06 21:22:18 -05:00
Makefile ima: digital signature verification using asymmetric keys 2013-02-06 21:22:18 -05:00