tmp_suning_uos_patched/security/integrity
Mimi Zohar 16c267aac8 ima: based on policy require signed kexec kernel images
The original kexec_load syscall can not verify file signatures, nor can
the kexec image be measured.  Based on policy, deny the kexec_load
syscall.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: Eric Biederman <ebiederm@xmission.com>
Cc: Kees Cook <keescook@chromium.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <james.morris@microsoft.com>
2018-07-16 12:31:57 -07:00
..
evm Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2018-06-07 15:40:37 -07:00
ima ima: based on policy require signed kexec kernel images 2018-07-16 12:31:57 -07:00
digsig_asymmetric.c integrity: Small code improvements 2017-06-21 14:37:12 -04:00
digsig.c integrity/security: fix digsig.c build error with header file 2018-02-22 20:09:08 -08:00
iint.c integrity: Add an integrity directory in securityfs 2018-05-17 08:03:07 -04:00
integrity_audit.c audit: use inline function to get audit context 2018-05-14 17:24:18 -04:00
integrity.h integrity: Add an integrity directory in securityfs 2018-05-17 08:03:07 -04:00
Kconfig
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00