luck/tmp_suning_uos_patched
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
39b0709636
tmp_suning_uos_patched/security/integrity
History
Thiago Jung Bauermann 39b0709636 ima: Implement support for module-style appended signatures 
Implement the appraise_type=imasig|modsig option, allowing IMA to read and
verify modsig signatures.

In case a file has both an xattr signature and an appended modsig, IMA will
only use the appended signature if the key used by the xattr signature
isn't present in the IMA or platform keyring.

Because modsig verification needs to convert from an integrity keyring id
to the keyring itself, add an integrity_keyring_from_id() function in
digsig.c so that integrity_modsig_verify() can use it.

Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2019-08-05 18:40:23 -04:00
..
evm Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
ima ima: Implement support for module-style appended signatures 2019-08-05 18:40:23 -04:00
platform_certs Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
digsig_asymmetric.c Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
digsig.c ima: Implement support for module-style appended signatures 2019-08-05 18:40:23 -04:00
iint.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
integrity_audit.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
integrity.h ima: Implement support for module-style appended signatures 2019-08-05 18:40:23 -04:00
Kconfig integrity: Select CONFIG_KEYS instead of depending on it 2019-08-05 18:40:20 -04:00
Makefile s390/ipl: read IPL report at early boot 2019-04-26 12:34:05 +02:00