summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Dmitry Kasatkin [Fri, 18 May 2012 09:41:31 +0000 (12:41 +0300)]
Added entry type to directory hash calculation
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Fri, 18 May 2012 09:40:13 +0000 (12:40 +0300)]
llistxattr returns 0 if there are no xattrs and it is valid
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Thu, 5 Apr 2012 11:54:28 +0000 (14:54 +0300)]
evm-utils renamed to ima-evm-utils.
Version set to 0.2.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Thu, 5 Apr 2012 12:24:01 +0000 (15:24 +0300)]
Added RPM and TAR building rules
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Thu, 5 Apr 2012 11:32:28 +0000 (14:32 +0300)]
added command options description
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Thu, 5 Apr 2012 10:48:39 +0000 (13:48 +0300)]
removed unused parameter
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Thu, 5 Apr 2012 10:48:08 +0000 (13:48 +0300)]
import functions combined
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Thu, 5 Apr 2012 09:07:54 +0000 (12:07 +0300)]
updated error handling
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Wed, 4 Apr 2012 13:48:38 +0000 (16:48 +0300)]
read list of existing extended attributes
getxattr() might return runtime value which does not really exist
on file system. It happens for SMACK LSM. Reading the list of existing
attributes allows to prevent such to happen.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Wed, 4 Apr 2012 13:48:16 +0000 (16:48 +0300)]
added HMAC API error handling
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Mon, 2 Apr 2012 12:52:30 +0000 (15:52 +0300)]
version 0.1.0
Dmitry Kasatkin [Thu, 15 Mar 2012 09:52:36 +0000 (11:52 +0200)]
remove unused parameter
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Thu, 2 Feb 2012 08:12:34 +0000 (10:12 +0200)]
Changed time_t timestamp type to uint32_t
time_t is actually long and is different on 32 and 64 bit architectures.
Format of the signatures should not depend on the architecture and should
be the same. Changed timestamp to uint32_t like in GPG.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Wed, 1 Feb 2012 12:38:54 +0000 (14:38 +0200)]
Added missing CFLAGS
Added missing CFLAGS
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Wed, 1 Feb 2012 12:30:30 +0000 (14:30 +0200)]
Added signature write to .sig file
To enable module signature verification working on file systems
without extended attributes, or to be able to copy modules by methods,
which does not support extended attribute copying, it is necessary
to store signature in the file. This patch provides command line parameter
for storing signature in .sig file.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Wed, 1 Feb 2012 09:10:15 +0000 (11:10 +0200)]
Change set_xattr to xattr.
set_xattr changed to xattr.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Wed, 1 Feb 2012 08:46:21 +0000 (10:46 +0200)]
Changed to conform Linux kernel coding style
Changed to conform Linux kernel coding style, except 80 characters
line length limit.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Wed, 1 Feb 2012 08:33:07 +0000 (10:33 +0200)]
added password parameter for using encrypted keys
Added password parameter for using encrypted keys.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Wed, 1 Feb 2012 08:29:33 +0000 (10:29 +0200)]
added openssl initialization and error reporting
Added openssl initialization and error reporting.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Mon, 30 Jan 2012 11:23:28 +0000 (13:23 +0200)]
minor fixes
- error message
- command info
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Fri, 2 Dec 2011 12:15:19 +0000 (14:15 +0200)]
Scripts for searching not only root owned files
-uid 0 removed.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Thu, 1 Dec 2011 16:40:27 +0000 (18:40 +0200)]
directory hash calculation
Directory integrity verification requires directory hash value
to be set to security.ima.
This patch provides directory hash calculation.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Wed, 30 Nov 2011 13:03:39 +0000 (15:03 +0200)]
EVM hmac calculation
For debugging purpose it is nice to have evm hmac calculation for
labeling filesystem using hmac.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Wed, 30 Nov 2011 13:09:34 +0000 (15:09 +0200)]
EVP API for evm hash calculation
evmctl was using sha1 for evm hash calculation.
Using EVM API is easy to use other digest algorithms such as sha256.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Fri, 14 Oct 2011 13:53:34 +0000 (16:53 +0300)]
evmctl - IMA/EVM control tool
evmctl provides signing support for IMA/EVM.
Functionality includes signing of file content (IMA), file metadata (EVM),
importing public keys into kernel keyring.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Dmitry Kasatkin [Thu, 25 Nov 2010 09:27:14 +0000 (11:27 +0200)]
initial empty repo
projects / platform / upstream / ima-evm-utils.git / log