projects
/
platform
/
kernel
/
linux-starfive.git
/ search
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
ima: define a set of appraisal rules requiring file signatures
2017-06-21
Mimi Zohar
ima: define a set of appraisal rules requiring file...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2017-06-21
Mimi Zohar
ima: extend the "ima_policy" boot command line to support...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2017-03-13
Mikhail Kurinnoi
ima: provide ">" and "<" operators for fowner/uid/euid...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2017-03-07
Daniel Glöckner
ima: accept previously set IMA_NEW_FILE
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2017-03-07
James Morris
integrity: mark default IMA rules as __ro_after_init
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2017-01-27
Lans Zhang
ima: allow to check MAY_APPEND
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2017-01-27
Mimi Zohar
ima: fix ima_d_path() possible race with rename
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-11-14
Seth Forshee
security/integrity: Harden against malformed xattrs
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-11-14
Baruch Siach
Doc: security: keys-trusted: drop duplicate blobauth...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-11-14
Mimi Zohar
ima: include the reason for TPM-bypass mode
commit
|
commitdiff
|
tree
2016-11-14
Mimi Zohar
Revert "ima: limit file hash setting by user to fix...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-11-14
Eric Richter
ima: fix memory leak in ima_release_policy
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-06-30
Eric Richter
ima: extend the measurement entry specific pcr
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-06-30
Eric Richter
ima: change integrity cache to store measured pcr
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-06-30
Eric Richter
ima: redefine duplicate template entries
Reported-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-06-30
Eric Richter
ima: change ima_measurements_show() to display the...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-06-30
Eric Richter
ima: include pcr for each measurement log entry
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-06-30
Eric Richter
ima: extend ima_get_action() to return the policy pcr
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-06-30
Eric Richter
ima: add policy support for extending different pcrs
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-06-30
Eric Richter
integrity: add measured_pcrs field to integrity cache
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-05-01
Mimi Zohar
ima: add support for creating files using the mknodat...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-05-01
Mimi Zohar
ima: fix ima_inode_post_setattr
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-05-01
Dmitry Kasatkin
vfs: forbid write access when reading a file into memory
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
ima: require signed IMA policy
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
ima: measure and appraise the IMA policy itself
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Dmitry Kasatkin
ima: load policy using path
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
ima: support for kexec image and initramfs
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
kexec: replace call to copy_file_from_fd() with kernel...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
ima: remove firmware and module specific cached status...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
module: replace copy_module_from_fd with kernel version
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
vfs: define kernel_copy_file_from_fd()
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
security: define kernel_read_file hook
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
firmware: replace call to fw_read_file_contents() with...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
vfs: define kernel_read_file_from_path
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
ima: define a new hook to measure and appraise a file...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-18
Mimi Zohar
ima: calculate the hash of a buffer using aynchronous...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-18
Dmitry Kasatkin
ima: provide buffer hash calculation function
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-18
Mimi Zohar
vfs: define kernel_read_file_id enumeration
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-18
Mimi Zohar
vfs: define a generic function to read a file from...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-18
Kees Cook
firmware: clean up filesystem load exit path
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-18
Luis R. Rodriguez
firmware: move completing fw into a helper
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-18
Luis R. Rodriguez
firmware: simplify dev_*() print messages for generic...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-18
Mimi Zohar
ima: use "ima_hooks" enum as function argument
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-18
Mimi Zohar
ima: refactor ima_policy_show() to display "ima_hooks...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-18
Dmitry Kasatkin
ima: separate 'security.ima' reading functionality...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-02-08
Colin Ian King
IMA: fix non-ANSI declaration of ima_check_policy()
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-01-07
Mimi Zohar
KEYS: refcount bug fix
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2016-01-03
Petko Manolov
ima: ima_write_policy() limit locking
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-24
Sasha Levin
IMA: policy can be updated zero times
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Paul Gortmaker
security/integrity: make ima/ima_mok.c explicitly non...
Cc: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Mimi Zohar
ima: update appraise flags after policy update completes
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Mimi Zohar
IMA: prevent keys on the .ima_blacklist from being...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Mimi Zohar
KEYS: prevent keys from being removed from specified...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Petko Manolov
IMA: allow reading back the current IMA policy
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Petko Manolov
IMA: create machine owner and blacklist keyrings
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Petko Manolov
IMA: policy can now be updated multiple times
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Arnd Bergmann
evm: EVM_LOAD_X509 depends on EVM
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Dmitry Kasatkin
evm: reset EVM status when file attributes change
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Dmitry Kasatkin
evm: provide a function to set the EVM key from the...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Dmitry Kasatkin
evm: enable EVM when X509 certificate is loaded
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-12-15
Dmitry Kasatkin
evm: load an x509 certificate from the kernel
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-11-23
Dmitry Kasatkin
integrity: define '.evm' as a builtin 'trusted' keyring
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-10-09
Dmitry Kasatkin
integrity: prevent loading untrusted certificates on...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-06-16
Mimi Zohar
ima: update builtin policies
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-06-16
Mimi Zohar
ima: extend "mask" policy matching support
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-06-16
Mimi Zohar
ima: add support for new "euid" policy condition
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-06-16
Mimi Zohar
ima: fix ima_show_template_data_ascii()
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-21
Roberto Sassu
ima: pass iint to ima_add_violation()
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-21
Roberto Sassu
ima: wrap event related data to the new ima_event_data...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-21
Dmitry Kasatkin
integrity: add validity checks for 'path' parameter
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-21
Mimi Zohar
KEYS: fix "ca_keys=" partial key matching
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-21
Dmitry Kasatkin
evm: fix potential race when removing xattrs
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-21
Mimi Zohar
evm: labeling pseudo filesystems exception
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-21
Dmitry Kasatkin
ima: remove definition of IMA_X509_PATH
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-21
Dmitry Kasatkin
ima: limit file hash setting by user to fix and log...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-21
Mimi Zohar
ima: do not measure or appraise the NSFS filesystem
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-21
Roberto Sassu
ima: skip measurement of cgroupfs files and update...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-13
Roberto Sassu
ima: added ima-sig template among choices in kernel...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-05-13
Dan Carpenter
ima: cleanup ima_init_policy() a little
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2015-01-22
Dmitry Kasatkin
MAINTAINERS: email update
commit
|
commitdiff
|
tree
2014-12-07
Michael Ellerman
ima: Fix build failure on powerpc when TCG_IBMVTPM...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-12-07
Takashi Iwai
KEYS: Fix stale key registration at error path
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-11-18
Dmitry Kasatkin
VFS: refactor vfs_read()
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-11-18
Dmitry Kasatkin
ima: require signature based appraisal
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-11-18
Dmitry Kasatkin
integrity: provide a hook to load keys when rootfs...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-11-18
Dmitry Kasatkin
ima: load x509 certificate from the kernel
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-11-18
Dmitry Kasatkin
integrity: provide a function to load x509 certificate...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-11-18
Dmitry Kasatkin
integrity: define a new function integrity_read_file()
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-28
Dmitry Kasatkin
evm: check xattr value length and type in evm_inode_setxattr()
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-28
Dmitry Kasatkin
ima: check xattr value length and type in the ima_inode_setx...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-13
Roberto Sassu
ima: added support for new kernel cmdline parameter...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-13
Roberto Sassu
ima: allocate field pointers array on demand in template_des...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-13
Roberto Sassu
ima: don't allocate a copy of template_fmt in template_desc_...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-13
Roberto Sassu
ima: display template format in meas. list if template...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-13
Roberto Sassu
ima: added error messages to template-related functions
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-12
Dmitry Kasatkin
ima: use atomic bit operations to protect policy update...
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-12
Dmitry Kasatkin
ima: ignore empty and with whitespaces policy lines
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-12
Dmitry Kasatkin
ima: no need to allocate entry for comment
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-12
Dmitry Kasatkin
ima: report policy load status
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
2014-10-07
Dmitry Kasatkin
ima: use path names cache
Signed-off-by: Mimi Zohar <
zohar@linux.vnet.ibm.com
>
commit
|
commitdiff
|
tree
next
projects / platform / kernel / linux-starfive.git / search