summaryrefslogtreecommitdiff
path: root/security/integrity/evm
AgeCommit message (Expand)AuthorFilesLines
2018-07-18evm: Allow non-SHA1 digital signaturesMatthew Garrett4-31/+46
2018-07-18evm: Don't deadlock if a crypto algorithm is unavailableMatthew Garrett1-1/+2
2018-06-08Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds5-42/+271
2018-06-01EVM: unlock on error path in evm_read_xattrs()Dan Carpenter1-1/+3
2018-05-31EVM: prevent array underflow in evm_write_xattrs()Dan Carpenter1-1/+1
2018-05-31EVM: Fix null dereference on xattr when xattr fails to allocateColin Ian King1-2/+4
2018-05-31EVM: fix memory leak of temporary buffer 'temp'Colin Ian King1-0/+2
2018-05-18EVM: Allow runtime modification of the set of verified xattrsMatthew Garrett4-4/+188
2018-05-18EVM: turn evm_config_xattrnames into a listMatthew Garrett3-39/+57
2018-05-17integrity: Add an integrity directory in securityfsMatthew Garrett1-3/+24
2018-05-03evm: Don't update hmacs in user ns mountsSeth Forshee1-1/+2
2018-03-25evm: check for remount ro in progress before writingSascha Hauer1-2/+6
2018-03-23evm: Constify *integrity_status_msg[]Hernán Gonzalez1-1/+1
2018-03-23evm: Move evm_hmac and evm_hash from evm_main.c to evm_crypto.cHernán Gonzalez3-4/+3
2017-12-12EVM: Add support for portable signature formatMatthew Garrett3-20/+86
2017-12-11EVM: Allow userland to permit modification of EVM-protected metadataMatthew Garrett3-12/+53
2017-11-08EVM: Only complain about a missing HMAC key onceMatthew Garrett1-1/+1
2017-11-08EVM: Allow userspace to signal an RSA key has been loadedMatthew Garrett2-12/+20
2017-11-08EVM: Include security.apparmor in EVM measurementsMatthew Garrett1-0/+3
2017-06-05fs: switch ->s_uuid to uuid_tChristoph Hellwig1-1/+1
2017-03-02sched/headers: Prepare to remove the <linux/magic.h> include from <linux/sche...Ingo Molnar1-0/+2
2016-12-15Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds1-2/+10
2016-12-03Revert "evm: Translate user/group ids relative to s_user_ns when computing HMAC"Eric W. Biederman1-2/+10
2016-11-14security/integrity: Harden against malformed xattrsSeth Forshee1-0/+4
2016-10-08xattr: Add __vfs_{get,set,remove}xattr helpersAndreas Gruenbacher2-5/+6
2016-07-05evm: Translate user/group ids relative to s_user_ns when computing HMACSeth Forshee1-2/+2
2016-04-11->getxattr(): pass dentry and inode as separate argumentsAl Viro1-1/+1
2016-04-11don't bother with ->d_inode->i_sb - it's always equal to ->d_sbAl Viro1-2/+2
2016-02-12EVM: Use crypto_memneq() for digest comparisonsRyan Ware1-1/+2
2015-12-15evm: EVM_LOAD_X509 depends on EVMArnd Bergmann1-1/+1
2015-12-15evm: reset EVM status when file attributes changeDmitry Kasatkin1-0/+13
2015-12-15evm: provide a function to set the EVM key from the kernelDmitry Kasatkin2-14/+46
2015-12-15evm: enable EVM when X509 certificate is loadedDmitry Kasatkin4-3/+14
2015-12-15evm: load an x509 certificate from the kernelDmitry Kasatkin2-0/+24
2015-11-23integrity: define '.evm' as a builtin 'trusted' keyringDmitry Kasatkin1-3/+5
2015-10-21KEYS: Merge the type-specific data with the payload dataDavid Howells1-1/+1
2015-05-21evm: fix potential race when removing xattrsDmitry Kasatkin1-4/+3
2015-05-21evm: labeling pseudo filesystems exceptionMimi Zohar1-0/+11
2015-04-15VFS: security/: d_backing_inode() annotationsDavid Howells2-11/+11
2015-01-07kconfig: use bool instead of boolean for type definition attributesChristoph Jaeger1-1/+1
2014-12-15Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds1-3/+8
2014-10-28evm: check xattr value length and type in evm_inode_setxattr()Dmitry Kasatkin1-3/+6
2014-10-07evm: skip replacing EVM signature with HMAC on read-only filesystemDmitry Kasatkin1-3/+8
2014-09-09integrity: base integrity subsystem kconfig options on integrityDmitry Kasatkin1-8/+0
2014-09-09evm: properly handle INTEGRITY_NOXATTRS EVM statusDmitry Kasatkin1-0/+7
2014-09-09evm: prevent passing integrity check if xattr read failsDmitry Kasatkin1-3/+4
2014-09-03evm: fix checkpatch warningsDmitry Kasatkin1-3/+0
2014-06-13evm: prohibit userspace writing 'security.evm' HMAC valueMimi Zohar1-2/+10
2014-06-13evm: provide option to protect additional SMACK xattrsDmitry Kasatkin2-0/+22
2014-06-13evm: replace HMAC version with attribute maskDmitry Kasatkin4-11/+33