 David Howells
|
56104cf2b8
IMA: Use the the system trusted keyrings instead of .ima_mok
|
%!s(int64=9) %!d(string=hai) anos |
|
David Howells
|
d3bfe84129
certs: Add a secondary system keyring that can be added to dynamically
|
%!s(int64=9) %!d(string=hai) anos |
|
David Howells
|
77f68bac94
KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTED
|
%!s(int64=9) %!d(string=hai) anos |
|
David Howells
|
a511e1af8b
KEYS: Move the point of trust determination to __key_link()
|
%!s(int64=9) %!d(string=hai) anos |
|
David Howells
|
e68503bd68
KEYS: Generalise system_verify_data() to provide access to internal content
|
%!s(int64=9) %!d(string=hai) anos |
 Petko Manolov
|
41c89b64d7
IMA: create machine owner and blacklist keyrings
|
%!s(int64=9) %!d(string=hai) anos |
|
David Howells
|
99db443506
PKCS#7: Appropriately restrict authenticated attributes and content type
|
%!s(int64=10) %!d(string=hai) anos |
|
David Howells
|
091f6e26eb
MODSIGN: Extract the blob PKCS#7 signature verifier from module signing
|
%!s(int64=10) %!d(string=hai) anos |
 Mimi Zohar
|
3be4beaf7c
KEYS: verify a certificate is signed by a 'trusted' key
|
%!s(int64=12) %!d(string=hai) anos |
|
David Howells
|
b56e5a17b6
KEYS: Separate the kernel signature checking keyring from module signing
|
%!s(int64=12) %!d(string=hai) anos |
