 Al Viro
|
6035a27b25
IMA: don't propagate opened through the entire thing
|
7 years ago |
 Thiago Jung Bauermann
|
f5e51fa368
ima: Improvements in ima_appraise_measurement()
|
7 years ago |
 Mimi Zohar
|
9e67028e76
ima: fail signature verification based on policy
|
7 years ago |
|
Mimi Zohar
|
57b56ac6fe
ima: fail file signature verification on non-init mounted filesystems
|
7 years ago |
 Matthew Garrett
|
d906c10d8a
IMA: Support using new creds in appraisal policy
|
7 years ago |
|
Mimi Zohar
|
da1b0029f5
ima: support new "hash" and "dont_hash" policy actions
|
9 years ago |
 Dmitry Kasatkin
|
0d73a55208
ima: re-introduce own integrity cache lock
|
7 years ago |
|
Matthew Garrett
|
50b977481f
EVM: Add support for portable signature format
|
7 years ago |
|
Mimi Zohar
|
b7e27bc1d4
ima: relax requiring a file signature for new files with zero length
|
7 years ago |
 Roberto Sassu
|
020aae3ee5
ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
|
7 years ago |
|
Thiago Jung Bauermann
|
e5729f86a2
ima: Remove redundant conditional operator
|
8 years ago |
|
Thiago Jung Bauermann
|
915d9d255d
ima: Log the same audit cause whenever a file has no signature
|
8 years ago |
|
Thiago Jung Bauermann
|
bb543e3959
integrity: Small code improvements
|
8 years ago |
|
Mimi Zohar
|
6f6723e215
ima: define is_ima_appraise_enabled()
|
8 years ago |
|
Mimi Zohar
|
e1f5e01f4b
ima: define Kconfig IMA_APPRAISE_BOOTPARAM option
|
8 years ago |
 Daniel Glöckner
|
1ac202e978
ima: accept previously set IMA_NEW_FILE
|
8 years ago |
 Seth Forshee
|
b4bfec7f4a
security/integrity: Harden against malformed xattrs
|
9 years ago |
|
Mimi Zohar
|
f5acb3dcba
Revert "ima: limit file hash setting by user to fix and log modes"
|
9 years ago |
 Linus Torvalds
|
97d2116708
Merge branch 'work.xattr' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
|
9 years ago |
 Andreas Gruenbacher
|
5d6c31910b
xattr: Add __vfs_{get,set,remove}xattr helpers
|
9 years ago |
 Miklos Szeredi
|
e71b9dff06
ima: use file_dentry()
|
9 years ago |
 Eric Richter
|
a422638d49
ima: change integrity cache to store measured pcr
|
9 years ago |
|
Eric Richter
|
725de7fabb
ima: extend ima_get_action() to return the policy pcr
|
9 years ago |
|
Mimi Zohar
|
05d1a717ec
ima: add support for creating files using the mknodat syscall
|
9 years ago |
|
Mimi Zohar
|
42a4c60319
ima: fix ima_inode_post_setattr
|
9 years ago |
|
Mimi Zohar
|
c6af8efe97
ima: remove firmware and module specific cached status info
|
9 years ago |
|
Mimi Zohar
|
cf22221786
ima: define a new hook to measure and appraise a file already in memory
|
9 years ago |
|
Mimi Zohar
|
4ad87a3d74
ima: use "ima_hooks" enum as function argument
|
9 years ago |
 Dmitry Kasatkin
|
1525b06d99
ima: separate 'security.ima' reading functionality from collect
|
11 years ago |
 Dmitry Kasatkin
|
c68ed80c97
ima: limit file hash setting by user to fix and log modes
|
11 years ago |
