korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-27 22:24:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
2fb1c9a4f2
linux/security
History
Mimi Zohar 2fb1c9a4f2 evm: prohibit userspace writing 'security.evm' HMAC value 
Calculating the 'security.evm' HMAC value requires access to the
EVM encrypted key.  Only the kernel should have access to it.  This
patch prevents userspace tools(eg. setfattr, cp --preserve=xattr)
from setting/modifying the 'security.evm' HMAC value directly.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: <stable@vger.kernel.org>
2014-06-12 17:58:07 -04:00
..
apparmor nick kvfree() from apparmor 2014-05-06 14:02:53 -04:00
integrity evm: prohibit userspace writing 'security.evm' HMAC value 2014-06-12 17:58:07 -04:00
keys Merge branch 'serge-next-1' of git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux-security 2014-06-10 10:05:36 -07:00
selinux Merge branch 'serge-next-1' of git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux-security 2014-06-10 10:05:36 -07:00
smack Merge branch 'smack-for-3.16' of git://git.gitorious.org/smack-next/kernel into next 2014-05-20 14:50:09 +10:00
tomoyo get rid of pointless checks for NULL ->i_op 2014-04-01 23:19:16 -04:00
yama yama: Better permission check for ptraceme 2013-03-26 13:17:58 -07:00
capability.c Merge tag 'keys-20140314' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into next 2014-04-14 11:42:49 +10:00
commoncap.c capabilities: allow nice if we are privileged 2013-08-30 23:44:09 -07:00
device_cgroup.c device_cgroup: use css_has_online_children() instead of has_children() 2014-05-16 13:22:52 -04:00
inode.c securityfs: fix object creation races 2012-01-10 10:20:35 -05:00
Kconfig security: select correct default LSM_MMAP_MIN_ADDR on arm on arm64 2014-02-05 14:59:14 +00:00
lsm_audit.c audit: anchor all pid references in the initial pid namespace 2014-03-20 10:11:55 -04:00
Makefile security: cleanup Makefiles to use standard syntax for specifying sub-directories 2014-02-17 11:08:04 +11:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c Merge branch 'serge-next-1' of git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux-security 2014-06-10 10:05:36 -07:00