korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-15 08:14:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
d1e7f0919e
linux/security/integrity/ima
History
Linus Torvalds 84bfcc0b69 integrity-v5.17 
-----BEGIN PGP SIGNATURE-----
 
 iIoEABYIADIWIQQdXVVFGN5XqKr1Hj7LwZzRsCrn5QUCYdxh3xQcem9oYXJAbGlu
 dXguaWJtLmNvbQAKCRDLwZzRsCrn5bXsAP9xioC+sDpA+KgicrTxLQp2HBHVdkdj
 hnsSw7KE6d1YFwD/Zu1BPi/iX1HHcEvTm34x9jKWeU54VCyqsXJG+zArDA0=
 =/eFf
 -----END PGP SIGNATURE-----

Merge tag 'integrity-v5.17' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity

Pull integrity subsystem updates from Mimi Zohar:
 "The few changes are all kexec related:

   - The MOK keys are loaded onto the .platform keyring in order to
     verify the kexec kernel image signature.

     However, the MOK keys should only be trusted when secure boot is
     enabled. Before loading the MOK keys onto the .platform keyring,
     make sure the system is booted in secure boot mode.

   - When carrying the IMA measurement list across kexec, limit dumping
     the measurement list to when dynamic debug or CONFIG_DEBUG is
     enabled.

   - kselftest: add kexec_file_load selftest support for PowerNV and
     other cleanup"

* tag 'integrity-v5.17' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
  selftests/kexec: Enable secureboot tests for PowerPC
  ima: silence measurement list hexdump during kexec
  selftests/kexec: update searching for the Kconfig
  selftest/kexec: fix "ignored null byte in input" warning
  integrity: Do not load MOK and MOKx when secure boot be disabled
  ima: Fix undefined arch_ima_get_secureboot() and co
2022-01-11 13:11:10 -08:00
..
ima_api.c ima: Use strscpy instead of strlcpy 2021-10-09 22:17:58 -04:00
ima_appraise.c lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() 2021-11-22 17:52:47 -05:00
ima_asymmetric_keys.c ima: Add digest and digest_len params to the functions to measure a buffer 2021-07-23 09:27:02 -04:00
ima_crypto.c ima/evm: Fix type mismatch 2021-06-08 16:29:10 -04:00
ima_efi.c ima: generalize x86/EFI arch glue for other EFI architectures 2020-11-06 07:40:42 +01:00
ima_fs.c ima/evm: Fix type mismatch 2021-06-08 16:29:10 -04:00
ima_init.c ima: Add digest and digest_len params to the functions to measure a buffer 2021-07-23 09:27:02 -04:00
ima_kexec.c ima: silence measurement list hexdump during kexec 2022-01-05 06:22:00 -05:00
ima_main.c lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() 2021-11-22 17:52:47 -05:00
ima_modsig.c ima: Move comprehensive rule validation checks out of the token parser 2020-07-20 13:28:15 -04:00
ima_mok.c IMA: remove -Wmissing-prototypes warning 2021-07-23 08:05:06 -04:00
ima_policy.c ima: Use strscpy instead of strlcpy 2021-10-09 22:17:58 -04:00
ima_queue_keys.c ima: Add digest and digest_len params to the functions to measure a buffer 2021-07-23 09:27:02 -04:00
ima_queue.c IMA: support for duplicate measurement records 2021-06-11 12:54:13 -04:00
ima_template_lib.c ima: Fix fall-through warning for Clang 2021-06-08 23:33:48 -04:00
ima_template_lib.h ima: Define new template fields xattrnames, xattrlengths and xattrvalues 2021-06-02 18:56:13 -04:00
ima_template.c ima: Set correct casting types 2021-06-08 16:29:10 -04:00
ima.h IMA: introduce a new policy option func=SETXATTR_CHECK 2021-08-16 17:35:35 -04:00
Kconfig IMA: remove the dependency on CRYPTO_MD5 2021-08-16 17:29:10 -04:00
Makefile ima: generalize x86/EFI arch glue for other EFI architectures 2020-11-06 07:40:42 +01:00