linux/Documentation
Mimi Zohar 2fe5d6def1 ima: integrity appraisal extension
IMA currently maintains an integrity measurement list used to assert the
integrity of the running system to a third party.  The IMA-appraisal
extension adds local integrity validation and enforcement of the
measurement against a "good" value stored as an extended attribute
'security.ima'.  The initial methods for validating 'security.ima' are
hashed based, which provides file data integrity, and digital signature
based, which in addition to providing file data integrity, provides
authenticity.

This patch creates and maintains the 'security.ima' xattr, containing
the file data hash measurement.  Protection of the xattr is provided by
EVM, if enabled and configured.

Based on policy, IMA calls evm_verifyxattr() to verify a file's metadata
integrity and, assuming success, compares the file's current hash value
with the one stored as an extended attribute in 'security.ima'.

Changelov v4:
- changed iint cache flags to hex values

Changelog v3:
- change appraisal default for filesystems without xattr support to fail

Changelog v2:
- fix audit msg 'res' value
- removed unused 'ima_appraise=' values

Changelog v1:
- removed unused iint mutex (Dmitry Kasatkin)
- setattr hook must not reset appraised (Dmitry Kasatkin)
- evm_verifyxattr() now differentiates between no 'security.evm' xattr
  (INTEGRITY_NOLABEL) and no EVM 'protected' xattrs included in the
  'security.evm' (INTEGRITY_NOXATTRS).
- replace hash_status with ima_status (Dmitry Kasatkin)
- re-initialize slab element ima_status on free (Dmitry Kasatkin)
- include 'security.ima' in EVM if CONFIG_IMA_APPRAISE, not CONFIG_IMA
- merged half "ima: ima_must_appraise_or_measure API change" (Dmitry Kasatkin)
- removed unnecessary error variable in process_measurement() (Dmitry Kasatkin)
- use ima_inode_post_setattr() stub function, if IMA_APPRAISE not configured
  (moved ima_inode_post_setattr() to ima_appraise.c)
- make sure ima_collect_measurement() can read file

Changelog:
- add 'iint' to evm_verifyxattr() call (Dimitry Kasatkin)
- fix the race condition between chmod, which takes the i_mutex and then
  iint->mutex, and ima_file_free() and process_measurement(), which take
  the locks in the reverse order, by eliminating iint->mutex. (Dmitry Kasatkin)
- cleanup of ima_appraise_measurement() (Dmitry Kasatkin)
- changes as a result of the iint not allocated for all regular files, but
  only for those measured/appraised.
- don't try to appraise new/empty files
- expanded ima_appraisal description in ima/Kconfig
- IMA appraise definitions required even if IMA_APPRAISE not enabled
- add return value to ima_must_appraise() stub
- unconditionally set status = INTEGRITY_PASS *after* testing status,
  not before.  (Found by Joe Perches)

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
2012-09-07 14:57:44 -04:00
..
ABI Documentation: sysfs for Physical Presence Interface 2012-08-22 16:23:38 -05:00
accounting Documentation: update cgroupfs mount point 2011-06-15 21:52:50 -07:00
acpi Update documentation for parameter *notrigger* in einj.txt 2012-03-30 03:30:19 -04:00
aoe Documentation: remove references to /etc/modprobe.conf 2012-03-30 16:03:15 -07:00
arm [media] Documentation: Add newline at end-of-file to files lacking one 2012-07-30 20:37:01 -03:00
auxdisplay
backlight backlight: new backlight driver for LP855x devices 2012-03-23 16:58:33 -07:00
blackfin Documentation: Fix typo in multiple files in Documentation 2012-04-16 14:37:13 +02:00
block blkcg: implement per-blkg request allocation 2012-06-26 18:42:49 -04:00
blockdev Documentation: remove references to /etc/modprobe.conf 2012-03-30 16:03:15 -07:00
cdrom doc: fix broken references 2011-09-27 18:08:04 +02:00
cgroups mm/memcg: complete documentation for tcp memcg files 2012-07-31 18:42:43 -07:00
connector connector: Move cn_test.c away from NLMSG_PUT(). 2012-06-26 21:19:02 -07:00
console
cpu-freq Doc: cpufreq: Fix typo and outdated line 2011-11-08 10:23:29 +01:00
cpuidle cpuidle: add a sysfs entry to disable specific C state for debug purpose. 2012-03-30 01:52:58 -04:00
cris CRIS: Update documentation 2012-04-03 13:09:18 +02:00
crypto
development-process Documentation: Update stable address 2011-12-12 14:14:31 -08:00
device-mapper Merge branch 'for-next' of git://neil.brown.name/md 2012-08-01 09:02:01 -07:00
devicetree ARM: arm-soc Marvell Orion device-tree updates 2012-08-02 11:50:24 -07:00
DocBook Documentation: get rid of write_super 2012-08-04 01:25:20 +04:00
driver-model Pin control subsystem changes for kernel 3.5: 2012-05-21 16:58:23 -07:00
dvb Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media 2012-07-30 19:03:41 -07:00
early-userspace
EDID drm: allow loading an EDID as firmware to override broken monitor 2012-03-20 10:09:28 +00:00
extcon Documentation/extcon: porting guide for Android kernel switch driver. 2012-04-20 09:24:27 -07:00
fault-injection fault-injection: add tool to run command with failslab or fail_page_alloc 2012-07-30 17:25:22 -07:00
fb Documentation: remove references to /etc/modprobe.conf 2012-03-30 16:03:15 -07:00
filesystems Documentation: get rid of write_super 2012-08-04 01:25:20 +04:00
firmware_class
frv doc: fix broken references 2011-09-27 18:08:04 +02:00
hid HID: uhid: add documentation 2012-06-18 13:42:03 +02:00
hwmon hwmon: Honeywell Humidicon HIH-6130/HIH-6131 humidity and temperature sensor driver 2012-07-21 21:48:44 -07:00
i2c i2c-i801: Enable IRQ for SMBus transactions 2012-07-24 14:13:58 +02:00
i2o Documentation: Fix multiple typo in Documentation 2012-03-07 16:08:24 +01:00
ia64 Fix common misspellings 2011-03-31 11:26:23 -03:00
ide Documentation: remove references to /etc/modprobe.conf 2012-03-30 16:03:15 -07:00
infiniband
input Input: add driver for FT5x06 based EDT displays 2012-07-24 23:55:03 -07:00
ioctl vfio: VFIO core 2012-07-31 08:16:22 -06:00
isdn Documentation: remove references to /etc/modprobe.conf 2012-03-30 16:03:15 -07:00
ja_JP Merge branch 'driver-core-next' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core-2.6 2011-07-25 23:06:24 -07:00
kbuild Merge branch 'kconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild 2012-05-28 10:37:56 -07:00
kdump kexec: update URL of kexec homepage 2012-07-18 18:35:57 -07:00
ko_KR driver-core: documentation: fix up Greg's email address 2012-02-15 14:48:01 -08:00
laptops Documentation: fix the VM knobs descritpion WRT pdflush 2012-08-04 12:15:09 +04:00
leds LEDS: add BlinkM RGB LED driver, documentation and update MAINTAINERS 2012-07-24 16:00:51 +08:00
m68k Documentation: add pointer to name_to_dev_t for root= values 2011-08-03 14:25:21 -10:00
make
memory-devices memory: emif: add basic infrastructure for EMIF driver 2012-05-02 00:10:49 -07:00
mips Fix common misspellings 2011-03-31 11:26:23 -03:00
misc-devices mei: mei.txt: minor grammar fixes 2012-06-13 13:38:25 -07:00
mmc mmc: core: Fixup delayed work clock gating patch 2012-01-11 23:58:43 -05:00
mn10300
mtd
namespaces
netlabel
networking ipv4: remove rt_cache_rebuild_count 2012-07-30 14:53:22 -07:00
nfc NFC: Error management documentation 2012-07-09 16:42:11 -04:00
parisc Documentation: Fix typo in multiple files in Documentation 2012-04-16 14:37:13 +02:00
PCI doc: fix broken references 2011-09-27 18:08:04 +02:00
pcmcia
power The tag contains just a few battery-related changes for v3.6. It's is 2012-07-31 18:08:25 -07:00
powerpc Revert "powerpc/hw-breakpoint: Use generic hw-breakpoint interfaces for new PPC ptrace flags" 2012-05-22 14:37:24 +10:00
pps pps: add parallel port PPS signal generator 2011-01-13 08:03:21 -08:00
prctl security: Minor improvements to no_new_privs documentation 2012-07-08 00:25:48 +10:00
pti Kernel documentation for the PTI feature. 2011-05-13 16:31:00 -07:00
ptp ptp: Added a brand new class driver for ptp clocks. 2011-05-23 13:01:00 -07:00
rapidio RapidIO: documentation update 2011-11-02 16:07:02 -07:00
RCU rcu: Update documentation to cover call_srcu() and srcu_barrier(). 2012-07-02 12:34:03 -07:00
s390 Documentation: remove references to /etc/modprobe.conf 2012-03-30 16:03:15 -07:00
scheduler sched: Remove stale power aware scheduling remnants and dysfunctional knobs 2012-05-17 13:48:56 +02:00
scsi Merge branch 'delete-mca' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux 2012-05-23 17:12:06 -07:00
security Yama: higher restrictions should block PTRACE_TRACEME 2012-08-10 19:58:07 +10:00
serial serial: delete the MCA specific 8250 support. 2012-05-17 19:02:14 -04:00
sh
sound Sound fixes for 3.6-rc1 2012-08-01 10:42:26 -07:00
spi spi: create a message queueing infrastructure 2012-03-07 19:19:48 -07:00
sysctl Documentation: fix the VM knobs descritpion WRT pdflush 2012-08-04 12:15:09 +04:00
target Documentation: Fix typo in tcm_mod_builder.py 2012-02-10 09:52:18 +01:00
telephony Fix common misspellings 2011-03-31 11:26:23 -03:00
thermal Thermal: Documentation update 2012-07-24 23:20:40 -04:00
timers doc: fix broken references 2011-09-27 18:08:04 +02:00
trace tracing: Fix kconfig warning due to a typo 2012-05-08 14:17:25 +02:00
usb usb: gadget: mass_storage: add documentation 2012-06-15 14:32:30 +03:00
vDSO Document the vDSO and add a reference parser 2011-07-14 17:57:09 -07:00
video4linux Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media 2012-07-31 18:47:44 -07:00
virtual KVM updates for the 3.6 merge window 2012-07-24 12:01:20 -07:00
vm mm/frontswap: cleanup doc and comment error 2012-07-23 11:16:20 -04:00
w1 w1: Add 1-wire slave device driver for DS28E04-100 2012-06-13 16:47:10 -07:00
watchdog Watchdog: DA9052/53 PMIC watchdog support 2012-05-30 07:56:12 +02:00
wimax
x86 Merge branch 'x86-efi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2012-07-26 13:13:25 -07:00
zh_CN Fix a mistake sentence in the file 'Documentation/zh_CN/magic-number.txt' 2012-05-07 17:20:27 -07:00
.gitignore
00-INDEX MCA: delete all remaining traces of microchannel bus support. 2012-05-17 19:06:13 -04:00
applying-patches.txt
atomic_ops.txt doc: Add load/store guarantees to Documentation/atomic-ops.txt 2011-12-11 10:31:58 -08:00
bad_memory.txt
basic_profiling.txt
binfmt_misc.txt
braille-console.txt
bt8xxgpio.txt
btmrvl.txt
BUG-HUNTING
bus-virt-phys-mapping.txt doc: fix broken references 2011-09-27 18:08:04 +02:00
cachetlb.txt mm: convert mm->cpu_vm_cpumask into cpumask_var_t 2011-05-25 08:39:21 -07:00
Changes Documentation/Changes: remove some really obsolete text 2011-07-11 16:48:38 -07:00
circular-buffers.txt
clk.txt Documentation: common clk API 2012-03-16 20:35:01 +00:00
coccinelle.txt coccinelle.txt: update documentation to include M= option 2012-01-14 22:25:56 +01:00
CodingStyle CodingStyle: add kmalloc_array() to memory allocators 2012-05-31 17:49:26 -07:00
cpu-hotplug.txt documentation: remove references to cpu_*_map. 2012-03-29 15:38:31 +10:30
cpu-load.txt
cputopology.txt
crc32.txt crc32: move long comment about crc32 fundamentals to Documentation/ 2012-03-23 16:58:37 -07:00
dcdbas.txt
debugging-modules.txt
debugging-via-ohci1394.txt
dell_rbu.txt Fix common misspellings 2011-03-31 11:26:23 -03:00
devices.txt Doc: document max raw dev number 2012-06-03 12:05:50 +02:00
digsig.txt crypto: digital signature verification support 2011-11-09 12:10:37 +02:00
DMA-API-HOWTO.txt Documentation/DMA-API-HOWTO.txt: fix misleading example 2011-07-26 16:49:45 -07:00
DMA-API.txt include/linux/dma-mapping.h: add dma_zalloc_coherent() 2011-11-02 16:07:02 -07:00
DMA-attributes.txt common: DMA-mapping: add DMA_ATTR_SKIP_CPU_SYNC attribute 2012-07-30 12:25:47 +02:00
dma-buf-sharing.txt dma-buf: add initial vmap documentation 2012-05-25 12:51:11 +05:30
DMA-ISA-LPC.txt
dmaengine.txt Documentation: Fix multiple typo in Documentation 2012-03-07 16:08:24 +01:00
dontdiff kconfig: remove lkc_defs.h from .gitignore and dontdiff 2012-07-13 15:08:25 +02:00
dynamic-debug-howto.txt dynamic_debug: update Documentation/*, Kconfig.debug 2012-04-30 16:26:30 -04:00
edac.txt Merge branch 'devel' 2012-07-29 21:11:05 -03:00
eisa.txt MCA: delete all remaining traces of microchannel bus support. 2012-05-17 19:06:13 -04:00
email-clients.txt Documentation: email-clients: Add better Thunderbird information 2011-08-13 18:34:03 -07:00
feature-removal-schedule.txt Merge branch 'dmaengine' of git://git.linaro.org/people/rmk/linux-arm 2012-08-01 16:41:07 -07:00
flexible-arrays.txt flex_array: flex_array_prealloc takes a number of elements, not an end 2011-04-28 16:12:47 -04:00
futex-requeue-pi.txt
gcov.txt
gpio.txt gpio: add flags to export GPIOs when requesting 2012-04-05 21:24:06 -07:00
highuid.txt
HOWTO docs: update HOWTO for 2.6.x -> 3.x versioning 2012-04-19 19:13:08 -07:00
hw_random.txt
hwspinlock.txt hwspinlock/core: register a bank of hwspinlocks in a single API call 2011-09-21 19:45:34 +03:00
init.txt
initrd.txt Documentation/initrd.txt: Change the location of util-linux 2012-05-25 16:18:34 +02:00
intel_txt.txt
Intel-IOMMU.txt
io_ordering.txt
io-mapping.txt
iostats.txt Documentation/iostats.txt: bit-size reference etc. 2011-03-23 20:44:18 +01:00
IPMI.txt
IRQ-affinity.txt bitmap, irq: add smp_affinity_list interface to /proc/irq 2011-05-25 08:39:45 -07:00
IRQ-domain.txt irq_domain: Standardise legacy/linear domain selection 2012-07-11 14:59:17 +01:00
IRQ.txt
irqflags-tracing.txt Fix common misspellings 2011-03-31 11:26:23 -03:00
isapnp.txt
java.txt
kernel-doc-nano-HOWTO.txt
kernel-docs.txt doc: fix broken references 2011-09-27 18:08:04 +02:00
kernel-parameters.txt ima: integrity appraisal extension 2012-09-07 14:57:44 -04:00
kmemcheck.txt
kmemleak.txt kmemleak: Handle percpu memory allocation 2011-12-02 16:12:42 +00:00
kobject.txt driver-core: documentation: fix up Greg's email address 2012-02-15 14:48:01 -08:00
kprobes.txt
kref.txt kref: Fix typo in kref documentation 2011-03-07 13:20:05 -08:00
ldm.txt
local_ops.txt
lockdep-design.txt lockdep: Update documentation for lock-class leak detection 2011-12-11 10:31:23 -08:00
lockstat.txt Documentation: Add statistics about nested locks 2011-05-28 17:03:29 +02:00
lockup-watchdogs.txt watchdog: Update documentation 2012-02-11 15:11:28 +01:00
logo.gif
logo.txt
magic-number.txt drivers/net: fix up stale paths from driver reorg 2012-01-30 12:54:40 -05:00
Makefile mei: move doc files Documentation/misc-devices/mei 2012-05-09 13:59:09 -07:00
ManagementStyle Documentation: ManagementStyle: fixed typo 2012-06-28 12:03:15 +02:00
md.txt md: create externally visible flags for supporting hot-replace. 2011-12-23 10:17:51 +11:00
media-framework.txt [media] media: Add link_validate() op to check links to the sink pad 2012-05-14 08:44:11 -03:00
memory-barriers.txt doc: fix broken references 2011-09-27 18:08:04 +02:00
memory-hotplug.txt Documentation: Fix typo in multiple files in Documentation 2012-04-16 14:37:13 +02:00
memory.txt
mono.txt Documentation: remove references to /etc/modprobe.conf 2012-03-30 16:03:15 -07:00
mutex-design.txt
nommu-mmap.txt
numastat.txt Doc: Update numastat.txt 2012-02-28 16:05:06 +01:00
oops-tracing.txt module,bug: Add TAINT_OOT_MODULE flag for modules not built in-tree 2011-11-07 07:54:42 +10:30
padata.txt
parport-lowlevel.txt
parport.txt Documentation: remove references to /etc/modprobe.conf 2012-03-30 16:03:15 -07:00
pi-futex.txt
pinctrl.txt pinctrl: implement devm_pinctrl_get()/put() 2012-04-18 13:53:13 +02:00
pnp.txt
preempt-locking.txt
printk-formats.txt vsprintf: add support of '%*ph[CDN]' 2012-07-30 17:25:14 -07:00
prio_tree.txt
pwm.txt pwm: Add table-based lookup for static mappings 2012-06-15 12:56:53 +02:00
ramoops.txt pstore/ram: Add ftrace messages handling 2012-07-17 10:14:17 -07:00
rbtree.txt Documentation: Update augmented rbtree documentation 2011-07-24 10:03:05 -07:00
remoteproc.txt remoteproc: adopt the driver core's alloc/add/del/put naming 2012-07-06 00:53:27 +03:00
rfkill.txt doc: fix broken references 2011-09-27 18:08:04 +02:00
robust-futex-ABI.txt
robust-futexes.txt
rpmsg.txt rpmsg: add virtio-based remote processor messaging bus 2012-02-08 22:53:58 +02:00
rt-mutex-design.txt
rt-mutex.txt
rtc.txt RTC: Fix up rtc.txt documentation to reflect changes to generic rtc layer 2011-03-09 11:25:10 -08:00
SAK.txt
SecurityBugs Fix common misspellings 2011-03-31 11:26:23 -03:00
serial-console.txt
sgi-ioc4.txt
sgi-visws.txt
SM501.txt
sparse.txt
spinlocks.txt Documentation/spinlocks.txt: Remove reference to sti()/cli() 2011-07-11 12:45:04 -07:00
stable_api_nonsense.txt doc: stable_api_nonsense.txt: fix paragraph to make more sense. 2011-03-30 12:02:05 +02:00
stable_kernel_rules.txt stable: Allow merging of backports for serious user-visible performance issues 2012-06-25 12:11:58 -07:00
static-keys.txt Documentation: Fix typo in multiple files in Documentation 2012-04-16 14:37:13 +02:00
SubmitChecklist Documentation/SubmitChecklist: add RCU debug config options 2011-07-25 20:57:17 -07:00
SubmittingDrivers Documentation: SubmittingDrivers: fix Linus's git tree URL 2011-08-13 18:34:03 -07:00
SubmittingPatches Documentation/SubmittingPatches: suggested the use of scripts/get_maintainer.pl 2012-05-25 16:18:30 +02:00
svga.txt
sysfs-rules.txt
sysrq.txt Documentation: sysrq: Crutcher Dunnavant is unavailable 2012-03-30 16:03:15 -07:00
unaligned-memory-access.txt
unicode.txt
unshare.txt
vfio.txt vfio: Add documentation 2012-07-31 08:16:23 -06:00
VGA-softcursor.txt
vgaarbiter.txt misc latin1 to utf8 conversions 2012-01-02 13:04:55 +01:00
video-output.txt
vme_api.txt VME: Move API documentation to Documentation folder 2012-05-08 16:01:34 -07:00
volatile-considered-harmful.txt
workqueue.txt workqueue: reimplement WQ_HIGHPRI using a separate worker_pool 2012-07-13 22:24:45 -07:00
xz.txt decompressors: add XZ decompressor module 2011-01-13 08:03:24 -08:00
zorro.txt