Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-25 21:51:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
50f742dd91
linux/security/integrity/ima
History
THOBY Simon 50f742dd91 IMA: block writes of the security.ima xattr with unsupported algorithms 
By default, writes to the extended attributes security.ima will be
allowed even if the hash algorithm used for the xattr is not compiled
in the kernel (which does not make sense because the kernel would not
be able to appraise that file as it lacks support for validating the
hash).

Prevent and audit writes to the security.ima xattr if the hash algorithm
used in the new value is not available in the current kernel.

Signed-off-by: THOBY Simon <Simon.THOBY@viveris.fr>
Reviewed-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2021-08-16 17:30:41 -04:00
..
ima_api.c idmapped-mounts-v5.12 2021-02-23 13:39:45 -08:00
ima_appraise.c IMA: block writes of the security.ima xattr with unsupported algorithms 2021-08-16 17:30:41 -04:00
ima_asymmetric_keys.c ima: Add digest and digest_len params to the functions to measure a buffer 2021-07-23 09:27:02 -04:00
ima_crypto.c ima/evm: Fix type mismatch 2021-06-08 16:29:10 -04:00
ima_efi.c ima: generalize x86/EFI arch glue for other EFI architectures 2020-11-06 07:40:42 +01:00
ima_fs.c ima/evm: Fix type mismatch 2021-06-08 16:29:10 -04:00
ima_init.c ima: Add digest and digest_len params to the functions to measure a buffer 2021-07-23 09:27:02 -04:00
ima_kexec.c ima: Fix warning: no previous prototype for function 'ima_add_kexec_buffer' 2021-06-11 11:27:03 -04:00
ima_main.c ima: Add digest and digest_len params to the functions to measure a buffer 2021-07-23 09:27:02 -04:00
ima_modsig.c ima: Move comprehensive rule validation checks out of the token parser 2020-07-20 13:28:15 -04:00
ima_mok.c IMA: remove -Wmissing-prototypes warning 2021-07-23 08:05:06 -04:00
ima_policy.c ima: Fix fall-through warnings for Clang 2021-04-20 16:54:14 -04:00
ima_queue_keys.c ima: Add digest and digest_len params to the functions to measure a buffer 2021-07-23 09:27:02 -04:00
ima_queue.c IMA: support for duplicate measurement records 2021-06-11 12:54:13 -04:00
ima_template_lib.c ima: Fix fall-through warning for Clang 2021-06-08 23:33:48 -04:00
ima_template_lib.h ima: Define new template fields xattrnames, xattrlengths and xattrvalues 2021-06-02 18:56:13 -04:00
ima_template.c ima: Set correct casting types 2021-06-08 16:29:10 -04:00
ima.h IMA: block writes of the security.ima xattr with unsupported algorithms 2021-08-16 17:30:41 -04:00
Kconfig IMA: remove the dependency on CRYPTO_MD5 2021-08-16 17:29:10 -04:00
Makefile ima: generalize x86/EFI arch glue for other EFI architectures 2020-11-06 07:40:42 +01:00