projects
/
linux-2.6-block.git
/ search
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
x86/mmiotrace: Lock down the testmmiotrace module
2019-04-17
Mimi Zohar
selftests/kexec: update get_secureboot_mode
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-04-17
Mimi Zohar
selftests/kexec: make kexec_load test independent of...
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-04-17
Mimi Zohar
selftests/kexec: check kexec_load and kexec_file_load...
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-04-17
Mimi Zohar
selftests/kexec: kexec_file_load syscall test
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-04-17
Mimi Zohar
selftests/kexec: define "require_root_privileges"
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-04-17
Mimi Zohar
selftests/kexec: define common logging functions
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-04-17
Mimi Zohar
selftests/kexec: define a set of common functions
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-04-17
Mimi Zohar
selftests/kexec: cleanup the kexec selftest
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-04-17
Mimi Zohar
selftests/kexec: move the IMA kexec_load selftest to...
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-04-10
Mimi Zohar
x86/ima: add missing include
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-03-27
Mimi Zohar
x86/ima: require signed kernel modules
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-02-04
Mimi Zohar
ima: define ima_post_create_tmpfile() hook and add...
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2019-02-04
Mimi Zohar
encrypted-keys: fix Opt_err/Opt_error = -1
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2018-12-18
Mimi Zohar
ima: cleanup the match_token policy code
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2018-12-11
Mimi Zohar
selftests/ima: kexec_load syscall test
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2018-12-11
Mimi Zohar
ima: don't measure/appraise files on efivarfs
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2018-12-11
Mimi Zohar
x86/ima: retry detecting secure boot mode
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2018-11-13
Mimi Zohar
integrity: support new struct public_key_signature...
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2018-11-13
Mimi Zohar
integrity: support new struct public_key_signature...
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2018-10-11
Mimi Zohar
MAINTAINERS: add Jarkko as maintainer for trusted keys
Signed-off-by:
Mimi Zohar
<zohar@linux.ibm.com>
commit
|
commitdiff
|
tree
2018-07-16
Mimi Zohar
ima: based on policy warn about loading firmware (pre...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-07-16
Mimi Zohar
module: replace the existing LSM hook in init_module
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-07-16
Mimi Zohar
ima: add build time policy
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-07-16
Mimi Zohar
ima: based on policy require signed firmware (sysfs...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-07-16
Mimi Zohar
firmware: add call to LSM hook before firmware sysfs...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-07-16
Mimi Zohar
ima: based on policy require signed kexec kernel images
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-07-16
Mimi Zohar
kexec: add call to LSM hook in original kexec_load...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-07-16
Mimi Zohar
security: define new LSM hook named security_kernel_load_data
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-05-22
Mimi Zohar
ima: fix updating the ima_appraise flag
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-05-22
Mimi Zohar
ima: based on policy verify firmware signatures (pre...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-05-22
Mimi Zohar
ima: define a new policy condition based on the filesystem...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-03-23
Mimi Zohar
fuse: define the filesystem as untrusted
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-03-23
Mimi Zohar
ima: fail signature verification based on policy
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-03-23
Mimi Zohar
ima: clear IMA_HASH
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-03-23
Mimi Zohar
ima: re-evaluate files on privileged mounted filesystems
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-03-23
Mimi Zohar
ima: fail file signature verification on non-init mounted...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-02-02
Mimi Zohar
ima: re-initialize iint->atomic_flags
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2018-02-02
Mimi Zohar
maintainers: update trusted keys
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-12-18
Mimi Zohar
ima: support new "hash" and "dont_hash" policy actions
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-12-11
Mimi Zohar
ima: relax requiring a file signature for new files...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-11-08
Mimi Zohar
ima: call ima_file_free() prior to calling fasync
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-11-08
Mimi Zohar
ima: always measure and audit files in policy
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-11-08
Mimi Zohar
ima: don't remove the securityfs policy file
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-11-08
Mimi Zohar
vfs: fix mounting a filesystem with i_version
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-11-05
Mimi Zohar
MAINTAINERS: update the IMA, EVM, trusted-keys, encrypted...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-10-17
Mimi Zohar
vfs: fix mounting a filesystem with i_version
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-09-15
Mimi Zohar
vfs: constify path argument to kernel_read_file_from_path
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-06-21
Mimi Zohar
ima: define is_ima_appraise_enabled()
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-06-21
Mimi Zohar
ima: define Kconfig IMA_APPRAISE_BOOTPARAM option
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-06-21
Mimi Zohar
ima: define a set of appraisal rules requiring file...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-06-21
Mimi Zohar
ima: extend the "ima_policy" boot command line to support...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2017-01-27
Mimi Zohar
ima: fix ima_d_path() possible race with rename
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-12-20
Mimi Zohar
ima: define a canonical binary_runtime_measurements...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-12-20
Mimi Zohar
ima: support restoring multiple template formats
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-12-20
Mimi Zohar
ima: store the builtin/custom template definitions...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-12-20
Mimi Zohar
ima: on soft reboot, save the measurement list
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-12-20
Mimi Zohar
ima: maintain memory size needed for serializing the...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-12-20
Mimi Zohar
ima: permit duplicate measurement list entries
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-12-20
Mimi Zohar
ima: on soft reboot, restore the measurement list
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-11-14
Mimi Zohar
ima: include the reason for TPM-bypass mode
Signed-off-by:
Mimi Zohar
(zohar@linux.vnet.ibm>
commit
|
commitdiff
|
tree
2016-11-14
Mimi Zohar
Revert "ima: limit file hash setting by user to fix...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-05-04
Mimi Zohar
ima: fix the string representation of the LSM/IMA hook...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-05-01
Mimi Zohar
ima: add support for creating files using the mknodat...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-05-01
Mimi Zohar
ima: fix ima_inode_post_setattr
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-04-21
Mimi Zohar
fs: define a string representation of the kernel_read_file_i...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
ima: require signed IMA policy
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
ima: measure and appraise the IMA policy itself
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
ima: support for kexec image and initramfs
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
kexec: replace call to copy_file_from_fd() with kernel...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
ima: remove firmware and module specific cached status...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
module: replace copy_module_from_fd with kernel version
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
vfs: define kernel_copy_file_from_fd()
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
security: define kernel_read_file hook
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
firmware: replace call to fw_read_file_contents() with...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
vfs: define kernel_read_file_from_path
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-21
Mimi Zohar
ima: define a new hook to measure and appraise a file...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-18
Mimi Zohar
ima: calculate the hash of a buffer using aynchronous...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-18
Mimi Zohar
vfs: define kernel_read_file_id enumeration
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-18
Mimi Zohar
vfs: define a generic function to read a file from...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-18
Mimi Zohar
ima: use "ima_hooks" enum as function argument
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-02-18
Mimi Zohar
ima: refactor ima_policy_show() to display "ima_hooks...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2016-01-07
Mimi Zohar
KEYS: refcount bug fix
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2015-12-15
Mimi Zohar
ima: update appraise flags after policy update completes
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2015-12-15
Mimi Zohar
IMA: prevent keys on the .ima_blacklist from being...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2015-12-15
Mimi Zohar
KEYS: prevent keys from being removed from specified...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2015-06-16
Mimi Zohar
ima: update builtin policies
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2015-06-16
Mimi Zohar
ima: extend "mask" policy matching support
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2015-06-16
Mimi Zohar
ima: add support for new "euid" policy condition
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2015-06-16
Mimi Zohar
ima: fix ima_show_template_data_ascii()
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2015-05-21
Mimi Zohar
KEYS: fix "ca_keys=" partial key matching
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2015-05-21
Mimi Zohar
evm: labeling pseudo filesystems exception
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2015-05-21
Mimi Zohar
ima: do not measure or appraise the NSFS filesystem
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2014-09-02
Mimi Zohar
ima: fix ima_alloc_atfm()
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2014-07-28
Mimi Zohar
KEYS: revert encrypted key change
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2014-07-25
Mimi Zohar
ima: add support for measuring and appraising firmware
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2014-07-17
Mimi Zohar
ima: define '.ima' as a builtin 'trusted' keyring
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2014-07-17
Mimi Zohar
KEYS: verify a certificate is signed by a 'trusted...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2014-07-17
Mimi Zohar
KEYS: special dot prefixed keyring name bug fix
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2014-06-12
Mimi Zohar
evm: prohibit userspace writing 'security.evm' HMAC...
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
2014-06-12
Mimi Zohar
ima: prevent new digsig xattr from being replaced
Signed-off-by:
Mimi Zohar
<zohar@linux.vnet.ibm.com>
commit
|
commitdiff
|
tree
next