github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-15 09:52:42 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
bb02b186d0
linux/security
History
Christoph Hellwig a7d3d0392a integrity: use kernel_read_file_from_path() to read x509 certs 
The CONFIG_IMA_LOAD_X509 and CONFIG_EVM_LOAD_X509 options permit
loading x509 signed certificates onto the trusted keyrings without
verifying the x509 certificate file's signature.

This patch replaces the call to the integrity_read_file() specific
function with the common kernel_read_file_from_path() function.
To avoid verifying the file signature, this patch defines
READING_X509_CERTFICATE.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2017-11-08 15:16:36 -05:00
..
apparmor + Features 2017-09-23 05:33:29 -10:00
integrity integrity: use kernel_read_file_from_path() to read x509 certs 2017-11-08 15:16:36 -05:00
keys fs: fix kernel_write prototype 2017-09-04 19:05:15 -04:00
loadpin security: mark LSM hooks as __ro_after_init 2017-03-06 11:00:15 +11:00
selinux selinux/stable-4.14 PR 20170831 2017-09-12 13:21:00 -07:00
smack Smack: Base support for overlayfs 2017-11-02 11:26:57 +11:00
tomoyo tomoyo: fix timestamping for y2038 2017-10-21 06:21:06 +04:00
yama doc: ReSTify Yama.txt 2017-05-18 10:33:04 -06:00
commoncap.c capabilities: audit log other surprising conditions 2017-10-20 15:22:46 +11:00
device_cgroup.c
inode.c securityfs: add the ability to support symlinks 2017-06-08 12:51:43 -07:00
Kconfig include/linux/string.h: add the option of fortified string.h functions 2017-07-12 16:26:03 -07:00
lsm_audit.c lsm_audit: update my email address 2017-08-17 15:33:39 -04:00
Makefile
min_addr.c
security.c selinux/stable-4.14 PR 20170831 2017-09-12 13:21:00 -07:00