github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-14 10:03:05 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
eff8962888
linux/security
History
Mimi Zohar fd35f192e4 integrity: support new struct public_key_signature encoding field 
On systems with IMA-appraisal enabled with a policy requiring file
signatures, the "good" signature values are stored on the filesystem as
extended attributes (security.ima).  Signature verification failure
would normally be limited to just a particular file (eg. executable),
but during boot signature verification failure could result in a system
hang.

Defining and requiring a new public_key_signature field requires all
callers of asymmetric signature verification to be updated to reflect
the change.  This patch updates the integrity asymmetric_verify()
caller.

Fixes: 82f94f2447 ("KEYS: Provide software public key query function [ver #2]")
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Cc: David Howells <dhowells@redhat.com>
Acked-by: Denis Kenzior <denkenz@gmail.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
2018-11-13 13:09:56 -08:00
..
apparmor + Features/Improvements 2018-11-02 10:04:26 -07:00
integrity integrity: support new struct public_key_signature encoding field 2018-11-13 13:09:56 -08:00
keys KEYS: Move trusted.h to include/keys [ver #2] 2018-10-26 09:30:47 +01:00
loadpin LoadPin: Rename boot param "enabled" to "enforce" 2018-10-18 15:29:44 -07:00
selinux Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2018-10-24 11:49:35 +01:00
smack Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2018-10-25 13:29:51 -07:00
tomoyo LSM: Record LSM name in struct lsm_info 2018-10-10 20:40:22 -07:00
yama pids: introduce find_get_task_by_vpid() helper 2018-02-06 18:32:46 -08:00
commoncap.c Linux 4.19-rc2 2018-09-04 11:35:54 -07:00
device_cgroup.c docs: fix broken references with multiple hints 2018-06-15 18:10:01 -03:00
inode.c securityfs: add the ability to support symlinks 2017-06-08 12:51:43 -07:00
Kconfig Revert "x86/mm/legacy: Populate the user page-table with user pgd's" 2018-09-14 17:08:45 +02:00
lsm_audit.c audit: use inline function to get audit context 2018-05-14 17:24:18 -04:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2018-10-24 11:49:35 +01:00