summaryrefslogtreecommitdiff
path: root/security/integrity
AgeCommit message (Expand)AuthorFilesLines
2016-04-11IMA: Use the the system trusted keyrings instead of .ima_mokDavid Howells4-53/+32
2016-04-11KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTEDDavid Howells1-2/+1
2016-04-11KEYS: Move the point of trust determination to __key_link()David Howells2-4/+35
2016-04-11KEYS: Add a facility to restrict new links into a keyringDavid Howells2-8/+7
2016-03-17Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/...Linus Torvalds14-158/+409
2016-03-04Merge tag 'keys-next-20160303' of git://git.kernel.org/pub/scm/linux/kernel/g...James Morris3-11/+9
2016-03-03X.509: Make algo identifiers text instead of enumDavid Howells2-4/+5
2016-03-03akcipher: Move the RSA DER encoding check to the crypto layerDavid Howells1-0/+1
2016-02-21ima: require signed IMA policyMimi Zohar1-0/+7
2016-02-21ima: measure and appraise the IMA policy itselfMimi Zohar4-3/+24
2016-02-21ima: load policy using pathDmitry Kasatkin1-2/+43
2016-02-21ima: support for kexec image and initramfsMimi Zohar3-7/+27
2016-02-21ima: remove firmware and module specific cached status infoMimi Zohar5-39/+28
2016-02-21module: replace copy_module_from_fd with kernel versionMimi Zohar1-22/+13
2016-02-21security: define kernel_read_file hookMimi Zohar1-0/+16
2016-02-21firmware: replace call to fw_read_file_contents() with kernel versionMimi Zohar1-11/+10
2016-02-20ima: define a new hook to measure and appraise a file already in memoryMimi Zohar6-14/+51
2016-02-18ima: calculate the hash of a buffer using aynchronous hash(ahash)Mimi Zohar1-2/+73
2016-02-18ima: provide buffer hash calculation functionDmitry Kasatkin2-0/+49
2016-02-18ima: use "ima_hooks" enum as function argumentMimi Zohar5-27/+37
2016-02-18ima: refactor ima_policy_show() to display "ima_hooks" rulesMimi Zohar1-27/+36
2016-02-18ima: separate 'security.ima' reading functionality from collectDmitry Kasatkin8-40/+33
2016-02-18integrity: convert digsig to akcipher apiTadeusz Struk2-7/+4
2016-02-12EVM: Use crypto_memneq() for digest comparisonsRyan Ware1-1/+2
2016-02-10KEYS: CONFIG_KEYS_DEBUG_PROC_KEYS is no longer an optionDavid Howells1-1/+0
2016-02-08IMA: fix non-ANSI declaration of ima_check_policy()Colin Ian King1-1/+1
2016-01-22wrappers for ->i_mutex accessAl Viro1-4/+4
2016-01-17Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds17-76/+575
2016-01-04fix the leak in integrity_read_file()Al Viro1-5/+6
2016-01-03ima: ima_write_policy() limit lockingPetko Manolov1-9/+9
2015-12-24IMA: policy can be updated zero timesSasha Levin3-0/+14
2015-12-15security/integrity: make ima/ima_mok.c explicitly non-modularPaul Gortmaker1-3/+2
2015-12-15ima: update appraise flags after policy update completesMimi Zohar1-2/+5
2015-12-15IMA: prevent keys on the .ima_blacklist from being removedMimi Zohar1-0/+2
2015-12-15IMA: allow reading back the current IMA policyPetko Manolov4-8/+253
2015-12-15IMA: create machine owner and blacklist keyringsPetko Manolov4-0/+87
2015-12-15IMA: policy can now be updated multiple timesPetko Manolov3-28/+75
2015-12-15evm: EVM_LOAD_X509 depends on EVMArnd Bergmann1-1/+1
2015-12-15evm: reset EVM status when file attributes changeDmitry Kasatkin1-0/+13
2015-12-15evm: provide a function to set the EVM key from the kernelDmitry Kasatkin2-14/+46
2015-12-15evm: enable EVM when X509 certificate is loadedDmitry Kasatkin4-3/+14
2015-12-15evm: load an x509 certificate from the kernelDmitry Kasatkin4-0/+33
2015-11-23integrity: define '.evm' as a builtin 'trusted' keyringDmitry Kasatkin7-22/+35
2015-11-06mm, page_alloc: rename __GFP_WAIT to __GFP_RECLAIMMel Gorman1-1/+1
2015-10-21KEYS: Merge the type-specific data with the payload dataDavid Howells1-1/+1
2015-10-09integrity: prevent loading untrusted certificates on the IMA trusted keyringDmitry Kasatkin1-1/+1
2015-07-01Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kern...Linus Torvalds1-1/+1
2015-06-16ima: update builtin policiesMimi Zohar1-9/+56
2015-06-16ima: extend "mask" policy matching supportMimi Zohar1-5/+15
2015-06-16ima: add support for new "euid" policy conditionMimi Zohar1-4/+23