TWxSoftware/twx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8fc7c9dcfe
twx-linux/security/integrity
History
Mimi Zohar 7a3e7f1ed6 evm: don't copy up 'security.evm' xattr 
[ Upstream commit 40ca4ee3136d2d09977d1cab8c0c0e1582c3359d ]

The security.evm HMAC and the original file signatures contain
filesystem specific data.  As a result, the HMAC and signature
are not the same on the stacked and backing filesystems.

Don't copy up 'security.evm'.

Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-08-29 17:33:31 +02:00
..
evm evm: don't copy up 'security.evm' xattr 2024-08-29 17:33:31 +02:00
ima ima: Avoid blocking in RCU read-side critical section 2024-07-11 12:49:18 +02:00
platform_certs Hi, 2023-08-29 08:05:18 -07:00
digsig_asymmetric.c ima: fix reference leak in asymmetric_verify() 2022-01-24 18:37:36 -05:00
digsig.c integrity: check whether imputed trust is enabled 2023-08-17 20:12:35 +00:00
iint.c ima: annotate iint mutex to avoid lockdep false positive warnings 2023-11-28 17:20:03 +00:00
integrity_audit.c integrity: check the return value of audit_log_start() 2022-02-02 11:44:23 -05:00
integrity.h ima: detect changes to the backing overlay file 2023-11-28 17:20:03 +00:00
Kconfig integrity: powerpc: Do not select CA_MACHINE_KEYRING 2023-11-28 17:20:01 +00:00
Makefile integrity: Introduce a Linux keyring called machine 2022-03-08 13:55:52 +02:00