xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f00d79750712511d0a83c108eea0d44b680a915f
android_kernel_xiaomi_sm8450/security/integrity/evm
History
Matthew Garrett f00d797507 EVM: Allow userspace to signal an RSA key has been loaded 
EVM will only perform validation once a key has been loaded. This key
may either be a symmetric trusted key (for HMAC validation and creation)
or the public half of an asymmetric key (for digital signature
validation). The /sys/kernel/security/evm interface allows userland to
signal that a symmetric key has been loaded, but does not allow userland
to signal that an asymmetric public key has been loaded.

This patch extends the interface to permit userspace to pass a bitmask
of loaded key types. It also allows userspace to block loading of a
symmetric key in order to avoid a compromised system from being able to
load an additional key type later.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2017-11-08 15:16:36 -05:00
..
evm_crypto.c
fs: switch ->s_uuid to uuid_t
2017-06-05 16:59:12 +02:00
evm_main.c
EVM: Include security.apparmor in EVM measurements
2017-11-08 15:16:36 -05:00
evm_posix_acl.c
ima: fix script messages
2013-10-25 13:17:19 -04:00
evm_secfs.c
EVM: Allow userspace to signal an RSA key has been loaded
2017-11-08 15:16:36 -05:00
evm.h
EVM: Allow userspace to signal an RSA key has been loaded
2017-11-08 15:16:36 -05:00
Kconfig
evm: EVM_LOAD_X509 depends on EVM
2015-12-15 09:57:21 -05:00
Makefile
evm: posix acls modify i_mode
2011-09-14 15:24:51 -04:00