UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/security
History
Stefan Berger 947d705972 ima: Support EC keys for signature verification 
Add support for IMA signature verification for EC keys. Since SHA type
of hashes can be used by RSA and ECDSA signature schemes we need to
look at the key and derive from the key which signature scheme to use.
Since this can be applied to all types of keys, we change the selection
of the encoding type to be driven by the key's signature scheme rather
than by the hash type.

Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
Cc: linux-integrity@vger.kernel.org
Cc: David Howells <dhowells@redhat.com>
Cc: keyrings@vger.kernel.org
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Vitaly Chikunov <vt@altlinux.org>
Reviewed-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Acked-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
 		2021-03-26 19:41:59 +11:00
..
apparmor apparmor: handle idmapped mounts 2021-01-24 14:27:20 +01:00
bpf bpf: Implement task local storage 2020-11-06 08:08:37 -08:00
integrity ima: Support EC keys for signature verification 2021-03-26 19:41:59 +11:00
keys Keyrings miscellany 2021-02-23 16:09:23 -08:00
loadpin LSM: Add "contents" flag to kernel_read_file hook 2020-10-05 13:37:03 +02:00
lockdown Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2020-06-02 17:36:24 -07:00
safesetid LSM: SafeSetID: Fix warnings reported by test bot 2020-10-13 09:17:36 -07:00
selinux idmapped-mounts-v5.12 2021-02-23 13:39:45 -08:00
smack idmapped-mounts-v5.12 2021-02-23 13:39:45 -08:00
tomoyo tomoyo: recognize kernel threads correctly 2021-02-01 11:53:05 +09:00
yama task_work: cleanup notification modes 2020-10-17 15:05:30 -06:00
Kconfig Replace HTTP links with HTTPS ones: security 2020-08-06 12:00:05 -07:00
Kconfig.hardening security: allow using Clang's zero initialization for stack variables 2020-06-16 02:06:23 -07:00
Makefile device_cgroup: Cleanup cgroup eBPF device filter code 2020-04-13 14:41:54 -04:00
commoncap.c idmapped-mounts-v5.12 2021-02-23 13:39:45 -08:00
device_cgroup.c device_cgroup: Fix RCU list debugging warning 2020-08-20 11:25:03 -07:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
lsm_audit.c make dump_common_audit_data() safe to be called from RCU pathwalk 2021-01-16 15:12:08 -05:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c idmapped-mounts-v5.12 2021-02-23 13:39:45 -08:00