UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/security/integrity
History
Mimi Zohar 7a3e7f1ed6 evm: don't copy up 'security.evm' xattr 
[ Upstream commit 40ca4ee3136d2d09977d1cab8c0c0e1582c3359d ]

The security.evm HMAC and the original file signatures contain
filesystem specific data.  As a result, the HMAC and signature
are not the same on the stacked and backing filesystems.

Don't copy up 'security.evm'.

Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2024-08-29 17:33:31 +02:00
..
evm evm: don't copy up 'security.evm' xattr 2024-08-29 17:33:31 +02:00
ima ima: Avoid blocking in RCU read-side critical section 2024-07-11 12:49:18 +02:00
platform_certs Hi, 2023-08-29 08:05:18 -07:00
Kconfig integrity: powerpc: Do not select CA_MACHINE_KEYRING 2023-11-28 17:20:01 +00:00
Makefile integrity: Introduce a Linux keyring called machine 2022-03-08 13:55:52 +02:00
digsig.c integrity: check whether imputed trust is enabled 2023-08-17 20:12:35 +00:00
digsig_asymmetric.c ima: fix reference leak in asymmetric_verify() 2022-01-24 18:37:36 -05:00
iint.c ima: annotate iint mutex to avoid lockdep false positive warnings 2023-11-28 17:20:03 +00:00
integrity.h ima: detect changes to the backing overlay file 2023-11-28 17:20:03 +00:00
integrity_audit.c integrity: check the return value of audit_log_start() 2022-02-02 11:44:23 -05:00