Kernel/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-06 13:23:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
48ce1ddce1
linux/security/integrity
History
Tyler Hicks 48ce1ddce1 ima: Fail rule parsing when asymmetric key measurement isn't supportable 
Measuring keys is currently only supported for asymmetric keys. In the
future, this might change.

For now, the "func=KEY_CHECK" and "keyrings=" options are only
appropriate when CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS is enabled. Make
this clear at policy load so that IMA policy authors don't assume that
these policy language constructs are supported.

Fixes: 2b60c0eced ("IMA: Read keyrings= option from the IMA policy")
Fixes: 5808611ccc ("IMA: Add KEY_CHECK func to measure keys")
Suggested-by: Nayna Jain <nayna@linux.ibm.com>
Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Reviewed-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Reviewed-by: Nayna Jain <nayna@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2020-08-31 17:45:14 -04:00
..
evm integrity-v5.8 2020-06-06 09:39:05 -07:00
ima ima: Fail rule parsing when asymmetric key measurement isn't supportable 2020-08-31 17:45:14 -04:00
platform_certs EFI updates for v5.7: 2020-02-26 15:21:22 +01:00
digsig_asymmetric.c integrity: remove redundant initialization of variable ret 2020-07-27 16:52:09 -04:00
digsig.c integrity: Remove duplicate pr_fmt definitions 2020-02-28 14:32:58 -05:00
iint.c integrity/ima: switch to using __kernel_read 2020-07-08 08:27:57 +02:00
integrity_audit.c integrity: Add errno field in audit message 2020-07-16 21:48:11 -04:00
integrity.h integrity: Add errno field in audit message 2020-07-16 21:48:11 -04:00
Kconfig powerpc: Load firmware trusted keys/hashes into kernel keyring 2019-11-13 00:33:23 +11:00
Makefile powerpc: Load firmware trusted keys/hashes into kernel keyring 2019-11-13 00:33:23 +11:00