aboutsummaryrefslogtreecommitdiffstats
path: root/security/integrity/ima/ima_main.c (follow)
AgeCommit message (Expand)AuthorFilesLines
2020-01-22ima: add the ability to query the cached hash of a given fileFlorent Revest1-0/+49
2019-12-12IMA: Add support to limit measuring keysLakshmi Ramasubramanian1-4/+5
2019-12-12IMA: Check IMA policy flagLakshmi Ramasubramanian1-0/+3
2019-11-12ima: Check against blacklisted hashes for files with modsigNayna Jain1-4/+8
2019-11-12ima: Make process_buffer_measurement() genericNayna Jain1-18/+40
2019-09-28Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-securityLinus Torvalds1-2/+2
2019-08-19kexec: Allow kexec_file() with appropriate IMA policy when locked downMatthew Garrett1-1/+1
2019-08-19kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCEJiri Bohac1-1/+1
2019-08-05ima: Store the measurement again when appraising a modsigThiago Jung Bauermann1-3/+12
2019-08-05ima: Define ima-modsig templateThiago Jung Bauermann1-1/+1
2019-08-05ima: Collect modsigThiago Jung Bauermann1-1/+1
2019-08-05ima: Implement support for module-style appended signaturesThiago Jung Bauermann1-2/+9
2019-07-08Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrityLinus Torvalds1-6/+117
2019-06-30IMA: Define a new template field bufPrakhar Srivastava1-1/+3
2019-06-24IMA: Define a new hook to measure the kexec boot command line argumentsPrakhar Srivastava1-0/+72
2019-06-19IMA: support for per policy rule template formatsMatthew Garrett1-4/+5
2019-06-14ima: use the lsm policy update notifierJanne Karhunen1-0/+8
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441Thomas Gleixner1-5/+1
2019-06-04ima: prevent a file already mmap'ed write to be mmap'ed executeMimi Zohar1-2/+30
2019-02-04ima: define ima_post_create_tmpfile() hook and add missing callMimi Zohar1-2/+33
2019-01-02Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-securityLinus Torvalds1-7/+14
2018-12-20security: integrity: partial revert of make ima_main explicitly non-modularPaul Gortmaker1-1/+1
2018-12-17Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into next-integrityJames Morris1-7/+14
2018-12-12ima: Use inode_is_open_for_writeNikolay Borisov1-1/+1
2018-12-12security: integrity: make ima_main explicitly non-modularPaul Gortmaker1-4/+3
2018-12-11ima: prevent kexec_load syscall based on runtime secureboot flagNayna Jain1-6/+13
2018-10-10security/integrity: constify some read-only dataEric Biggers1-1/+1
2018-08-15Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-securityLinus Torvalds1-14/+54
2018-07-16ima: based on policy warn about loading firmware (pre-allocated buffer)Mimi Zohar1-0/+8
2018-07-16module: replace the existing LSM hook in init_moduleMimi Zohar1-13/+10
2018-07-16ima: based on policy require signed firmware (sysfs fallback)Mimi Zohar1-1/+9
2018-07-16ima: based on policy require signed kexec kernel imagesMimi Zohar1-0/+27
2018-07-12IMA: don't propagate opened through the entire thingAl Viro1-8/+8
2018-05-31ima: use match_string() helperYisheng Xie1-7/+4
2018-05-22ima: based on policy verify firmware signatures (pre-allocated buffer)Mimi Zohar1-0/+1
2018-05-17ima: Remove unused variable ima_initializedPetr Vorel1-5/+2
2018-03-25ima: Fallback to the builtin hash algorithmPetr Vorel1-0/+13
2018-03-23ima: fail signature verification based on policyMimi Zohar1-1/+2
2018-03-23ima: re-evaluate files on privileged mounted filesystemsMimi Zohar1-2/+11
2018-03-23IMA: Support using new creds in appraisal policyMatthew Garrett1-10/+32
2018-02-01iversion: Rename make inode_cmp_iversion{+raw} to inode_eq_iversion{+raw}Goffredo Baroncelli1-1/+1
2018-01-31Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-securityLinus Torvalds1-26/+66
2018-01-29IMA: switch IMA over to new i_version APIJeff Layton1-1/+2
2017-12-18ima: Use i_version only when filesystem supports itSascha Hauer1-1/+2
2017-12-18ima: log message to module appraisal errorBruno E. O. Meneguele1-1/+3
2017-12-18ima: pass filename to ima_rdwr_violation_check()Roberto Sassu1-3/+3
2017-12-18ima: support new "hash" and "dont_hash" policy actionsMimi Zohar1-0/+12
2017-12-13ima: Use i_version only when filesystem supports itSascha Hauer1-1/+2
2017-12-11ima: re-introduce own integrity cache lockDmitry Kasatkin1-22/+48
2017-11-08ima: check signature enforcement against cmdline param instead of CONFIGBruno E. O. Meneguele1-3/+3