linux/security/integrity/evm
Mimi Zohar 2fb1c9a4f2 evm: prohibit userspace writing 'security.evm' HMAC value
Calculating the 'security.evm' HMAC value requires access to the
EVM encrypted key.  Only the kernel should have access to it.  This
patch prevents userspace tools(eg. setfattr, cp --preserve=xattr)
from setting/modifying the 'security.evm' HMAC value directly.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: <stable@vger.kernel.org>
2014-06-12 17:58:07 -04:00
..
evm_crypto.c evm: replace HMAC version with attribute mask 2014-06-12 17:58:06 -04:00
evm_main.c evm: prohibit userspace writing 'security.evm' HMAC value 2014-06-12 17:58:07 -04:00
evm_posix_acl.c
evm_secfs.c
evm.h evm: replace HMAC version with attribute mask 2014-06-12 17:58:06 -04:00
Kconfig evm: provide option to protect additional SMACK xattrs 2014-06-12 17:58:06 -04:00
Makefile