linux/security
Eric Richter a422638d49 ima: change integrity cache to store measured pcr
IMA avoids re-measuring files by storing the current state as a flag in
the integrity cache. It will then skip adding a new measurement log entry
if the cache reports the file as already measured.

If a policy measures an already measured file to a new PCR, the measurement
will not be added to the list. This patch implements a new bitfield for
specifying which PCR the file was measured into, rather than if it was
measured.

Signed-off-by: Eric Richter <erichte@linux.vnet.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2016-06-30 01:14:22 -04:00
..
apparmor constify security_path_{link,rename} 2016-03-28 00:47:36 -04:00
integrity ima: change integrity cache to store measured pcr 2016-06-30 01:14:22 -04:00
keys KEYS: Add placeholder for KDF usage with DH 2016-06-03 16:14:34 +10:00
loadpin LSM: LoadPin: provide enablement CONFIG 2016-05-17 20:10:30 +10:00
selinux Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2016-05-19 09:21:36 -07:00
smack switch ->setxattr() to passing dentry and inode separately 2016-05-27 20:09:16 -04:00
tomoyo security: tomoyo: simplify the gc kthread creation 2016-06-06 20:23:55 +10:00
yama Yama: fix double-spinlock and user access in atomic context 2016-05-26 09:56:18 +10:00
commoncap.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-05-17 11:01:31 -07:00
device_cgroup.c security/device_cgroup: Fix RCU_LOCKDEP_WARN() condition 2015-09-03 18:13:10 -07:00
inode.c wrappers for ->i_mutex access 2016-01-22 18:04:28 -05:00
Kconfig LSM: LoadPin for kernel file loading restrictions 2016-04-21 10:47:27 +10:00
lsm_audit.c Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into next 2015-08-15 13:29:57 +10:00
Makefile LSM: LoadPin for kernel file loading restrictions 2016-04-21 10:47:27 +10:00
min_addr.c
security.c LSM: Fix for security_inode_getsecurity and -EOPNOTSUPP 2016-06-06 19:59:18 +10:00