bybrooklyn/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-04-18 06:44:00 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
de4c44a7f559ceae19f7a70febf49e87bdfb125c
linux/security
History
Mimi Zohar de4c44a7f5 ima: add support to require IMA sigv3 signatures 
Defining a policy rule with the "appraise_type=imasig" option allows
either v2 or v3 signatures. Defining an IMA appraise rule with the
"appraise_type=sigv3" option requires a file sigv3 signature.

Define a new appraise type: IMA_SIGV3_REQUIRED

Example: appraise func=BPRM_CHECK appraise_type=sigv3

Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Acked-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-04-01 10:16:30 -04:00
..
apparmor
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
bpf
lsm: replace the name field with a pointer to the lsm_id struct
2025-10-22 19:24:18 -04:00
integrity
ima: add support to require IMA sigv3 signatures
2026-04-01 10:16:30 -04:00
ipe
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
keys
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
landlock
Convert 'alloc_flex' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
loadpin
Convert 'alloc_flex' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
lockdown
lockdown: move initcalls to the LSM framework
2025-10-22 19:24:27 -04:00
safesetid
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
selinux
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
smack
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
tomoyo
treewide: Replace kmalloc with kmalloc_obj for non-scalar types
2026-02-21 01:02:28 -08:00
yama
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
commoncap_test.c
security: Add KUnit tests for kuid_root_in_ns and vfsuid_root_in_currentns
2026-01-09 11:28:28 -06:00
commoncap.c
security: Add KUnit tests for kuid_root_in_ns and vfsuid_root_in_currentns
2026-01-09 11:28:28 -06:00
device_cgroup.c
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
inode.c
Merge tag 'pull-persistency' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2025-12-05 14:36:21 -08:00
Kconfig
security: Add KUnit tests for kuid_root_in_ns and vfsuid_root_in_currentns
2026-01-09 11:28:28 -06:00
Kconfig.hardening
rust: add bitmap API.
2025-09-22 15:52:44 -04:00
lsm_audit.c
net: Retire DCCP socket.
2025-04-11 18:58:10 -07:00
lsm_init.c
lsm: preserve /proc/sys/vm/mmap_min_addr when !CONFIG_SECURITY
2026-01-29 13:56:53 -05:00
lsm_notifier.c
lsm: split the notifier code out into lsm_notifier.c
2025-10-22 19:24:15 -04:00
lsm_syscalls.c
lsm: rework lsm_active_cnt and lsm_idlist[]
2025-10-22 19:24:19 -04:00
lsm.h
lsm: preserve /proc/sys/vm/mmap_min_addr when !CONFIG_SECURITY
2026-01-29 13:56:53 -05:00
Makefile
lsm: split the init code out into lsm_init.c
2025-10-22 19:24:16 -04:00
min_addr.c
lsm: preserve /proc/sys/vm/mmap_min_addr when !CONFIG_SECURITY
2026-01-29 13:56:53 -05:00
security.c
lsm: make keys for static branch static
2026-01-06 20:57:55 -05:00