OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/security
History
Maurizio Drocco c4405cdf96 ima: extend boot_aggregate with kernel measurements 
[ Upstream commit 20c59ce010 ]

Registers 8-9 are used to store measurements of the kernel and its
command line (e.g., grub2 bootloader with tpm module enabled). IMA
should include them in the boot aggregate. Registers 8-9 should be
only included in non-SHA1 digests to avoid ambiguity.

Signed-off-by: Maurizio Drocco <maurizio.drocco@ibm.com>
Reviewed-by: Bruno Meneguele <bmeneg@redhat.com>
Tested-by: Bruno Meneguele <bmeneg@redhat.com>  (TPM 1.2, TPM 2.0)
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2020-12-08 10:40:24 +01:00
..
apparmor apparmor: ensure that dfa state tables have entries 2020-07-22 09:33:05 +02:00
integrity ima: extend boot_aggregate with kernel measurements 2020-12-08 10:40:24 +01:00
keys mm: add kvfree_sensitive() for freeing sensitive data objects 2020-06-17 16:40:23 +02:00
loadpin
lockdown lockdown: Allow unprivileged users to see lockdown status 2020-06-22 09:30:53 +02:00
safesetid
selinux selinux: Fix error return code in sel_ib_pkey_sid_slow() 2020-11-18 19:20:30 +01:00
smack Smack: prevent underflow in smk_set_cipso() 2020-08-19 08:16:16 +02:00
tomoyo
yama
Kconfig
Kconfig.hardening
Makefile
commoncap.c exec: Always set cap_ambient in cap_bprm_set_creds 2020-06-03 08:21:23 +02:00
device_cgroup.c device_cgroup: Fix RCU list debugging warning 2020-10-01 13:18:13 +02:00
inode.c
lsm_audit.c
min_addr.c
security.c