Piteball
/
android_kernel_samsung_msm8976
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/security
History
Mimi Zohar bb7f9e5c38 evm: prohibit userspace writing 'security.evm' HMAC value 
commit 2fb1c9a4f2dbc2f0bd2431c7fa64d0b5483864e4 upstream.

Calculating the 'security.evm' HMAC value requires access to the
EVM encrypted key.  Only the kernel should have access to it.  This
patch prevents userspace tools(eg. setfattr, cp --preserve=xattr)
from setting/modifying the 'security.evm' HMAC value directly.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2014-06-26 15:12:37 -04:00
..
apparmor new helper: file_inode(file) 2013-02-22 23:31:31 -05:00
integrity evm: prohibit userspace writing 'security.evm' HMAC value 2014-06-26 15:12:37 -04:00
keys aio: don't include aio.h in sched.h 2013-05-07 20:16:25 -07:00
selinux selinux: correctly label /proc inodes in use before the policy is loaded 2014-04-14 06:42:14 -07:00
smack Smack: include magic.h in smackfs.c 2013-04-03 13:13:51 +11:00
tomoyo Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
yama yama: Better permission check for ptraceme 2013-03-26 13:17:58 -07:00
Kconfig KEYS: Move the key config into security/keys/Kconfig 2012-05-11 10:56:56 +01:00
Makefile
capability.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2013-04-30 16:27:51 -07:00
commoncap.c kill f_vfsmnt 2013-02-26 02:46:10 -05:00
device_cgroup.c devcg: remove parent_cgroup. 2013-04-18 11:34:35 -07:00
inode.c
lsm_audit.c LSM: BUILD_BUG_ON if the common_audit_data union ever grows 2012-04-09 12:23:03 -04:00
min_addr.c
security.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2013-04-30 16:27:51 -07:00