Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / mainline / linux / 1624dc0086056c3a35fd34b0235bb1eb88c1c4d5
commit1624dc0086056c3a35fd34b0235bb1eb88c1c4d5[log] [tgz]
authorTHOBY Simon <Simon.THOBY@viveris.fr>Mon Aug 16 08:11:00 2021 +0000
committerMimi Zohar <zohar@linux.ibm.com>Mon Aug 16 17:30:41 2021 -0400
tree5b2d3eb0600d257add0a38841c7af1c275b7c540
parent50f742dd91474e7f4954bf88d094eede59783883 [diff]
IMA: add support to restrict the hash algorithms used for file appraisal

The kernel accepts any hash algorithm as a value for the security.ima
xattr. Users may wish to restrict the accepted algorithms to only
support strong cryptographic ones.

Provide the plumbing to restrict the permitted set of hash algorithms
used for verifying file hashes and signatures stored in security.ima
xattr.

Signed-off-by: THOBY Simon <Simon.THOBY@viveris.fr>
Reviewed-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
5 files changed
tree: 5b2d3eb0600d257add0a38841c7af1c275b7c540
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. LICENSES/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .clang-format
  24. .cocciconfig
  25. .get_maintainer.ignore
  26. .gitattributes
  27. .gitignore
  28. .mailmap
  29. COPYING
  30. CREDITS
  31. Kbuild
  32. Kconfig
  33. MAINTAINERS
  34. Makefile
  35. README