Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / mainline / linux / 8eb613c0b8f19627ba1846dcf78bb2c85edbe8dd / security / integrity / ima / ima_main.c
  1. 8eb613c ima: verify mprotect change is consistent with mmap policy by Mimi Zohar · 4 years, 8 months ago
  2. e144d6b ima: Evaluate error in init_ima() by Roberto Sassu · 4 years, 10 months ago
  3. 555d6d7 integrity: Remove duplicate pr_fmt definitions by Tushar Sugandhi · 5 years ago
  4. 72ec611 IMA: Add log statements for failure conditions by Tushar Sugandhi · 5 years ago
  5. 6beea7a ima: add the ability to query the cached hash of a given file by Florent Revest · 5 years ago
  6. e9085e0 IMA: Add support to limit measuring keys by Lakshmi Ramasubramanian · 5 years ago
  7. c5563ba IMA: Check IMA policy flag by Lakshmi Ramasubramanian · 5 years ago
  8. 273df86 ima: Check against blacklisted hashes for files with modsig by Nayna Jain · 5 years ago
  9. e14555e ima: Make process_buffer_measurement() generic by Nayna Jain · 5 years ago
  10. aefcf2f Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 5 years ago
  11. 29d3c1c kexec: Allow kexec_file() with appropriate IMA policy when locked down by Matthew Garrett · 5 years ago
  12. 99d5cadf kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE by Jiri Bohac · 5 years ago
  13. e509225 ima: Store the measurement again when appraising a modsig by Thiago Jung Bauermann · 6 years ago
  14. 3878d50 ima: Define ima-modsig template by Thiago Jung Bauermann · 6 years ago
  15. 1558822 ima: Collect modsig by Thiago Jung Bauermann · 6 years ago
  16. 39b0709 ima: Implement support for module-style appended signatures by Thiago Jung Bauermann · 6 years ago
  17. 8b68150 Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity by Linus Torvalds · 6 years ago
  18. 86b4da8 IMA: Define a new template field buf by Prakhar Srivastava · 6 years ago
  19. b093512 IMA: Define a new hook to measure the kexec boot command line arguments by Prakhar Srivastava · 6 years ago
  20. 19453ce0 IMA: support for per policy rule template formats by Matthew Garrett · 6 years ago
  21. b169424 ima: use the lsm policy update notifier by Janne Karhunen · 6 years ago
  22. b886d83c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 by Thomas Gleixner · 6 years ago
  23. 2cd4737 ima: prevent a file already mmap'ed write to be mmap'ed execute by Mimi Zohar · 6 years ago
  24. fdb2410 ima: define ima_post_create_tmpfile() hook and add missing call by Mimi Zohar · 6 years ago
  25. f218a29 Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 6 years ago
  26. b49d564 security: integrity: partial revert of make ima_main explicitly non-modular by Paul Gortmaker · 6 years ago
  27. 5580b4a Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into next-integrity by James Morris · 6 years ago
  28. eed9de3 ima: Use inode_is_open_for_write by Nikolay Borisov · 6 years ago
  29. 4f83d5e security: integrity: make ima_main explicitly non-modular by Paul Gortmaker · 6 years ago
  30. b5ca117 ima: prevent kexec_load syscall based on runtime secureboot flag by Nayna Jain · 6 years ago
  31. b2724d5 security/integrity: constify some read-only data by Eric Biggers · 6 years ago
  32. 92d4a03 Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 6 years ago
  33. 4f0496d ima: based on policy warn about loading firmware (pre-allocated buffer) by Mimi Zohar · 6 years ago
  34. c77b8cd module: replace the existing LSM hook in init_module by Mimi Zohar · 6 years ago
  35. fed2512 ima: based on policy require signed firmware (sysfs fallback) by Mimi Zohar · 6 years ago
  36. 16c267a ima: based on policy require signed kexec kernel images by Mimi Zohar · 6 years ago
  37. 6035a27 IMA: don't propagate opened through the entire thing by Al Viro · 7 years ago
  38. b4df860 ima: use match_string() helper by Yisheng Xie · 7 years ago
  39. fd90bc5 ima: based on policy verify firmware signatures (pre-allocated buffer) by Mimi Zohar · 7 years ago
  40. 4ecd993 ima: Remove unused variable ima_initialized by Petr Vorel · 7 years ago
  41. ab60368 ima: Fallback to the builtin hash algorithm by Petr Vorel · 7 years ago
  42. 9e67028 ima: fail signature verification based on policy by Mimi Zohar · 7 years ago
  43. d77ccdc ima: re-evaluate files on privileged mounted filesystems by Mimi Zohar · 7 years ago
  44. d906c10 IMA: Support using new creds in appraisal policy by Matthew Garrett · 7 years ago
  45. c472c07 iversion: Rename make inode_cmp_iversion{+raw} to inode_eq_iversion{+raw} by Goffredo Baroncelli · 7 years ago
  46. 3c29548 Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 7 years ago
  47. 3b370b2 IMA: switch IMA over to new i_version API by Jeff Layton · 7 years ago
  48. a2a2c3c ima: Use i_version only when filesystem supports it by Sascha Hauer · 7 years ago
  49. 9c655be ima: log message to module appraisal error by Bruno E. O. Meneguele · 7 years ago
  50. 4e8581e ima: pass filename to ima_rdwr_violation_check() by Roberto Sassu · 7 years ago
  51. da1b002 ima: support new "hash" and "dont_hash" policy actions by Mimi Zohar · 8 years ago
  52. ac0bf02 ima: Use i_version only when filesystem supports it by Sascha Hauer · 7 years ago
  53. 0d73a55 ima: re-introduce own integrity cache lock by Dmitry Kasatkin · 7 years ago
  54. 7c9bc09 ima: check signature enforcement against cmdline param instead of CONFIG by Bruno E. O. Meneguele · 7 years ago
  55. ebe7c0a ima: fix hash algorithm initialization by Boshi Wang · 7 years ago
  56. a7d3d03 integrity: use kernel_read_file_from_path() to read x509 certs by Christoph Hellwig · 7 years ago
  57. f3cc6b2 ima: always measure and audit files in policy by Mimi Zohar · 8 years ago
  58. 20f482a ima: allow to check MAY_APPEND by Lans Zhang · 8 years ago
  59. bc15ed6 ima: fix ima_d_path() possible race with rename by Mimi Zohar · 8 years ago
  60. 3f23d62 ima: store the builtin/custom template definitions in a list by Mimi Zohar · 8 years ago
  61. e71b9df ima: use file_dentry() by Miklos Szeredi · 8 years ago
  62. a422638 ima: change integrity cache to store measured pcr by Eric Richter · 9 years ago
  63. 14b1da8 ima: include pcr for each measurement log entry by Eric Richter · 9 years ago
  64. 725de7f ima: extend ima_get_action() to return the policy pcr by Eric Richter · 9 years ago
  65. 05d1a71 ima: add support for creating files using the mknodat syscall by Mimi Zohar · 9 years ago
  66. 19f8a84 ima: measure and appraise the IMA policy itself by Mimi Zohar · 9 years ago
  67. d9ddf07 ima: support for kexec image and initramfs by Mimi Zohar · 9 years ago
  68. a1db742 module: replace copy_module_from_fd with kernel version by Mimi Zohar · 9 years ago
  69. 39eeb4f security: define kernel_read_file hook by Mimi Zohar · 9 years ago
  70. e40ba6d firmware: replace call to fw_read_file_contents() with kernel version by Mimi Zohar · 9 years ago
  71. cf22221 ima: define a new hook to measure and appraise a file already in memory by Mimi Zohar · 9 years ago
  72. 4ad87a3 ima: use "ima_hooks" enum as function argument by Mimi Zohar · 9 years ago
  73. 1525b06 ima: separate 'security.ima' reading functionality from collect by Dmitry Kasatkin · 10 years ago
  74. 5955102 wrappers for ->i_mutex access by Al Viro · 9 years ago
  75. 8d94eb9 ima: pass iint to ima_add_violation() by Roberto Sassu · 10 years ago
  76. 456f5fd ima: use path names cache by Dmitry Kasatkin · 10 years ago
  77. 0f34a00 ima: check ima_policy_flag in the ima_file_free() hook by Dmitry Kasatkin · 10 years ago
  78. 1b68bdf ima: detect violations for mmaped files by Roberto Sassu · 10 years ago
  79. f7a859f ima: fix race condition on ima_rdwr_violation_check and process_measurement by Roberto Sassu · 10 years ago
  80. a756024 ima: added ima_policy_flag variable by Roberto Sassu · 10 years ago
  81. 31b70f6 ima: move keyring initialization to ima_init() by Dmitry Kasatkin · 11 years ago
  82. 17f4bad ima: remove usage of filename parameter by Dmitry Kasatkin · 10 years ago
  83. 3a8a2ea ima: remove unnecessary extra variable by Dmitry Kasatkin · 10 years ago
  84. f68c05f ima: simplify conditional statement to improve performance by Dmitry Kasatkin · 10 years ago
  85. 3034a14 ima: pass 'opened' flag to identify newly created files by Dmitry Kasatkin · 11 years ago
  86. b151d6b ima: provide flag to identify new empty files by Dmitry Kasatkin · 11 years ago
  87. 5a9196d ima: add support for measuring and appraising firmware by Mimi Zohar · 10 years ago
  88. 7d2ce23 ima: define '.ima' as a builtin 'trusted' keyring by Mimi Zohar · 11 years ago
  89. 209b43c ima: delay template descriptor lookup until use by Dmitry Kasatkin · 11 years ago
  90. 2c50b96 ima: remove unnecessary i_mutex locking from ima_rdwr_violation_check() by Dmitry Kasatkin · 11 years ago
  91. 14503eb ima: check inode integrity cache in violation check by Dmitry Kasatkin · 11 years ago
  92. b882fae ima: prevent unnecessary policy checking by Dmitry Kasatkin · 11 years ago
  93. f9b2a73 ima: audit log files opened with O_DIRECT flag by Mimi Zohar · 11 years ago
  94. 61997c4 ima: return d_name.name if d_path fails by Dmitry Kasatkin · 11 years ago
  95. 2bb930a integrity: fix checkpatch errors by Dmitry Kasatkin · 11 years ago
  96. bcbc9b0c ima: extend the measurement list to include the file signature by Mimi Zohar · 11 years ago
  97. e7a2ad7 ima: enable support for larger default filedata hash algorithms by Mimi Zohar · 12 years ago
  98. add1c05 ima: defer determining the appraisal hash algorithm for 'ima' template by Roberto Sassu · 12 years ago
  99. 7d802a2 ima: pass the file descriptor to ima_add_violation() by Roberto Sassu · 12 years ago
  100. d3634d0 ima: read and use signature hash algorithm by Dmitry Kasatkin · 12 years ago