Hi James,
Lots of changes this time. This pull request adds support, by Dmitry
Kasatkin, for: making the EVM keyring a trusted keyring, such that only
keys signed by a key on the system keyring can be loaded onto the EVM
keyring, loading the EVM keys onto the EVM trusted keyring by the
kernel, enabling EVM when either the x509 or symmetric keys are
available and loading the EVM symmetric key from hardware.
As described by Mark Baushke and Petko Manalov at LSS 2015 in their talk
"IMA/EVM: Real Applications for Embedded Networking Systems", this pull
request includes support for two new IMA trusted keyrings named .ima_mok
and .ima_blacklist. Keys being loaded on either the EVM or IMA trusted
keyrings can be validated against either the system trusted keyring or
the intermediary .ima_mok keyring and prevented from being loaded if on
the .ima_blacklist keyring.
Lastly, support for extending and displaying the IMA policy.
Thanks!
Mimi
The following changes since commit ebd68df3f24b318d391d15c458d6f43f340ba36a:
Sync to Linus v4.4-rc2 for LSM developers. (2015-11-23 22:46:28 +1100)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next
for you to fetch changes up to 92cc916638a48f285736cd5541536e2e1b73ecf8:
security/integrity: make ima/ima_mok.c explicitly non-modular (2015-12-15
10:01:43 -0500)
----------------------------------------------------------------
Arnd Bergmann (1):
evm: EVM_LOAD_X509 depends on EVM
Dmitry Kasatkin (5):
integrity: define '.evm' as a builtin 'trusted' keyring
evm: load an x509 certificate from the kernel
evm: enable EVM when X509 certificate is loaded
evm: provide a function to set the EVM key from the kernel
evm: reset EVM status when file attributes change
Mimi Zohar (3):
KEYS: prevent keys from being removed from specified keyrings
IMA: prevent keys on the .ima_blacklist from being removed
ima: update appraise flags after policy update completes
Paul Gortmaker (1):
security/integrity: make ima/ima_mok.c explicitly non-modular
Petko Manolov (3):
IMA: policy can now be updated multiple times
IMA: create machine owner and blacklist keyrings
IMA: allow reading back the current IMA policy
crypto/asymmetric_keys/x509_public_key.c | 2 +
include/keys/system_keyring.h | 24 +++
include/linux/evm.h | 7 +
include/linux/key.h | 1 +
security/integrity/Kconfig | 11 ++
security/integrity/digsig.c | 14 +-
security/integrity/digsig_asymmetric.c | 14 ++
security/integrity/evm/Kconfig | 17 ++
security/integrity/evm/evm.h | 3 +
security/integrity/evm/evm_crypto.c | 54 +++++-
security/integrity/evm/evm_main.c | 32 +++-
security/integrity/evm/evm_secfs.c | 12 +-
security/integrity/iint.c | 1 +
security/integrity/ima/Kconfig | 44 ++++-
security/integrity/ima/Makefile | 1 +
security/integrity/ima/ima.h | 23 ++-
security/integrity/ima/ima_fs.c | 42 ++++-
security/integrity/ima/ima_init.c | 2 +-
security/integrity/ima/ima_mok.c | 55 ++++++
security/integrity/ima/ima_policy.c | 293 +++++++++++++++++++++++++++----
security/integrity/integrity.h | 13 +-
security/keys/key.c | 6 +-
security/keys/keyctl.c | 56 ++++--
23 files changed, 643 insertions(+), 84 deletions(-)
create mode 100644 security/integrity/ima/ima_mok.c
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
