mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-01-10 22:44:47 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
503ceaef8e2e7dbbdb04a867acc6fe4c548ede7f
linux/Documentation
History
Mimi Zohar 503ceaef8e ima: define a set of appraisal rules requiring file signatures 
The builtin "ima_appraise_tcb" policy should require file signatures for
at least a few of the hooks (eg. kernel modules, firmware, and the kexec
kernel image), but changing it would break the existing userspace/kernel
ABI.

This patch defines a new builtin policy named "secure_boot", which
can be specified on the "ima_policy=" boot command line, independently
or in conjunction with the "ima_appraise_tcb" policy, by specifing
ima_policy="appraise_tcb | secure_boot".  The new appraisal rules
requiring file signatures will be added prior to the "ima_appraise_tcb"
rules.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

Changelog:
- Reference secure boot in the new builtin policy name. (Thiago Bauermann)
2017-06-21 14:37:12 -04:00
..
ABI
Merge tag 'pci-v4.12-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci
2017-05-08 19:03:25 -07:00
accounting
acpi
Merge tag 'docs-4.12' of git://git.lwn.net/linux
2017-05-02 10:21:17 -07:00
admin-guide
ima: define a set of appraisal rules requiring file signatures
2017-06-21 14:37:12 -04:00
aoe
arm
Merge tag 'armsoc-soc' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
2017-05-09 09:49:36 -07:00
arm64
arm64: documentation: document tagged pointer stack constraints
2017-05-09 17:43:18 +01:00
auxdisplay
backlight
blackfin
block
block, bfq: stress that low_latency must be off to get max throughput
2017-05-10 07:39:43 -06:00
blockdev
remove the mg_disk driver
2017-04-14 14:00:49 -06:00
bus-devices
cdrom
cgroup-v1
cma
connector
console
core-api
docs-rst: core_api: move driver-specific stuff to drivers_api
2017-04-02 14:17:43 -06:00
cpu-freq
cpuidle
cris
crypto
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
2017-05-03 08:50:52 -07:00
dev-tools
device-mapper
Merge tag 'for-4.12/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm
2017-05-03 10:31:20 -07:00
devicetree
staging/android/ion: remove useless document file
2017-05-15 11:17:31 +02:00
dmaengine
doc-guide
DocBook
Merge tag 'char-misc-4.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2017-05-04 19:15:35 -07:00
driver-api
Merge tag 'char-misc-4.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2017-05-04 19:15:35 -07:00
driver-model
PCI: Implement devm_pci_remap_cfgspace()
2017-04-24 13:53:13 -05:00
early-userspace
Documentation: Fix dead URLs to ftp.kernel.org
2017-03-29 15:46:06 -06:00
EDID
drm: use .hword to represent 16-bit numbers
2017-03-30 10:15:19 +02:00
extcon
extcon: Remove porting compatibility of swich class
2017-04-06 10:55:24 +09:00
fault-injection
fb
features
Merge tag 'powerpc-4.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux
2017-05-05 11:36:44 -07:00
filesystems
Tigran has moved
2017-05-12 15:57:15 -07:00
firmware_class
fmc
fpga
frv
gpio
gpu
drm: Document code of conduct
2017-05-05 11:48:17 +10:00
hid
hwmon
drivers: hwmon: Support for ASPEED PWM/Fan tach
2017-04-10 13:12:18 -07:00
i2c
ia64
ide
iio
infiniband
IB/opa-vnic: Virtual Network Interface Controller (VNIC) documentation
2017-04-20 12:01:06 -04:00
input
docs-rst: add input docs at main index and use kernel-figure
2017-05-09 13:36:02 -06:00
ioctl
Merge tag 'armsoc-tee' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
2017-05-10 11:20:09 -07:00
isdn
kbuild
uapi: export all arch specifics directories
2017-05-11 00:22:17 +09:00
kdump
Documentation: kdump: describe arm64 port
2017-04-05 18:32:32 +01:00
laptops
leds
lightnvm
lightnvm: physical block device (pblk) target
2017-04-16 10:06:33 -06:00
livepatch
locking
m68k
md
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md
2017-05-03 10:05:38 -07:00
media
Merge tag 'media/v4.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media
2017-05-05 17:34:57 -07:00
memory-devices
metag
mic
mips
misc-devices
Documentation: misc-devices: Add Documentation for pci-endpoint-test driver
2017-04-28 10:23:19 -05:00
mmc
Merge tag 'mmc-v4.12' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc
2017-05-02 17:34:32 -07:00
mn10300
mtd
namespaces
netlabel
networking
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2017-05-02 16:40:27 -07:00
nfc
nios2
nvdimm
nvmem
parisc
PCI
Merge tag 'pci-v4.12-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci
2017-05-08 19:03:25 -07:00
pcmcia
perf
perf: qcom: Add L3 cache PMU driver
2017-04-03 18:53:50 +01:00
phy
platform
power
Merge tag 'docs-4.12' of git://git.lwn.net/linux
2017-05-02 10:21:17 -07:00
powerpc
powerpc/fadump: update documentation about crashkernel parameter reuse
2017-05-08 17:15:11 -07:00
pps
prctl
process
docs: complete bumping minimal GNU Make version to 3.81
2017-05-06 18:49:09 -07:00
pti
ptp
rapidio
RCU
Merge branches 'doc.2017.04.12a', 'fixes.2017.04.19a' and 'srcu.2017.04.21a' into HEAD
2017-04-21 06:00:13 -07:00
s390
docs: add documentation for vfio-ccw
2017-03-31 12:55:11 +02:00
scheduler
sched/Documentation: Add 'sched-pelt' tool
2017-04-14 10:26:35 +02:00
scsi
scsi: make asynchronous aborts mandatory
2017-04-06 13:07:33 -04:00
security
KEYS: add SP800-56A KDF support for DH
2017-04-04 22:33:38 +01:00
serial
sh
sound
ALSA: hda - Allow to enable/disable vmaster build explicitly
2017-04-10 17:45:27 +02:00
sparc
sphinx
tmplcvt: make the tool more robust
2017-04-11 14:35:15 -06:00
sphinx-static
spi
sysctl
Replace 2 jiffies with sysctl netdev_budget_usecs to enable softirq tuning
2017-04-21 13:22:34 -04:00
target
Documentation/target: add an example script to configure an iSCSI target
2017-05-01 22:21:35 -07:00
thermal
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux
2017-05-12 11:58:45 -07:00
timers
trace
Merge tag 'trace-v4.12' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
2017-05-03 18:41:21 -07:00
translations
docs: update references to the device io book
2017-05-09 13:44:56 -06:00
usb
doc-rst: fixed kernel-doc directives in usb/typec.rst
2017-05-17 11:52:44 +02:00
userspace-api
docs: Convert unshare.txt to RST and add to the user-space API manual
2017-04-02 15:18:32 -06:00
virtual
Merge tag 'kvm-arm-for-v4.12-round2' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD
2017-05-09 12:51:49 +02:00
vm
Documentation/vm/transhuge.txt: fix trivial typos
2017-05-08 17:15:14 -07:00
w1
watchdog
iTCO_wdt: all versions count down twice
2017-05-19 10:42:11 +02:00
wimax
x86
x86/intel_rdt: Fix a typo in Documentation
2017-05-09 09:41:42 +02:00
xtensa
.gitignore
00-INDEX
bcache.txt
bt8xxgpio.txt
btmrvl.txt
bus-virt-phys-mapping.txt
cachetlb.txt
cgroup-v2.txt
mm, docs: update memory.stat description with workingset* entries
2017-05-12 15:57:16 -07:00
Changes
circular-buffers.txt
clk.txt
CodingStyle
conf.py
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
2017-05-03 12:38:20 -07:00
cpu-load.txt
cputopology.txt
docs: Fix a couple typos
2017-04-27 15:54:39 -06:00
crc32.txt
dcdbas.txt
debugging-modules.txt
debugging-via-ohci1394.txt
docs: Fix a couple typos
2017-04-27 15:54:39 -06:00
dell_rbu.txt
digsig.txt
DMA-API-HOWTO.txt
DMA-API.txt
DMA-attributes.txt
DMA-ISA-LPC.txt
docutils.conf
dontdiff
efi-stub.txt
eisa.txt
flexible-arrays.txt
futex-requeue-pi.txt
gcc-plugins.txt
highuid.txt
hw_random.txt
hwspinlock.txt
index.rst
docs-rst: add input docs at main index and use kernel-figure
2017-05-09 13:36:02 -06:00
intel_txt.txt
Intel-IOMMU.txt
io_ordering.txt
io-mapping.txt
iostats.txt
IPMI.txt
IRQ-affinity.txt
IRQ-domain.txt
IRQ.txt
irqflags-tracing.txt
isa.txt
isapnp.txt
kernel-doc-nano-HOWTO.txt
kernel-per-CPU-kthreads.txt
kobject.txt
kprobes.txt
kref.txt
Revert "kref: double kref_put() in my_data_handler()"
2017-04-08 18:38:10 +02:00
kselftest.txt
ldm.txt
lockup-watchdogs.txt
logo.gif
logo.txt
lzo.txt
mailbox.txt
Makefile
Makefile.sphinx
memory-barriers.txt
Merge tag 'docs-4.12-2' of git://git.lwn.net/linux
2017-05-11 11:29:52 -07:00
memory-hotplug.txt
men-chameleon-bus.txt
nommu-mmap.txt
ntb.txt
numastat.txt
padata.txt
parport-lowlevel.txt
percpu-rw-semaphore.txt
phy.txt
pi-futex.txt
pinctrl.txt
pinctrl: core: Fix pinctrl_register_and_init() with pinctrl_enable()
2017-04-07 01:08:08 +02:00
pnp.txt
preempt-locking.txt
printk-formats.txt
pwm.txt
rbtree.txt
remoteproc.txt
rfkill.txt
robust-futex-ABI.txt
robust-futexes.txt
rpmsg.txt
rtc.txt
SAK.txt
sgi-ioc4.txt
siphash.txt
SM501.txt
smsc_ece1099.txt
static-keys.txt
docs: Fix a couple typos
2017-04-27 15:54:39 -06:00
SubmittingPatches
svga.txt
switchtec.txt
switchtec: Add IOCTLs to the Switchtec driver
2017-04-12 12:23:37 -05:00
sync_file.txt
tee.txt
this_cpu_ops.txt
unaligned-memory-access.txt
vfio-mediated-device.txt
docs: Fix a spelling error in vfio-mediated-device.txt
2017-04-27 15:54:39 -06:00
vfio.txt
video-output.txt
xillybus.txt
xz.txt
zorro.txt
docs: Fix a couple typos
2017-04-27 15:54:39 -06:00