mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-12-27 11:06:41 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
c200892b46ba3df3dd210b7117a463ec283600c3
linux/security
History
Coiby Xu c200892b46 ima: Access decompressed kernel module to verify appended signature 
Currently, when in-kernel module decompression (CONFIG_MODULE_DECOMPRESS)
is enabled, IMA has no way to verify the appended module signature as it
can't decompress the module.

Define a new kernel_read_file_id enumerate READING_MODULE_COMPRESSED so
IMA can calculate the compressed kernel module data hash on
READING_MODULE_COMPRESSED and defer appraising/measuring it until on
READING_MODULE when the module has been decompressed.

Before enabling in-kernel module decompression, a kernel module in
initramfs can still be loaded with ima_policy=secure_boot. So adjust the
kernel module rule in secure_boot policy to allow either an IMA
signature OR an appended signature i.e. to use
"appraise func=MODULE_CHECK appraise_type=imasig|modsig".

Reported-by: Karel Srot <ksrot@redhat.com>
Suggested-by: Mimi Zohar <zohar@linux.ibm.com>
Suggested-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Coiby Xu <coxu@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2025-11-19 09:19:42 -05:00
..
apparmor
Merge tag 'pull-f_path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2025-10-03 16:32:36 -07:00
bpf
bpf: lsm: Remove hook to bpf_task_storage_free
2024-12-16 12:32:31 -08:00
integrity
ima: Access decompressed kernel module to verify appended signature
2025-11-19 09:19:42 -05:00
ipe
ima: Access decompressed kernel module to verify appended signature
2025-11-19 09:19:42 -05:00
keys
security: keys: use menuconfig for KEYS symbol
2025-10-04 17:25:35 +03:00
landlock
fs: add an icount_read helper
2025-09-01 12:41:09 +02:00
loadpin
loadpin: remove MODULE_COMPRESS_NONE as it is no longer supported
2025-03-03 09:35:50 -08:00
lockdown
lockdown: initialize local array before use to quiet static analysis
2025-01-05 12:48:43 -05:00
safesetid
safesetid: check size of policy writes
2025-01-04 22:46:09 -05:00
selinux
ima: Access decompressed kernel module to verify appended signature
2025-11-19 09:19:42 -05:00
smack
Merge tag 'pull-qstr' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2025-10-03 11:14:02 -07:00
tomoyo
copy_process: pass clone_flags as u64 across calltree
2025-09-01 15:31:34 +02:00
yama
yama: don't abuse rcu_read_lock/get_task_struct in yama_task_prctl()
2025-03-07 19:58:05 -08:00
commoncap.c
exec: Correct the permission check for unsafe exec
2025-06-23 10:38:39 -05:00
device_cgroup.c
device_cgroup: Fix kernel-doc warnings in device_cgroup
2023-06-21 09:30:49 -04:00
inode.c
make securityfs_remove() remove the entire subtree
2025-06-11 18:19:46 -04:00
Kconfig
lsm: CONFIG_LSM can depend on CONFIG_SECURITY
2025-09-11 16:32:04 -04:00
Kconfig.hardening
rust: add bitmap API.
2025-09-22 15:52:44 -04:00
lsm_audit.c
net: Retire DCCP socket.
2025-04-11 18:58:10 -07:00
lsm_syscalls.c
lsm: use 32-bit compatible data types in LSM syscalls
2024-03-14 11:31:26 -04:00
Makefile
lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set
2025-01-04 11:50:44 -05:00
min_addr.c
security: use umax() to improve code
2025-08-18 15:41:47 -04:00
security.c
Merge tag 'pull-qstr' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2025-10-03 11:14:02 -07:00