linux-stable/security/integrity/ima
Eric Richter 67696f6d79 ima: redefine duplicate template entries
Template entry duplicates are prevented from being added to the
measurement list by checking a hash table that contains the template
entry digests. However, the PCR value is not included in this comparison,
so duplicate template entry digests with differing PCRs may be dropped.

This patch redefines duplicate template entries as template entries with
the same digest and same PCR values.

Reported-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Eric Richter <erichte@linux.vnet.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2016-06-30 01:14:21 -04:00
..
ima.h ima: include pcr for each measurement log entry 2016-06-30 01:14:21 -04:00
ima_api.c ima: include pcr for each measurement log entry 2016-06-30 01:14:21 -04:00
ima_appraise.c ima: extend ima_get_action() to return the policy pcr 2016-06-30 01:14:20 -04:00
ima_crypto.c ima: calculate the hash of a buffer using aynchronous hash(ahash) 2016-02-18 17:14:44 -05:00
ima_fs.c ima: change ima_measurements_show() to display the entry specific pcr 2016-06-30 01:14:21 -04:00
ima_init.c ima: include pcr for each measurement log entry 2016-06-30 01:14:21 -04:00
ima_main.c ima: include pcr for each measurement log entry 2016-06-30 01:14:21 -04:00
ima_mok.c IMA: Use the the system trusted keyrings instead of .ima_mok 2016-04-11 22:49:15 +01:00
ima_policy.c ima: extend ima_get_action() to return the policy pcr 2016-06-30 01:14:20 -04:00
ima_queue.c ima: redefine duplicate template entries 2016-06-30 01:14:21 -04:00
ima_template.c ima: separate 'security.ima' reading functionality from collect 2016-02-18 17:13:32 -05:00
ima_template_lib.c ima: separate 'security.ima' reading functionality from collect 2016-02-18 17:13:32 -05:00
ima_template_lib.h ima: wrap event related data to the new ima_event_data structure 2015-05-21 13:59:28 -04:00
Kconfig IMA: Use the the system trusted keyrings instead of .ima_mok 2016-04-11 22:49:15 +01:00
Makefile IMA: Use the the system trusted keyrings instead of .ima_mok 2016-04-11 22:49:15 +01:00