linux-stable/Documentation/security
Linus Torvalds 0350785b0a integrity-v5.19
-----BEGIN PGP SIGNATURE-----
 
 iIoEABYIADIWIQQdXVVFGN5XqKr1Hj7LwZzRsCrn5QUCYo0tOhQcem9oYXJAbGlu
 dXguaWJtLmNvbQAKCRDLwZzRsCrn5QJfAP47Ym9vacLc1m8/MUaRA/QjbJ/8t3TX
 h/4McK8kiRudxgD/RiPHII6gJ8q+qpBrYWJZ4ZZaHE8v0oA1viuZfbuN2wc=
 =KQYi
 -----END PGP SIGNATURE-----

Merge tag 'integrity-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity

Pull IMA updates from Mimi Zohar:
 "New is IMA support for including fs-verity file digests and signatures
  in the IMA measurement list as well as verifying the fs-verity file
  digest based signatures, both based on policy.

  In addition, are two bug fixes:

   - avoid reading UEFI variables, which cause a page fault, on Apple
     Macs with T2 chips.

   - remove the original "ima" template Kconfig option to address a boot
     command line ordering issue.

  The rest is a mixture of code/documentation cleanup"

* tag 'integrity-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
  integrity: Fix sparse warnings in keyring_handler
  evm: Clean up some variables
  evm: Return INTEGRITY_PASS for enum integrity_status value '0'
  efi: Do not import certificates from UEFI Secure Boot for T2 Macs
  fsverity: update the documentation
  ima: support fs-verity file digest based version 3 signatures
  ima: permit fsverity's file digests in the IMA measurement list
  ima: define a new template field named 'd-ngv2' and templates
  fs-verity: define a function to return the integrity protected file digest
  ima: use IMA default hash algorithm for integrity violations
  ima: fix 'd-ng' comments and documentation
  ima: remove the IMA_TEMPLATE Kconfig option
  ima: remove redundant initialization of pointer 'file'.
2022-05-24 13:50:39 -07:00
..
keys doc: trusted-encrypted: describe new CAAM trust source 2022-05-23 18:47:50 +03:00
secrets docs: security: Add secrets/coco documentation 2022-04-13 19:11:20 +02:00
tpm Documentation: drop optional BOMs 2021-05-10 15:17:34 -06:00
credentials.rst Documentation: remove current_security() reference 2020-09-09 11:33:59 -06:00
digsig.rst docs: move digsig docs to the security book 2020-05-15 12:03:48 -06:00
IMA-templates.rst ima: support fs-verity file digest based version 3 signatures 2022-05-05 17:41:51 -04:00
index.rst docs: security: Add secrets/coco documentation 2022-04-13 19:11:20 +02:00
landlock.rst landlock: Add design choices documentation for filesystem access rights 2022-05-23 13:28:01 +02:00
lsm-development.rst Documentation: Replace lkml.org links with lore 2021-01-11 12:47:38 -07:00
lsm.rst Documentation: LSM: Correct the basic LSM description 2020-05-25 18:59:59 -06:00
sak.rst docs: security: move some books to it and update 2019-07-15 11:03:01 -03:00
SCTP.rst docs: fix 'make htmldocs' warning in SCTP.rst 2022-02-28 11:09:10 -05:00
self-protection.rst docs: update self-protection __ro_after_init status 2021-12-10 14:02:06 -07:00
siphash.rst Documentation: siphash: disambiguate HalfSipHash algorithm from hsiphash functions 2022-04-25 17:26:40 +02:00