mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-02 07:04:24 +00:00
Code Issues Releases Wiki Activity
linux-stable/arch/powerpc
History
Eric Snowberg f20765fdfd integrity: Always reference the blacklist keyring with appraisal 
Commit 273df864cf ("ima: Check against blacklisted hashes for files with
modsig") introduced an appraise_flag option for referencing the blacklist
keyring.  Any matching binary found on this keyring fails signature
validation. This flag only works with module appended signatures.

An important part of a PKI infrastructure is to have the ability to do
revocation at a later time should a vulnerability be found.  Expand the
revocation flag usage to all appraisal functions. The flag is now
enabled by default. Setting the flag with an IMA policy has been
deprecated. Without a revocation capability like this in place, only
authenticity can be maintained. With this change, integrity can now be
achieved with digital signature based IMA appraisal.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Nayna Jain <nayna@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2023-08-01 08:17:25 -04:00
..
boot powerpc: dts: turris1x.dts: Fix PCIe MEM size for pci2 node 2023-07-03 16:26:51 +10:00
configs arch/*/configs/*defconfig: Replace AUTOFS4_FS by AUTOFS_FS 2023-07-29 14:08:22 -07:00
crypto powerpc/crypto: Add gitignore for generated P10 AES/GCM .S files 2023-07-17 13:52:46 +10:00
include Revert "powerpc/64s: Remove support for ELFv1 little endian userspace" 2023-07-19 21:28:35 +10:00
kernel integrity: Always reference the blacklist keyring with appraisal 2023-08-01 08:17:25 -04:00
kexec powerpc/kexec_file: print error string on usable memory property update failure 2023-02-15 23:14:06 +11:00
kvm powerpc updates for 6.5 2023-06-30 09:20:08 -07:00
lib powerpc: remove checks for binutils older than 2.25 2023-06-27 16:59:29 +10:00
math-emu powerpc/math-emu: Inhibit W=1 warnings 2022-09-08 11:11:18 +10:00
mm powerpc/kasan: Disable KCOV in KASAN code 2023-07-17 22:49:44 +10:00
net powerpc/bpf: populate extable entries only during the last pass 2023-05-15 15:40:31 +10:00
perf powerpc/perf: Properly detect mpc7450 family 2023-03-30 23:35:43 +11:00
platforms powerpc/512x: lpbfifo: Convert to platform remove callback returning void 2023-07-17 15:13:48 +10:00
purgatory powerpc/purgatory: remove PGO flags 2023-06-12 11:31:50 -07:00
sysdev powerpc updates for 6.5 2023-06-30 09:20:08 -07:00
tools powerpc/64: Use -mprofile-kernel for big endian ELFv2 kernels 2023-06-14 12:46:42 +10:00
xmon - Yosry Ahmed brought back some cgroup v1 stats in OOM logs. 2023-06-28 10:28:11 -07:00
Kbuild
Kconfig powerpc updates for 6.5 2023-06-30 09:20:08 -07:00
Kconfig.debug powerpc: allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y 2023-07-03 16:07:55 +10:00
Makefile powerpc: remove checks for binutils older than 2.25 2023-06-27 16:59:29 +10:00
Makefile.postlink kbuild: remove --include-dir MAKEFLAG from top Makefile 2023-02-05 18:51:22 +09:00