1. 15 Dec, 2015 1 commit
    • Dmitry Kasatkin's avatar
      evm: provide a function to set the EVM key from the kernel · 76266763
      Dmitry Kasatkin authored
      A crypto HW kernel module can possibly initialize the EVM key from the
      kernel __init code to enable EVM before calling the 'init' process.
      This patch provides a function evm_set_key() to set the EVM key
      directly without using the KEY subsystem.
      
      Changes in v4:
      * kernel-doc style for evm_set_key
      
      Changes in v3:
      * error reporting moved to evm_set_key
      * EVM_INIT_HMAC moved to evm_set_key
      * added bitop to prevent key setting race
      
      Changes in v2:
      * use size_t for key size instead of signed int
      * provide EVM_MAX_KEY_SIZE macro in <linux/evm.h>
      * provide EVM_MIN_KEY_SIZE macro in <linux/evm.h>
      Signed-off-by: default avatarDmitry Kasatkin <dmitry.kasatkin@huawei.com>
      Signed-off-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
      76266763
  2. 27 Mar, 2013 1 commit
  3. 14 Sep, 2011 1 commit
    • Mimi Zohar's avatar
      evm: posix acls modify i_mode · bf6d0f5d
      Mimi Zohar authored
      The posix xattr acls are 'system' prefixed, which normally would not
      affect security.evm.  An interesting side affect of writing posix xattr
      acls is their modifying of the i_mode, which is included in security.evm.
      
      This patch updates security.evm when posix xattr acls are written.
      Signed-off-by: default avatarMimi Zohar <zohar@us.ibm.com>
      bf6d0f5d
  4. 11 Aug, 2011 2 commits
  5. 18 Jul, 2011 6 commits