diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2011-10-25 03:45:31 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-10-25 03:45:31 -0400 |
| commit | 36b8d186e6cc8e32cb5227f5645a58e1bc0af190 (patch) | |
| tree | 1000ad26e189e6ff2c53fb7eeff605f59c7ad94e /Documentation/ABI/testing | |
| parent | cd85b557414fe4cd44ea6608825e96612a5fe2b2 (diff) | |
| parent | c45ed235abf1b0b6666417e3c394f18717976acd (diff) | |
Merge branch 'next' of git://selinuxproject.org/~jmorris/linux-security
* 'next' of git://selinuxproject.org/~jmorris/linux-security: (95 commits)
TOMOYO: Fix incomplete read after seek.
Smack: allow to access /smack/access as normal user
TOMOYO: Fix unused kernel config option.
Smack: fix: invalid length set for the result of /smack/access
Smack: compilation fix
Smack: fix for /smack/access output, use string instead of byte
Smack: domain transition protections (v3)
Smack: Provide information for UDS getsockopt(SO_PEERCRED)
Smack: Clean up comments
Smack: Repair processing of fcntl
Smack: Rule list lookup performance
Smack: check permissions from user space (v2)
TOMOYO: Fix quota and garbage collector.
TOMOYO: Remove redundant tasklist_lock.
TOMOYO: Fix domain transition failure warning.
TOMOYO: Remove tomoyo_policy_memory_lock spinlock.
TOMOYO: Simplify garbage collector.
TOMOYO: Fix make namespacecheck warnings.
target: check hex2bin result
encrypted-keys: check hex2bin result
...
Diffstat (limited to 'Documentation/ABI/testing')
| -rw-r--r-- | Documentation/ABI/testing/evm | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/Documentation/ABI/testing/evm b/Documentation/ABI/testing/evm new file mode 100644 index 000000000000..8374d4557e5d --- /dev/null +++ b/Documentation/ABI/testing/evm | |||
| @@ -0,0 +1,23 @@ | |||
| 1 | What: security/evm | ||
| 2 | Date: March 2011 | ||
| 3 | Contact: Mimi Zohar <zohar@us.ibm.com> | ||
| 4 | Description: | ||
| 5 | EVM protects a file's security extended attributes(xattrs) | ||
| 6 | against integrity attacks. The initial method maintains an | ||
| 7 | HMAC-sha1 value across the extended attributes, storing the | ||
| 8 | value as the extended attribute 'security.evm'. | ||
| 9 | |||
| 10 | EVM depends on the Kernel Key Retention System to provide it | ||
| 11 | with a trusted/encrypted key for the HMAC-sha1 operation. | ||
| 12 | The key is loaded onto the root's keyring using keyctl. Until | ||
| 13 | EVM receives notification that the key has been successfully | ||
| 14 | loaded onto the keyring (echo 1 > <securityfs>/evm), EVM | ||
| 15 | can not create or validate the 'security.evm' xattr, but | ||
| 16 | returns INTEGRITY_UNKNOWN. Loading the key and signaling EVM | ||
| 17 | should be done as early as possible. Normally this is done | ||
| 18 | in the initramfs, which has already been measured as part | ||
| 19 | of the trusted boot. For more information on creating and | ||
| 20 | loading existing trusted/encrypted keys, refer to: | ||
| 21 | Documentation/keys-trusted-encrypted.txt. (A sample dracut | ||
| 22 | patch, which loads the trusted/encrypted key and enables | ||
| 23 | EVM, is available from http://linux-ima.sourceforge.net/#EVM.) | ||