Google Git
Sign in
kernel / pub / scm / linux / kernel / git / jforbes / linux / lockdown
commitd80c02f88bc3f81b647779caee4c7b209f5332a4[log] [tgz]
authorMimi Zohar <zohar@linux.vnet.ibm.com>Fri Apr 13 11:27:52 2018 -0400
committerJustin M. Forbes <jforbes@fedoraproject.org>Wed Jun 13 11:10:08 2018 -0500
tree7bea86f3921a5eb7a7f17efc256a099aa5b2998a
parent2aa9a943b31676ec5872383963b8a065a75d0300 [diff]
lockdown: fix coordination of kernel module signature verification

If both IMA-appraisal and sig_enforce are enabled, then both signatures
are currently required.  If the IMA-appraisal signature verification
fails, it could rely on the appended signature verification; but with the
lockdown patch set, the appended signature verification assumes that if
IMA-appraisal is enabled, it has verified the signature.  Basically each
signature verification method would be relying on the other to verify the
kernel module signature.

This patch addresses the problem of requiring both kernel module signature
verification methods, when both are enabled, by verifying just the
appended signature.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Acked-by: Bruno E. O. Meneguele <bmeneg@redhat.com>
2 files changed
tree: 7bea86f3921a5eb7a7f17efc256a099aa5b2998a
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. samples/
  18. scripts/
  19. security/
  20. sound/
  21. tools/
  22. usr/
  23. virt/
  24. .clang-format
  25. .cocciconfig
  26. .get_maintainer.ignore
  27. .gitattributes
  28. .gitignore
  29. .mailmap
  30. COPYING
  31. CREDITS
  32. Kbuild
  33. Kconfig
  34. MAINTAINERS
  35. Makefile
  36. README