linux/security/integrity/evm
Eric W. Biederman 19339c2516 Revert "evm: Translate user/group ids relative to s_user_ns when computing HMAC"
This reverts commit 0b3c9761d1.

Seth Forshee <seth.forshee@canonical.com> writes:
> All right, I think 0b3c9761d1 should be
> reverted then. EVM is a machine-local integrity mechanism, and so it
> makes sense that the signature would be based on the kernel's notion of
> the uid and not the filesystem's.

I added a commment explaining why the EVM hmac needs to be in the
kernel's notion of uid and gid, not the filesystems to prevent
remounting the filesystem and gaining unwaranted trust in files.

Acked-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
2016-12-02 20:58:41 -06:00
..
evm_crypto.c Revert "evm: Translate user/group ids relative to s_user_ns when computing HMAC" 2016-12-02 20:58:41 -06:00
evm_main.c xattr: Add __vfs_{get,set,remove}xattr helpers 2016-10-07 20:10:44 -04:00
evm_posix_acl.c ima: fix script messages 2013-10-25 13:17:19 -04:00
evm_secfs.c evm: provide a function to set the EVM key from the kernel 2015-12-15 08:53:36 -05:00
evm.h evm: enable EVM when X509 certificate is loaded 2015-12-15 08:50:48 -05:00
Kconfig evm: EVM_LOAD_X509 depends on EVM 2015-12-15 09:57:21 -05:00
Makefile evm: posix acls modify i_mode 2011-09-14 15:24:51 -04:00