remarkable-linux

History

Dmitry Kasatkin 26ddabfe96 evm: enable EVM when X509 certificate is loaded In order to enable EVM before starting the 'init' process, evm_initialized needs to be non-zero. Previously non-zero indicated that the HMAC key was loaded. When EVM loads the X509 before calling 'init', with this patch it is now possible to enable EVM to start signature based verification. This patch defines bits to enable EVM if a key of any type is loaded. Changes in v3: * print error message if key is not set Changes in v2: * EVM_STATE_KEY_SET replaced by EVM_INIT_HMAC * EVM_STATE_X509_SET replaced by EVM_INIT_X509 Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>		2015-12-15 08:50:48 -05:00
..
evm	evm: enable EVM when X509 certificate is loaded	2015-12-15 08:50:48 -05:00
ima	integrity: define '.evm' as a builtin 'trusted' keyring	2015-11-23 14:30:02 -05:00
digsig.c	integrity: define '.evm' as a builtin 'trusted' keyring	2015-11-23 14:30:02 -05:00
digsig_asymmetric.c	integrity: do zero padding of the key id	2014-10-06 17:33:27 +01:00
iint.c	evm: load an x509 certificate from the kernel	2015-12-15 08:31:19 -05:00
integrity.h	evm: load an x509 certificate from the kernel	2015-12-15 08:31:19 -05:00
integrity_audit.c	Merge git://git.infradead.org/users/eparis/audit	2014-04-12 12:38:53 -07:00
Kconfig	integrity: define '.evm' as a builtin 'trusted' keyring	2015-11-23 14:30:02 -05:00
Makefile	integrity: make integrity files as 'integrity' module	2014-09-09 10:28:58 -04:00