dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-07-03 22:23:16 +02:00
Code Releases Activity
25 Commits 5 Branches 19 Tags
7b0cbf5e539ff368c7d8429a33784d6eb2d66552
Commit Graph

25 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dmitry Kasatkin
7b0cbf5e53 evm-utils renamed to ima-evm-utils 
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-04-05 14:54:28 +03:00
Dmitry Kasatkin
776183a642 added command options description 
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-04-05 14:32:28 +03:00
Dmitry Kasatkin
c3d090abba removed unused parameter 
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-04-05 13:48:39 +03:00
Dmitry Kasatkin
bb79f7aaf2 import functions combined 
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-04-05 13:48:08 +03:00
Dmitry Kasatkin
a3c7609b80 updated error handling 
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-04-05 12:23:45 +03:00
Dmitry Kasatkin
d70816cbf1 read list of existing extended attributes 
getxattr() might return runtime value which does not really exist
on file system. It happens for SMACK LSM. Reading the list of existing
attributes allows to prevent such to happen.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-04-04 16:48:38 +03:00
Dmitry Kasatkin
c6c8cccb83 added HMAC API error handling 
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-04-04 16:48:16 +03:00
Dmitry Kasatkin
94de24e5ad version 0.1.0 2012-04-02 15:52:30 +03:00
Dmitry Kasatkin
3f2f98aef8 remove unused parameter 
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-03-15 11:52:36 +02:00
Dmitry Kasatkin
ae47101134 Changed time_t timestamp type to uint32_t 
time_t is actually long and is different on 32 and 64 bit architectures.
Format of the signatures should not depend on the architecture and should
be the same. Changed timestamp to uint32_t like in GPG.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-02 10:12:34 +02:00
Dmitry Kasatkin
d98e4a9bed Added missing CFLAGS 
Added missing CFLAGS

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-01 15:24:07 +02:00
Dmitry Kasatkin
179664d7e9 Added signature write to .sig file 
To enable module signature verification working on file systems
without extended attributes, or to be able to copy modules by methods,
which does not support extended attribute copying, it is necessary
to store signature in the file. This patch provides command line parameter
for storing signature in .sig file.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-01 15:24:02 +02:00
Dmitry Kasatkin
c440d2d95f Change set_xattr to xattr. 
set_xattr changed to xattr.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-01 11:10:15 +02:00
Dmitry Kasatkin
fed7fb6933 Changed to conform Linux kernel coding style 
Changed to conform Linux kernel coding style, except 80 characters
line length limit.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-01 11:04:36 +02:00
Dmitry Kasatkin
78494ab370 added password parameter for using encrypted keys 
Added password parameter for using encrypted keys.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-01 10:35:43 +02:00
Dmitry Kasatkin
192f897b8e added openssl initialization and error reporting 
Added openssl initialization and error reporting.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-01 10:35:38 +02:00
Dmitry Kasatkin
0799e24820 minor fixes 
- error message
- command info

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-01-30 13:23:28 +02:00
Dmitry Kasatkin
c94a0b9262 Merge branch 'master' of ssh://linux-ima.git.sourceforge.net/gitroot/linux-ima/evm-utils 2011-12-02 14:39:56 +02:00
Dmitry Kasatkin
8e68cd0135 Scripts for searching not only root owned files 
-uid 0 removed.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-12-02 14:15:19 +02:00
Dmitry Kasatkin
b60f927609 directory hash calculation 
Directory integrity verification requires directory hash value
to be set to security.ima.
This patch provides directory hash calculation.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-12-02 14:12:57 +02:00
Dmitry Kasatkin
874c0fd45c EVM hmac calculation 
For debugging purpose it is nice to have evm hmac calculation for
labeling filesystem using hmac.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-12-01 12:17:29 +02:00
Dmitry Kasatkin
774029f71e EVP API for evm hash calculation 
evmctl was using sha1 for evm hash calculation.
Using EVM API is easy to use other digest algorithms such as sha256.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-11-30 16:01:17 +02:00
Dmitry Kasatkin
273701a5b2 evmctl - IMA/EVM control tool 
evmctl provides signing support for IMA/EVM.
Functionality includes signing of file content (IMA), file metadata (EVM),
importing public keys into kernel keyring.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-11-24 17:03:43 +02:00
Dmitry Kasatkin
e2da6956c4 evmctl - IMA/EVM control tool 
evmctl provides signing support for IMA/EVM.
Functionality includes signing of file content (IMA), file metadata (EVM),
importing public keys into kernel keyring.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-10-14 16:53:34 +03:00
Dmitry Kasatkin
6ec041487e initial empty repo 2010-11-25 11:27:14 +02:00