archives/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-03-08 04:04:43 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/security/integrity
History
Jann Horn 4336927351 ima: add fs_subtype condition for distinguishing FUSE instances 
Linux systems often use FUSE for several different purposes, where the
contents of some FUSE instances can be of more interest for auditing
than others.

Allow distinguishing between them based on the filesystem subtype
(s_subtype) using the new condition "fs_subtype".

The subtype string is supplied by userspace FUSE daemons
when a FUSE connection is initialized, so policy authors who want to
filter based on subtype need to ensure that FUSE mount operations are
sufficiently audited or restricted.

Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2025-10-16 11:12:20 -04:00
..
evm evm_secfs: clear securityfs interactions 2025-06-17 18:10:30 -04:00
ima ima: add fs_subtype condition for distinguishing FUSE instances 2025-10-16 11:12:20 -04:00
platform_certs integrity/platform_certs: Allow loading of keys in the static key management mode 2025-07-09 09:16:18 +05:30
digsig.c integrity: eliminate unnecessary "Problem loading X.509 certificate" msg 2024-02-16 08:04:17 -05:00
digsig_asymmetric.c crypto: sm2 - Remove sm2 algorithm 2024-06-07 19:46:39 +08:00
iint.c integrity: Remove LSM 2024-02-15 23:43:48 -05:00
integrity.h integrity: Use static_assert() to check struct sizes 2024-10-09 22:49:40 -04:00
integrity_audit.c integrity: check the return value of audit_log_start() 2022-02-02 11:44:23 -05:00
Kconfig integrity: Select CRYPTO from INTEGRITY_ASYMMETRIC_KEYS 2025-10-03 07:50:56 -04:00
Makefile ima: Move to LSM infrastructure 2024-02-15 23:43:46 -05:00