From: Mimi Zohar <zohar@linux.vnet.ibm.com>
Date: Sun, 11 May 2014 04:05:23 +0000 (-0400)
Subject: evm: prohibit userspace writing 'security.evm' HMAC value
X-Git-Tag: omap-for-v3.16/fixes-against-rc1~23^2~1
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2fb1c9a4f2dbc2f0bd2431c7fa64d0b5483864e4;p=pandora-kernel.git

evm: prohibit userspace writing 'security.evm' HMAC value

Calculating the 'security.evm' HMAC value requires access to the
EVM encrypted key.  Only the kernel should have access to it.  This
patch prevents userspace tools(eg. setfattr, cp --preserve=xattr)
from setting/modifying the 'security.evm' HMAC value directly.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: <stable@vger.kernel.org>
---

Reading git-diff-tree failed