projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d6e6450) | patch
IMA: add policy rule to measure critical data
authorTushar Sugandhi <tusharsu@linux.microsoft.com>
Fri, 8 Jan 2021 04:07:04 +0000 (20:07 -0800)
committerMimi Zohar <zohar@linux.ibm.com>
Fri, 15 Jan 2021 04:41:29 +0000 (23:41 -0500)
commitc4e43aa2eeb0cffcf0b17e0a60a9d212de9c49df
treeff7e0d487666f7f58650353636f6bc0fc75098c8tree | snapshot
parentd6e645012d97164609260ac567b304681734c5e2commit | diff
IMA: add policy rule to measure critical data

A new IMA policy rule is needed for the IMA hook
ima_measure_critical_data() and the corresponding func CRITICAL_DATA for
measuring the input buffer.  The policy rule should ensure the buffer
would get measured only when the policy rule allows the action.  The
policy rule should also support the necessary constraints (flags etc.)
for integrity critical buffer data measurements.

Add policy rule support for measuring integrity critical data.

Signed-off-by: Tushar Sugandhi <tusharsu@linux.microsoft.com>
Reviewed-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Documentation/ABI/testing/ima_policy diff | blob | history
security/integrity/ima/ima_policy.c diff | blob | history
Domain: System / Kernel;