review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Tushar Sugandhi <tusharsu@linux.microsoft.com>
	Fri, 8 Jan 2021 04:07:03 +0000 (20:07 -0800)
committer	Mimi Zohar <zohar@linux.ibm.com>
	Fri, 15 Jan 2021 04:41:26 +0000 (23:41 -0500)
commit	d6e645012d97164609260ac567b304681734c5e2
tree	a3407860354577f3af1260aad6f37820c6e8bfea	tree \| snapshot
parent	291af651b350817f7f1cbe308faaf7fa7af2a92c	commit \| diff

IMA: define a hook to measure kernel integrity critical data

IMA provides capabilities to measure file and buffer data.  However,
various data structures, policies, and states stored in kernel memory
also impact the integrity of the system.  Several kernel subsystems
contain such integrity critical data.  These kernel subsystems help
protect the integrity of the system.  Currently, IMA does not provide a
generic function for measuring kernel integrity critical data.

Define ima_measure_critical_data, a new IMA hook, to measure kernel
integrity critical data.

Signed-off-by: Tushar Sugandhi <tusharsu@linux.microsoft.com>
Reviewed-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

include/linux/ima.h		diff \| blob \| history
security/integrity/ima/ima.h		diff \| blob \| history
security/integrity/ima/ima_api.c		diff \| blob \| history
security/integrity/ima/ima_main.c		diff \| blob \| history