projects / platform / adaptation / renesas_rcar / renesas_kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a175b8b) | patch
ima: added policy support for 'security.ima' type
authorDmitry Kasatkin <dmitry.kasatkin@intel.com>
Fri, 8 Jun 2012 10:58:49 +0000 (13:58 +0300)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Tue, 22 Jan 2013 21:10:31 +0000 (16:10 -0500)
commit0e5a247cb37a97d843ef76d09d5f80deb7893ba3
tree7206abaf6d20e69a89584046ed7dc9970ba2da12tree | snapshot
parenta175b8bb29ebbad380ab4788f307fbfc47997b19commit | diff
ima: added policy support for 'security.ima' type

The 'security.ima' extended attribute may contain either the file data's
hash or a digital signature.  This patch adds support for requiring a
specific extended attribute type.  It extends the IMA policy with a new
keyword 'appraise_type=imasig'.  (Default is hash.)

Changelog v2:
- Fixed Documentation/ABI/testing/ima_policy option syntax
Changelog v1:
- Differentiate between 'required' vs. 'actual' extended attribute

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Documentation/ABI/testing/ima_policy diff | blob | history
security/integrity/ima/ima_appraise.c diff | blob | history
security/integrity/ima/ima_main.c diff | blob | history
security/integrity/ima/ima_policy.c diff | blob | history
security/integrity/integrity.h diff | blob | history
Domain: System / Uncategorized;