git.karo-electronics.de Git - karo-tx-linux.git/commit

author	Mimi Zohar <zohar@linux.vnet.ibm.com>
	Tue, 16 Oct 2012 02:10:08 +0000 (12:40 +1030)
committer	Rusty Russell <rusty@rustcorp.com.au>
	Thu, 1 Nov 2012 00:54:29 +0000 (11:24 +1030)
commit	41110a4b5ea2144c3830863d24869ce06ab8d30d
tree	4fd147bb21f71476414efdd2394141c728a05dae	tree \| snapshot
parent	1a0ffe5d0724303c489cbdf1f3f4e4bc8dc12bfb	commit \| diff

ima: support new kernel module syscall

With the addition of the new kernel module syscall, which defines two
arguments - a file descriptor to the kernel module and a pointer to a NULL
terminated string of module arguments - it is now possible to measure and
appraise kernel modules like any other file on the file system.

This patch adds support to measure and appraise kernel modules in an
extensible and consistent manner.

To support filesystems without extended attribute support, additional
patches could pass the signature as the first parameter.

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

Documentation/ABI/testing/ima_policy		diff \| blob \| history
include/linux/ima.h		diff \| blob \| history
security/integrity/ima/ima.h		diff \| blob \| history
security/integrity/ima/ima_api.c		diff \| blob \| history
security/integrity/ima/ima_main.c		diff \| blob \| history
security/integrity/ima/ima_policy.c		diff \| blob \| history
security/security.c		diff \| blob \| history