git.karo-electronics.de Git - karo-tx-linux.git/commit

author	Mimi Zohar <zohar@linux.vnet.ibm.com>
	Tue, 16 Oct 2012 02:10:08 +0000 (12:40 +1030)
committer	Rusty Russell <rusty@rustcorp.com.au>
	Wed, 24 Oct 2012 01:51:41 +0000 (12:21 +1030)
commit	51008a5a7a1f6617584b4815ee3ae08f6ab2cdfe
tree	06a778c26b26fedf0faca770f703f0ae4c82eb0e	tree \| snapshot
parent	9b3f43b473aaaf30bab3c26c36629be51610f217	commit \| diff

ima: support new kernel module syscall

With the addition of the new kernel module syscall, which defines two
arguments - a file descriptor to the kernel module and a pointer to a NULL
terminated string of module arguments - it is now possible to measure and
appraise kernel modules like any other file on the file system.

This patch adds support to measure and appraise kernel modules in an
extensible and consistent manner.

To support filesystems without extended attribute support, additional
patches could pass the signature as the first parameter.

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

Documentation/ABI/testing/ima_policy		diff \| blob \| history
include/linux/ima.h		diff \| blob \| history
security/integrity/ima/ima.h		diff \| blob \| history
security/integrity/ima/ima_api.c		diff \| blob \| history
security/integrity/ima/ima_main.c		diff \| blob \| history
security/integrity/ima/ima_policy.c		diff \| blob \| history
security/security.c		diff \| blob \| history