On 10/23/19 6:22 AM, Mimi Zohar wrote:
Thanks for reviewing the changes Mimi.
I'll address your comments and post an updated patch set shortly.
Add a new ima hook to measure keys added to builtin_trusted_keys
keyring.
There is no IMA hook in this patch.
+ else if (strcmp(args[0].from,
+ "BUILTIN_TRUSTED_KEYS") == 0)
+ entry->func = BUILTIN_TRUSTED_KEYS;
else
result = -EINVAL;
if (!result)
Any new options need to be displayed as well.
Not that I can think of. Please correct me if I am wrong.
Thanks,
-lakshmi
