Hi Mimi, As we discussed, thhis is a RFC patch to extend current appraisal rules to allow appraising signed files only. This should apply on top of Dmitry's patches to support asymmetric key signatures.
Thanks Vivek Vivek Goyal (2): ima: Do not try to fix hash if file system does not support security xattr ima: Support appraise_type=imasig_optional Documentation/ABI/testing/ima_policy | 2 +- security/integrity/ima/ima_appraise.c | 26 ++++++++++++++++++++++---- security/integrity/ima/ima_policy.c | 2 ++ security/integrity/integrity.h | 1 + 4 files changed, 26 insertions(+), 5 deletions(-) -- 1.7.7.6 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/