On Fri, Jun 14, 2019 at 7:14 AM Mimi Zohar wrote:
>
> > > > diff --git a/security/integrity/ima/ima_init.c
> > > > b/security/integrity/ima/ima_init.c
> > > > index 993d0f1915ff..c8591406c0e2 100644
> > > > --- a/security/integrity/ima/ima_init.c
> > > > +++ b/security/integrity/ima/ima_init.c
>
> > > diff --git a/security/integrity/ima/ima_init.c
> > > b/security/integrity/ima/ima_init.c
> > > index 993d0f1915ff..c8591406c0e2 100644
> > > --- a/security/integrity/ima/ima_init.c
> > > +++ b/security/integrity/ima/ima_init.c
> > > @@ -50,7 +50,7 @@ static int __init
Hi Prakhar,
> > diff --git a/security/integrity/ima/ima_api.c
> > b/security/integrity/ima/ima_api.c
> > index ea7d8cbf712f..83ca99d65e4b 100644
> > --- a/security/integrity/ima/ima_api.c
> > +++ b/security/integrity/ima/ima_api.c
> > @@ -140,7 +140,7 @@ void ima_add_violation(struct file *file,
On Wed, 2019-06-12 at 15:15 -0700, Prakhar Srivastava wrote:
As before, the patch title needs to be prefixed with "ima: ".
> /* IMA template field data definition */
> diff --git a/security/integrity/ima/ima_api.c
> b/security/integrity/ima/ima_api.c
> index ea7d8cbf712f..83ca99d65e4b 100644
>
On Wed, 12 Jun 2019, Prakhar Srivastava wrote:
> A buffer(kexec cmdline args) measured into ima cannot be
> appraised without already being aware of the buffer contents.
> Since hashes are non-reversible, raw buffer is needed for
> validation or regenerating hash for appraisal/attestation.
>
>
A buffer(kexec cmdline args) measured into ima cannot be
appraised without already being aware of the buffer contents.
Since hashes are non-reversible, raw buffer is needed for
validation or regenerating hash for appraisal/attestation.
This patch adds support to ima to allow store/read the
buffer
6 matches
Mail list logo