UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/security/integrity/ima
History
Mimi Zohar a7f2a366f6 ima: fallback to MODULE_SIG_ENFORCE for existing kernel module syscall 
The new kernel module syscall appraises kernel modules based
on policy.   If the IMA policy requires kernel module checking,
fallback to module signature enforcing for the existing syscall.
Without CONFIG_MODULE_SIG_FORCE enabled, the kernel module's
integrity is unknown, return -EACCES.

Changelog v1:
- Fix ima_module_check() return result (Tetsuo Handa)

Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Reviewed-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
 		2012-12-24 09:35:48 -05:00
..
Kconfig ima: integrity appraisal extension 2012-09-07 14:57:44 -04:00
Makefile ima: integrity appraisal extension 2012-09-07 14:57:44 -04:00
ima.h ima: fallback to MODULE_SIG_ENFORCE for existing kernel module syscall 2012-12-24 09:35:48 -05:00
ima_api.c ima: support new kernel module syscall 2012-12-14 13:05:26 +10:30
ima_appraise.c ima: fix bug in argument order 2012-10-05 22:32:16 +10:00
ima_audit.c userns: Add user namespace support to IMA 2012-09-21 03:13:24 -07:00
ima_crypto.c ima: integrity appraisal extension 2012-09-07 14:57:44 -04:00
ima_fs.c ima: remove unused cleanup functions 2012-07-02 16:43:30 -04:00
ima_init.c ima: remove unused cleanup functions 2012-07-02 16:43:30 -04:00
ima_main.c ima: fallback to MODULE_SIG_ENFORCE for existing kernel module syscall 2012-12-24 09:35:48 -05:00
ima_policy.c ima: fallback to MODULE_SIG_ENFORCE for existing kernel module syscall 2012-12-24 09:35:48 -05:00
ima_queue.c ima: fix invalid memory reference 2011-12-19 22:07:54 -05:00