aboutsummaryrefslogtreecommitdiffstats
path: root/security/integrity
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.vnet.ibm.com>2011-03-09 14:38:26 -0500
committerMimi Zohar <zohar@linux.vnet.ibm.com>2011-07-18 12:29:42 -0400
commit3e1be52d6c6b21d9080dd886c0e609e009831562 (patch)
tree2947250698b89eed0149af2d69a33b303c4d6be4 /security/integrity
parent6be5cc5246f807fd8ede9f5f1bb2826f2c598658 (diff)
security: imbed evm calls in security hooks
Imbed the evm calls evm_inode_setxattr(), evm_inode_post_setxattr(), evm_inode_removexattr() in the security hooks. evm_inode_setxattr() protects security.evm xattr. evm_inode_post_setxattr() and evm_inode_removexattr() updates the hmac associated with an inode. (Assumes an LSM module protects the setting/removing of xattr.) Changelog: - Don't define evm_verifyxattr(), unless CONFIG_INTEGRITY is enabled. - xattr_name is a 'const', value is 'void *' Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Diffstat (limited to 'security/integrity')
-rw-r--r--security/integrity/evm/evm_main.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index c0580dd15ec0..1746c3669c6f 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -18,6 +18,7 @@
18#include <linux/crypto.h> 18#include <linux/crypto.h>
19#include <linux/xattr.h> 19#include <linux/xattr.h>
20#include <linux/integrity.h> 20#include <linux/integrity.h>
21#include <linux/evm.h>
21#include "evm.h" 22#include "evm.h"
22 23
23int evm_initialized; 24int evm_initialized;