mirror of
https://github.com/torvalds/linux
synced 2024-07-21 02:23:16 +00:00
![]() In preparation for removing the 'integrity' LSM, move
integrity_kernel_module_request() to IMA, and rename it to
ima_kernel_module_request(). Rewrite the function documentation, to explain
better what the problem is.
Compile it conditionally if CONFIG_INTEGRITY_ASYMMETRIC_KEYS is enabled,
and call it from security.c (removed afterwards with the move of IMA to the
LSM infrastructure).
Adding this hook cannot be avoided, since IMA has no control on the flags
passed to crypto_alloc_sig() in public_key_verify_signature(), and thus
cannot pass CRYPTO_NOLOAD, which solved the problem for EVM hashing with
commit
|
||
---|---|---|
.. | ||
evm | ||
ima | ||
platform_certs | ||
digsig.c | ||
digsig_asymmetric.c | ||
iint.c | ||
integrity.h | ||
integrity_audit.c | ||
Kconfig | ||
Makefile |