projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6be5cc5) | patch
security: imbed evm calls in security hooks
authorMimi Zohar <zohar@linux.vnet.ibm.com>
Wed, 9 Mar 2011 19:38:26 +0000 (14:38 -0500)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Mon, 18 Jul 2011 16:29:42 +0000 (12:29 -0400)
commit3e1be52d6c6b21d9080dd886c0e609e009831562
tree2947250698b89eed0149af2d69a33b303c4d6be4tree | snapshot (tar.gz zip)
parent6be5cc5246f807fd8ede9f5f1bb2826f2c598658commit | diff
security: imbed evm calls in security hooks

Imbed the evm calls evm_inode_setxattr(), evm_inode_post_setxattr(),
evm_inode_removexattr() in the security hooks.  evm_inode_setxattr()
protects security.evm xattr.  evm_inode_post_setxattr() and
evm_inode_removexattr() updates the hmac associated with an inode.

(Assumes an LSM module protects the setting/removing of xattr.)

Changelog:
  - Don't define evm_verifyxattr(), unless CONFIG_INTEGRITY is enabled.
  - xattr_name is a 'const', value is 'void *'

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
include/linux/evm.h [new file with mode: 0644] blob
security/integrity/evm/evm_main.c diff | blob | blame | history
security/security.c diff | blob | blame | history
kernel source for telekom puls (alcatel/mediatek)