ima: read and use signature hash algorithm
authorDmitry Kasatkin <d.kasatkin@samsung.com>
Thu, 25 Apr 2013 07:44:04 +0000 (10:44 +0300)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Fri, 25 Oct 2013 21:16:59 +0000 (17:16 -0400)
commitd3634d0f426bdeb433cb288bdbb0a5e16cf3dbbf
tree2197b45ddbdfcc81ecdc6b5acaa9292eead795b7
parentc7c8bb237fdbff932b5e431aebee5ce862ea07d1
ima: read and use signature hash algorithm

All files on the filesystem, currently, are hashed using the same hash
algorithm.  In preparation for files from different packages being
signed using different hash algorithms, this patch adds support for
reading the signature hash algorithm from the 'security.ima' extended
attribute and calculates the appropriate file data hash based on it.

Changelog:
- fix scripts Lindent and checkpatch msgs - Mimi
- fix md5 support for older version, which occupied 20 bytes in the
  xattr, not the expected 16 bytes.  Fix the comparison to compare
  only the first 16 bytes.

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
security/integrity/digsig_asymmetric.c
security/integrity/ima/ima.h
security/integrity/ima/ima_api.c
security/integrity/ima/ima_appraise.c
security/integrity/ima/ima_main.c
security/integrity/integrity.h