diff options
author | Mimi Zohar <zohar@linux.ibm.com> | 2022-04-14 22:46:39 +0200 |
---|---|---|
committer | Mimi Zohar <zohar@linux.ibm.com> | 2022-05-01 22:38:10 +0200 |
commit | 644664627d21648735adfa733956f94064d3417d (patch) | |
tree | b2a92325bb33c3cbde6e19d78f53b2504e2b9ad1 /Documentation/security | |
parent | ima: remove the IMA_TEMPLATE Kconfig option (diff) | |
download | linux-644664627d21648735adfa733956f94064d3417d.tar.xz linux-644664627d21648735adfa733956f94064d3417d.zip |
ima: fix 'd-ng' comments and documentation
Initially the 'd-ng' template field did not prefix the digest with either
"md5" or "sha1" hash algorithms. Prior to being upstreamed this changed,
but the comments and documentation were not updated. Fix the comments
and documentation.
Fixes: 4d7aeee73f53 ("ima: define new template ima-ng and template fields d-ng and n-ng")
Reported-by: Eric Biggers <ebiggers@kernel.org>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'Documentation/security')
-rw-r--r-- | Documentation/security/IMA-templates.rst | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/Documentation/security/IMA-templates.rst b/Documentation/security/IMA-templates.rst index 1a91d92950a7..cab97f49971d 100644 --- a/Documentation/security/IMA-templates.rst +++ b/Documentation/security/IMA-templates.rst @@ -66,8 +66,7 @@ descriptors by adding their identifier to the format string calculated with the SHA1 or MD5 hash algorithm; - 'n': the name of the event (i.e. the file name), with size up to 255 bytes; - 'd-ng': the digest of the event, calculated with an arbitrary hash - algorithm (field format: [<hash algo>:]digest, where the digest - prefix is shown only if the hash algorithm is not SHA1 or MD5); + algorithm (field format: <hash algo>:digest); - 'd-modsig': the digest of the event without the appended modsig; - 'n-ng': the name of the event, without size limitations; - 'sig': the file signature, or the EVM portable signature if the file |