ima: change integrity cache to store measured pcr - linux

diff options

author	Eric Richter <erichte@linux.vnet.ibm.com>	2016-06-01 20:14:06 +0200
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	2016-06-30 07:14:22 +0200
commit	a422638d492a35316e3fd9bb31bfc9769b249bca (patch)
tree	ee3c83ca967003972763fb18de707bd7cc5bb58f /net/ipv4/cipso_ipv4.c
parent	ima: redefine duplicate template entries (diff)
download	linux-a422638d492a35316e3fd9bb31bfc9769b249bca.tar.xz linux-a422638d492a35316e3fd9bb31bfc9769b249bca.zip

ima: change integrity cache to store measured pcr

IMA avoids re-measuring files by storing the current state as a flag in the integrity cache. It will then skip adding a new measurement log entry if the cache reports the file as already measured. If a policy measures an already measured file to a new PCR, the measurement will not be added to the list. This patch implements a new bitfield for specifying which PCR the file was measured into, rather than if it was measured. Signed-off-by: Eric Richter <erichte@linux.vnet.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

Diffstat (limited to 'net/ipv4/cipso_ipv4.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: