summaryrefslogtreecommitdiffstats
path: root/security/integrity/evm
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.vnet.ibm.com>2011-03-09 20:38:26 +0100
committerMimi Zohar <zohar@linux.vnet.ibm.com>2011-07-18 18:29:42 +0200
commit3e1be52d6c6b21d9080dd886c0e609e009831562 (patch)
tree2947250698b89eed0149af2d69a33b303c4d6be4 /security/integrity/evm
parentevm: add support for different security.evm data types (diff)
downloadlinux-3e1be52d6c6b21d9080dd886c0e609e009831562.tar.xz
linux-3e1be52d6c6b21d9080dd886c0e609e009831562.zip
security: imbed evm calls in security hooks
Imbed the evm calls evm_inode_setxattr(), evm_inode_post_setxattr(), evm_inode_removexattr() in the security hooks. evm_inode_setxattr() protects security.evm xattr. evm_inode_post_setxattr() and evm_inode_removexattr() updates the hmac associated with an inode. (Assumes an LSM module protects the setting/removing of xattr.) Changelog: - Don't define evm_verifyxattr(), unless CONFIG_INTEGRITY is enabled. - xattr_name is a 'const', value is 'void *' Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Diffstat (limited to 'security/integrity/evm')
-rw-r--r--security/integrity/evm/evm_main.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index c0580dd15ec0..1746c3669c6f 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -18,6 +18,7 @@
#include <linux/crypto.h>
#include <linux/xattr.h>
#include <linux/integrity.h>
+#include <linux/evm.h>
#include "evm.h"
int evm_initialized;