integrity: support new struct public_key_signature encoding field - kernel/linux.git

diff options

author	Mimi Zohar <zohar@linux.ibm.com>	2018-11-09 08:53:40 +0300
committer	James Morris <james.morris@microsoft.com>	2018-11-14 00:09:56 +0300
commit	fd35f192e42cf7c0df1e2480bfd5965e35b2f4ca (patch)
tree	772f7b697fa729f1f186f6e9310def5493c11e83 /.gitattributes
parent	ccda4af0f4b92f7b4c308d3acc262f4a7e3affad (diff)
download	linux-fd35f192e42cf7c0df1e2480bfd5965e35b2f4ca.tar.xz

integrity: support new struct public_key_signature encoding field

On systems with IMA-appraisal enabled with a policy requiring file signatures, the "good" signature values are stored on the filesystem as extended attributes (security.ima). Signature verification failure would normally be limited to just a particular file (eg. executable), but during boot signature verification failure could result in a system hang. Defining and requiring a new public_key_signature field requires all callers of asymmetric signature verification to be updated to reflect the change. This patch updates the integrity asymmetric_verify() caller. Fixes: 82f94f24475c ("KEYS: Provide software public key query function [ver #2]") Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Cc: David Howells <dhowells@redhat.com> Acked-by: Denis Kenzior <denkenz@gmail.com> Signed-off-by: James Morris <james.morris@microsoft.com>

Diffstat (limited to '.gitattributes')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: