summaryrefslogtreecommitdiff
path: root/security/integrity/ima/ima_template.c
diff options
context:
space:
mode:
authorRoberto Sassu <roberto.sassu@polito.it>2013-06-07 14:16:32 +0400
committerMimi Zohar <zohar@linux.vnet.ibm.com>2013-10-26 01:17:05 +0400
commit4d7aeee73f5304bf195aa2904f8eb1d7b2e8fe52 (patch)
tree5cc0bb30f81dab7a981c1f640fb668932a7c32c2 /security/integrity/ima/ima_template.c
parent3ce1217d6cd5dfa82a9db5c2a999cc1bb01490d9 (diff)
downloadlinux-4d7aeee73f5304bf195aa2904f8eb1d7b2e8fe52.tar.xz
ima: define new template ima-ng and template fields d-ng and n-ng
This patch adds support for the new template 'ima-ng', whose format is defined as 'd-ng|n-ng'. These new field definitions remove the size limitations of the original 'ima' template. Further, the 'd-ng' field prefixes the inode digest with the hash algorithim, when displaying the new larger digest sizes. Change log: - scripts/Lindent fixes - Mimi - "always true comparison" - reported by Fengguang Wu, resolved Dmitry - initialize hash_algo variable to HASH_ALGO__LAST - always prefix digest with hash algorithm - Mimi Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity/ima/ima_template.c')
-rw-r--r--security/integrity/ima/ima_template.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
index 810042264396..bf38d1af3cfd 100644
--- a/security/integrity/ima/ima_template.c
+++ b/security/integrity/ima/ima_template.c
@@ -16,7 +16,8 @@
#include "ima_template_lib.h"
static struct ima_template_desc defined_templates[] = {
- {.name = IMA_TEMPLATE_IMA_NAME,.fmt = IMA_TEMPLATE_IMA_FMT},
+ {.name = IMA_TEMPLATE_IMA_NAME, .fmt = IMA_TEMPLATE_IMA_FMT},
+ {.name = "ima-ng",.fmt = "d-ng|n-ng"},
};
static struct ima_template_field supported_fields[] = {
@@ -24,6 +25,10 @@ static struct ima_template_field supported_fields[] = {
.field_show = ima_show_template_digest},
{.field_id = "n",.field_init = ima_eventname_init,
.field_show = ima_show_template_string},
+ {.field_id = "d-ng",.field_init = ima_eventdigest_ng_init,
+ .field_show = ima_show_template_digest_ng},
+ {.field_id = "n-ng",.field_init = ima_eventname_ng_init,
+ .field_show = ima_show_template_string},
};
static struct ima_template_field *lookup_template_field(const char *field_id)