diff options
author | Roberto Sassu <roberto.sassu@huawei.com> | 2024-02-15 13:31:13 +0300 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2024-02-16 07:43:48 +0300 |
commit | b6c0dec9f78bc691166d60347b52b3adf03d5875 (patch) | |
tree | b7bb4d4814312b92770129b2c440146aad4a121e /include/linux | |
parent | 4de2f084fbff41113d9adec3c9e15ab12bf05e21 (diff) | |
download | linux-b6c0dec9f78bc691166d60347b52b3adf03d5875.tar.xz |
integrity: Remove LSM
Since now IMA and EVM use their own integrity metadata, it is safe to
remove the 'integrity' LSM, with its management of integrity metadata.
Keep the iint.c file only for loading IMA and EVM keys at boot, and for
creating the integrity directory in securityfs (we need to keep it for
retrocompatibility reasons).
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Acked-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/integrity.h | 14 |
1 files changed, 0 insertions, 14 deletions
diff --git a/include/linux/integrity.h b/include/linux/integrity.h index ef0f63ef5ebc..459b79683783 100644 --- a/include/linux/integrity.h +++ b/include/linux/integrity.h @@ -19,24 +19,10 @@ enum integrity_status { INTEGRITY_UNKNOWN, }; -/* List of EVM protected security xattrs */ #ifdef CONFIG_INTEGRITY -extern struct integrity_iint_cache *integrity_inode_get(struct inode *inode); -extern void integrity_inode_free(struct inode *inode); extern void __init integrity_load_keys(void); #else -static inline struct integrity_iint_cache * - integrity_inode_get(struct inode *inode) -{ - return NULL; -} - -static inline void integrity_inode_free(struct inode *inode) -{ - return; -} - static inline void integrity_load_keys(void) { } |