NothingOSS/android_kernel_msm-6.1_nothing_sm7635
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_msm-6.1_noth.../include
History
Florent Revest 6beea7afcc ima: add the ability to query the cached hash of a given file 
This allows other parts of the kernel (perhaps a stacked LSM allowing
system monitoring, eg. the proposed KRSI LSM [1]) to retrieve the hash
of a given file from IMA if it's present in the iint cache.

It's true that the existence of the hash means that it's also in the
audit logs or in /sys/kernel/security/ima/ascii_runtime_measurements,
but it can be difficult to pull that information out for every
subsequent exec. This is especially true if a given host has been up
for a long time and the file was first measured a long time ago.

It should be kept in mind that this function gives access to cached
entries which can be removed, for instance on security_inode_free().

This is based on Peter Moody's patch:
 https://sourceforge.net/p/linux-ima/mailman/message/33036180/

[1] https://lkml.org/lkml/2019/9/10/393

Signed-off-by: Florent Revest <revest@google.com>
Reviewed-by: KP Singh <kpsingh@chromium.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2020-01-22 15:22:51 -05:00
..
acpi Merge branches 'acpi-utils', 'acpi-platform', 'acpi-video' and 'acpi-doc' 2019-11-26 10:30:49 +01:00
asm-generic powerpc updates for 5.5 #2 2019-12-06 13:36:31 -08:00
clocksource x86/hyperv: Initialize clockevents earlier in CPU onlining 2019-11-15 10:33:49 +01:00
crypto crypto: ablkcipher - remove deprecated and unused ablkcipher support 2019-11-17 09:02:49 +08:00
drm mm + drm coherent memory support for vmwgfx 2019-11-30 09:38:11 -08:00
dt-bindings ARM: Device-tree updates 2019-12-05 12:09:47 -08:00
keys powerpc updates for 5.5 2019-11-30 14:35:43 -08:00
kunit kunit: fix failure to build without printk 2019-09-30 17:35:01 -06:00
kvm Merge remote-tracking branch 'kvmarm/misc-5.5' into kvmarm/next 2019-11-08 11:27:29 +00:00
linux ima: add the ability to query the cached hash of a given file 2020-01-22 15:22:51 -05:00
math-emu
media drm main pull for 5.5-rc1 2019-11-27 17:45:48 -08:00
misc
net inet: protect against too small mtu values. 2019-12-07 11:55:11 -08:00
pcmcia
ras
rdma hmm related patches for 5.5 2019-11-30 10:33:14 -08:00
scsi scsi: target: iscsi: Wait for all commands to finish before freeing a session 2019-11-19 21:37:35 -05:00
soc drm msm + fixes for 5.5-rc1 2019-12-06 10:28:09 -08:00
sound ALSA: hda: Modify stream stripe mask only when needed 2019-12-03 07:46:30 +01:00
target scsi: target: Remove tpg_list and se_portal_group.se_tpg_node 2019-10-03 22:00:09 -04:00
trace This is a relatively quiet cycle for nfsd, mainly various bugfixes. 2019-12-07 16:56:00 -08:00
uapi Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2019-12-07 18:33:01 -08:00
vdso
video
xen dma-mapping updates for 5.5-rc1 2019-11-28 11:16:43 -08:00