linux_dsm_epyc7002/security/integrity/ima
Petko Manolov 38d859f991 IMA: policy can now be updated multiple times
The new rules get appended to the original policy, forming a queue.
The new rules are first added to a temporary list, which on error
get released without disturbing the normal IMA operations.  On
success both lists (the current policy and the new rules) are spliced.

IMA policy reads are many orders of magnitude more numerous compared to
writes, the match code is RCU protected.  The updater side also does
list splice in RCU manner.

Signed-off-by: Petko Manolov <petkan@mip-labs.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-12-15 10:01:43 -05:00
..
ima_api.c ima: pass iint to ima_add_violation() 2015-05-21 13:59:29 -04:00
ima_appraise.c ima: limit file hash setting by user to fix and log modes 2015-05-21 13:28:46 -04:00
ima_crypto.c mm, page_alloc: rename __GFP_WAIT to __GFP_RECLAIM 2015-11-06 17:50:42 -08:00
ima_fs.c IMA: policy can now be updated multiple times 2015-12-15 10:01:43 -05:00
ima_init.c integrity: define '.evm' as a builtin 'trusted' keyring 2015-11-23 14:30:02 -05:00
ima_main.c ima: pass iint to ima_add_violation() 2015-05-21 13:59:29 -04:00
ima_policy.c IMA: policy can now be updated multiple times 2015-12-15 10:01:43 -05:00
ima_queue.c integrity: fix checkpatch errors 2014-03-07 12:15:45 -05:00
ima_template_lib.c ima: fix ima_show_template_data_ascii() 2015-06-16 08:18:21 -04:00
ima_template_lib.h ima: wrap event related data to the new ima_event_data structure 2015-05-21 13:59:28 -04:00
ima_template.c ima: added support for new kernel cmdline parameter ima_template_fmt 2014-10-13 08:39:02 -04:00
ima.h integrity: define '.evm' as a builtin 'trusted' keyring 2015-11-23 14:30:02 -05:00
Kconfig IMA: policy can now be updated multiple times 2015-12-15 10:01:43 -05:00
Makefile ima: define template fields library and new helpers 2013-10-25 17:17:05 -04:00