linux_dsm_epyc7002/security/integrity/ima
Sascha Hauer ac0bf025d2 ima: Use i_version only when filesystem supports it
i_version is only supported by a filesystem when the SB_I_VERSION
flag is set. This patch tests for the SB_I_VERSION flag before using
i_version. If we can't use i_version to detect a file change then we
must assume the file has changed in the last_writer path and remeasure
it.

On filesystems without i_version support IMA used to measure a file
only once and didn't detect any changes to a file. With this patch
IMA now works properly on these filesystems.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
2017-12-13 07:23:02 -05:00
..
ima_api.c ima: always measure and audit files in policy 2017-11-08 15:16:36 -05:00
ima_appraise.c ima: do not update security.ima if appraisal status is not INTEGRITY_PASS 2017-11-20 08:23:10 +11:00
ima_crypto.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2017-11-14 10:52:09 -08:00
ima_fs.c ima: Fix bool initialization/comparison 2017-11-08 15:16:36 -05:00
ima_init.c ima: on soft reboot, restore the measurement list 2016-12-20 09:48:43 -08:00
ima_kexec.c ima: define a canonical binary_runtime_measurements list format 2016-12-20 09:48:45 -08:00
ima_main.c ima: Use i_version only when filesystem supports it 2017-12-13 07:23:02 -05:00
ima_mok.c KEYS: Use structure to capture key restriction function and data 2017-04-04 14:10:10 -07:00
ima_policy.c ima: Fix bool initialization/comparison 2017-11-08 15:16:36 -05:00
ima_queue.c ima: fix get_binary_runtime_size() 2017-06-21 14:37:12 -04:00
ima_template_lib.c ima: introduce ima_parse_buf() 2017-06-21 14:37:12 -04:00
ima_template_lib.h ima: introduce ima_parse_buf() 2017-06-21 14:37:12 -04:00
ima_template.c ima: use ima_parse_buf() to parse template data 2017-06-21 14:37:12 -04:00
ima.h ima: Simplify policy_func_show. 2017-06-21 14:37:12 -04:00
Kconfig IMA: Correct Kconfig dependencies for hash selection 2017-06-21 14:37:12 -04:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00