mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-12-24 09:06:34 +07:00
fd35f192e4
On systems with IMA-appraisal enabled with a policy requiring file
signatures, the "good" signature values are stored on the filesystem as
extended attributes (security.ima). Signature verification failure
would normally be limited to just a particular file (eg. executable),
but during boot signature verification failure could result in a system
hang.
Defining and requiring a new public_key_signature field requires all
callers of asymmetric signature verification to be updated to reflect
the change. This patch updates the integrity asymmetric_verify()
caller.
Fixes:
|
||
---|---|---|
.. | ||
evm | ||
ima | ||
digsig_asymmetric.c | ||
digsig.c | ||
iint.c | ||
integrity_audit.c | ||
integrity.h | ||
Kconfig | ||
Makefile |