diff options
author | Dmitry Kasatkin <dmitry.kasatkin@intel.com> | 2011-10-18 14:16:28 +0300 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2012-01-19 21:30:21 -0500 |
commit | 4c2c392763a682354fac65b6a569adec4e4b5387 (patch) | |
tree | 490b840399ed1e010561f4b97018f3c0a3caf8b6 | |
parent | f4a0391dfa91155bd961673b31eb42d9d45c799d (diff) | |
download | op-kernel-dev-4c2c392763a682354fac65b6a569adec4e4b5387.zip op-kernel-dev-4c2c392763a682354fac65b6a569adec4e4b5387.tar.gz |
ima: policy for RAMFS
Don't measure ramfs files.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
-rw-r--r-- | security/integrity/ima/ima_policy.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index d661afb..1b422bc 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -62,6 +62,7 @@ static struct ima_measure_rule_entry default_rules[] = { {.action = DONT_MEASURE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC}, {.action = DONT_MEASURE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC}, {.action = DONT_MEASURE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC}, + {.action = DONT_MEASURE,.fsmagic = RAMFS_MAGIC,.flags = IMA_FSMAGIC}, {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC}, {.action = DONT_MEASURE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC}, {.action = MEASURE,.func = FILE_MMAP,.mask = MAY_EXEC, |