summaryrefslogtreecommitdiffstats
path: root/net/dsa
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.vnet.ibm.com>2018-04-12 00:15:22 -0400
committerMimi Zohar <zohar@linux.vnet.ibm.com>2018-05-22 13:16:42 -0400
commit6f0911a666d1f99ff72e7848ddee36af7bbce050 (patch)
tree5cf7324ad0d10828704a87762b86ca5f845371c3 /net/dsa
parentfd90bc559bfba743ae8de87ff23b92a5e4668062 (diff)
downloadop-kernel-dev-6f0911a666d1f99ff72e7848ddee36af7bbce050.zip
op-kernel-dev-6f0911a666d1f99ff72e7848ddee36af7bbce050.tar.gz
ima: fix updating the ima_appraise flag
As IMA policy rules are added, a mask of the type of rule (eg. kernel modules, firmware, IMA policy) is updated. Unlike custom IMA policy rules, which replace the original builtin policy rules and update the mask, the builtin "secure_boot" policy rules were loaded, but did not update the mask. This patch refactors the code to load custom policies, defining a new function named ima_appraise_flag(). The new function is called either when loading the builtin "secure_boot" or custom policies. Fixes: 503ceaef8e2e ("ima: define a set of appraisal rules requiring file signatures") Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'net/dsa')
0 files changed, 0 insertions, 0 deletions
OpenPOWER on IntegriCloud