Thread (16 messages) 16 messages, 2 authors, 2019-10-23

Re: [PATCH v1 6/6] KEYS: measure keys when they are created or updated

From: Mimi Zohar <zohar@linux.ibm.com>
Date: 2019-10-23 18:09:27
Also in: keyrings, linux-integrity, lkml 

On Tue, 2019-10-22 at 17:18 -0700, Lakshmi Ramasubramanian wrote:
quoted hunk ↗ jump to hunk
diff --git a/security/security.c b/security/security.c
index 250ee2d76406..707a9e7fa94d 100644
--- a/security/security.c
+++ b/security/security.c
@@ -2303,6 +2303,16 @@ int security_key_getsecurity(struct key *key, char **_buffer)
 	return call_int_hook(key_getsecurity, 0, key, _buffer);
 }
 
+int security_key_create_or_update(struct key *keyring,
+				  struct key *key,
+				  const struct cred *cred,
+				  unsigned long flags,
+				  bool create)
+{
+	return ima_post_key_create_or_update(keyring, key, cred,
+					     flags, create);
+}
+
 #endif	/* CONFIG_KEYS */
Either the new hook is an LSM and IMA hook, or it is just an IMA hook.
 We don't define a security_ function, if it is just an IMA hook.

Mimi
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help