integrity: support new struct public_key_signature encoding field - openslx/kernel-qcow2-linux.git

diff options

author	Mimi Zohar	2018-11-09 06:53:40 +0100
committer	Mimi Zohar	2018-11-13 13:37:42 +0100
commit	59637d5e1693451b03d2979ffbe9d40423ef05d7 (patch)
tree	30f8596dd886f5ce918fdcc57b4d3b6b42fa4896 /arch/x86/kernel/Makefile
parent	Merge tag 'v4.20-rc2' into next-general (diff)
download	kernel-qcow2-linux-59637d5e1693451b03d2979ffbe9d40423ef05d7.tar.gz kernel-qcow2-linux-59637d5e1693451b03d2979ffbe9d40423ef05d7.tar.xz kernel-qcow2-linux-59637d5e1693451b03d2979ffbe9d40423ef05d7.zip

integrity: support new struct public_key_signature encoding field

On systems with IMA-appraisal enabled with a policy requiring file signatures, the "good" signature values are stored on the filesystem as extended attributes (security.ima). Signature verification failure would normally be limited to just a particular file (eg. executable), but during boot signature verification failure could result in a system hang. Defining and requiring a new public_key_signature field requires all callers of asymmetric signature verification to be updated to reflect the change. This patch updates the integrity asymmetric_verify() caller. Fixes: 82f94f24475c ("KEYS: Provide software public key query function [ver #2]") Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Cc: David Howells <dhowells@redhat.com> Acked-by: Denis Kenzior <denkenz@gmail.com>

Diffstat (limited to 'arch/x86/kernel/Makefile')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: