integrity: IMA policy

Support for a user loadable policy through securityfs with support for LSM specific policy data. - free invalid rule in ima_parse_add_rule() Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
author: Mimi Zohar 2009-02-04 15:07:00 +0100
committer: James Morris 2009-02-05 23:05:31 +0100
commit: 4af4662fa4a9dc62289c580337ae2506339c4729 (patch)
tree: faec95258d2456eb35515f289eb688914ce3b54f /security/integrity/ima/Kconfig
parent: integrity: IMA display (diff)
download: kernel-qcow2-linux-4af4662fa4a9dc62289c580337ae2506339c4729.tar.gz
kernel-qcow2-linux-4af4662fa4a9dc62289c580337ae2506339c4729.tar.xz
kernel-qcow2-linux-4af4662fa4a9dc62289c580337ae2506339c4729.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index 2a761c8ac996..3d2b6ee778a0 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -47,3 +47,9 @@ config IMA_AUDIT
 	  auditing messages can be enabled with 'ima_audit=1' on
 	  the kernel command line.
 
+config IMA_LSM_RULES
+	bool
+	depends on IMA && (SECURITY_SELINUX || SECURITY_SMACK)
+	default y
+	help
+	  Disabling this option will disregard LSM based policy rules
author	Mimi Zohar	2009-02-04 15:07:00 +0100
committer	James Morris	2009-02-05 23:05:31 +0100
commit	4af4662fa4a9dc62289c580337ae2506339c4729 (patch)
tree	faec95258d2456eb35515f289eb688914ce3b54f /security/integrity/ima/Kconfig
parent	integrity: IMA display (diff)
download	kernel-qcow2-linux-4af4662fa4a9dc62289c580337ae2506339c4729.tar.gz kernel-qcow2-linux-4af4662fa4a9dc62289c580337ae2506339c4729.tar.xz kernel-qcow2-linux-4af4662fa4a9dc62289c580337ae2506339c4729.zip