diff options
| author |   Thiago Jung Bauermann <bauerman@linux.ibm.com> | 2019-06-27 23:19:31 -0300 |
|---|---|---|
| committer |   Mimi Zohar <zohar@linux.ibm.com> | 2019-08-05 18:40:24 -0400 |
| commit | 15588227e086ec662d59df144e48af82e3e592f1 (patch) | |
| tree | cc9bb78a8e764951cefaf016793e968d8446edc0 /security/integrity/ima/ima_api.c | |
| parent | ima: Implement support for module-style appended signatures (diff) | |
| download | linux-dev-15588227e086ec662d59df144e48af82e3e592f1.tar.xz linux-dev-15588227e086ec662d59df144e48af82e3e592f1.zip | |
ima: Collect modsig
Obtain the modsig and calculate its corresponding hash in
ima_collect_measurement().
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'security/integrity/ima/ima_api.c')
| -rw-r--r-- | security/integrity/ima/ima_api.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index f614e22bf39f..ff8b7fb03ea0 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -205,7 +205,7 @@ int ima_get_action(struct inode *inode, const struct cred *cred, u32 secid, */ int ima_collect_measurement(struct integrity_iint_cache *iint, struct file *file, void *buf, loff_t size, - enum hash_algo algo) + enum hash_algo algo, struct modsig *modsig) { const char *audit_cause = "failed"; struct inode *inode = file_inode(file); @@ -252,6 +252,9 @@ int ima_collect_measurement(struct integrity_iint_cache *iint, memcpy(iint->ima_hash, &hash, length); iint->version = i_version; + if (modsig) + ima_collect_modsig(modsig, buf, size); + /* Possibly temporary failure due to type of read (eg. O_DIRECT) */ if (!result) iint->flags |= IMA_COLLECTED; |