On 2020-12-24 5:48 a.m., Mimi Zohar wrote:
Hi Tushar,
Please update the Subject line as, "Add policy rule support for
measuring critical data".
On Sat, 2020-12-12 at 10:02 -0800, Tushar Sugandhi wrote:
A new IMA policy rule is needed for the IMA hook
ima_measure_critical_data() and the corresponding func CRITICAL_DATA for
measuring the input buffer. The policy rule should ensure the buffer
would get measured only when the policy rule allows the action. The
policy rule should also support the necessary constraints (flags etc.)
for integrity critical buffer data measurements.
Add a policy rule to define the constraints for restricting integrity
critical data measurements.
Signed-off-by: Tushar Sugandhi <tusharsu@xxxxxxxxxxxxxxxxxxx>
This patch does not restrict measuring critical data, but adds policy
rule support for measuring critical data. please update the patch
description accordingly.
Will do. Will update the patch description accordingly.
Other than that,
Reviewed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
Thanks a lot for the Reviewed-by tag. :)
--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel