On Fri, Jul 13, 2018 at 11:06 AM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote: > Both the init_module and finit_module syscalls call either directly > or indirectly the security_kernel_read_file LSM hook. This patch > replaces the direct call in init_module with a call to the new > security_kernel_load_data hook and makes the corresponding changes > in SELinux, LoadPin, and IMA. > > Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> > Cc: Jeff Vander Stoep <jeffv@xxxxxxxxxx> > Cc: Casey Schaufler <casey@xxxxxxxxxxxxxxxx> > Cc: Kees Cook <keescook@xxxxxxxxxxxx> > Acked-by: Jessica Yu <jeyu@xxxxxxxxxx> > Acked-by: Paul Moore <paul@xxxxxxxxxxxxxx> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx> Thanks! -Kees -- Kees Cook Pixel Security _______________________________________________ kexec mailing list kexec@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/kexec
