[RFC 0/2] ima: evm: Add kernel cmdline options to disable IMA/EVM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

While reading and testing LSM code, I found IMA/EVM consume per inode
storage even when they are not in use. Add options to diable them in
kernel command line. The logic and syntax is mostly borrowed from an
old serious [1].

[1] https://lore.kernel.org/lkml/cover.1398259638.git.d.kasatkin@xxxxxxxxxxx/

Song Liu (2):
  ima: Add kernel parameter to disable IMA
  evm: Add kernel parameter to disable EVM

 security/integrity/evm/evm.h       |  6 ++++++
 security/integrity/evm/evm_main.c  | 22 ++++++++++++++--------
 security/integrity/evm/evm_secfs.c |  3 ++-
 security/integrity/ima/ima_main.c  | 13 +++++++++++++
 4 files changed, 35 insertions(+), 9 deletions(-)

--
2.43.5
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux