This patch set addresses a couple of problems with writing security.ima xattrs from tar. The first patch prevents file signatures stored in the security.ima xattr from being replaced when the timestamp is updated. The second patch identifies empty files created using mknodat as new, so that the file can subsequently be opened in order to write the file contents. Mimi Mimi Zohar (2): ima: fix ima_inode_post_setattr ima: add support for creating files using the mknodat syscall fs/namei.c | 2 ++ include/linux/ima.h | 6 ++++++ security/integrity/ima/ima_appraise.c | 7 ++++++- security/integrity/ima/ima_main.c | 32 +++++++++++++++++++++++++++++++- security/integrity/integrity.h | 1 + 5 files changed, 46 insertions(+), 2 deletions(-) -- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
