Hi Mimi,
On 11/11/2018 08:29 AM, Mimi Zohar wrote:
On systems with IMA-appraisal enabled with a policy requiring file
signatures, the "good" signature values are stored on the filesystem as
extended attributes (security.ima). Signature verification failure
would normally be limited to just a particular file (eg. executable),
but during boot signature verification failure could result in a system
hang.
Defining and requiring a new public_key_signature field requires all
callers of asymmetric signature verification to be updated to reflect
the change. This patch updates the integrity asymmetric_verify()
caller.
Fixes: 82f94f24475c ("KEYS: Provide software public key query function [ver #2]")
Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
Cc: David Howells <dhowells@xxxxxxxxxx>
Cc: Denis Kenzior <denkenz@xxxxxxxxx>
---
security/integrity/digsig_asymmetric.c | 1 +
1 file changed, 1 insertion(+)
Acked/Reviewed by: Denis Kenzior <denkenz@xxxxxxxxx>
Regards,
-Denis
