On Mon, 2022-02-14 at 15:03 -0500, Stefan Berger wrote: > On 2/11/22 16:43, Mimi Zohar wrote: > > Simple policy rule options, such as fowner, uid, or euid, can be checked > > immediately, while other policy rule options, such as requiring a file > > signature, need to be deferred. > > > > The 'flags' field in the integrity_iint_cache struct contains the policy > > action', 'subaction', and non action/subaction. > > > > action: measure/measured, appraise/appraised, (collect)/collected, > > audit/audited > > subaction: appraise status for each hook (e.g. file, mmap, bprm, read, > > creds) > > non action/subaction: deferred policy rule options and state > > > > Rename the IMA_ACTION_FLAGS to IMA_NONACTION_FLAGS. > > > > Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx> > > Reviewed-by: Stefan Berger <stefanb@xxxxxxxxxxxxx> Thanks, Stefan. Both 1/8 & 2/8 cleanup are now queued in next- integrity. -- thanks, Mimi
