On Jan 15, 2024 Roberto Sassu <roberto.sassu@xxxxxxxxxxxxxxx> wrote: > > Since now IMA and EVM use their own integrity metadata, it is safe to > remove the 'integrity' LSM, with its management of integrity metadata. > > Keep the iint.c file only for loading IMA and EVM keys at boot, and for > creating the integrity directory in securityfs (we need to keep it for > retrocompatibility reasons). > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > Reviewed-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx> > --- > include/linux/integrity.h | 14 --- > security/integrity/iint.c | 197 +-------------------------------- > security/integrity/integrity.h | 25 ----- > security/security.c | 2 - > 4 files changed, 2 insertions(+), 236 deletions(-) Acked-by: Paul Moore <paul@xxxxxxxxxxxxxx> -- paul-moore.com
