Tyler Hicks 712183437e ima: Fail rule parsing when buffer hook functions have an invalid action ... Buffer based hook functions, such as KEXEC_CMDLINE and KEY_CHECK, can only measure. The process_buffer_measurement() function quietly ignores all actions except measure so make this behavior clear at the time of policy load. The parsing of the keyrings conditional had a check to ensure that it was only specified with measure actions but the check should be on the hook function and not the keyrings conditional since "appraise func=KEY_CHECK" is not a valid rule. Fixes: b0935123a1 ("IMA: Define a new hook to measure the kexec boot command line arguments") Fixes: 5808611ccc ("IMA: Add KEY_CHECK func to measure keys") Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>		2020-07-16 21:53:55 -04:00
..
evm	integrity-v5.8	2020-06-06 09:39:05 -07:00
ima	ima: Fail rule parsing when buffer hook functions have an invalid action	2020-07-16 21:53:55 -04:00
platform_certs	EFI updates for v5.7:	2020-02-26 15:21:22 +01:00
digsig_asymmetric.c	integrity: Remove duplicate pr_fmt definitions	2020-02-28 14:32:58 -05:00
digsig.c	integrity: Remove duplicate pr_fmt definitions	2020-02-28 14:32:58 -05:00
iint.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441	2019-06-05 17:37:17 +02:00
integrity_audit.c	integrity: Add errno field in audit message	2020-07-16 21:48:11 -04:00
integrity.h	integrity: Add errno field in audit message	2020-07-16 21:48:11 -04:00
Kconfig	powerpc: Load firmware trusted keys/hashes into kernel keyring	2019-11-13 00:33:23 +11:00
Makefile	powerpc: Load firmware trusted keys/hashes into kernel keyring	2019-11-13 00:33:23 +11:00