ima: add support for different security.ima data types IMA-appraisal currently verifies the integrity of a file based on a known 'good' measurement value. This patch reserves the first byte of 'security.ima' as a place holder for the type of method used for verifying file data integrity. Changelog v1: - Use the newly defined 'struct evm_ima_xattr_data' Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

commit: 5a44b41207174e1882ce0c24a752f4cfb65dab07 [log] [tgz]
author: Mimi Zohar <zohar@linux.vnet.ibm.com> Mon Jan 09 22:59:36 2012 -0500
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> Fri Sep 07 14:57:47 2012 -0400
tree: a5426be63a4f165f3ce15d1e61d8fd10f37fd8c3
parent: 42c63330f2b05aa6077c1bfc2798c04afe54f6b2 [diff] [blame]
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index dac6b68..91ccef1 100644
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h

@@ -39,7 +39,7 @@
 	struct inode *inode;	/* back pointer to inode in question */
 	u64 version;		/* track inode changes */
 	unsigned char flags;
-	u8 digest[SHA1_DIGEST_SIZE];
+	struct evm_ima_xattr_data ima_xattr;
 	enum integrity_status ima_status;
 	enum integrity_status evm_status;
 };
commit	5a44b41207174e1882ce0c24a752f4cfb65dab07	[log] [tgz]
author	Mimi Zohar <zohar@linux.vnet.ibm.com>	Mon Jan 09 22:59:36 2012 -0500
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	Fri Sep 07 14:57:47 2012 -0400
tree	a5426be63a4f165f3ce15d1e61d8fd10f37fd8c3
parent	42c63330f2b05aa6077c1bfc2798c04afe54f6b2 [diff] [blame]