• Mimi Zohar's avatar
    security: imbed evm calls in security hooks · 3e1be52d
    Mimi Zohar authored
    Imbed the evm calls evm_inode_setxattr(), evm_inode_post_setxattr(),
    evm_inode_removexattr() in the security hooks.  evm_inode_setxattr()
    protects security.evm xattr.  evm_inode_post_setxattr() and
    evm_inode_removexattr() updates the hmac associated with an inode.
    
    (Assumes an LSM module protects the setting/removing of xattr.)
    
    Changelog:
      - Don't define evm_verifyxattr(), unless CONFIG_INTEGRITY is enabled.
      - xattr_name is a 'const', value is 'void *'
    Signed-off-by: default avatarMimi Zohar <zohar@us.ibm.com>
    Acked-by: default avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    3e1be52d
evm.h 1.38 KB