linux/security/integrity
Mimi Zohar 42c63330f2 ima: add ima_inode_setxattr/removexattr function and calls
Based on xattr_permission comments, the restriction to modify 'security'
xattr is left up to the underlying fs or lsm. Ensure that not just anyone
can modify or remove 'security.ima'.

Changelog v1:
- Unless IMA-APPRAISE is configured, use stub ima_inode_removexattr()/setxattr()
  functions.  (Moved ima_inode_removexattr()/setxattr() to ima_appraise.c)

Changelog:
  - take i_mutex to fix locking (Dmitry Kasatkin)
  - ima_reset_appraise_flags should only be called when modifying or
    removing the 'security.ima' xattr. Requires CAP_SYS_ADMIN privilege.
    (Incorporated fix from Roberto Sassu)
  - Even if allowed to update security.ima, reset the appraisal flags,
    forcing re-appraisal.
  - Replace CAP_MAC_ADMIN with CAP_SYS_ADMIN
  - static inline ima_inode_setxattr()/ima_inode_removexattr() stubs
  - ima_protect_xattr should be static

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
2012-09-07 14:57:47 -04:00
..
evm ima: integrity appraisal extension 2012-09-07 14:57:44 -04:00
ima ima: add ima_inode_setxattr/removexattr function and calls 2012-09-07 14:57:47 -04:00
digsig.c integrity: digital signature verification using multiple keyrings 2011-11-09 16:51:09 +02:00
iint.c ima: replace iint spinblock with rwlock/read_lock 2012-09-07 14:57:46 -04:00
integrity.h ima: integrity appraisal extension 2012-09-07 14:57:44 -04:00
Kconfig integrity: digital signature config option name change 2012-01-18 10:46:27 +11:00
Makefile integrity: digital signature config option name change 2012-01-18 10:46:27 +11:00