luck/tmp_suning_uos_patched
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3dd0c8d065
tmp_suning_uos_patched/security/integrity
History
Mikhail Kurinnoi 3dd0c8d065 ima: provide ">" and "<" operators for fowner/uid/euid rules. 
For now we have only "=" operator for fowner/uid/euid rules. This
patch provide two more operators - ">" and "<" in order to make
fowner/uid/euid rules more flexible.

Examples of usage.

 Appraise all files owned by special and system users (SYS_UID_MAX 999):
    appraise fowner<1000
 Don't appraise files owned by normal users (UID_MIN 1000):
    dont_appraise fowner>999
 Appraise all files owned by users with UID 1000-1010:
    dont_appraise fowner>1010
    appraise fowner>999

Changelog v3:
- Removed code duplication in ima_parse_rule().
- Fix ima_policy_show() - (Mimi)

Changelog v2:
- Fixed default policy rules.

Signed-off-by: Mikhail Kurinnoi <viewizard@viewizard.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

 security/integrity/ima/ima_policy.c | 115 +++++++++++++++++++++++++++---------
 1 file changed, 87 insertions(+), 28 deletions(-)
2017-03-13 07:01:24 -04:00
..
evm sched/headers: Prepare to remove the <linux/magic.h> include from <linux/sched/task_stack.h> 2017-03-02 08:42:40 +01:00
ima ima: provide ">" and "<" operators for fowner/uid/euid rules. 2017-03-13 07:01:24 -04:00
digsig_asymmetric.c X.509: Make algo identifiers text instead of enum 2016-03-03 21:49:27 +00:00
digsig.c security/integrity: Harden against malformed xattrs 2016-11-13 22:50:11 -05:00
iint.c integrity: add measured_pcrs field to integrity cache 2016-06-30 01:14:19 -04:00
integrity_audit.c
integrity.h integrity: add measured_pcrs field to integrity cache 2016-06-30 01:14:19 -04:00
Kconfig security: integrity: Remove select to deleted option PUBLIC_KEY_ALGO_RSA 2016-04-12 19:54:58 +01:00
Makefile