On Tue, 2025-09-16 at 18:03 -0400, Paul Moore wrote: > From: Roberto Sassu <[email protected]> > > This patch converts IMA and EVM to use the LSM frameworks's initcall > mechanism. It moved the integrity_fs_init() call to ima_fs_init() and > evm_init_secfs(), to work around the fact that there is no "integrity" LSM, > and introduced integrity_fs_fini() to remove the integrity directory, if > empty. Both integrity_fs_init() and integrity_fs_fini() support the > scenario of being called by both the IMA and EVM LSMs. > > This patch does not touch any of the platform certificate code that > lives under the security/integrity/platform_certs directory as the > IMA/EVM developers would prefer to address that in a future patchset. > > Signed-off-by: Roberto Sassu <[email protected]> > [PM: adjust description as discussed over email] > Signed-off-by: Paul Moore <[email protected]>
Acked-by: Mimi Zohar <[email protected]>
