Hi,
Thanks for sending the audit piece to the mail list so we could go over the
details without bothering the whole lkml. I have some comments in line below.
On Friday 06 February 2009 02:52:07 pm Mimi Zohar wrote:
> diff --git a/Documentation/kernel-parameters.txt
> b/Documentation/kernel-param
> > The integrity patches are in security-testing-2.6/#next and the auditd
> > patch I just posted to linux-audit. How do you suggest we go forward?
>
> We need to go over the event format and make sure its got everything we need
> in it. We also need to review the code that touches the audit sys
Make the measurement lists available through securityfs.
- removed test for NULL return code from securityfs_create_file/dir
Signed-off-by: Mimi Zohar
Acked-by: Serge Hallyn
Signed-off-by: James Morris
---
diff --git a/security/integrity/ima/Makefile b/security/integrity/ima/Makefile
index 9d6b
IMA provides hardware (TPM) based measurement and attestation for
file measurements. As the Trusted Computing (TPM) model requires,
IMA measures all files before they are accessed in any way (on the
integrity_bprm_check, integrity_path_check and integrity_file_mmap
hooks), and commits the measureme
Support for a user loadable policy through securityfs
with support for LSM specific policy data.
- free invalid rule in ima_parse_add_rule()
Signed-off-by: Mimi Zohar
Acked-by: Serge Hallyn
Signed-off-by: James Morris
---
diff --git a/Documentation/ABI/testing/ima_policy
b/Documentation/ABI/te
This patch replaces the generic integrity hooks, for which IMA registered
itself, with IMA integrity hooks in the appropriate places directly
in the fs directory.
Signed-off-by: Mimi Zohar
Acked-by: Serge Hallyn
Signed-off-by: James Morris
---
diff --git a/Documentation/kernel-parameters.txt
b
From: James Morris
Fix ima_delete_rules() definition so sparse doesn't complain.
Signed-off-by: James Morris
---
diff --git a/security/integrity/ima/ima_policy.c
b/security/integrity/ima/ima_policy.c
index bd45360..23810e0 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integri
Sequentialize access to the policy file
- permit multiple attempts to replace default policy with a valid policy
Signed-off-by: Mimi Zohar
Acked-by: Serge Hallyn
Signed-off-by: James Morris
---
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index 95ef1ca..573780c
Signed-off-by: Mimi Zohar
Signed-off-by: James Morris
---
diff --git a/MAINTAINERS b/MAINTAINERS
index 6bd7d47..12fc280 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2175,6 +2175,11 @@ M: stef...@s5r6.in-berlin.de
L: linux1394-de...@lists.sourceforge.net
S: Maintained
+INTEGRIT
The number of calls to ima_path_check()/ima_file_free()
should be balanced. An extra call to fput(), indicates
the file could have been accessed without first being
measured.
Although f_count is incremented/decremented in places other
than fget/fput, like fget_light/fput_light and get_file, the
c
On Friday 06 February 2009 11:15:14 am Mimi Zohar wrote:
> The integrity auditing discussions took place a while ago in August 2007
> (http://osdir.com/ml/linux.redhat.security.audit/2007-09/msg7.html).
Thanks for the refresh. Its been so long, I forgot about this. :) Re-reading
the thread,
On Fri, 2009-02-06 at 10:01 -0500, Steve Grubb wrote:
> On Friday 06 February 2009 07:43:50 am Mimi Zohar wrote:
> > This patch adds support to auditd for integrity messages, which are
> > issued as a result of the integrity patchset that was applied to the
> > security-testing-2.6/#next tree.
> >
On Friday 06 February 2009 07:43:50 am Mimi Zohar wrote:
> This patch adds support to auditd for integrity messages, which are
> issued as a result of the integrity patchset that was applied to the
> security-testing-2.6/#next tree.
>
> Signed-off-by: Mimi Zohar
NACK to anything around this. So f
integrity: audit
This patch adds support to auditd for integrity messages, which are
issued as a result of the integrity patchset that was applied to the
security-testing-2.6/#next tree.
Signed-off-by: Mimi Zohar
Index: audit-1.7.11/src/ausearch-parse.c
===
14 matches
Mail list logo