On 10/24/19 12:48 PM, Lakshmi Ramasubramanian wrote:
On 10/23/2019 8:47 PM, Nayna Jain wrote:
+/*
+ * ima_check_blacklist - determine if the binary is blacklisted.
+ *
+ * Add the hash of the blacklisted binary to the measurement list,
based
+ * on policy.
+ *
+ * Returns -EPERM if the
On 10/23/2019 8:47 PM, Nayna Jain wrote:
+/*
+ * ima_check_blacklist - determine if the binary is blacklisted.
+ *
+ * Add the hash of the blacklisted binary to the measurement list, based
+ * on policy.
+ *
+ * Returns -EPERM if the hash is blacklisted.
+ */
+int ima_check_blacklist(struct
Asymmetric private keys are used to sign multiple files. The kernel
currently support checking against blacklisted keys. However, if the
public key is blacklisted, any file signed by the blacklisted key will
automatically fail signature verification. We might not want to blacklist
all the files
