[PATCH v9 4/8] IMA: add policy rule to measure critical data

Tushar Sugandhi tusharsu at linux.microsoft.com
Sun Dec 13 01:21:19 UTC 2020

On 2020-12-12 11:20 a.m., Tyler Hicks wrote:
> On 2020-12-12 10:02:47, Tushar Sugandhi wrote:
>> A new IMA policy rule is needed for the IMA hook
>> ima_measure_critical_data() and the corresponding func CRITICAL_DATA for
>> measuring the input buffer. The policy rule should ensure the buffer
>> would get measured only when the policy rule allows the action. The
>> policy rule should also support the necessary constraints (flags etc.)
>> for integrity critical buffer data measurements.
>> Add a policy rule to define the constraints for restricting integrity
>> critical data measurements.
>> Signed-off-by: Tushar Sugandhi <tusharsu at linux.microsoft.com>
> This looks nice. Thanks for the changes!
> Reviewed-by: Tyler Hicks <tyhicks at linux.microsoft.com>
> Tyler
Thanks for the detailed review on this series Tyler.
We really appreciate it.


More information about the Linux-security-module-archive mailing list