[RFC 0/2] ima: evm: Add kernel cmdline options to disable IMA/EVM
Song Liu
song at kernel.org
Tue Dec 17 20:25:23 UTC 2024
While reading and testing LSM code, I found IMA/EVM consume per inode
storage even when they are not in use. Add options to diable them in
kernel command line. The logic and syntax is mostly borrowed from an
old serious [1].
[1] https://lore.kernel.org/lkml/cover.1398259638.git.d.kasatkin@samsung.com/
Song Liu (2):
ima: Add kernel parameter to disable IMA
evm: Add kernel parameter to disable EVM
security/integrity/evm/evm.h | 6 ++++++
security/integrity/evm/evm_main.c | 22 ++++++++++++++--------
security/integrity/evm/evm_secfs.c | 3 ++-
security/integrity/ima/ima_main.c | 13 +++++++++++++
4 files changed, 35 insertions(+), 9 deletions(-)
--
2.43.5
More information about the Linux-security-module-archive
mailing list