]> git.ipfire.org Git - thirdparty/kernel/linux.git/commit
ima: Define asymmetric_verify_v3() to verify IMA sigv3 signatures
authorMimi Zohar <zohar@linux.ibm.com>
Tue, 10 Mar 2026 23:42:07 +0000 (19:42 -0400)
committerMimi Zohar <zohar@linux.ibm.com>
Wed, 1 Apr 2026 14:14:30 +0000 (10:14 -0400)
commitdccfbafb1f34a98898ac685e0f3f86eeaf25ecc6
tree614c54838a7b7859e8fd6a20c546038a5134d519
parent7a60fe48af206d34571e446d685672f5730a6b90
ima: Define asymmetric_verify_v3() to verify IMA sigv3 signatures

Define asymmetric_verify_v3() to calculate the hash of the struct
ima_file_id, before calling asymmetric_verify() to verify the
signature.

Move and update the existing calc_file_id_hash() function with a
simpler, self contained version.  In addition to the existing hash
data and hash data length arguments, also pass the hash algorithm.

Suggested-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Acked-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
security/integrity/digsig.c
security/integrity/digsig_asymmetric.c
security/integrity/evm/evm_main.c
security/integrity/ima/ima_appraise.c
security/integrity/integrity.h