git.ipfire.org Git - thirdparty/kernel/linux.git/commit

]> git.ipfire.org Git - thirdparty/kernel/linux.git/commit

projects / thirdparty / kernel / linux.git / commit

author	Mimi Zohar <zohar@linux.ibm.com>
	Tue, 10 Mar 2026 13:16:25 +0000 (09:16 -0400)
committer	Mimi Zohar <zohar@linux.ibm.com>
	Wed, 1 Apr 2026 14:16:30 +0000 (10:16 -0400)
commit	de4c44a7f559ceae19f7a70febf49e87bdfb125c
tree	b2fbedfdfb0ec379301bf9b105191bd8def45ba1	tree \| snapshot
parent	64c658f358ec6ed6e992d4cf05482eaa2ab4b1a4	commit \| diff

ima: add support to require IMA sigv3 signatures

Defining a policy rule with the "appraise_type=imasig" option allows
either v2 or v3 signatures. Defining an IMA appraise rule with the
"appraise_type=sigv3" option requires a file sigv3 signature.

Define a new appraise type: IMA_SIGV3_REQUIRED

Example: appraise func=BPRM_CHECK appraise_type=sigv3

Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Acked-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

A mirror of Linus' kernel repository

RSS Atom

Documentation/ABI/testing/ima_policy		diff \| blob \| blame \| history
security/integrity/ima/ima.h		diff \| blob \| blame \| history
security/integrity/ima/ima_appraise.c		diff \| blob \| blame \| history
security/integrity/ima/ima_policy.c		diff \| blob \| blame \| history