88e70da170
Measure asymmetric keys used for verifying file signatures, certificates, etc. This patch defines a new IMA hook namely ima_post_key_create_or_update() to measure the payload used to create a new asymmetric key or update an existing asymmetric key. Asymmetric key structure is defined only when CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is defined. Since the IMA hook measures asymmetric keys, the IMA hook is defined in a new file namely ima_asymmetric_keys.c which is built only if CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is defined. Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|---|---|---|
| .. | ||
| evm | ||
| ima | ||
| platform_certs | ||
| Kconfig | ||
| Makefile | ||
| digsig.c | ||
| digsig_asymmetric.c | ||
| iint.c | ||
| integrity.h | ||
| integrity_audit.c | ||