summaryrefslogtreecommitdiff
path: root/crypto/testmgr.c
diff options
context:
space:
mode:
authorDmitry Kasatkin <d.kasatkin@samsung.com>2014-11-05 18:01:15 +0300
committerMimi Zohar <zohar@linux.vnet.ibm.com>2014-11-18 07:12:01 +0300
commitc9cd2ce2bc6313aafa33f8e28d29a8690252f219 (patch)
tree6918661e956daa2bb688ea70103df3cc8859e246 /crypto/testmgr.c
parentfd5f4e9054acbf4f22fac81a358baf3c27aa42ac (diff)
downloadlinux-c9cd2ce2bc6313aafa33f8e28d29a8690252f219.tar.xz
integrity: provide a hook to load keys when rootfs is ready
Keys can only be loaded once the rootfs is mounted. Initcalls are not suitable for that. This patch defines a special hook to load the x509 public keys onto the IMA keyring, before attempting to access any file. The keys are required for verifying the file's signature. The hook is called after the root filesystem is mounted and before the kernel calls 'init'. Changes in v3: * added more explanation to the patch description (Mimi) Changes in v2: * Hook renamed as 'integrity_load_keys()' to handle both IMA and EVM keys by integrity subsystem. * Hook patch moved after defining loading functions Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'crypto/testmgr.c')
0 files changed, 0 insertions, 0 deletions