Mimi Zohar c6af8efe97 ima: remove firmware and module specific cached status info ... Each time a file is read by the kernel, the file should be re-measured and the file signature re-appraised, based on policy. As there is no need to preserve the status information, this patch replaces the firmware and module specific cache status with a generic one named read_file. This change simplifies adding support for other files read by the kernel. Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Acked-by: Petko Manolov <petkan@mip-labs.com> Acked-by: Dmitry Kasatkin <dmitry.kasatkin@huawei.com>		2016-02-21 09:06:13 -05:00
..
apparmor	apparmor: clarify CRYPTO dependency	2015-10-22 11:11:28 +11:00
integrity	ima: remove firmware and module specific cached status info	2016-02-21 09:06:13 -05:00
keys	KEYS: Only apply KEY_FLAG_KEEP to a key if a parent keyring has it set	2016-01-28 10:48:40 +11:00
selinux	wrappers for ->i_mutex access	2016-01-22 18:04:28 -05:00
smack	security: let security modules use PTRACE_MODE_* with bitmasks	2016-01-20 17:09:18 -08:00
tomoyo	convert a bunch of open-coded instances of memdup_user_nul()	2016-01-04 10:26:58 -05:00
yama	security: let security modules use PTRACE_MODE_* with bitmasks	2016-01-20 17:09:18 -08:00
commoncap.c	ptrace: use fsuid, fsgid, effective creds for fs access checks	2016-01-20 17:09:18 -08:00
device_cgroup.c	security/device_cgroup: Fix RCU_LOCKDEP_WARN() condition	2015-09-03 18:13:10 -07:00
inode.c	wrappers for ->i_mutex access	2016-01-22 18:04:28 -05:00
Kconfig	Yama: remove needless CONFIG_SECURITY_YAMA_STACKED	2015-07-28 13:18:19 +10:00
lsm_audit.c	Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into next	2015-08-15 13:29:57 +10:00
Makefile	LSM: Switch to lists of hooks	2015-05-12 15:00:41 +10:00
min_addr.c	mmap_min_addr check CAP_SYS_RAWIO only for write	2010-04-23 08:56:31 +10:00
security.c	module: replace copy_module_from_fd with kernel version	2016-02-21 09:06:12 -05:00