mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/security
History
Eric Paris 6ccd045630 ima: handle multiple rules per write 
Currently IMA will only accept one rule per write().  This patch allows IMA to
accept writes which contain multiple rules but only processes one rule per
write.  \n is used as the delimiter between rules.  IMA will return a short
write indicating that it only accepted up to the first \n.

This allows simple userspace utilities like cat to be used to load an IMA
policy instead of needing a special userspace utility that understood 'one
write per rule'

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
 		2010-04-21 09:58:13 +10:00
..
integrity/ima ima: handle multiple rules per write 2010-04-21 09:58:13 +10:00
keys security: remove dead hook key_session_to_parent 2010-04-12 12:19:18 +10:00
selinux SELinux: return error codes on policy load failure 2010-04-21 08:58:49 +10:00
smack SMACK: remove dead cred_commit hook 2010-04-08 09:20:21 +10:00
tomoyo Merge branch 'master' into next 2010-03-31 08:39:27 +11:00
Kconfig remove CONFIG_SECURITY_FILE_CAPABILITIES compile option 2009-11-24 15:06:47 +11:00
Makefile NOMMU: Optimise away the {dac_,}mmap_min_addr tests 2009-12-17 09:25:19 +11:00
capability.c security: remove dead hook acct 2010-04-12 12:19:19 +10:00
commoncap.c Security: Fix the comment of cap_file_mmap() 2010-04-20 08:47:11 +10:00
device_cgroup.c cgroups: let ss->can_attach and ss->attach do whole threadgroups at a time 2009-09-24 07:20:58 -07:00
inode.c get rid of pointless checks after simple_pin_fs() 2010-01-26 22:22:26 -05:00
lsm_audit.c Merge branch 'master' of /home/davem/src/GIT/linux-2.6/ 2009-12-05 15:22:26 -08:00
min_addr.c security/min_addr.c: make init_mmap_min_addr() static 2009-12-17 09:24:22 +11:00
security.c security: remove dead hook acct 2010-04-12 12:19:19 +10:00