leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

evm: load an x509 certificate from the kernel

Browse Source 
This patch defines a configuration option and the evm_load_x509() hook
to load an X509 certificate onto the EVM trusted kernel keyring.

Changes in v4:
* Patch description updated

Changes in v3:
* Removed EVM_X509_PATH definition. CONFIG_EVM_X509_PATH is used
  directly.

Changes in v2:
* default key patch changed to /etc/keys

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
This commit is contained in:
Dmitry Kasatkin
2015-10-22 21:26:21 +03:00
committed by Mimi Zohar
parent f4dc37785e
commit 2ce523eb89
4 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
security/integrity/evm/evm_main.c
View File

@@ -472,6 +472,13 @@ out:
}
EXPORT_SYMBOL_GPL(evm_inode_init_security);
#ifdef CONFIG_EVM_LOAD_X509
void __init evm_load_x509(void)
{
integrity_load_x509(INTEGRITY_KEYRING_EVM, CONFIG_EVM_X509_PATH);
}
#endif
static int __init init_evm(void)
{
int error;