9f81a2eda4
Measuring keys requires a custom IMA policy to be loaded. Keys created or updated before a custom IMA policy is loaded should be queued and will be processed after a custom policy is loaded. This patch defines a workqueue for queuing keys when a custom IMA policy has not yet been loaded. An intermediate Kconfig boolean option namely IMA_QUEUE_EARLY_BOOT_KEYS is used to declare the workqueue functions. A flag namely ima_process_keys is used to check if the key should be queued or should be processed immediately. Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
17 lines
615 B
Makefile
17 lines
615 B
Makefile
# SPDX-License-Identifier: GPL-2.0
|
|
#
|
|
# Makefile for building Trusted Computing Group's(TCG) runtime Integrity
|
|
# Measurement Architecture(IMA).
|
|
#
|
|
|
|
obj-$(CONFIG_IMA) += ima.o
|
|
|
|
ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \
|
|
ima_policy.o ima_template.o ima_template_lib.o
|
|
ima-$(CONFIG_IMA_APPRAISE) += ima_appraise.o
|
|
ima-$(CONFIG_IMA_APPRAISE_MODSIG) += ima_modsig.o
|
|
ima-$(CONFIG_HAVE_IMA_KEXEC) += ima_kexec.o
|
|
obj-$(CONFIG_IMA_BLACKLIST_KEYRING) += ima_mok.o
|
|
obj-$(CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS) += ima_asymmetric_keys.o
|
|
obj-$(CONFIG_IMA_QUEUE_EARLY_BOOT_KEYS) += ima_queue_keys.o
|