evm: load an x509 certificate from the kernel
This patch defines a configuration option and the evm_load_x509() hook to load an X509 certificate onto the EVM trusted kernel keyring. Changes in v4: * Patch description updated Changes in v3: * Removed EVM_X509_PATH definition. CONFIG_EVM_X509_PATH is used directly. Changes in v2: * default key patch changed to /etc/keys Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
This commit is contained in:
Dmitry Kasatkin
committed by
Mimi Zohar
Mimi Zohar
parent
f4dc37785e
commit
2ce523eb89
@@ -170,6 +170,14 @@ static inline void ima_load_x509(void)
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_EVM_LOAD_X509
|
||||
void __init evm_load_x509(void);
|
||||
#else
|
||||
static inline void evm_load_x509(void)
|
||||
{
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_INTEGRITY_AUDIT
|
||||
/* declarations */
|
||||
void integrity_audit_msg(int audit_msgno, struct inode *inode,
|
||||
|
||||
Reference in New Issue
Block a user