ima: measure and appraise the IMA policy itself Add support for measuring and appraising the IMA policy itself. Changelog v4: - use braces on both if/else branches, even if single line on one of the branches - Dmitry - Use the id mapping - Dmitry Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Acked-by: Petko Manolov <petkan@mip-labs.com> Acked-by: Dmitry Kasatkin <dmitry.kasatkin@huawei.com>

commit: 19f8a84713edc1d27ea05be00effb97b8f1ef207 [log] [tgz]
author: Mimi Zohar <zohar@linux.vnet.ibm.com> Fri Jan 15 10:17:12 2016 -0500
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> Sun Feb 21 09:34:22 2016 -0500
tree: 1bc29beeafe8358eeffcbd807ac59f6b45868695
parent: 7429b092811fb20c6a5b261c2c116a6a90cb9a29 [diff] [blame]
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index f764881..391f417 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c

@@ -344,6 +344,7 @@
 	[READING_MODULE] = MODULE_CHECK,
 	[READING_KEXEC_IMAGE] = KEXEC_KERNEL_CHECK,
 	[READING_KEXEC_INITRAMFS] = KEXEC_INITRAMFS_CHECK,
+	[READING_POLICY] = POLICY_CHECK
 };
 
 /**
commit	19f8a84713edc1d27ea05be00effb97b8f1ef207	[log] [tgz]
author	Mimi Zohar <zohar@linux.vnet.ibm.com>	Fri Jan 15 10:17:12 2016 -0500
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	Sun Feb 21 09:34:22 2016 -0500
tree	1bc29beeafe8358eeffcbd807ac59f6b45868695
parent	7429b092811fb20c6a5b261c2c116a6a90cb9a29 [diff] [blame]