Release 4.15 security/integrity/ima/ima_mok.c
/*
* Copyright (C) 2015 Juniper Networks, Inc.
*
* Author:
* Petko Manolov <petko.manolov@konsulko.com>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation, version 2 of the
* License.
*
*/
#include <linux/export.h>
#include <linux/kernel.h>
#include <linux/sched.h>
#include <linux/cred.h>
#include <linux/err.h>
#include <linux/init.h>
#include <linux/slab.h>
#include <keys/system_keyring.h>
struct key *ima_blacklist_keyring;
/*
* Allocate the IMA blacklist keyring
*/
__init int ima_mok_init(void)
{
struct key_restriction *restriction;
pr_notice("Allocating IMA blacklist keyring.\n");
restriction = kzalloc(sizeof(struct key_restriction), GFP_KERNEL);
if (!restriction)
panic("Can't allocate IMA blacklist restriction.");
restriction->check = restrict_link_by_builtin_trusted;
ima_blacklist_keyring = keyring_alloc(".ima_blacklist",
KUIDT_INIT(0), KGIDT_INIT(0), current_cred(),
(KEY_POS_ALL & ~KEY_POS_SETATTR) |
KEY_USR_VIEW | KEY_USR_READ |
KEY_USR_WRITE | KEY_USR_SEARCH,
KEY_ALLOC_NOT_IN_QUOTA,
restriction, NULL);
if (IS_ERR(ima_blacklist_keyring))
panic("Can't allocate IMA blacklist keyring.");
set_bit(KEY_FLAG_KEEP, &ima_blacklist_keyring->flags);
return 0;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Petko Manolov | 67 | 59.29% | 1 | 20.00% |
| Mat Martineau | 35 | 30.97% | 1 | 20.00% |
| Mimi Zohar | 8 | 7.08% | 1 | 20.00% |
| David Howells | 3 | 2.65% | 2 | 40.00% |
| Total | 113 | 100.00% | 5 | 100.00% |
device_initcall(ima_mok_init);
Overall Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Petko Manolov | 96 | 64.43% | 1 | 14.29% |
| Mat Martineau | 38 | 25.50% | 1 | 14.29% |
| Mimi Zohar | 8 | 5.37% | 1 | 14.29% |
| David Howells | 5 | 3.36% | 3 | 42.86% |
| Paul Gortmaker | 2 | 1.34% | 1 | 14.29% |
| Total | 149 | 100.00% | 7 | 100.00% |
Information contained on this website is for historical information purposes only and does not indicate or represent copyright ownership.