evm: load an x509 certificate from the kernel
authorDmitry Kasatkin <dmitry.kasatkin@huawei.com>
Thu, 22 Oct 2015 18:26:21 +0000 (21:26 +0300)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Tue, 15 Dec 2015 13:31:19 +0000 (08:31 -0500)
commit2ce523eb8976a12de1a4fb6fe8ad0b09b5dafb31
tree45b99ce12be798b8d4d75eadefd576d2aa430efe
parentf4dc37785e9b3373d0cb93125d5579fed2af3a43
evm: load an x509 certificate from the kernel

This patch defines a configuration option and the evm_load_x509() hook
to load an X509 certificate onto the EVM trusted kernel keyring.

Changes in v4:
* Patch description updated

Changes in v3:
* Removed EVM_X509_PATH definition. CONFIG_EVM_X509_PATH is used
  directly.

Changes in v2:
* default key patch changed to /etc/keys

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
security/integrity/evm/Kconfig
security/integrity/evm/evm_main.c
security/integrity/iint.c
security/integrity/integrity.h