Dmitry Kasatkin b151d6b00b ima: provide flag to identify new empty files ... On ima_file_free(), newly created empty files are not labeled with an initial security.ima value, because the iversion did not change. Commit dff6efc "fs: fix iversion handling" introduced a change in iversion behavior. To verify this change use the shell command: $ (exec >foo) $ getfattr -h -e hex -d -m security foo This patch defines the IMA_NEW_FILE flag. The flag is initially set, when IMA detects that a new file is created, and subsequently checked on the ima_file_free() hook to set the initial security.ima value. Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Cc: <stable@vger.kernel.org> 3.14+		2014-09-08 17:38:57 -04:00
..
ima_api.c	ima: audit log files opened with O_DIRECT flag	2014-06-03 14:21:50 -05:00
ima_appraise.c	ima: provide flag to identify new empty files	2014-09-08 17:38:57 -04:00
ima_crypto.c	ima: fix fallback to use new_sync_read()	2014-09-02 17:03:36 -04:00
ima_fs.c	integrity: fix checkpatch errors	2014-03-07 12:15:45 -05:00
ima_init.c	security: integrity: Use a more current logging style	2014-03-07 12:15:21 -05:00
ima_main.c	ima: provide flag to identify new empty files	2014-09-08 17:38:57 -04:00
ima_policy.c	ima: add support for measuring and appraising firmware	2014-07-25 11:47:46 -07:00
ima_queue.c	integrity: fix checkpatch errors	2014-03-07 12:15:45 -05:00
ima_template_lib.c	ima: reduce memory usage when a template containing the n field is used	2014-03-07 11:32:30 -05:00
ima_template_lib.h	ima: extend the measurement list to include the file signature	2013-10-31 20:19:35 -04:00
ima_template.c	integrity: fix checkpatch errors	2014-03-07 12:15:45 -05:00
ima.h	ima: add support for measuring and appraising firmware	2014-07-25 11:47:46 -07:00
Kconfig	ima: define '.ima' as a builtin 'trusted' keyring	2014-07-17 09:35:17 -04:00
Makefile	ima: define template fields library and new helpers	2013-10-25 17:17:05 -04:00