ima: Collect modsig

Obtain the modsig and calculate its corresponding hash in ima_collect_measurement(). Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
author: Thiago Jung Bauermann <bauerman@linux.ibm.com> 2019-06-27 23:19:31 -0300
committer: Mimi Zohar <zohar@linux.ibm.com> 2019-08-05 18:40:24 -0400
commit: 15588227e086ec662d59df144e48af82e3e592f1 (patch)
tree: cc9bb78a8e764951cefaf016793e968d8446edc0 /security/integrity/ima/ima_api.c
parent: 39b07096364a42c516415d5f841069e885234e61 (diff)
download: linux-15588227e086ec662d59df144e48af82e3e592f1.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
index f614e22bf39f..ff8b7fb03ea0 100644
--- a/security/integrity/ima/ima_api.c
+++ b/security/integrity/ima/ima_api.c
@@ -205,7 +205,7 @@ int ima_get_action(struct inode *inode, const struct cred *cred, u32 secid,
  */
 int ima_collect_measurement(struct integrity_iint_cache *iint,
 			    struct file *file, void *buf, loff_t size,
-			    enum hash_algo algo)
+			    enum hash_algo algo, struct modsig *modsig)
 {
 	const char *audit_cause = "failed";
 	struct inode *inode = file_inode(file);
@@ -252,6 +252,9 @@ int ima_collect_measurement(struct integrity_iint_cache *iint,
 	memcpy(iint->ima_hash, &hash, length);
 	iint->version = i_version;
 
+	if (modsig)
+		ima_collect_modsig(modsig, buf, size);
+
 	/* Possibly temporary failure due to type of read (eg. O_DIRECT) */
 	if (!result)
 		iint->flags |= IMA_COLLECTED;
author	Thiago Jung Bauermann <bauerman@linux.ibm.com>	2019-06-27 23:19:31 -0300
committer	Mimi Zohar <zohar@linux.ibm.com>	2019-08-05 18:40:24 -0400
commit	15588227e086ec662d59df144e48af82e3e592f1 (patch)
tree	cc9bb78a8e764951cefaf016793e968d8446edc0 /security/integrity/ima/ima_api.c
parent	39b07096364a42c516415d5f841069e885234e61 (diff)
download	linux-15588227e086ec662d59df144e48af82e3e592f1.tar.gz