projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 40ca4ee) | patch
evm: add support to disable EVM on unsupported filesystems
authorMimi Zohar <zohar@linux.ibm.com>
Mon, 18 Dec 2023 13:06:40 +0000 (08:06 -0500)
committerMimi Zohar <zohar@linux.ibm.com>
Wed, 20 Dec 2023 12:40:07 +0000 (07:40 -0500)
commitcd708c938f055c9eb5a366ec1c8edcefa28afc28
tree39089292c344413f5243377e57f993057a0f52e9tree | snapshot
parent40ca4ee3136d2d09977d1cab8c0c0e1582c3359dcommit | diff
evm: add support to disable EVM on unsupported filesystems

Identify EVM unsupported filesystems by defining a new flag
SB_I_EVM_UNSUPPORTED.

Don't verify, write, remove or update 'security.evm' on unsupported
filesystems.

Acked-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
include/linux/fs.h diff | blob | history
security/integrity/evm/evm_main.c diff | blob | history
ep93xx device tree rework repo: git://git.maquefel.me/linux.git