Hi, At first I did not notice Mimi's email with suggestion to allow setting hash only in fix mode. Here is a next set with checking validity of xattr type and allowing setting hash only in permissive modes such as fix and log.
- Dmitry Dmitry Kasatkin (2): ima: check xattr value length in ima_inode_setxattr() evm: check xattr value length in evm_inode_setxattr() security/integrity/evm/evm_main.c | 11 ++++++++--- security/integrity/ima/ima_appraise.c | 13 +++++++++++-- 2 files changed, 19 insertions(+), 5 deletions(-) -- 1.9.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
