summaryrefslogtreecommitdiff
path: root/rust/helpers/platform.c
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.ibm.com>2025-01-27 10:24:13 -0500
committerMimi Zohar <zohar@linux.ibm.com>2025-03-27 12:35:51 -0400
commit5b3cd801155f0b34b0b95942a5b057c9b8cad33e (patch)
treea53bd26b496d35aef749282bb519e213c2b077d4 /rust/helpers/platform.c
parent7eb172143d5508b4da468ed59ee857c6e5e01da6 (diff)
ima: limit the number of open-writers integrity violations
Each time a file in policy, that is already opened for write, is opened for read, an open-writers integrity violation audit message is emitted and a violation record is added to the IMA measurement list. This occurs even if an open-writers violation has already been recorded. Limit the number of open-writers integrity violations for an existing file open for write to one. After the existing file open for write closes (__fput), subsequent open-writers integrity violations may be emitted. Cc: stable@vger.kernel.org # applies cleanly up to linux-6.6 Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Petr Vorel <pvorel@suse.cz> Tested-by: Petr Vorel <pvorel@suse.cz> Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'rust/helpers/platform.c')
0 files changed, 0 insertions, 0 deletions