Re: [Linux-ima-user] question about measuring modules

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On Tue, 2009-11-03 at 16:53 +0800, zhangkai wrote:
> hello, 
>     I have another question about measuring modules. Why did not you
> measuring executable files just like measuring modules? 
>      

The version of IMA distributed from this website is an LSM module,
meaning it uses the LSM hooks defined in include/linux/security.h. As
there is no LSM hook available when loading a kernel module, IMA defined
one. The call for ima_measure_module() is in kernel/module.c.

As of linux-2.6.30, IMA is now supported in the kernel. For more
information refer to http://linux-ima.sourceforge.net

Mimi