[Linux-ima-user] [RFC][PATCH 0/4] ima template support

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

As the current ima template digest is a fixed size, new templates
are required to support the larger digest sizes.  This patch set
adds limited template support, not the complete support as originally
posted in the LIM patches. Three templates are defined: ima, ima-ng,
and ima-nglong. ima-ng adds larger digest sizes for sha256/sha512. In
additon to the larger digest sizes, ima-nglong adds LSM object/subject
labels.

Before posting these patches on LSM, I'd like to discuss what other
information, if any, should be included in the ima-nglong template.

This patch set applies to the security-testing-2.6/#next tree. The
patches are also available for 2.6.34.y stable from: 
git://linux-ima.git.sourceforge.net/gitroot/linux-ima/2.6.34.y/#ima-template

thanks,

Mimi 

Mimi Zohar (4):
  ima: add template length to binary_runtime_measurements log
  ima: add support for additional template hash algorithms
  ima: define ima-nglong template
  ima: add LSM labels to the ima-nglong template

 Documentation/kernel-parameters.txt |    9 ++
 include/linux/tpm.h                 |    1 +
 security/integrity/ima/Kconfig      |    2 +
 security/integrity/ima/ima.h        |   25 +++++-
 security/integrity/ima/ima_api.c    |  160 ++++++++++++++++++++++++++++++++--
 security/integrity/ima/ima_crypto.c |   22 +++---
 security/integrity/ima/ima_fs.c     |  100 +++++++++++++++++-----
 security/integrity/ima/ima_iint.c   |    5 +-
 security/integrity/ima/ima_init.c   |   19 +++--
 security/integrity/ima/ima_main.c   |   31 +++++++-
 security/integrity/ima/ima_queue.c  |    7 ++-
 11 files changed, 325 insertions(+), 56 deletions(-)