[PATCH 3.8 024/152] Revert "ima: policy for RAMFS"
Kamal Mostafa
kamal at canonical.com
Fri Dec 6 23:09:08 UTC 2013
3.8.13.14 -stable review patch. If anyone has any objections, please let me know.
------------------
From: Mimi Zohar <zohar at linux.vnet.ibm.com>
commit 08de59eb144d7c41351a467442f898d720f0f15f upstream.
This reverts commit 4c2c392763a682354fac65b6a569adec4e4b5387.
Everything in the initramfs should be measured and appraised,
but until the initramfs has extended attribute support, at
least measured.
Signed-off-by: Mimi Zohar <zohar at us.ibm.com>
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
security/integrity/ima/ima_policy.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index 479fca9..cb98e81 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -69,7 +69,6 @@ static struct ima_rule_entry default_rules[] = {
{.action = DONT_MEASURE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC},
{.action = DONT_MEASURE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC},
{.action = DONT_MEASURE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC},
- {.action = DONT_MEASURE,.fsmagic = RAMFS_MAGIC,.flags = IMA_FSMAGIC},
{.action = DONT_MEASURE,.fsmagic = DEVPTS_SUPER_MAGIC,.flags = IMA_FSMAGIC},
{.action = DONT_MEASURE,.fsmagic = BINFMTFS_MAGIC,.flags = IMA_FSMAGIC},
{.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC},
--
1.8.3.2
More information about the kernel-team
mailing list