diff options
| author | Mimi Zohar <[email protected]> | 2025-01-27 15:24:13 +0000 |
|---|---|---|
| committer | Mimi Zohar <[email protected]> | 2025-03-27 16:35:51 +0000 |
| commit | 5b3cd801155f0b34b0b95942a5b057c9b8cad33e (patch) | |
| tree | a53bd26b496d35aef749282bb519e213c2b077d4 /drivers/gpu/drm/amd/amdgpu/amdgpu_i2c.c | |
| parent | Linux 6.14-rc5 (diff) | |
| download | kernel-5b3cd801155f0b34b0b95942a5b057c9b8cad33e.tar.gz kernel-5b3cd801155f0b34b0b95942a5b057c9b8cad33e.zip | |
ima: limit the number of open-writers integrity violations
Each time a file in policy, that is already opened for write, is opened
for read, an open-writers integrity violation audit message is emitted
and a violation record is added to the IMA measurement list. This
occurs even if an open-writers violation has already been recorded.
Limit the number of open-writers integrity violations for an existing
file open for write to one. After the existing file open for write
closes (__fput), subsequent open-writers integrity violations may be
emitted.
Cc: [email protected] # applies cleanly up to linux-6.6
Tested-by: Stefan Berger <[email protected]>
Reviewed-by: Petr Vorel <[email protected]>
Tested-by: Petr Vorel <[email protected]>
Reviewed-by: Roberto Sassu <[email protected]>
Signed-off-by: Mimi Zohar <[email protected]>
Diffstat (limited to 'drivers/gpu/drm/amd/amdgpu/amdgpu_i2c.c')
0 files changed, 0 insertions, 0 deletions