)]}' { "commit": "9b608bfe2d6c2d44a4da5be55be4718168287cef", "tree": "1fcd2efaf73e3ca49432d148d55694e8fb69bfdc", "parents": [ "08944531df250c1f7f829e8e4313c0c390856bb7" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@huawei.com", "time": "Thu Oct 22 21:26:42 2015 +0300" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Thu Oct 29 06:56:21 2015 -0400" }, "message": "evm: reset EVM status when file attributes changes\n\nEVM verification status is cached in iint-\u003eevm_status\nand if it was successful, never re-verified again when\nIMA passes \u0027iint\u0027 to evm_verifyxattr().\n\nWhen file attribute or extended attributes changes we may\nwish to re-verify EVM integrity as well. For example,\nafter setting digital signature we may need to re-verify\nthe signature and update iint-\u003eflags that there is EVM\nsignature.\n\nThis patch enables that by resetting evm_status to\nINTEGRITY_UKNOWN state.\n\nChanges in v2:\n* Flag setting moved to EVM layer\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@huawei.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "420d94da2793e3d9748a2ac1f137de63a2963822", "old_mode": 33188, "old_path": "security/integrity/evm/evm_main.c", "new_id": "f7160253f17faad71c17a86b19833123a2edebd4", "new_mode": 33188, "new_path": "security/integrity/evm/evm_main.c" } ] }