integrity: enable policy rule for restricting hash algo
Bugzilla: https://bugzilla.redhat.com/2063913
Tested: locally adding the new policy rule option manually at runtime to
/sys/kernel/security/integrity/ima/policy, hashing a random file and
checking the audit log. See BZ for more details.
Allow the user to specify which hash algorithms are viable for file
measurement and appraisal. The effort of removing weak algorithms from CS9
can benefit from this feature by installing a specific system policy with
the allowed hash algorithms.
Signed-off-by: Bruno Meneguele bmeneg@redhat.com
Edited by Bruno Meneguele