ima: Add max size for IMA digest database

hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I409K9


CVE: NA

-----------------------------------------------------------------

This patch sets max size for IMA digest database to prevent OOM.

A __ro_after_init global variable ima_digest_db_max_size is used to set
the maximum data uploaded to digest database.

Another global variable ima_digest_db_size records the data uploaded to
kernel digest database and increments when uploading digest lists.

Signed-off-by: Zhang Tianxing <zhangtianxing3@huawei.com>
Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai@huawei.com>