* [GIT PULL] integrity subsystem fixes for v5.7
@ 2020-05-18 15:49 Mimi Zohar
2020-05-18 17:47 ` Linus Torvalds
2020-05-18 18:55 ` pr-tracker-bot
0 siblings, 2 replies; 4+ messages in thread
From: Mimi Zohar @ 2020-05-18 15:49 UTC (permalink / raw)
To: Linus Torvalds; +Cc: linux-integrity, linux-kernel
Hi Linus,
Here are a couple of miscellaneous bug fixes for the integrity
subsystem:
IMA:
- Properly modify the open flags in order to calculate the file hash.
- On systems requiring the IMA policy to be signed, the policy is
loaded differently. Don't differentiate between "enforce" and either
"log" or "fix" modes how the policy is loaded.
EVM:
- (2 patches) Fix an EVM race condition, normally the result of
attempting to load an unsupported hash algorithm.
- Use the lockless RCU version for walking an append only list.
Mimi
The following changes since commit ae83d0b416db002fe95601e7f97f64b59514d936:
Linux 5.7-rc2 (2020-04-19 14:35:30 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity.fixes
for you to fetch changes up to 8433856947217ebb5697a8ff9c4c9cad4639a2cf:
evm: Fix a small race in init_desc() (2020-05-14 19:55:54 -0400)
----------------------------------------------------------------
Dan Carpenter (1):
evm: Fix a small race in init_desc()
Madhuparna Bhowmik (1):
evm: Fix RCU list related warnings
Roberto Sassu (3):
ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash()
evm: Check also if *tfm is an error pointer in init_desc()
ima: Fix return value of ima_write_policy()
security/integrity/evm/evm_crypto.c | 46 ++++++++++++++++++-------------------
security/integrity/evm/evm_main.c | 4 ++--
security/integrity/evm/evm_secfs.c | 9 +++++++-
security/integrity/ima/ima_crypto.c | 12 +++++-----
security/integrity/ima/ima_fs.c | 3 +--
5 files changed, 40 insertions(+), 34 deletions(-)
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [GIT PULL] integrity subsystem fixes for v5.7
2020-05-18 15:49 [GIT PULL] integrity subsystem fixes for v5.7 Mimi Zohar
@ 2020-05-18 17:47 ` Linus Torvalds
2020-05-18 17:58 ` Mimi Zohar
2020-05-18 18:55 ` pr-tracker-bot
1 sibling, 1 reply; 4+ messages in thread
From: Linus Torvalds @ 2020-05-18 17:47 UTC (permalink / raw)
To: Mimi Zohar; +Cc: linux-integrity, linux-kernel
On Mon, May 18, 2020 at 8:49 AM Mimi Zohar <zohar@linux.ibm.com> wrote:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity.fixes
No such head.
It looks like the plain 'fixes' branch has the same commit ID, but
there's no next-integrity.fixes.
Btw, any chance you could start using signed tags? I've been
encouraging people to do that even on kernel.org, and we've got fairly
high coverage these days..
Linus
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [GIT PULL] integrity subsystem fixes for v5.7
2020-05-18 17:47 ` Linus Torvalds
@ 2020-05-18 17:58 ` Mimi Zohar
0 siblings, 0 replies; 4+ messages in thread
From: Mimi Zohar @ 2020-05-18 17:58 UTC (permalink / raw)
To: Linus Torvalds; +Cc: linux-integrity, linux-kernel
On Mon, 2020-05-18 at 10:47 -0700, Linus Torvalds wrote:
> On Mon, May 18, 2020 at 8:49 AM Mimi Zohar <zohar@linux.ibm.com> wrote:
> >
> > git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity.fixes
>
> No such head.
>
> It looks like the plain 'fixes' branch has the same commit ID, but
> there's no next-integrity.fixes.
Ugh, that's the name of my local branch. The remote branch is "fixes"
as you figured out.
>
> Btw, any chance you could start using signed tags? I've been
> encouraging people to do that even on kernel.org, and we've got fairly
> high coverage these days..
Sure, will figure out how in time for the next open window, if that is
Ok.
Mimi
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [GIT PULL] integrity subsystem fixes for v5.7
2020-05-18 15:49 [GIT PULL] integrity subsystem fixes for v5.7 Mimi Zohar
2020-05-18 17:47 ` Linus Torvalds
@ 2020-05-18 18:55 ` pr-tracker-bot
1 sibling, 0 replies; 4+ messages in thread
From: pr-tracker-bot @ 2020-05-18 18:55 UTC (permalink / raw)
To: Mimi Zohar; +Cc: Linus Torvalds, linux-integrity, linux-kernel
The pull request you sent on Mon, 18 May 2020 11:49:31 -0400:
> git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity.fixes
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/642b151f45dd54809ea00ecd3976a56c1ec9b53d
Thank you!
--
Deet-doot-dot, I am a bot.
https://korg.wiki.kernel.org/userdoc/prtracker
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-05-18 18:55 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-18 15:49 [GIT PULL] integrity subsystem fixes for v5.7 Mimi Zohar
2020-05-18 17:47 ` Linus Torvalds
2020-05-18 17:58 ` Mimi Zohar
2020-05-18 18:55 ` pr-tracker-bot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).