LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* [GIT PULL] integrity subsystem updates for v5.15
@ 2021-08-31 22:58 Mimi Zohar
  2021-09-02 20:05 ` pr-tracker-bot
  0 siblings, 1 reply; 2+ messages in thread
From: Mimi Zohar @ 2021-08-31 22:58 UTC (permalink / raw)
  To: Linus Torvalds; +Cc: linux-integrity, linux-kernel

Hi Linus,
  
The Integrity pull request for v5.15 contains only IMA changes:

- Limit the allowed hash algorithms when writing security.ima xattrs or
verifying them, based on the IMA policy and the configured hash
algorithms.

- Return the calculated "critical data" measurement hash and size to
avoid code duplication.  (Preparatory change for a proposed LSM.)

[Stephen Rothwell addressed a merge conflict between the new device
mapper "critical data" measurements (drivers/md/dm-ima.c) and extending
the "critical data" measurement function.]

- and a single patch to address a compiler warning.

thanks,

Mimi

The following changes since commit 2734d6c1b1a089fb593ef6a23d4b70903526fe0c:

  Linux 5.14-rc2 (2021-07-18 14:13:49 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git tags/integrity-v5.15

for you to fetch changes up to cb181da161963eddc9de0000de6ab2c7942be219:

  IMA: reject unknown hash algorithms in ima_get_hash_algo (2021-08-23 18:22:00 -0400)

----------------------------------------------------------------
integrity-v5.15

----------------------------------------------------------------
Austin Kim (1):
      IMA: remove -Wmissing-prototypes warning

Mimi Zohar (2):
      Merge branch 'ima-buffer-measurement-changes-v4' into next-integrity
      Merge branch 'restrict-digest-alg-v8' into next-integrity

Roberto Sassu (3):
      ima: Introduce ima_get_current_hash_algo()
      ima: Return int in the functions to measure a buffer
      ima: Add digest and digest_len params to the functions to measure a buffer

THOBY Simon (7):
      IMA: remove the dependency on CRYPTO_MD5
      IMA: block writes of the security.ima xattr with unsupported algorithms
      IMA: add support to restrict the hash algorithms used for file appraisal
      IMA: add a policy option to restrict xattr hash algorithms on appraisal
      IMA: introduce a new policy option func=SETXATTR_CHECK
      IMA: prevent SETXATTR_CHECK policy rules with unavailable algorithms
      IMA: reject unknown hash algorithms in ima_get_hash_algo

 Documentation/ABI/testing/ima_policy         |  15 ++-
 include/linux/ima.h                          |  23 +++-
 security/integrity/ima/Kconfig               |   1 -
 security/integrity/ima/ima.h                 |  24 ++--
 security/integrity/ima/ima_api.c             |   6 +-
 security/integrity/ima/ima_appraise.c        |  78 ++++++++++--
 security/integrity/ima/ima_asymmetric_keys.c |   2 +-
 security/integrity/ima/ima_init.c            |   3 +-
 security/integrity/ima/ima_main.c            |  89 ++++++++++----
 security/integrity/ima/ima_mok.c             |   2 +-
 security/integrity/ima/ima_policy.c          | 174 ++++++++++++++++++++++++---
 security/integrity/ima/ima_queue_keys.c      |   2 +-
 security/selinux/ima.c                       |   6 +-
 13 files changed, 350 insertions(+), 75 deletions(-)


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [GIT PULL] integrity subsystem updates for v5.15
  2021-08-31 22:58 [GIT PULL] integrity subsystem updates for v5.15 Mimi Zohar
@ 2021-09-02 20:05 ` pr-tracker-bot
  0 siblings, 0 replies; 2+ messages in thread
From: pr-tracker-bot @ 2021-09-02 20:05 UTC (permalink / raw)
  To: Mimi Zohar; +Cc: Linus Torvalds, linux-integrity, linux-kernel

The pull request you sent on Tue, 31 Aug 2021 18:58:26 -0400:

> git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git tags/integrity-v5.15

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/aef4892a63c248c31718d23941536b86829a49f0

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2021-09-02 20:05 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-31 22:58 [GIT PULL] integrity subsystem updates for v5.15 Mimi Zohar
2021-09-02 20:05 ` pr-tracker-bot

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).