projects / platform / kernel / linux-starfive.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: ca5b877 207cdd5)
Merge tag 'integrity-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar...
authorLinus Torvalds <torvalds@linux-foundation.org>
Wed, 16 Dec 2020 19:06:07 +0000 (11:06 -0800)
committerLinus Torvalds <torvalds@linux-foundation.org>
Wed, 16 Dec 2020 19:06:07 +0000 (11:06 -0800)
commite20a9b92ddbfe662807622dbb28e1fbb6e0011aa
treedf1a16ed9cdd8ed83aacfa01f0f3498bf156c12dtree | snapshot
parentca5b877b6ccc7b989614f3f541e9a1fe2ff7f75acommit | diff
parent207cdd565dfc95a0a5185263a567817b7ebf5467commit | diff
Merge tag 'integrity-v5.11' of git://git./linux/kernel/git/zohar/linux-integrity

Pull integrity subsystem updates from Mimi Zohar:
 "Just three patches here. Other integrity changes are being upstreamed
  via EFI (defines a common EFI secure and trusted boot IMA policy) and
  BPF LSM (exporting the IMA file cache hash info based on inode).

  The three patches included here:

   - bug fix: fail calculating the file hash, when a file not opened for
     read and the attempt to re-open it for read fails.

   - defer processing the "ima_appraise" boot command line option to
     avoid enabling different modes (e.g. fix, log) to when the secure
     boot flag is available on arm.

   - defines "ima-buf" as the default IMA buffer measurement template in
     preparation for the builtin integrity "critical data" policy"

* tag 'integrity-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
  ima: Don't modify file descriptor mode on the fly
  ima: select ima-buf template for buffer measurement
  ima: defer arch_ima_get_secureboot() call to IMA init time
include/linux/ima.h diff1 | diff2 | blob | history
security/integrity/ima/ima_main.c diff1 | diff2 | blob | history
Domain: System / Kernel;