| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 May 2019 15:30:32 +0200
From: Roberto Sassu <roberto.sassu@...wei.com>
To: <zohar@...ux.ibm.com>, <dmitry.kasatkin@...wei.com>,
<mjg59@...gle.com>
CC: <linux-integrity@...r.kernel.org>,
<linux-security-module@...r.kernel.org>,
<linux-doc@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
<silviu.vlasceanu@...wei.com>,
Roberto Sassu <roberto.sassu@...wei.com>
Subject: [PATCH v2 0/3] ima/evm fixes for v5.2
Changelog
v1:
- remove patch 2/4 (evm: reset status in evm_inode_post_setattr()); file
attributes cannot be set if the signature is portable and immutable
- patch 3/4: add __ro_after_init to ima_appraise_req_evm variable
declaration
- patch 3/4: remove ima_appraise_req_evm kernel option and introduce
'enforce-evm' and 'log-evm' as possible values for ima_appraise=
- remove patch 4/4 (ima: only audit failed appraisal verifications)
- add new patch (ima: show rules with IMA_INMASK correctly)
Roberto Sassu (3):
evm: check hash algorithm passed to init_desc()
ima: don't ignore INTEGRITY_UNKNOWN EVM status
ima: show rules with IMA_INMASK correctly
.../admin-guide/kernel-parameters.txt | 3 ++-
security/integrity/evm/evm_crypto.c | 3 +++
security/integrity/ima/ima_appraise.c | 8 +++++++
security/integrity/ima/ima_policy.c | 21 +++++++++++--------
4 files changed, 25 insertions(+), 10 deletions(-)
--
2.17.1
Powered by blists - more mailing lists