[GIT PULL] linux-integrity patches for 4.16-security-next-general

[GIT PULL] linux-integrity patches for 4.16-security-next-general · Mimi Zohar <hidden> · 2018-01-05
Re: [GIT PULL] linux-integrity patches for 4.16-security-next-general · Roberto Sassu <roberto.sassu@huawei.com> · 2018-01-05
Re: [GIT PULL] linux-integrity patches for 4.16-security-next-general · Mimi Zohar <hidden> · 2018-01-05
Re: [GIT PULL] linux-integrity patches for 4.16-security-next-general · Roberto Sassu <roberto.sassu@huawei.com> · 2018-01-05
Re: [GIT PULL] linux-integrity patches for 4.16-security-next-general · James Morris <hidden> · 2018-01-08

From: roberto.sassu@huawei.com (Roberto Sassu)
Date: 2018-01-05 15:04:10
Also in: linux-integrity

On 1/5/2018 3:59 PM, Mimi Zohar wrote:

Hi Roberto,

On Fri, 2018-01-05 at 15:55 +0100, Roberto Sassu wrote:

quoted

On 1/5/2018 2:43 PM, Mimi Zohar wrote:

quoted

Hi James,

Mimi Zohar (2):
        ima: relax requiring a file signature for new files with zero length
        ima: support new "hash" and "dont_hash" policy actions

Hi Mimi

I think there is an issue in the patch above.

+	/* HASH just sets the digital signature flag, nothing else */
+	if ((action & IMA_HASH) && !(iint->flags & IMA_DIGSIG)) {

IMA_DIGSIG now is an atomic flag.

Yes, this caused me grief, but is fixed in next-integrity branch.

Ok, I didn't update.

Roberto

-- 
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Bo PENG, Qiuen PENG, Shengli WANG
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help