--- v5
+++ v3
@@ -15,58 +15,27 @@
is loaded and to use this mode in a safe way (by ensuring that IMA
revalidates metadata when there is a change).
-Patches 6-9 make portable signatures more usable if metadata verification
-is not turned off, by ignoring the INTEGRITY_NOLABEL and INTEGRITY_NOXATTS
-errors when possible, by accepting any metadata modification until
-signature verification succeeds (useful when xattrs/attrs are copied
-sequentially from a source) and by allowing operations that don't change
-metadata.
+Patches 6-8 make portable signatures more usable if metadata verification
+is not turned off, by ignoring the INTEGRITY_NOLABEL error when no HMAC key
+is loaded, by accepting any metadata modification until signature
+verification succeeds (useful when xattrs/attrs are copied sequentially
+from a source) and by allowing operations that don't change metadata.
-Patch 10 makes it possible to use portable signatures when the IMA policy
-requires file signatures and patch 11 shows portable signatures in the
+Patch 9 makes it possible to use portable signatures when the IMA policy
+requires file signatures and patch 10 shows portable signatures in the
measurement list when the ima-sig template is selected.
-Lastly, patch 12 avoids undesired removal of security.ima when a file is
+Lastly, patch 11 avoids undesired removal of security.ima when a file is
not selected by the IMA policy.
-Changelog
-
-v4:
-- add patch to pass mnt_userns to EVM inode set/remove xattr hooks
- (suggested by Christian Brauner)
-- pass mnt_userns to posix_acl_update_mode()
-- use IS_ERR_OR_NULL() in evm_xattr_acl_change() (suggested by Mimi)
-
-v3:
-- introduce evm_ignore_error_safe() to correctly ignore INTEGRITY_NOLABEL
- and INTEGRITY_NOXATTRS errors
-- fix an error in evm_xattr_acl_change()
-- replace #ifndef with !IS_ENABLED() in integrity_load_keys()
-- reintroduce ima_inode_removexattr()
-- adapt patches to apply on top of the idmapped mounts patch set
-
-v2:
-- replace EVM_RESET_STATUS flag with evm_status_revalidate()
-- introduce IMA post hooks ima_inode_post_setxattr() and
- ima_inode_post_removexattr()
-- remove ima_inode_removexattr()
-- ignore INTEGRITY_NOLABEL error if the HMAC key is not loaded
-
-v1:
-- introduce EVM_RESET_STATUS integrity flag instead of clearing IMA flag
-- introduce new template field evmsig
-- add description of evm_xattr_acl_change() and evm_xattr_change()
-
-Roberto Sassu (12):
+Roberto Sassu (11):
evm: Execute evm_inode_init_security() only when an HMAC key is loaded
evm: Load EVM key in ima_load_x509() to avoid appraisal
evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
ima: Move ima_reset_appraise_flags() call to post hooks
evm: Introduce evm_status_revalidate()
- evm: Ignore INTEGRITY_NOLABEL/INTEGRITY_NOXATTRS if conditions are
- safe
+ evm: Ignore INTEGRITY_NOLABEL if no HMAC key is loaded
evm: Allow xattr/attr operations for portable signatures
- evm: Pass user namespace to set/remove xattr hooks
evm: Allow setxattr() and setattr() for unmodified metadata
ima: Allow imasig requirement to be satisfied by EVM portable
signatures
@@ -77,20 +46,20 @@
Documentation/ABI/testing/evm | 5 +-
Documentation/security/IMA-templates.rst | 4 +-
fs/xattr.c | 2 +
- include/linux/evm.h | 18 +-
- include/linux/ima.h | 18 ++
+ include/linux/evm.h | 6 +
+ include/linux/ima.h | 19 ++-
include/linux/integrity.h | 1 +
- security/integrity/evm/evm_main.c | 216 ++++++++++++++++++++--
- security/integrity/evm/evm_secfs.c | 4 +-
- security/integrity/iint.c | 4 +-
- security/integrity/ima/ima_appraise.c | 55 ++++--
+ security/integrity/evm/evm_main.c | 178 ++++++++++++++++++++--
+ security/integrity/evm/evm_secfs.c | 2 +-
+ security/integrity/iint.c | 2 +
+ security/integrity/ima/ima_appraise.c | 52 +++++--
security/integrity/ima/ima_init.c | 4 +
security/integrity/ima/ima_template.c | 2 +
- security/integrity/ima/ima_template_lib.c | 33 +++-
+ security/integrity/ima/ima_template_lib.c | 32 +++-
security/integrity/ima/ima_template_lib.h | 2 +
- security/security.c | 5 +-
- 15 files changed, 329 insertions(+), 44 deletions(-)
+ security/security.c | 4 +-
+ 15 files changed, 275 insertions(+), 40 deletions(-)
--
-2.26.2
+2.27.GIT