mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/security/integrity
History
Mimi Zohar 5e6f29a2ed ima: fix blocking of security.ima xattrs of unsupported algorithms 
[ Upstream commit 5926586f29 ]

Limit validating the hash algorithm to just security.ima xattr, not
the security.evm xattr or any of the protected EVM security xattrs,
nor posix acls.

Fixes: 50f742dd91 ("IMA: block writes of the security.ima xattr with unsupported algorithms")
Reported-by: Christian Brauner <brauner@kernel.org>
Acked-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2022-10-24 09:57:01 +02:00
..
evm Revert "evm: Fix memleak in init_desc" 2022-06-15 14:03:47 -04:00
ima ima: fix blocking of security.ima xattrs of unsupported algorithms 2022-10-24 09:57:01 +02:00
platform_certs efi: Correct Macmini DMI match in uefi cert quirk 2022-10-15 08:01:43 +02:00
Kconfig integrity: Introduce a Linux keyring called machine 2022-03-08 13:55:52 +02:00
Makefile integrity: Introduce a Linux keyring called machine 2022-03-08 13:55:52 +02:00
digsig.c ima: support fs-verity file digest based version 3 signatures 2022-05-05 17:41:51 -04:00
digsig_asymmetric.c ima: fix reference leak in asymmetric_verify() 2022-01-24 18:37:36 -05:00
iint.c evm: Load EVM key in ima_load_x509() to avoid appraisal 2021-05-21 12:47:04 -04:00
integrity.h ima: support fs-verity file digest based version 3 signatures 2022-05-05 17:41:51 -04:00
integrity_audit.c integrity: check the return value of audit_log_start() 2022-02-02 11:44:23 -05:00