linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-28 21:33:52 +00:00

History

Mimi Zohar 904f9c1465 ima: detect changes to the backing overlay file [ Upstream commit `b836c4d29f` ] Commit `18b44bc5a6` ("ovl: Always reevaluate the file signature for IMA") forced signature re-evaulation on every file access. Instead of always re-evaluating the file's integrity, detect a change to the backing file, by comparing the cached file metadata with the backing file's metadata. Verifying just the i_version has not changed is insufficient. In addition save and compare the i_ino and s_dev as well. Reviewed-by: Amir Goldstein <amir73il@gmail.com> Tested-by: Eric Snowberg <eric.snowberg@oracle.com> Tested-by: Raul E Rangel <rrangel@chromium.org> Cc: stable@vger.kernel.org Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org>		2023-12-08 08:43:26 +01:00
..
apparmor	apparmor: Fix abi check to include v8 abi	2023-01-18 11:30:21 +01:00
integrity	ima: detect changes to the backing overlay file	2023-12-08 08:43:26 +01:00
keys	security: keys: perform capable check only on privileged operations	2023-09-23 10:47:58 +02:00
loadpin
selinux	selinux: don't use make's grouped targets feature yet	2023-06-09 10:24:03 +02:00
smack	smack: Record transmuting in smk_transmuted	2023-10-10 21:44:59 +02:00
tomoyo	tomoyo: fix broken dependency on *.conf.default	2023-02-06 07:49:37 +01:00
yama
commoncap.c
device_cgroup.c	device_cgroup: Roll back to original exceptions after copy failure	2023-01-18 11:30:44 +01:00
inode.c
Kconfig
lsm_audit.c
Makefile
min_addr.c
security.c	ima: Align ima_file_mmap() parameters with mmap_file LSM hook	2023-03-11 16:31:51 +01:00