[security-next] Pull request (merge window)

From: Serge E. Hallyn
Date: Fri Jun 13 2014 - 10:19:58 EST

Next message: Michael Kerrisk (man-pages): "Re: [PATCH v3 3/7] shm: add memfd_create() syscall"
Previous message: Arnd Bergmann: "Re: [PATCH] ALSA: compress: Fix the mismatch size of struc between share lib(32bit) and kernel(64bit)"
In reply to: Serge E. Hallyn: "[security-next] Pull request (merge window)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Linus,

A few more commits had previously failed to make it through security-next
into linux-next but this week made it into linxu-next. At least commit
"ima: introduce ima_kernel_read()" was deemed critical by Mimi to make
this merge window.

This is a temporary tree just for this request. Mimi has pointed me to
some previous threads about keeping maintainer trees at the previous
release, which I'll certainly do for anything long-term, after talking
with James.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The following changes since commit 0e04c641b199435f3779454055f6a7de258ecdfc:

Merge tag 'dm-3.16-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm (2014-06-12 13:33:29 -0700)

are available in the git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux-security serge-next-2

for you to fetch changes up to 0430e49b6e7c6b5e076be8fefdee089958c9adad:

ima: introduce ima_kernel_read() (2014-06-12 17:58:08 -0400)

- ----------------------------------------------------------------
Dmitry Kasatkin (5):
evm: replace HMAC version with attribute mask
evm: provide option to protect additional SMACK xattrs
ima: prevent unnecessary policy checking
ima: check inode integrity cache in violation check
ima: introduce ima_kernel_read()

Mimi Zohar (2):
ima: prevent new digsig xattr from being replaced
evm: prohibit userspace writing 'security.evm' HMAC value

security/integrity/evm/Kconfig | 42 ++++++++++++++++++++++++++++-------
security/integrity/evm/evm.h | 5 ++++-
security/integrity/evm/evm_crypto.c | 2 +-
security/integrity/evm/evm_main.c | 29 +++++++++++++++++++++---
security/integrity/ima/ima_appraise.c | 10 ++++++---
security/integrity/ima/ima_crypto.c | 32 +++++++++++++++++++++++++-
security/integrity/ima/ima_main.c | 22 +++++++++---------
7 files changed, 114 insertions(+), 28 deletions(-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJTmwUGAAoJELF1z6mPGSryM5EIAKrW054UihG58o+efleMBqpk
Tur6eoFyFOjRlU0iRRjSyZpvNjGVsaEe46rBfrXkdV4D6lgPhAwCyUVkQGyHjetd
MbK1o17I4gHqQK2rHa5fkIGmWEzoRART32WJuCHrniIZJ+fv2vn1S2Veb1ei0Q+a
PyUHsvWdcmSsqA0wCcAaBSNekjdi+Wrs35OrHI2+SMdpTbTGJJdgOLtNzBMYLid6
cSGoarLC+ST1rJWxSI5hsaDnzgURUWk9dElzQCcEeSa0924mKBa4t0EwUmeaUQC9
kB3RGMS3OJEFwTxJXfSRolprftWEYkKd+3ovLE+P/Kp+0ZsJ74ohCCbk/5x6CMQ=
=eBeq
-----END PGP SIGNATURE-----
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Michael Kerrisk (man-pages): "Re: [PATCH v3 3/7] shm: add memfd_create() syscall"
Previous message: Arnd Bergmann: "Re: [PATCH] ALSA: compress: Fix the mismatch size of struc between share lib(32bit) and kernel(64bit)"
In reply to: Serge E. Hallyn: "[security-next] Pull request (merge window)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]