From patchwork Thu May 9 17:25:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: James Morris X-Patchwork-Id: 10937429 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A560E924 for ; Thu, 9 May 2019 17:25:27 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8AED928AF8 for ; Thu, 9 May 2019 17:25:27 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7EC0C28769; Thu, 9 May 2019 17:25:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6499628736 for ; Thu, 9 May 2019 17:25:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726713AbfEIRZ0 (ORCPT ); Thu, 9 May 2019 13:25:26 -0400 Received: from namei.org ([65.99.196.166]:38266 "EHLO namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726656AbfEIRZZ (ORCPT ); Thu, 9 May 2019 13:25:25 -0400 Received: from localhost (localhost [127.0.0.1]) by namei.org (8.14.4/8.14.4) with ESMTP id x49HPOMA025900; Thu, 9 May 2019 17:25:24 GMT Date: Fri, 10 May 2019 03:25:24 +1000 (AEST) From: James Morris To: Linus Torvalds cc: linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [GIT PULL] Security subsystem: integrity updates for v5.2 Message-ID: User-Agent: Alpine 2.21 (LRH 202 2017-01-01) MIME-Version: 1.0 Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From Mimi: "This pull request contains just three patches, the remainder are either included in other pull requests (eg. audit, lockdown) or will be upstreamed via other subsystems (eg. kselftests, Power).  Included in this pull request is one bug fix, one documentation update, and extending the x86 IMA arch policy rules to coordinate the different kernel module signature verification methods." The following changes since commit fe9fd2ef383c2f5883fcd3f7adce0de9ce2556ff: Revert "security: inode: fix a missing check for securityfs_create_file" (2019-04-10 14:59:20 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-integrity for you to fetch changes up to 2bfebea90dd5e8c57ae1021a5d1bb6c1057eee6d: Merge branch 'next-integrity-for-james' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into next-integrity (2019-04-12 15:20:23 -0700) ---------------------------------------------------------------- James Morris (1): Merge branch 'next-integrity-for-james' of git://git.kernel.org/.../zohar/linux-integrity into next-integrity Mimi Zohar (2): x86/ima: require signed kernel modules x86/ima: add missing include Petr Vorel (1): doc/kernel-parameters.txt: Deprecate ima_appraise_tcb Documentation/admin-guide/kernel-parameters.txt | 5 ++--- arch/x86/kernel/ima_arch.c | 10 +++++++++- include/linux/module.h | 5 +++++ kernel/module.c | 5 +++++ 4 files changed, 21 insertions(+), 4 deletions(-)