git.baikalelectronics.ru Git - kernel.git/commit

Merge tag 'integrity-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity

Pull IMA updates from Mimi Zohar:
"New is IMA support for measuring kernel critical data, as per usual
  based on policy. The first example measures the in memory SELinux
  policy. The second example measures the kernel version.

  In addition are four bug fixes to address memory leaks and a missing
  'static' function declaration"

* tag 'integrity-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
  integrity: Make function integrity_add_key() static
  ima: Free IMA measurement buffer after kexec syscall
  ima: Free IMA measurement buffer on error
  IMA: Measure kernel version in early boot
  selinux: include a consumer of the new IMA critical data hook
  IMA: define a builtin critical data measurement policy
  IMA: extend critical data hook to limit the measurement based on a label
  IMA: limit critical data measurement based on a label
  IMA: add policy rule to measure critical data
  IMA: define a hook to measure kernel integrity critical data
  IMA: add support to measure buffer data hash
  IMA: generalize keyring specific measurement constructs
  evm: Fix memleak in init_desc

author	Linus Torvalds <torvalds@linux-foundation.org>
	Mon, 22 Feb 2021 01:08:06 +0000 (17:08 -0800)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Mon, 22 Feb 2021 01:08:06 +0000 (17:08 -0800)
commit	3d4f52c29bb4f6dbdef82bd0d1819d9942c6e03f
tree	ba135c64ac4e8a8c54d3a7ab393f8d9db46a0430	tree \| snapshot
parent	d716cc7c6becfe1a592bb2f48a145671e97d978b	commit \| diff
parent	423d7e725e704a5fb7abf012c51efdaa32b937d5	commit \| diff

Documentation/admin-guide/kernel-parameters.txt	diff1 \|	diff2 \|	blob \| history
security/selinux/include/security.h	diff1 \|	diff2 \|	blob \| history
security/selinux/ss/services.c	diff1 \|	diff2 \|	blob \| history