Michael Ellerman <m...@ellerman.id.au> writes:
> Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes:
>
>> This test exercises read and write access to the AMR, IAMR and UAMOR.
>>
>> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.
Michael Ellerman writes:
> Thiago Jung Bauermann writes:
>
>> This test exercises read and write access to the AMR, IAMR and UAMOR.
>>
>> Signed-off-by: Thiago Jung Bauermann
>> ---
>> tools/testing/selftests/powerpc/include/reg.h | 1 +
>&g
This test exercises read and write access to the AMR, IAMR and UAMOR.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
---
tools/testing/selftests/powerpc/include/reg.h | 1 +
tools/testing/selftests/powerpc/ptrace/Makefile| 5 +-
tools/testing/selftests/powerpc/
This test exercises read and write access to the AMR, IAMR and UAMOR.
Signed-off-by: Thiago Jung Bauermann
---
tools/testing/selftests/powerpc/include/reg.h | 1 +
tools/testing/selftests/powerpc/ptrace/Makefile| 5 +-
tools/testing/selftests/powerpc/ptrace/child.h | 139
This test verifies that the AMR, IAMR and UAMOR are being written to a
process' core file.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
---
tools/testing/selftests/powerpc/ptrace/Makefile| 5 +-
tools/testing/selftests/powerpc/ptrace/core-pkey.c
This test verifies that the AMR, IAMR and UAMOR are being written to a
process' core file.
Signed-off-by: Thiago Jung Bauermann
---
tools/testing/selftests/powerpc/ptrace/Makefile| 5 +-
tools/testing/selftests/powerpc/ptrace/core-pkey.c | 461 +
2 files changed, 465
() without having to depend on
CONFIG_MODULE_SIG.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
Reviewed-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Cc: Jessica Yu <j...@kernel.org>
---
include/linux/module.h | 3 --
include/linux/modul
() without having to depend on
CONFIG_MODULE_SIG.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
Cc: Jessica Yu
---
include/linux/module.h | 3 --
include/linux/module_signature.h | 44 +++
init/Kconfig | 6 +++-
kernel/Makefile
ost places the array doesn't hold a
digest.
A separate struct evm_xattr is introduced, with the original definition of
evm_ima_xattr_data to be used in the places that actually expect that
definition.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
---
security/integrity/
ost places the array doesn't hold a
digest.
A separate struct evm_xattr is introduced, with the original definition of
evm_ima_xattr_data to be used in the places that actually expect that
definition.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/evm/evm_crypto.c | 4 ++--
egrity/ima/ima_modsig.c
new file mode 100644
index ..d8ea811b6f74
--- /dev/null
+++ b/security/integrity/ima/ima_modsig.c
@@ -0,0 +1,31 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * IMA support for appraising module-style appended signatures.
+ *
+ * Copyright (C) 2018 IBM Corporatio
a signature stored in the extended
attribute or an appended signature.
For now, the rule above will behave exactly the same as if
appraise_type=imasig was specified. The actual modsig implementation
will be introduced separately.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
Add modsig support to the "sig" template field, allowing the the contents
of the modsig to be included in the measurement list.
Suggested-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
---
security/integrity/ima/i
Add modsig support to the "sig" template field, allowing the the contents
of the modsig to be included in the measurement list.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima.h | 7 +++
security/integrity/ima/im
with
the modsig. This is done by defining the appraise subaction flag
IMA_READ_MEASURE and testing for it in process_measurement().
Suggested-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
---
security/integrity/ima/ima.h
with
the modsig. This is done by defining the appraise subaction flag
IMA_READ_MEASURE and testing for it in process_measurement().
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima.h | 1 +
security/integrity/ima/ima_api.c | 8
-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
---
security/integrity/ima/Kconfig| 3 +
security/integrity/ima/ima.h | 36 -
security/integrity/ima/ima_appraise.c | 64 +--
security/integrity/ima/ima_main.c | 17 +++-
security/integri
-off-by: Thiago Jung Bauermann
---
security/integrity/ima/Kconfig| 3 +
security/integrity/ima/ima.h | 36 -
security/integrity/ima/ima_appraise.c | 64 +--
security/integrity/ima/ima_main.c | 17 +++-
security/integrity/ima/ima_modsig.c | 145
Define new "d-sig" template field which holds the digest that is expected
to match the one contained in the modsig.
Suggested-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
---
Documentation/security/IMA-templates.rst
Define new "d-sig" template field which holds the digest that is expected
to match the one contained in the modsig.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
---
Documentation/security/IMA-templates.rst | 5 +
security/integrity/ima/ima.h
ima_read_modsig() will need it so that it can show an error message.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
---
security/integrity/ima/ima.h| 2 ++
security/integrity/ima/ima_policy.c | 12 ++--
2 files changed, 8 insertions(+), 6 deletions(-)
diff
ima_read_modsig() will need it so that it can show an error message.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima.h| 2 ++
security/integrity/ima/ima_policy.c | 12 ++--
2 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/security/integrity/ima
This avoids a dependency cycle in soon-to-be-introduced
CONFIG_IMA_APPRAISE_MODSIG: it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann <ba
IMA will need to obtain the keyring used to verify file signatures so that
it can verify the module-style signature appended to files.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
security/integrity/digs
ed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
---
security/integrity/ima/ima.h | 5 +
security/integrity/ima/ima_appraise.c | 7 +++
security/integrity/ima/ima_template_lib.c | 2 +-
3 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/security/integrity
function.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
security/integrity/digsig_asymmetric.c | 44 +-
security/integrity/integrity.h | 8 +++
2 files changed, 41 inser
This avoids a dependency cycle in soon-to-be-introduced
CONFIG_IMA_APPRAISE_MODSIG: it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi
IMA will need to obtain the keyring used to verify file signatures so that
it can verify the module-style signature appended to files.
Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi Zohar
---
security/integrity/digsig.c| 28 +---
security/integrity
With the introduction of another IMA signature type (modsig), some places
will need to check for both of them. It is cleaner to do that if there's a
helper function to tell whether an xattr_value represents an IMA
signature.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
function.
Signed-off-by: Thiago Jung Bauermann
Signed-off-by: Mimi Zohar
---
security/integrity/digsig_asymmetric.c | 44 +-
security/integrity/integrity.h | 8 +++
2 files changed, 41 insertions(+), 11 deletions(-)
diff --git a/security/integrity
message, so add pkcs7_get_message_sig().
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
Reviewed-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Cc: David Howells <dhowe...@redhat.com>
Cc: David Woodhouse <dw...@infradead.org>
Cc: Herbert Xu <herb...@gondor
. Verifying that
sinfo->sig->digest isn't NULL is sufficient because both places which
allocate sinfo->sig (pkcs7_parse_message() and pkcs7_note_signed_info())
use kzalloc() so sig->digest is always initialized to zero.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.ibm.com>
Revie
message, so add pkcs7_get_message_sig().
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
Cc: David Howells
Cc: David Woodhouse
Cc: Herbert Xu
Cc: "David S. Miller"
---
certs/system_keyring.c| 61 ++-
crypto/asymm
. Verifying that
sinfo->sig->digest isn't NULL is sufficient because both places which
allocate sinfo->sig (pkcs7_parse_message() and pkcs7_note_signed_info())
use kzalloc() so sig->digest is always initialized to zero.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
Cc: David
t;ima: Write modsig to the measurement list"
- Since now we determine whether we'll use an xattr sig or a modsig
at the time they are read, there's no need to store a measurement
again in the modsig case. Thus, this patch doesn't need to change
ima_store_measurement() nor proces
t;ima: Write modsig to the measurement list"
- Since now we determine whether we'll use an xattr sig or a modsig
at the time they are read, there's no need to store a measurement
again in the modsig case. Thus, this patch doesn't need to change
ima_store_measurement() nor proces
Ram Pai <linux...@us.ibm.com> writes:
> On Wed, Apr 04, 2018 at 06:41:01PM -0300, Thiago Jung Bauermann wrote:
>>
>> Hello Ram,
>>
>> Ram Pai <linux...@us.ibm.com> writes:
>>
>> > Applications need the ability to associate an address-ran
Ram Pai writes:
> On Wed, Apr 04, 2018 at 06:41:01PM -0300, Thiago Jung Bauermann wrote:
>>
>> Hello Ram,
>>
>> Ram Pai writes:
>>
>> > Applications need the ability to associate an address-range with some
>> > key and latter re
pkey_iamr_mask &= ~(0x1ul << pkeyshift(i));
> @@ -145,7 +147,9 @@ void pkey_mm_init(struct mm_struct *mm)
> {
> if (static_branch_likely(_disabled))
> return;
> - mm_pkey_allocation_map(mm) = initial_allocation_mask;
> +
> + /* allocate key-0
turn;
> - mm_pkey_allocation_map(mm) = initial_allocation_mask;
> +
> + /* allocate key-0 by default */
> + mm_pkey_allocation_map(mm) = initial_allocation_mask | 0x1;
> /* -1 means unallocated or invalid */
> mm->context.execute_only_pkey = -1;
> }
I think we should also set the AMOR and UAMOR bits for key 0. Otherwise,
key 0 will be in allocated-but-not-enabled state which is yet another
subtle way in which it will be special.
Also, pkey_access_permitted() has a special case for key 0. Should it?
--
Thiago Jung Bauermann
IBM Linux Technology Center
not supported
Fixes: a0458284f062 ("powerpc: Add support code for kexec_file_load()")
Reported-by: Dave Young <dyo...@redhat.com>
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
arch/powerpc/kernel/machine_kexec_file_64.c | 2 +-
1 file changed, 1 in
not supported
Fixes: a0458284f062 ("powerpc: Add support code for kexec_file_load()")
Reported-by: Dave Young
Signed-off-by: Thiago Jung Bauermann
---
arch/powerpc/kernel/machine_kexec_file_64.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
This is a minor issue, but since it'
Dave Hansen <dave.han...@intel.com> writes:
> On 03/28/2018 01:47 PM, Thiago Jung Bauermann wrote:
>>>>if (flags)
>>>> - assert(rdpkey_reg() > orig_pkey_reg);
>>>> + assert(rdpkey_reg() < orig_pkey_reg);
>>>>
Dave Hansen writes:
> On 03/28/2018 01:47 PM, Thiago Jung Bauermann wrote:
>>>>if (flags)
>>>> - assert(rdpkey_reg() > orig_pkey_reg);
>>>> + assert(rdpkey_reg() < orig_pkey_reg);
>>>> }
>>>>
>>
t; +assert(rdpkey_reg() < orig_pkey_reg);
>> }
>>
>> void pkey_write_allow(int pkey)
>
> This seems so horribly wrong that I wonder how it worked in the first
> place. Any idea?
The code simply wasn't used. pkey_disable_clear() is called by
pkey_write_allow() and pkey_access_allow(), but before this patch series
nothing called either of these functions.
--
Thiago Jung Bauermann
IBM Linux Technology Center
dpkey_reg() < orig_pkey_reg);
>> }
>>
>> void pkey_write_allow(int pkey)
>
> This seems so horribly wrong that I wonder how it worked in the first
> place. Any idea?
The code simply wasn't used. pkey_disable_clear() is called by
pkey_write_allow() and pkey_access_allow(), but before this patch series
nothing called either of these functions.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Ram Pai <linux...@us.ibm.com> writes:
> On Fri, Feb 23, 2018 at 03:33:43PM -0300, Thiago Jung Bauermann wrote:
>> This test exercises read and write access to the AMR, IAMR and UAMOR.
>>
>
> Tested-by: Ram Pai <linux...@us.ibm.com>
> Acked-by: Ram
Ram Pai writes:
> On Fri, Feb 23, 2018 at 03:33:43PM -0300, Thiago Jung Bauermann wrote:
>> This test exercises read and write access to the AMR, IAMR and UAMOR.
>>
>
> Tested-by: Ram Pai
> Acked-by: Ram Pai
Ping? Can this and patch 2/2 go in v4.17?
>> Signed
dprintf4("read_pkey_reg(line=%d) pkey_reg: %016lx shadow: %016lx\n",
+ dprintf4("read_pkey_reg(line=%d) pkey_reg: "PKEY_REG_FMT
+ " shadow: "PKEY_REG_FMT"\n",
line, pkey_reg, shadow_pkey_reg);
assert(pkey_reg == shadow_pkey_reg);
--
Thiago Jung Bauermann
IBM Linux Technology Center
ead_pkey_reg(line=%d) pkey_reg: %016lx shadow: %016lx\n",
+ dprintf4("read_pkey_reg(line=%d) pkey_reg: "PKEY_REG_FMT
+ " shadow: "PKEY_REG_FMT"\n",
line, pkey_reg, shadow_pkey_reg);
assert(pkey_reg == shadow_pkey_reg);
--
Thiago Jung Bauermann
IBM Linux Technology Center
Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com> writes:
> Now the modsig is only ignored if it references a signature that is not
> present in IMA's keyring (or if there's a parsing error, obviously). If the
The above should read "Now the modsig is only ignored if it
Thiago Jung Bauermann writes:
> Now the modsig is only ignored if it references a signature that is not
> present in IMA's keyring (or if there's a parsing error, obviously). If the
The above should read "Now the modsig is only ignored if it references a
*key* that is not prese
This is the code needed by IMA-appraise to work with modsig signatures.
It will be used by the next two patches.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
security/integrity/ima/Kconfig | 3 +
security/integrity/ima/ima.h| 41
se
This is the code needed by IMA-appraise to work with modsig signatures.
It will be used by the next two patches.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/Kconfig | 3 +
security/integrity/ima/ima.h| 41
security/integrity/ima/ima_modsig.c | 181
n fails.
- Pass NULL xattr_value to evm_verifyxattr even in the case of xattr
signature in ima_appraise_measurement (suggested by Mimi Zohar).
- Use switch statement provided by Mimi Zohar to check result of
evm_verifyxattr.
- If the modsig verification succeeds, copy the hash calculated during
n fails.
- Pass NULL xattr_value to evm_verifyxattr even in the case of xattr
signature in ima_appraise_measurement (suggested by Mimi Zohar).
- Use switch statement provided by Mimi Zohar to check result of
evm_verifyxattr.
- If the modsig verification succeeds, copy the hash calculated during
. Verifying that
sinfo->sig->digest isn't NULL is sufficient because both places which
allocate sinfo->sig (pkcs7_parse_message() and pkcs7_note_signed_info())
use kzalloc() so sig->digest is always initialized to zero.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
. Verifying that
sinfo->sig->digest isn't NULL is sufficient because both places which
allocate sinfo->sig (pkcs7_parse_message() and pkcs7_note_signed_info())
use kzalloc() so sig->digest is always initialized to zero.
Signed-off-by: Thiago Jung Bauermann
Cc: David Howells
Cc: Herbert Xu
This avoids a dependency cycle in CONFIG_IMA_APPRAISE_MODSIG (introduced by
a later patch in this series): it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann
This avoids a dependency cycle in CONFIG_IMA_APPRAISE_MODSIG (introduced by
a later patch in this series): it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann
IMA will need to obtain the keyring used to verify file signatures so that
it can verify the module-style signature appended to files.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
security/integrity/digsig.c| 28 +---
security/int
IMA will need to obtain the keyring used to verify file signatures so that
it can verify the module-style signature appended to files.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/digsig.c| 28 +---
security/integrity/integrity.h | 6 ++
2 files
com>
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
Documentation/ABI/testing/ima_policy | 6 +-
security/integrity/ima/Kconfig | 10 ++
security/integrity/ima/Makefile | 1 +
security/integrity/ima/ima.h | 9 +
security/i
ew file mode 100644
index ..d8ea811b6f74
--- /dev/null
+++ b/security/integrity/ima/ima_modsig.c
@@ -0,0 +1,31 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * IMA support for appraising module-style appended signatures.
+ *
+ * Copyright (C) 2018 IBM Corporation
+ *
+ * Author:
+ * Thiago J
function.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
security/integrity/digsig_asymmetric.c | 44 +-
security/integrity/integrity.h | 8 +++
2 files changed, 41 insertions(+), 11 deletions(-)
diff --git a/security/int
function.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/digsig_asymmetric.c | 44 +-
security/integrity/integrity.h | 8 +++
2 files changed, 41 insertions(+), 11 deletions(-)
diff --git a/security/integrity/digsig_asymmetric.c
b/security
signature.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
security/integrity/ima/ima.h | 11 +++-
security/integrity/ima/ima_appraise.c | 53 +++
security/integrity/ima/ima_main.c | 21 +++---
3 files chang
signature.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima.h | 11 +++-
security/integrity/ima/ima_appraise.c | 53 +++
security/integrity/ima/ima_main.c | 21 +++---
3 files changed, 74 insertions(+), 11 deletions
d-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
Documentation/security/IMA-templates.rst | 5
security/integrity/ima/ima_template.c | 4 ++-
security/integrity/ima/ima_template_lib.c | 47 +++
igned-off-by: Thiago Jung Bauermann
---
Documentation/security/IMA-templates.rst | 5
security/integrity/ima/ima_template.c | 4 ++-
security/integrity/ima/ima_template_lib.c | 47 +--
security/integrity/ima/ima_template_lib.h | 2 ++
4 files changed,
ima_read_modsig() will need it so that it can show an error message.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
security/integrity/ima/ima.h| 2 ++
security/integrity/ima/ima_policy.c | 12 ++--
2 files changed, 8 insertions(+), 6 deletions(-)
ima_read_modsig() will need it so that it can show an error message.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/ima/ima.h| 2 ++
security/integrity/ima/ima_policy.c | 12 ++--
2 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/security/integrity/ima
that verify_pkcs7_signature()
takes.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Cc: David Howells <dhowe...@redhat.com>
Cc: David Woodhouse <dw...@infradead.org>
Cc: Herbert Xu <herb...@gondor.apana.org.au>
Cc: "David S. Miller" <da...@davem
ed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
security/integrity/ima/ima.h | 5 +
security/integrity/ima/ima_appraise.c | 7 +++
security/integrity/ima/ima_template_lib.c | 2 +-
3 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/security/i
With the introduction of another IMA signature type (modsig), some places
will need to check for both of them. It is cleaner to do that if there's a
helper function to tell whether an xattr_value represents an IMA
signature.
Suggested-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
that verify_pkcs7_signature()
takes.
Signed-off-by: Thiago Jung Bauermann
Cc: David Howells
Cc: David Woodhouse
Cc: Herbert Xu
Cc: "David S. Miller"
---
certs/system_keyring.c| 61 ++-
crypto/asymmetric_keys/pkcs7_parser.c | 16 +
incl
() without having to depend on
CONFIG_MODULE_SIG.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Reviewed-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Cc: Jessica Yu <j...@kernel.org>
---
include/linux/module.h | 3 --
include/linux/modul
() without having to depend on
CONFIG_MODULE_SIG.
Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
Cc: Jessica Yu
---
include/linux/module.h | 3 --
include/linux/module_signature.h | 44 +++
init/Kconfig | 6 +++-
kernel/Makefile
Mimi Zohar <zo...@linux.vnet.ibm.com> writes:
> On Wed, 2018-03-14 at 21:03 -0300, Thiago Jung Bauermann wrote:
>> Hello Serge,
>>
>> Thanks for quickly reviewing these patches!
>>
>> Serge E. Hallyn <se...@hallyn.com> writes:
>>
>> >
Mimi Zohar writes:
> On Wed, 2018-03-14 at 21:03 -0300, Thiago Jung Bauermann wrote:
>> Hello Serge,
>>
>> Thanks for quickly reviewing these patches!
>>
>> Serge E. Hallyn writes:
>>
>> > Quoting Thiago Jung Bauermann (bauer...@linux.vnet.ib
Joe Perches <j...@perches.com> writes:
> On Thu, 2018-03-15 at 14:57 +0300, Dan Carpenter wrote:
>> On Wed, Mar 14, 2018 at 06:22:07PM -0300, Thiago Jung Bauermann wrote:
>> >
>> > SF Markus Elfring <elfr...@users.sourceforge.net> writes:
Joe Perches writes:
> On Thu, 2018-03-15 at 14:57 +0300, Dan Carpenter wrote:
>> On Wed, Mar 14, 2018 at 06:22:07PM -0300, Thiago Jung Bauermann wrote:
>> >
>> > SF Markus Elfring writes:
>> >
>> > > From: Markus Elfring
>> > > Dat
Hello Serge,
Thanks for quickly reviewing these patches!
Serge E. Hallyn <se...@hallyn.com> writes:
> Quoting Thiago Jung Bauermann (bauer...@linux.vnet.ibm.com):
>> From: Mimi Zohar <zo...@linux.vnet.ibm.com>
>> @@ -241,16 +241,20 @@ int ima_appraise_meas
Hello Serge,
Thanks for quickly reviewing these patches!
Serge E. Hallyn writes:
> Quoting Thiago Jung Bauermann (bauer...@linux.vnet.ibm.com):
>> From: Mimi Zohar
>> @@ -241,16 +241,20 @@ int ima_appraise_measurement(enum ima_hooks func,
>> }
>>
>&
>
> This issue was detected by using the Coccinelle software.
>
> Signed-off-by: Markus Elfring <elfr...@users.sourceforge.net>
> ---
> arch/powerpc/kernel/machine_kexec_file_64.c | 28
> 1 file changed, 12 insertions(+), 16 deletions(-)
I liked
gned-off-by: Markus Elfring
> ---
> arch/powerpc/kernel/machine_kexec_file_64.c | 28
> 1 file changed, 12 insertions(+), 16 deletions(-)
I liked it. Thanks!
Reviewed-by: Thiago Jung Bauermann
--
Thiago Jung Bauermann
IBM Linux Technology Center
The "goto out" statement doesn't have any purpose since there's no cleanup
to be done when returning early, so remove it. This also makes the rc
variable unnecessary so remove it as well.
Also, the xattr_len and fmt variables are redundant so remove them as well.
Signed-off-by: T
The "goto out" statement doesn't have any purpose since there's no cleanup
to be done when returning early, so remove it. This also makes the rc
variable unnecessary so remove it as well.
Also, the xattr_len and fmt variables are redundant so remove them as well.
Signed-off-by: T
ar <zo...@linux.vnet.ibm.com>
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
security/integrity/ima/ima_appraise.c | 33 -
1 file changed, 20 insertions(+), 13 deletions(-)
diff --git a/security/integrity/ima/ima_appraise.c
b/secu
This macro isn't used anymore since commit 0d73a55208e9 ("ima: re-introduce
own integrity cache lock"), so remove it.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
security/integrity/integrity.h | 1 -
1 file changed, 1 deletion(-)
diff --git a/se
From: Mimi Zohar
Replace nested ifs in the EVM xattr verification logic with a switch
statement, making the code easier to understand.
Also, add comments to the if statements in the out section and constify the
cause variable.
Signed-off-by: Mimi Zohar
Signed-off-by: Thiago Jung Bauermann
This macro isn't used anymore since commit 0d73a55208e9 ("ima: re-introduce
own integrity cache lock"), so remove it.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/integrity.h | 1 -
1 file changed, 1 deletion(-)
diff --git a/security/integrity/integrity.h b/security
ata, since in most places the array
doesn't hold a digest.
A separate struct evm_xattr is introduced, with the original definition of
evm_ima_xattr_data to be used in the places that actually expect that
definition.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
securi
h "ima: Improvements in ima_appraise_measurement()"
- Moved is_ima_sig() to its own patch (not in this series).
Mimi Zohar (1):
ima: Improvements in ima_appraise_measurement()
Thiago Jung Bauermann (3):
integrity: Remove unused macro IMA_ACTION_RULE_FLAGS
ima: Simplify ima_eventsig_init()
integri
ata, since in most places the array
doesn't hold a digest.
A separate struct evm_xattr is introduced, with the original definition of
evm_ima_xattr_data to be used in the places that actually expect that
definition.
Signed-off-by: Thiago Jung Bauermann
---
security/integrity/evm/evm_crypt
h "ima: Improvements in ima_appraise_measurement()"
- Moved is_ima_sig() to its own patch (not in this series).
Mimi Zohar (1):
ima: Improvements in ima_appraise_measurement()
Thiago Jung Bauermann (3):
integrity: Remove unused macro IMA_ACTION_RULE_FLAGS
ima: Simplify ima_eventsig_init()
integri
Baoquan He <b...@redhat.com>
>> Cc: Michael Ellerman <m...@ellerman.id.au>
>> Cc: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
>> ---
>> arch/powerpc/include/asm/kexec.h| 2 +-
>> arch/powerpc/kernel/kexec_elf_64.c | 2
gt; an architecture-defined kexec_file_ops array. So let's factor them out.
>>
>> Signed-off-by: AKASHI Takahiro
>> Cc: Dave Young
>> Cc: Vivek Goyal
>> Cc: Baoquan He
>> Cc: Michael Ellerman
>> Cc: Thiago Jung Bauermann
>> ---
>> arch/powe
This test exercises read and write access to the AMR, IAMR and UAMOR.
Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
---
tools/testing/selftests/powerpc/include/reg.h | 1 +
tools/testing/selftests/powerpc/ptrace/Makefile| 5 +-
tools/testing/selftests/p
This test exercises read and write access to the AMR, IAMR and UAMOR.
Signed-off-by: Thiago Jung Bauermann
---
tools/testing/selftests/powerpc/include/reg.h | 1 +
tools/testing/selftests/powerpc/ptrace/Makefile| 5 +-
tools/testing/selftests/powerpc/ptrace/child.h | 130
301 - 400 of 1092 matches
Mail list logo