linux/security/integrity, branch v2.6.35 Linux kernel source tree https://git.amat.us/linux/atom/security/integrity?h=v2.6.35 2010-05-21T16:37:29Z kref: remove kref_set 2010-05-21T16:37:29Z NeilBrown neilb@suse.de 2010-03-16T04:14:51Z urn:sha1:db1afffab0b5d9f6d31f8f4bea44c9cb3bc59351 Of the three uses of kref_set in the kernel: One really should be kref_put as the code is letting go of a reference, Two really should be kref_init because the kref is being initialised. This suggests that making kref_set available encourages bad code. So fix the three uses and remove kref_set completely. Signed-off-by: NeilBrown <neilb@suse.de> Acked-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> ima: remove ACPI dependency 2010-05-16T23:21:58Z Mimi Zohar zohar@linux.vnet.ibm.com 2010-05-04T22:16:30Z urn:sha1:ba0c1709f4946a5ca1a678f4318ed72c0d409b3c The ACPI dependency moved to the TPM, where it belongs. Although IMA per-se does not require access to the bios measurement log, verifying the IMA boot aggregate does, which requires ACPI. This patch prereq's 'TPM: ACPI/PNP dependency removal' http://lkml.org/lkml/2010/5/4/378. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Reported-by: Jean-Christophe Dubois <jcd@tribudubois.net> Acked-by: Serge Hallyn <serue@us.ibm.com> Tested-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> Revert "ima: remove ACPI dependency" 2010-05-06T23:20:03Z James Morris jmorris@namei.org 2010-05-06T23:20:03Z urn:sha1:83c36ccfe4d849f482ea0a62402c7624f4e59f0e This reverts commit a674fa46c79ffa37995bd1c8e4daa2b3be5a95ae. Previous revert was a prereq. Signed-off-by: James Morris <jmorris@namei.org> Merge branch 'master' into next 2010-05-06T00:56:07Z James Morris jmorris@namei.org 2010-05-06T00:56:07Z urn:sha1:0ffbe2699cda6afbe08501098dff8a8c2fe6ae09 ima: remove ACPI dependency 2010-05-05T00:00:06Z Mimi Zohar zohar@linux.vnet.ibm.com 2010-05-04T22:16:30Z urn:sha1:a674fa46c79ffa37995bd1c8e4daa2b3be5a95ae The ACPI dependency moved to the TPM, where it belongs. Although IMA per-se does not require access to the bios measurement log, verifying the IMA boot aggregate does, which requires ACPI. This patch prereq's 'TPM: ACPI/PNP dependency removal' http://lkml.org/lkml/2010/5/4/378. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Reported-by: Jean-Christophe Dubois <jcd@tribudubois.net> Acked-by: Serge Hallyn <serue@us.ibm.com> Tested-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> IMA: include the word IMA in printk messages 2010-04-22T22:47:53Z Eric Paris eparis@redhat.com 2010-04-22T14:49:36Z urn:sha1:eb8dae9607901fd3fc181325ff3f30dce8f574c5 As an example IMA emits a warning when it can't find a TPM chip: "No TPM chip found, activating TPM-bypass!" This patch prefaces that message with IMA so we know what subsystem is bypassing the TPM. Do this for all pr_info and pr_err messages. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> IMA: drop the word integrity in the audit message 2010-04-20T23:58:18Z Eric Paris eparis@redhat.com 2010-04-20T14:21:36Z urn:sha1:34c111f626e91adb23f90a91d2c7cd4dac9fa4b1 integrity_audit_msg() uses "integrity:" in the audit message. This violates the (loosely defined) audit system requirements that everything be a key=value pair and it doesn't provide additional information. This can be obviously gleaned from the message type. Just drop it. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> IMA: use audit_log_untrusted_string rather than %s 2010-04-20T23:58:17Z Eric Paris eparis@redhat.com 2010-04-20T14:21:30Z urn:sha1:2f1506cd82e0725ba00c7146a9a9b47824a5edcf Convert all of the places IMA calls audit_log_format with %s into audit_log_untrusted_string(). This is going to cause them all to get quoted, but it should make audit log injection harder. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> IMA: handle comments in policy 2010-04-20T23:58:16Z Eric Paris eparis@redhat.com 2010-04-20T14:21:24Z urn:sha1:7233e3ee22b1506723411fe437bcf69f678e8cdd IMA policy load parser will reject any policies with a comment. This patch will allow the parser to just ignore lines which start with a #. This is not very robust. # can ONLY be used at the very beginning of a line. Inline comments are not allowed. Signed-off-by: Eric Paris Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> IMA: handle whitespace better 2010-04-20T23:58:16Z Eric Paris eparis@redhat.com 2010-04-20T14:21:18Z urn:sha1:28ef4002ec7b4be27f1110b83e255df8159c786a IMA parser will fail if whitespace is used in any way other than a single space. Using a tab or even using 2 spaces in a row will result in a policy being rejected. This patch makes the kernel ignore whitespace a bit better. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>