TWxSoftware/twx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
30bbdff9e1
twx-linux/security
History
Mimi Zohar 7a3e7f1ed6 evm: don't copy up 'security.evm' xattr 
[ Upstream commit 40ca4ee3136d2d09977d1cab8c0c0e1582c3359d ]

The security.evm HMAC and the original file signatures contain
filesystem specific data.  As a result, the HMAC and signature
are not the same on the stacked and backing filesystems.

Don't copy up 'security.evm'.

Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-08-29 17:33:31 +02:00
..
apparmor apparmor: Fix null pointer deref when receiving skb during sock creation 2024-08-03 08:54:38 +02:00
bpf
integrity evm: don't copy up 'security.evm' xattr 2024-08-29 17:33:31 +02:00
keys task_work: s/task_work_cancel()/task_work_cancel_func()/ 2024-08-03 08:54:16 +02:00
landlock landlock: Don't lose track of restrictions on cred_transfer 2024-08-03 08:54:11 +02:00
loadpin LoadPin: Annotate struct dm_verity_loadpin_trusted_root_digest with __counted_by 2023-08-25 16:07:30 -07:00
lockdown
safesetid
selinux selinux: add the processing of the failure of avc_add_xperms_decision() 2024-08-29 17:33:15 +02:00
smack ima: Avoid blocking in RCU read-side critical section 2024-07-11 12:49:18 +02:00
tomoyo tomoyo: fix UAF write bug in tomoyo_write_control() 2024-03-06 14:48:39 +00:00
yama
commoncap.c lsm: constify the 'target' parameter in security_capget() 2023-08-08 16:48:47 -04:00
device_cgroup.c
inode.c security: convert to ctime accessor functions 2023-07-24 10:30:08 +02:00
Kconfig
Kconfig.hardening hardening: Move BUG_ON_DATA_CORRUPTION to hardening options 2023-08-15 14:57:25 -07:00
lsm_audit.c
Makefile
min_addr.c
security.c evm: don't copy up 'security.evm' xattr 2024-08-29 17:33:31 +02:00