linux/security/keys
Linus Torvalds 717e6eb49b integrity-v6.2
-----BEGIN PGP SIGNATURE-----
 
 iIoEABYIADIWIQQdXVVFGN5XqKr1Hj7LwZzRsCrn5QUCY5ekGxQcem9oYXJAbGlu
 dXguaWJtLmNvbQAKCRDLwZzRsCrn5QLyAQC+olx4ImpAgFXoeYaZOiZr08ziAIlb
 hQ8rae6hFWecCgD/SZmDtOQ39UGobWbpj+GqwZvx8iJwKPCu9YzQ7Rjo7QE=
 =MywK
 -----END PGP SIGNATURE-----

Merge tag 'integrity-v6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity

Pull integrity updates from Mimi Zohar:
 "Aside from the one cleanup, the other changes are bug fixes:

  Cleanup:

   - Include missing iMac Pro 2017 in list of Macs with T2 security chip

  Bug fixes:

   - Improper instantiation of "encrypted" keys with user provided data

   - Not handling delay in updating LSM label based IMA policy rules
     (-ESTALE)

   - IMA and integrity memory leaks on error paths

   - CONFIG_IMA_DEFAULT_HASH_SM3 hash algorithm renamed"

* tag 'integrity-v6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
  ima: Fix hash dependency to correct algorithm
  ima: Fix misuse of dereference of pointer in template_desc_init_fields()
  integrity: Fix memory leakage in keyring allocation error path
  ima: Fix memory leak in __ima_inode_hash()
  ima: Handle -ESTALE returned by ima_filter_rule_match()
  ima: Simplify ima_lsm_copy_rule
  ima: Fix a potential NULL pointer access in ima_restore_measurement_list
  efi: Add iMac Pro 2017 to uefi skip cert quirk
  KEYS: encrypted: fix key instantiation with user-provided data
2022-12-13 14:22:50 -08:00
..
encrypted-keys KEYS: encrypted: fix key instantiation with user-provided data 2022-10-19 13:01:23 -04:00
trusted-keys KEYS: trusted: tee: Make registered shm dependency explicit 2022-12-08 16:20:46 +00:00
big_key.c big_keys: Use struct for internal payload 2022-05-16 16:02:21 -07:00
compat_dh.c
compat.c security/keys: remove compat_keyctl_instantiate_key_iov 2020-10-03 00:02:16 -04:00
dh.c crypto: dh - constify struct dh's pointer members 2022-03-03 10:47:50 +12:00
gc.c watch_queue: Add a key/keyring notification facility 2020-05-19 15:19:06 +01:00
internal.h KEYS: Move KEY_LOOKUP_ to include/linux/key.h and define KEY_LOOKUP_ALL 2022-09-21 17:32:48 -07:00
Kconfig KEYS: trusted: allow use of TEE as backend without TCG_TPM support 2022-05-23 18:47:50 +03:00
key.c certs: Fix blacklist flag type confusion 2021-01-21 16:16:10 +00:00
keyctl_pkey.c KEYS: fix length validation in keyctl_pkey_params_get_2() 2022-03-08 10:33:18 +02:00
keyctl.c use less confusing names for iov_iter direction initializers 2022-11-25 13:01:55 -05:00
keyring.c security/keys: Remove inconsistent __user annotation 2022-10-05 00:25:56 +03:00
Makefile
permission.c keys: Make the KEY_NEED_* perms an enum rather than a mask 2020-05-19 15:42:22 +01:00
persistent.c
proc.c keys: Fix proc_keys_next to increase position index 2020-04-16 10:10:50 -07:00
process_keys.c ucounts: Move get_ucounts from cred_alloc_blank to key_change_session_keyring 2021-10-20 10:34:20 -05:00
request_key_auth.c KEYS: Don't write out to userspace while holding key semaphore 2020-03-29 12:40:41 +01:00
request_key.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
sysctl.c
user_defined.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00