[GIT PULL] integrity: subsystem fixes for v5.17

From: Mimi Zohar
Date: Sun Feb 06 2022 - 20:52:39 EST


Hi Linus,

These are fixes for recently found bugs. One was found/noticed while
reviewing IMA support for fsverity digests and signatures. Two of them
were found/noticed while working on IMA namespacing. Plus two other bu
gs. All of them are for previous kernel releases.

thanks,

Mimi

The following changes since commit e783362eb54cd99b2cac8b3a9aeac942e6f6ac07:

Linux 5.17-rc1 (2022-01-23 10:12:53 +0200)

are available in the Git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git tags/integrity-v5.17-fix

for you to fetch changes up to 89677197ae709eb1ab3646952c44f6a171c9e74c:

ima: Do not print policy rule with inactive LSM labels (2022-02-02 11:59:54 -0500)

----------------------------------------------------------------
integrity-v5-17-fix

----------------------------------------------------------------
Eric Biggers (1):
ima: fix reference leak in asymmetric_verify()

Roberto Sassu (1):
ima: Allow template selection with ima_template[_fmt]= after ima_hash=

Stefan Berger (2):
ima: Remove ima_policy file before directory
ima: Do not print policy rule with inactive LSM labels

Xiaoke Wang (1):
integrity: check the return value of audit_log_start()

security/integrity/digsig_asymmetric.c | 15 +++++++++------
security/integrity/ima/ima_fs.c | 2 +-
security/integrity/ima/ima_policy.c | 8 ++++++++
security/integrity/ima/ima_template.c | 10 +++++++---
security/integrity/integrity_audit.c | 2 ++
5 files changed, 27 insertions(+), 10 deletions(-)