[GIT PULL] integrity: susbystem updates for v6.7
From: Mimi Zohar
Date: Tue Oct 31 2023 - 11:03:00 EST
Hi Linus,
Four integrity changes: two IMA-overlay updates, an integrity Kconfig
cleanup, and a secondary keyring update.
Stephen Rothwell is carrying an overlay merge conflict resolution:
https://lore.kernel.org/linux-next/20231027131137.3051da98@xxxxxxxxxxxxxxxx/
thanks,
Mimi
The following changes since commit 94f6f0550c625fab1f373bb86a6669b45e9748b3:
Linux 6.6-rc5 (2023-10-08 13:49:43 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git tags/integrity-v6.7
for you to fetch changes up to b836c4d29f2744200b2af41e14bf50758dddc818:
ima: detect changes to the backing overlay file (2023-10-31 08:22:36 -0400)
----------------------------------------------------------------
integrity-v6.7
----------------------------------------------------------------
Amir Goldstein (1):
ima: annotate iint mutex to avoid lockdep false positive warnings
Mimi Zohar (2):
certs: Only allow certs signed by keys on the builtin keyring
ima: detect changes to the backing overlay file
Prasad Pandit (1):
integrity: fix indentation of config attributes
certs/Kconfig | 16 ++++++++++++-
crypto/asymmetric_keys/restrict.c | 4 ++++
fs/overlayfs/super.c | 2 +-
security/integrity/Kconfig | 44 +++++++++++++++++------------------
security/integrity/iint.c | 48 ++++++++++++++++++++++++++++++---------
security/integrity/ima/ima_api.c | 5 ++++
security/integrity/ima/ima_main.c | 16 ++++++++++++-
security/integrity/integrity.h | 2 ++
8 files changed, 101 insertions(+), 36 deletions(-)