summaryrefslogtreecommitdiff
path: root/io_uring/tctx.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2023-08-30 19:16:56 +0300
committerLinus Torvalds <torvalds@linux-foundation.org>2023-08-30 19:16:56 +0300
commit1a35914f738c564060a14388f52a06669b09e0b3 (patch)
tree25af3423d677d4339a3a9e03c1731be25a00e13d /io_uring/tctx.c
parent1086eeac9c333b6db6c98594f02996c8261c60c5 (diff)
parent55e2b69649be38f1788b38755070875b96111d2f (diff)
downloadlinux-1a35914f738c564060a14388f52a06669b09e0b3.tar.xz
Merge tag 'integrity-v6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull integrity subsystem updates from Mimi Zohar: - With commit 099f26f22f58 ("integrity: machine keyring CA configuration") certificates may be loaded onto the IMA keyring, directly or indirectly signed by keys on either the "builtin" or the "machine" keyrings. With the ability for the system/machine owner to sign the IMA policy itself without needing to recompile the kernel, update the IMA architecture specific policy rules to require the IMA policy itself be signed. [ As commit 099f26f22f58 was upstreamed in linux-6.4, updating the IMA architecture specific policy now to require signed IMA policies may break userspace expectations. ] - IMA only checked the file data hash was not on the system blacklist keyring for files with an appended signature (e.g. kernel modules, Power kernel image). Check all file data hashes regardless of how it was signed - Code cleanup, and a kernel-doc update * tag 'integrity-v6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: kexec_lock: Replace kexec_mutex() by kexec_lock() in two comments ima: require signed IMA policy when UEFI secure boot is enabled integrity: Always reference the blacklist keyring with appraisal ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig
Diffstat (limited to 'io_uring/tctx.c')
0 files changed, 0 insertions, 0 deletions