iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bac38bd7c458b17eded5cb6d50446bf7c9e46daa
linux/security
History
Mimi Zohar 912d16a2d7 evm: fix writing <securityfs>/evm overflow 
[ Upstream commit 49219d9b87 ]

EVM_SETUP_COMPLETE is defined as 0x80000000, which is larger than INT_MAX.
The "-fno-strict-overflow" compiler option properly prevents signaling
EVM that the EVM policy setup is complete.  Define and read an unsigned
int.

Fixes: f00d797507 ("EVM: Allow userspace to signal an RSA key has been loaded")
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-07-14 16:56:04 +02:00
..
apparmor
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
bpf
bpf: Implement bpf_local_storage for inodes
2020-08-25 15:00:04 -07:00
integrity
evm: fix writing <securityfs>/evm overflow
2021-07-14 16:56:04 +02:00
keys
KEYS: trusted: Fix memory leak on object td
2021-05-19 10:12:50 +02:00
loadpin
LSM: Add "contents" flag to kernel_read_file hook
2020-10-05 13:37:03 +02:00
lockdown
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
2020-06-02 17:36:24 -07:00
safesetid
LSM: SafeSetID: Fix warnings reported by test bot
2020-10-13 09:17:36 -07:00
selinux
selinux: add proper NULL termination to the secclass_map permissions
2021-05-14 09:49:59 +02:00
smack
smackfs: restrict bytes count in smackfs write functions
2021-03-07 12:34:05 +01:00
tomoyo
tomoyo: recognize kernel threads correctly
2021-03-09 11:11:15 +01:00
yama
task_work: cleanup notification modes
2020-10-17 15:05:30 -06:00
commoncap.c
security: commoncap: fix -Wstringop-overread warning
2021-05-11 14:47:36 +02:00
device_cgroup.c
device_cgroup: Fix RCU list debugging warning
2020-08-20 11:25:03 -07:00
inode.c
Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2019-07-19 10:42:02 -07:00
Kconfig
Replace HTTP links with HTTPS ones: security
2020-08-06 12:00:05 -07:00
Kconfig.hardening
security: allow using Clang's zero initialization for stack variables
2020-06-16 02:06:23 -07:00
lsm_audit.c
dump_common_audit_data(): fix racy accesses to ->d_name
2021-01-19 18:27:29 +01:00
Makefile
device_cgroup: Cleanup cgroup eBPF device filter code
2020-04-13 14:41:54 -04:00
min_addr.c
sysctl: pass kernel pointers to ->proc_handler
2020-04-27 02:07:40 -04:00
security.c
LSM: Add "contents" flag to kernel_read_file hook
2020-10-05 13:37:03 +02:00