diff options
| author |   Linus Torvalds <torvalds@linux-foundation.org> | 2016-01-17 19:13:15 -0800 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2016-01-17 19:13:15 -0800 |
| commit | 5807fcaa9bf7dd87241df739161c119cf78a6bc4 (patch) | |
| tree | 4ed1e647a0ae0f315db3b9066c9235020c439649 /security/integrity/iint.c | |
| parent | Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/audit (diff) | |
| parent | Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into next (diff) | |
| download | linux-dev-5807fcaa9bf7dd87241df739161c119cf78a6bc4.tar.xz linux-dev-5807fcaa9bf7dd87241df739161c119cf78a6bc4.zip | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
- EVM gains support for loading an x509 cert from the kernel
(EVM_LOAD_X509), into the EVM trusted kernel keyring.
- Smack implements 'file receive' process-based permission checking for
sockets, rather than just depending on inode checks.
- Misc enhancments for TPM & TPM2.
- Cleanups and bugfixes for SELinux, Keys, and IMA.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (41 commits)
selinux: Inode label revalidation performance fix
KEYS: refcount bug fix
ima: ima_write_policy() limit locking
IMA: policy can be updated zero times
selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()
selinux: export validatetrans decisions
gfs2: Invalid security labels of inodes when they go invalid
selinux: Revalidate invalid inode security labels
security: Add hook to invalidate inode security labels
selinux: Add accessor functions for inode->i_security
security: Make inode argument of inode_getsecid non-const
security: Make inode argument of inode_getsecurity non-const
selinux: Remove unused variable in selinux_inode_init_security
keys, trusted: seal with a TPM2 authorization policy
keys, trusted: select hash algorithm for TPM2 chips
keys, trusted: fix: *do not* allow duplicate key options
tpm_ibmvtpm: properly handle interrupted packet receptions
tpm_tis: Tighten IRQ auto-probing
tpm_tis: Refactor the interrupt setup
tpm_tis: Get rid of the duplicate IRQ probing code
...
Diffstat (limited to 'security/integrity/iint.c')
| -rw-r--r-- | security/integrity/iint.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/security/integrity/iint.c b/security/integrity/iint.c index c2e3ccd4b510..8f1ab37f2897 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -255,4 +255,5 @@ out: void __init integrity_load_keys(void) { ima_load_x509(); + evm_load_x509(); } |