# git rev-parse -q --verify f8cf2f16a7c95acce497bfafa90e7c6d8397d653^{commit} f8cf2f16a7c95acce497bfafa90e7c6d8397d653 already have revision, skipping fetch # git checkout -q -f -B kisskb f8cf2f16a7c95acce497bfafa90e7c6d8397d653 # git clean -qxdf # < git log -1 # commit f8cf2f16a7c95acce497bfafa90e7c6d8397d653 # Merge: 4b3f1a1 ab60368 # Author: Linus Torvalds # Date: Sat Apr 7 16:53:59 2018 -0700 # # Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security # # Pull integrity updates from James Morris: # "A mixture of bug fixes, code cleanup, and continues to close # IMA-measurement, IMA-appraisal, and IMA-audit gaps. # # Also note the addition of a new cred_getsecid LSM hook by Matthew # Garrett: # # For IMA purposes, we want to be able to obtain the prepared secid # in the bprm structure before the credentials are committed. Add a # cred_getsecid hook that makes this possible. # # which is used by a new CREDS_CHECK target in IMA: # # In ima_bprm_check(), check with both the existing process # credentials and the credentials that will be committed when the new # process is started. This will not change behaviour unless the # system policy is extended to include CREDS_CHECK targets - # BPRM_CHECK will continue to check the same credentials that it did # previously" # # * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: # ima: Fallback to the builtin hash algorithm # ima: Add smackfs to the default appraise/measure list # evm: check for remount ro in progress before writing # ima: Improvements in ima_appraise_measurement() # ima: Simplify ima_eventsig_init() # integrity: Remove unused macro IMA_ACTION_RULE_FLAGS # ima: drop vla in ima_audit_measurement() # ima: Fix Kconfig to select TPM 2.0 CRB interface # evm: Constify *integrity_status_msg[] # evm: Move evm_hmac and evm_hash from evm_main.c to evm_crypto.c # fuse: define the filesystem as untrusted # ima: fail signature verification based on policy # ima: clear IMA_HASH # ima: re-evaluate files on privileged mounted filesystems # ima: fail file signature verification on non-init mounted filesystems # IMA: Support using new creds in appraisal policy # security: Add a cred_getsecid hook # < /opt/cross/kisskb/gcc-4.6.3-nolibc/arm-unknown-linux-gnueabi/bin/arm-unknown-linux-gnueabi-gcc --version # < git log --format=%s --max-count=1 f8cf2f16a7c95acce497bfafa90e7c6d8397d653 # < make -s -j 40 ARCH=arm O=/kisskb/build/linus_cm_x300_defconfig_arm CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/arm-unknown-linux-gnueabi/bin/arm-unknown-linux-gnueabi- cm_x300_defconfig # make -s -j 40 ARCH=arm O=/kisskb/build/linus_cm_x300_defconfig_arm CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/arm-unknown-linux-gnueabi/bin/arm-unknown-linux-gnueabi- /kisskb/src/kernel/printk/printk.c: In function 'devkmsg_sysctl_set_loglvl': /kisskb/src/kernel/printk/printk.c:182:16: warning: 'old' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/base/regmap/regmap.c: In function 'regmap_raw_read': /kisskb/src/drivers/base/regmap/regmap.c:2497:6: warning: 'ret' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/base/regmap/regmap.c: In function '_regmap_raw_write': /kisskb/src/drivers/base/regmap/regmap.c:1819:6: warning: 'ret' may be used uninitialized in this function [-Wuninitialized] Completed OK # rm -rf /kisskb/build/linus_cm_x300_defconfig_arm # Build took: 0:00:28.014367