# git rev-parse -q --verify 18b44bc5a67275641fb26f2c54ba7eef80ac5950^{commit} 18b44bc5a67275641fb26f2c54ba7eef80ac5950 already have revision, skipping fetch # git checkout -q -f -B kisskb 18b44bc5a67275641fb26f2c54ba7eef80ac5950 # git clean -qxdf # < git log -1 # commit 18b44bc5a67275641fb26f2c54ba7eef80ac5950 # Author: Eric Snowberg # Date: Tue Jul 25 17:56:46 2023 -0400 # # ovl: Always reevaluate the file signature for IMA # # Commit db1d1e8b9867 ("IMA: use vfs_getattr_nosec to get the i_version") # partially closed an IMA integrity issue when directly modifying a file # on the lower filesystem. If the overlay file is first opened by a user # and later the lower backing file is modified by root, but the extended # attribute is NOT updated, the signature validation succeeds with the old # original signature. # # Update the super_block s_iflags to SB_I_IMA_UNVERIFIABLE_SIGNATURE to # force signature reevaluation on every file access until a fine grained # solution can be found. # # Signed-off-by: Eric Snowberg # Signed-off-by: Mimi Zohar # Signed-off-by: Linus Torvalds # < /opt/cross/kisskb/korg/gcc-13.1.0-nolibc/xtensa-linux/bin/xtensa-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-13.1.0-nolibc/xtensa-linux/bin/xtensa-linux-ld --version # < git log --format=%s --max-count=1 18b44bc5a67275641fb26f2c54ba7eef80ac5950 # make -s -j 32 ARCH=xtensa O=/kisskb/build/linus_defconfig_xtensa-gcc13 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-13.1.0-nolibc/xtensa-linux/bin/xtensa-linux- defconfig # < make -s -j 32 ARCH=xtensa O=/kisskb/build/linus_defconfig_xtensa-gcc13 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-13.1.0-nolibc/xtensa-linux/bin/xtensa-linux- help # make -s -j 32 ARCH=xtensa O=/kisskb/build/linus_defconfig_xtensa-gcc13 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-13.1.0-nolibc/xtensa-linux/bin/xtensa-linux- olddefconfig # make -s -j 32 ARCH=xtensa O=/kisskb/build/linus_defconfig_xtensa-gcc13 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-13.1.0-nolibc/xtensa-linux/bin/xtensa-linux- Completed OK # rm -rf /kisskb/build/linus_defconfig_xtensa-gcc13 # Build took: 0:00:39.242603