diff options
author | Amit Pundir <amit.pundir@linaro.org> | 2018-06-11 16:48:21 +0530 |
---|---|---|
committer | Amit Pundir <amit.pundir@linaro.org> | 2018-06-11 16:48:21 +0530 |
commit | 3d5962249d52f8f5454cf9fab288a507cc3d3d07 (patch) | |
tree | 2f0d3c5afee4cc2478c7da3540adebadbb102ef9 /security | |
parent | 6dd708f898dfef66f735e52484c7690d356db4dd (diff) | |
parent | a794bca783fd36c5d3da00fc99a54deac92d4702 (diff) |
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
* linux-linaro-lsk-v4.4: (361 commits)
Linux 4.4.135
Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU"
Linux 4.4.134
s390/ftrace: use expoline for indirect branches
kdb: make "mdr" command repeat
Bluetooth: btusb: Add device ID for RTL8822BE
ASoC: samsung: i2s: Ensure the RCLK rate is properly determined
regulator: of: Add a missing 'of_node_put()' in an error handling path of 'of_regulator_match()'
scsi: lpfc: Fix frequency of Release WQE CQEs
scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing
scsi: lpfc: Fix issue_lip if link is disabled
netlabel: If PF_INET6, check sk_buff ip header version
selftests/net: fixes psock_fanout eBPF test case
perf report: Fix memory corruption in --branch-history mode --branch-history
perf tests: Use arch__compare_symbol_names to compare symbols
x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified
drm/rockchip: Respect page offset for PRIME mmap calls
MIPS: Octeon: Fix logging messages with spurious periods after newlines
audit: return on memory error to avoid null pointer dereference
crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss
...
Conflicts:
arch/arm64/include/asm/assembler.h
Rebase LTS commit 348f043ab6c6
("arm64: Add work around for Arm Cortex-A55 Erratum 1024718").
fs/f2fs/namei.c
Rebase LTS commit 03bb7588942a
("do d_instantiate/unlock_new_inode combinations safely")
fs/proc/base.c
Trivial typo.
kernel/auditsc.c
Rebase LTS commit 9bb698bedebf
("audit: move calcs after alloc and check when logging set loginuid").
kernel/time/timekeeping.c
Rebase changes from AOSP commit 28850c79d071
("BACKPORT: time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting"), and
1d35c0438678 ("BACKPORT: time: Clean up CLOCK_MONOTONIC_RAW time handling").
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/integrity/ima/Kconfig | 1 | ||||
-rw-r--r-- | security/integrity/ima/ima_crypto.c | 2 | ||||
-rw-r--r-- | security/integrity/ima/ima_main.c | 13 |
3 files changed, 16 insertions, 0 deletions
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig index df303346029b..648a0461f8ed 100644 --- a/security/integrity/ima/Kconfig +++ b/security/integrity/ima/Kconfig @@ -10,6 +10,7 @@ config IMA select CRYPTO_HASH_INFO select TCG_TPM if HAS_IOMEM && !UML select TCG_TIS if TCG_TPM && X86 + select TCG_CRB if TCG_TPM && ACPI select TCG_IBMVTPM if TCG_TPM && PPC_PSERIES help The Trusted Computing Group(TCG) runtime Integrity diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index 6eb62936c672..a29209fa5674 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c @@ -78,6 +78,8 @@ int __init ima_init_crypto(void) hash_algo_name[ima_hash_algo], rc); return rc; } + pr_info("Allocated hash algorithm: %s\n", + hash_algo_name[ima_hash_algo]); return 0; } diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 98289ba2a2e6..236dce30e517 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -16,6 +16,9 @@ * implements the IMA hooks: ima_bprm_check, ima_file_mmap, * and ima_file_check. */ + +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + #include <linux/module.h> #include <linux/file.h> #include <linux/binfmts.h> @@ -353,6 +356,16 @@ static int __init init_ima(void) hash_setup(CONFIG_IMA_DEFAULT_HASH); error = ima_init(); + + if (error && strcmp(hash_algo_name[ima_hash_algo], + CONFIG_IMA_DEFAULT_HASH) != 0) { + pr_info("Allocating %s failed, going to use default hash algorithm %s\n", + hash_algo_name[ima_hash_algo], CONFIG_IMA_DEFAULT_HASH); + hash_setup_done = 0; + hash_setup(CONFIG_IMA_DEFAULT_HASH); + error = ima_init(); + } + if (!error) { ima_initialized = 1; ima_update_policy_flag(); |