[PATCH 4.19 v3 0/6] Backport handling -ESTALE policy update failure to 4.19

Paul Moore paul at paul-moore.com
Tue Feb 28 16:25:03 UTC 2023


On Tue, Feb 28, 2023 at 3:09 AM GUO Zihua <guozihua at huawei.com> wrote:
>
> This series backports patches in order to resolve the issue discussed here:
> https://lore.kernel.org/selinux/389334fe-6e12-96b2-6ce9-9f0e8fcb85bf@huawei.com/
>
> This required backporting the non-blocking LSM policy update mechanism
> prerequisite patches. As well as bugfixes that follows:
>
> c66f67414c1f ("IB/core: Don't register each MAD agent for LSM notifier")
> 42df744c4166 ("LSM: switch to blocking policy update notifiers")
> b16942455193 ("ima: use the lsm policy update notifier")
> 483ec26eed42 ("ima: ima/lsm policy rule loading logic bug fixes")
> e144d6b26541 ("ima: Evaluate error in init_ima()")
> c7423dbdbc9e ("ima: Handle -ESTALE returned by ima_filter_rule_match()")
>
> c66f67414c1f ("IB/core: Don't register each MAD agent for LSM notifier")
> is merged as the prerequisite of 42df744c4166 ("LSM: switch to blocking
> policy update notifiers"). e144d6b26541 ("ima: Evaluate error in
> init_ima()"), 483ec26eed42 ("ima: ima/lsm policy rule loading logic bug
> fixes") and 9ff8a616dfab ("ima: Have the LSM free its audit rule") are
> merged as a follow up bugfix for b16942455193 ("ima: use the lsm policy
> update notifier").
>
> I've tested the patches against said issue and can confirm that the
> issue is fixed.
>
> Link to the original maillist discussion:
> https://lore.kernel.org/all/389334fe-6e12-96b2-6ce9-9f0e8fcb85bf@huawei.com/
>
> Change log:
>   v2: Fixed build issue and backport bugfix commits for backported
> patches.

Is there a quick summary of the changes in v3 of this patchset?

-- 
paul-moore.com



More information about the Linux-security-module-archive mailing list