Mimi Zohar 42a4c60319 ima: fix ima_inode_post_setattr ... Changing file metadata (eg. uid, guid) could result in having to re-appraise a file's integrity, but does not change the "new file" status nor the security.ima xattr. The IMA_PERMIT_DIRECTIO and IMA_DIGSIG_REQUIRED flags are policy rule specific. This patch only resets these flags, not the IMA_NEW_FILE or IMA_DIGSIG flags. With this patch, changing the file timestamp will not remove the file signature on new files. Reported-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Tested-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>		2016-05-01 09:23:52 -04:00
..
apparmor	apparmor: clarify CRYPTO dependency	2015-10-22 11:11:28 +11:00
integrity	ima: fix ima_inode_post_setattr	2016-05-01 09:23:52 -04:00
keys	Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security	2016-03-17 11:33:45 -07:00
loadpin	LSM: LoadPin for kernel file loading restrictions	2016-04-21 10:47:27 +10:00
selinux	TTY/Serial patches for 4.6-rc1	2016-03-17 13:53:25 -07:00
smack	smack: fix cache of access labels	2016-02-16 09:56:35 -08:00
tomoyo	mm/gup: Introduce get_user_pages_remote()	2016-02-16 10:04:09 +01:00
yama	Yama: consolidate error reporting	2016-04-21 10:47:26 +10:00
commoncap.c	ptrace: use fsuid, fsgid, effective creds for fs access checks	2016-01-20 17:09:18 -08:00
device_cgroup.c	security/device_cgroup: Fix RCU_LOCKDEP_WARN() condition	2015-09-03 18:13:10 -07:00
inode.c	wrappers for ->i_mutex access	2016-01-22 18:04:28 -05:00
Kconfig	LSM: LoadPin for kernel file loading restrictions	2016-04-21 10:47:27 +10:00
lsm_audit.c	Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into next	2015-08-15 13:29:57 +10:00
Makefile	LSM: LoadPin for kernel file loading restrictions	2016-04-21 10:47:27 +10:00
min_addr.c	mmap_min_addr check CAP_SYS_RAWIO only for write	2010-04-23 08:56:31 +10:00
security.c	LSM: LoadPin for kernel file loading restrictions	2016-04-21 10:47:27 +10:00