kernel_optimize_test/security/integrity
Sasha Levin 0112721df4 IMA: policy can be updated zero times
Commit "IMA: policy can now be updated multiple times" assumed that the
policy would be updated at least once.

If there are zero updates, the temporary list head object will get added
to the policy list, and later dereferenced as an IMA policy object, which
means that invalid memory will be accessed.

Changelog:
- Move list_empty() test to ima_release_policy(), before audit msg - Mimi

Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-12-24 18:56:45 -05:00
..
evm evm: EVM_LOAD_X509 depends on EVM 2015-12-15 09:57:21 -05:00
ima IMA: policy can be updated zero times 2015-12-24 18:56:45 -05:00
digsig_asymmetric.c IMA: create machine owner and blacklist keyrings 2015-12-15 10:01:43 -05:00
digsig.c integrity: define '.evm' as a builtin 'trusted' keyring 2015-11-23 14:30:02 -05:00
iint.c evm: load an x509 certificate from the kernel 2015-12-15 08:31:19 -05:00
integrity_audit.c Merge git://git.infradead.org/users/eparis/audit 2014-04-12 12:38:53 -07:00
integrity.h evm: load an x509 certificate from the kernel 2015-12-15 08:31:19 -05:00
Kconfig integrity: define '.evm' as a builtin 'trusted' keyring 2015-11-23 14:30:02 -05:00
Makefile integrity: make integrity files as 'integrity' module 2014-09-09 10:28:58 -04:00