OpenCloudOS-Kernel/security
Mimi Zohar b36f281f4a ima: initialize the "template" field with the default template
IMA policy rules are walked sequentially.  Depending on the ordering of
the policy rules, the "template" field might be defined in one rule, but
will be replaced by subsequent, applicable rules, even if the rule does
not explicitly define the "template" field.

This patch initializes the "template" once and only replaces the
"template", when explicitly defined.

Fixes: 19453ce0bc ("IMA: support for per policy rule template formats")
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2019-08-01 08:25:36 -04:00
..
apparmor Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
integrity ima: initialize the "template" field with the default template 2019-08-01 08:25:36 -04:00
keys proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
loadpin proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
safesetid LSM: SafeSetID: fix use of literal -1 in capable hook 2019-07-15 08:08:03 -07:00
selinux selinux/stable-5.3 PR 20190726 2019-07-26 19:13:38 -07:00
smack Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
tomoyo treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
yama proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
Kconfig docs: x86: move two x86-specific files to x86 arch dir 2019-07-15 11:03:01 -03:00
Kconfig.hardening meminit fix 2019-07-28 12:33:15 -07:00
Makefile LSM: add SafeSetID module that gates setid calls 2019-01-25 11:22:45 -08:00
commoncap.c Merge branch 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-07-09 12:24:21 -07:00
device_cgroup.c docs: cgroup-v1: add it to the admin-guide book 2019-07-15 11:03:02 -03:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
lsm_audit.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity 2019-07-08 20:28:59 -07:00