On Fri, Jul 25, 2014 at 11:50 AM, Kees Cook <keesc...@chromium.org> wrote: > Hi James, > > Please pull these fw-restrict changes for 3.17. Thanks!
James, did this ever get pulled? Does it need more review? Thanks! -Kees > > -Kees > > The following changes since commit 7d8b6c63751cfbbe5eef81a48c22978b3407a3ad: > > CAPABILITIES: remove undefined caps from all processes (2014-07-24 21:53:47 > +1000) > > are available in the git repository at: > > git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git > tags/fw-restrict-3.17 > > for you to fetch changes up to 5a9196d715607f76d6b7d96a0970d6065335e62b: > > ima: add support for measuring and appraising firmware (2014-07-25 11:47:46 > -0700) > > ---------------------------------------------------------------- > Firmware validation hooks > > ---------------------------------------------------------------- > Kees Cook (2): > security: introduce kernel_fw_from_file hook > firmware_class: perform new LSM checks > > Mimi Zohar (1): > ima: add support for measuring and appraising firmware > > Documentation/ABI/testing/ima_policy | 4 +++- > drivers/base/firmware_class.c | 30 ++++++++++++++++++++++++++---- > include/linux/ima.h | 6 ++++++ > include/linux/security.h | 17 +++++++++++++++++ > security/capability.c | 6 ++++++ > security/integrity/ima/ima.h | 3 ++- > security/integrity/ima/ima_appraise.c | 8 ++++++++ > security/integrity/ima/ima_main.c | 11 +++++++++++ > security/integrity/ima/ima_policy.c | 7 +++++++ > security/integrity/integrity.h | 9 +++++++-- > security/security.c | 11 +++++++++++ > 11 files changed, 104 insertions(+), 8 deletions(-) > > -- > Kees Cook > Chrome OS Security -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
