[SRU][Xenial][PATCH 0/1] Revert "ima: limit file hash setting by user to fix and log modes"
Joseph Salisbury
joseph.salisbury at canonical.com
Wed May 23 18:00:28 UTC 2018
BugLink: http://bugs.launchpad.net/bugs/1771826
== SRU Justification ==
On a system that has IMA appraisal enabled it is impossible to create
security.ima extended attribute files that contain IMA hash. This is
due to mainline commit c68ed80c97d, which prevents writing file hashes as
security.ima xattrs.
This bug is fixed by reverting commit c68ed80c97d, which is done by
mainline commit f5acb3dcba1f as of v4.10-rc1.
== Fix ==
f5acb3dcba1f ("Revert "ima: limit file hash setting by user to fix and log modes"")
== Regression Potential ==
Low. This revert happend in v4.10-rc1. It has been in Artful and
Bionic for a while without any reported issues.
== Test Case ==
A test kernel was built with this patch and tested by the original bug reporter.
The bug reporter states the test kernel resolved the bug.
Mimi Zohar (1):
Revert "ima: limit file hash setting by user to fix and log modes"
security/integrity/ima/ima_appraise.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
--
2.7.4
More information about the kernel-team
mailing list