Krzysztof Struczynski e131e70e21 ima: Set again build_ima_appraise variable ... [ Upstream commit b59fda449c ] After adding the new add_rule() function in commit c52657d93b ("ima: refactor ima_init_policy()"), all appraisal flags are added to the temp_ima_appraise variable. Revert to the previous behavior instead of removing build_ima_appraise, to benefit from the protection offered by __ro_after_init. The mentioned commit introduced a bug, as it makes all the flags modifiable, while build_ima_appraise flags can be protected with __ro_after_init. Cc: stable@vger.kernel.org # 5.0.x Fixes: c52657d93b ("ima: refactor ima_init_policy()") Co-developed-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Krzysztof Struczynski <krzysztof.struczynski@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org>		2020-06-22 09:31:17 +02:00
..
evm	evm: Fix possible memory leak in evm_calc_hmac_or_hash()	2020-06-22 09:31:15 +02:00
ima	ima: Set again build_ima_appraise variable	2020-06-22 09:31:17 +02:00
platform_certs	efi: Only print errors about failing to get certs if EFI vars are found	2020-03-12 13:00:14 +01:00
Kconfig	integrity: Select CONFIG_KEYS instead of depending on it	2019-08-05 18:40:20 -04:00
Makefile	integrity: remove pointless subdir-$(CONFIG_...)	2019-10-05 15:29:49 +09:00
digsig.c	ima: Implement support for module-style appended signatures	2019-08-05 18:40:23 -04:00
digsig_asymmetric.c	Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"	2019-07-10 18:43:43 -07:00
iint.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441	2019-06-05 17:37:17 +02:00
integrity.h	ima: Implement support for module-style appended signatures	2019-08-05 18:40:23 -04:00
integrity_audit.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441	2019-06-05 17:37:17 +02:00