On Thu, 2023-01-05 at 12:47 +0100, Greg KH wrote:
> On Thu, Jan 05, 2023 at 02:23:09PM +0800, GUO Zihua wrote:
> > Backports the following three patches to fix the issue of IMA mishandling
> > LSM based rule during LSM policy update, causing a file to match an
> > unexpected rule.
> >
> > v6:
> > Removed the redundent i in ima_free_rule().
>
> Given the huge numbers of revisions in this series, I suggest working
> together with the relevant subsystem maintainers to get a final,
> working, agreed-apon version before submitting it again.
There was one minor change to v6, which is addressed in v7. Paul has
reviewed the LSM/SELinux pieces. I'd appreciate v7 of this patch set
be applied to stable 4.19.
FYI, commit c7423dbdbc9e ("ima: Handle -ESTALE returned by
ima_filter_rule_match()") has already been backported to other stable
branches.
--
thanks,
Mimi
