Patch "ima: Fix build warnings" has been added to the 5.15-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Sun, 9 Jul 2023 02:10:03 -0400

This is a note to let you know that I've just added the patch titled

    ima: Fix build warnings

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     ima-fix-build-warnings.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 42b55040b5bb49a5b44cbe88e613f53e1741adc2
Author: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
Date:   Tue Jun 6 09:41:13 2023 +0200

    ima: Fix build warnings
    
    [ Upstream commit 95526d13038c2bbddd567a4d8e39fac42484e182 ]
    
    Fix build warnings (function parameters description) for
    ima_collect_modsig(), ima_match_policy() and ima_parse_add_rule().
    
    Fixes: 15588227e086 ("ima: Collect modsig") # v5.4+
    Fixes: 2fe5d6def167 ("ima: integrity appraisal extension") # v5.14+
    Fixes: 4af4662fa4a9 ("integrity: IMA policy") # v3.2+
    Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
    Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/security/integrity/ima/ima_modsig.c b/security/integrity/ima/ima_modsig.c
index fb25723c65bc4..3e7bee30080f2 100644
--- a/security/integrity/ima/ima_modsig.c
+++ b/security/integrity/ima/ima_modsig.c
@@ -89,6 +89,9 @@ int ima_read_modsig(enum ima_hooks func, const void *buf, loff_t buf_len,
 
 /**
  * ima_collect_modsig - Calculate the file hash without the appended signature.
+ * @modsig: parsed module signature
+ * @buf: data to verify the signature on
+ * @size: data size
  *
  * Since the modsig is part of the file contents, the hash used in its signature
  * isn't the same one ordinarily calculated by IMA. Therefore PKCS7 code
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index ed43d30682ff8..7e41917e1f767 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -674,6 +674,7 @@ static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func)
  * @secid: LSM secid of the task to be validated
  * @func: IMA hook identifier
  * @mask: requested action (MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC)
+ * @flags: IMA actions to consider (e.g. IMA_MEASURE | IMA_APPRAISE)
  * @pcr: set the pcr to extend
  * @template_desc: the template that should be used for this rule
  * @func_data: func specific data, may be NULL
@@ -1709,7 +1710,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
 
 /**
  * ima_parse_add_rule - add a rule to ima_policy_rules
- * @rule - ima measurement policy rule
+ * @rule: ima measurement policy rule
  *
  * Avoid locking by allowing just one writer at a time in ima_write_policy()
  * Returns the length of the rule parsed, an error code on failure






