Received: by 2002:ac0:aa62:0:0:0:0:0 with SMTP id w31-v6csp1645352ima;
        Thu, 25 Oct 2018 02:33:11 -0700 (PDT)
X-Google-Smtp-Source: AJdET5fDyQF3XWqbAfdI/GF/x8wp11e0zI6FS8/4nZTHg6PrVIqdomh91R61IikBvfG3jgDPIb8b
X-Received: by 2002:a17:902:9a91:: with SMTP id w17-v6mr764377plp.274.1540459991878;
        Thu, 25 Oct 2018 02:33:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1540459991; cv=none;
        d=google.com; s=arc-20160816;
        b=Bo9ZRXywETKdwRJ2C+RdNc424eoL5qPd0Pwae9Mcl56gHx6Z3nKqX9OiL7Jbf9XcYc
         Cy+p1buZ7EW0qbM0WhZTTNPZ+G6XUGbOhe3a5GgyeOpgcxpqJiTZmWwHLjYoUxeByNN7
         za0T1g7fDZgvgiNvf6ZjtWjQ5klpzBEMaK/CfVBDOHyr55If95P/Z1dEAHlTo/rd/sdA
         Aoemr9RttqilJ+0SjNNR52E+jciqp1bgO7pRaIO+XBUWtFACIsolFtYM13oZvK/rS5xX
         Iou2iYJCIbaH7yyPrSE1fSPk7Cg/m4r8DgLj6KeoV0dALHjLformvy9zpuRfBBy9wwgE
         xO7w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:message-id
         :subject:cc:to:from:date;
        bh=XiWgUJn14YKa9Sor/Cd84fBm+rQSimXz0ITl2ANwg/s=;
        b=jc/zWoMvcmBxIfO0WgYfqYZ7fSnHutl8r2sUM738zlgRlQ9IaXkNW3XezxDIQ/APBR
         +H6Vp62mvFKbuX88Qif54iEABDaKElkJUCsnPmGNzbGfMvMU1/Z49zYraboprKh7PirC
         +vGg4NlBMWIhABVi97Ky765mI8Qr0+49ZNMUfCkaZajXKdh4OCY5KVlMD3yFzSNsQrDv
         ++tYljTNGVpP2DCcPMS7n7SB4kcZMSmUK9PHh7cujUE42k7juw9y8vdTQQBIWeN7ILqy
         NX/DZgTq6cjL7vYfnL2OcVUI6kj3nj0KUoZaceLz8KnoVSb6fYJGCM0+0ffmbhyO8uiz
         2C6A==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 1-v6si6836023plr.113.2018.10.25.02.32.56;
        Thu, 25 Oct 2018 02:33:11 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727106AbeJYSEP (ORCPT <rfc822;plaguedbypenguins@gmail.com>
        + 99 others); Thu, 25 Oct 2018 14:04:15 -0400
Received: from namei.org ([65.99.196.166]:49086 "EHLO namei.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726637AbeJYSEP (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 25 Oct 2018 14:04:15 -0400
Received: from localhost (localhost [127.0.0.1])
        by namei.org (8.14.4/8.14.4) with ESMTP id w9P9WJwA031132;
        Thu, 25 Oct 2018 09:32:19 GMT
Date:   Thu, 25 Oct 2018 20:32:19 +1100 (AEDT)
From:   James Morris <jmorris@namei.org>
To:     Linus Torvalds <torvalds@linux-foundation.org>
cc:     linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org
Subject: [GIT PULL] security: integrity subsystem updates for 4.20
Message-ID: <alpine.LRH.2.21.1810252029570.30470@namei.org>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Please pull.

From Mimi: "This pull request contains a couple of bug fixes, including 
one for a recent problem with calculating file hashes on overlayfs, and 
some code cleanup."

---

The following changes since commit e6123c524064a571616ec978b1317f1696eff0ae:

  security: fix LSM description location (2018-10-09 12:18:38 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-integrity

for you to fetch changes up to 34bccd61b139dbb452421aebf480e7af5f7a12ed:

  MAINTAINERS: add Jarkko as maintainer for trusted keys (2018-10-11 12:10:16 -0400)

----------------------------------------------------------------
Eric Biggers (4):
      vfs: require i_size <= SIZE_MAX in kernel_read_file()
      security/integrity: constify some read-only data
      security/integrity: remove unnecessary 'init_keyring' variable
      ima: fix showing large 'violations' or 'runtime_measurements_count'

Goldwyn Rodrigues (1):
      ima: open a new file instance if no read permissions

Mimi Zohar (1):
      MAINTAINERS: add Jarkko as maintainer for trusted keys

 MAINTAINERS                           |  1 +
 fs/exec.c                             |  8 +++---
 security/integrity/digsig.c           | 10 ++-----
 security/integrity/evm/evm_crypto.c   |  4 +--
 security/integrity/ima/ima.h          |  2 +-
 security/integrity/ima/ima_api.c      |  3 +-
 security/integrity/ima/ima_crypto.c   | 54 ++++++++++++++++++++++-------------
 security/integrity/ima/ima_fs.c       |  9 +++---
 security/integrity/ima/ima_init.c     |  2 +-
 security/integrity/ima/ima_main.c     |  2 +-
 security/integrity/ima/ima_template.c | 11 +++----
 11 files changed, 59 insertions(+), 47 deletions(-)