On Thu, 2023-01-05 at 12:47 +0100, Greg KH wrote:
On Thu, Jan 05, 2023 at 02:23:09PM +0800, GUO Zihua wrote:
Backports the following three patches to fix the issue of IMA mishandling LSM based rule during LSM policy update, causing a file to match an unexpected rule.
v6: Removed the redundent i in ima_free_rule().
Given the huge numbers of revisions in this series, I suggest working together with the relevant subsystem maintainers to get a final, working, agreed-apon version before submitting it again.
There was one minor change to v6, which is addressed in v7. Paul has reviewed the LSM/SELinux pieces. I'd appreciate v7 of this patch set be applied to stable 4.19.
FYI, commit c7423dbdbc9e ("ima: Handle -ESTALE returned by ima_filter_rule_match()") has already been backported to other stable branches.