Merge branch 'fixes-v4.16-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem fixes from James Morris:
- keys fixes via David Howells:
"A collection of fixes for Linux keyrings, mostly thanks to Eric
Biggers:
- Fix some PKCS#7 verification issues.
- Fix handling of unsupported crypto in X.509.
- Fix too-large allocation in big_key"
- Seccomp updates via Kees Cook:
"These are fixes for the get_metadata interface that landed during
-rc1. While the new selftest is strictly not a bug fix, I think
it's in the same spirit of avoiding bugs"
- an IMA build fix from Randy Dunlap
* 'fixes-v4.16-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
integrity/security: fix digsig.c build error with header file
KEYS: Use individual pages in big_key for crypto buffers
X.509: fix NULL dereference when restricting key with unsupported_sig
X.509: fix BUG_ON() when hash algorithm is unsupported
PKCS#7: fix direct verification of SignerInfo signature
PKCS#7: fix certificate blacklisting
PKCS#7: fix certificate chain verification
seccomp: add a selftest for get_metadata
ptrace, seccomp: tweak get_metadata behavior slightly
seccomp, ptrace: switch get_metadata types to arch independent
This commit is contained in:
@@ -69,8 +69,8 @@ struct ptrace_peeksiginfo_args {
|
||||
#define PTRACE_SECCOMP_GET_METADATA 0x420d
|
||||
|
||||
struct seccomp_metadata {
|
||||
unsigned long filter_off; /* Input: which filter */
|
||||
unsigned int flags; /* Output: filter's flags */
|
||||
__u64 filter_off; /* Input: which filter */
|
||||
__u64 flags; /* Output: filter's flags */
|
||||
};
|
||||
|
||||
/* Read signals from a shared (process wide) queue */
|
||||
|
||||
Reference in New Issue
Block a user