summaryrefslogtreecommitdiff
path: root/security/integrity
AgeCommit message (Collapse)Author
2026-06-08ima: Support staging and deleting N measurements recordsRoberto Sassu
Add support for sending a value N between 1 and ULONG_MAX to the IMA original measurement interface. This value represents the number of measurements that should be deleted from the current measurements list. In this case, measurements are staged in an internal non-user visible list, and immediately deleted. This staging method allows the remote attestation agents to easily separate the measurements that were verified (staged and deleted) from those that weren't due to the race between taking a TPM quote and reading the measurements list. In order to minimize the locking time of ima_extend_list_mutex, deleting N records is realized by doing a lockless walk in the current measurements list to determine the N-th entry to cut, to cut the current measurements list under the lock, and by deleting the excess records after releasing the lock. Flushing the hash table is not supported for N records, since it would require removing the N records one by one from the hash table under the ima_extend_list_mutex lock, which would increase the locking time. Link: https://github.com/linux-integrity/linux/issues/1 Co-developed-by: Steven Chen <chenste@linux.microsoft.com> Signed-off-by: Steven Chen <chenste@linux.microsoft.com> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-06-08ima: Add support for flushing the hash table when staging measurementsRoberto Sassu
During staging and delete, measurements are not completely deallocated. Their entry digest portion is kept and is still reachable with the hash table to detect duplicate records. If the number of records is significant, this reduces the memory saving benefit of staging. Some users might be interested in achieving the best memory saving (the measurements are completely deallocated) at the cost of having duplicate records across the staged measurement lists. Duplicate records are still avoided within the current measurement list. Introduce the new kernel option ima_flush_htable to decide whether or not the digests of staged measurement records are flushed from the hash table, when they are deleted, to achieve the maximum memory saving. When the option is enabled, replace the old hash table with a new one, by calling ima_alloc_replace_htable(), and completely delete the measurements records. Note: This code derives from the Alt-IMA Huawei project, whose license is GPL-2.0 OR MIT. Link: https://github.com/linux-integrity/linux/issues/1 Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-06-08ima: Add support for staging measurements with promptRoberto Sassu
Introduce the ability of staging the IMA measurement list and deleting them with a prompt. Staging means moving the current measurement list records to a separate location, and allowing users to read and delete it. This causes the current measurement list to be emptied (since records were moved) and new measurements to be added on the empty list. Staging can be done only once at a time. In the event of kexec(), staging is aborted and staged records will be carried over to the new kernel. Introduce ascii_runtime_measurements_<algo>_staged and binary_runtime_measurements_<algo>_staged interfaces to access and delete the measurements. Use 'echo A > <IMA _staged interface>' and 'echo D > <IMA _staged interface>' to respectively stage and delete the entire measurements list. Locking of these interfaces is also mediated with a call to _ima_measurements_open() and with ima_measurements_release(). Implement the staging functionality by introducing the new global measurements list ima_measurements_staged, and ima_queue_stage() and ima_queue_staged_delete_all() to respectively move measurements from the current measurements list to the staged one, and to move staged measurements to the ima_measurements_trim list for deletion. Introduce ima_queue_delete() to delete the measurements. Staging is forbidden after measurement is suspended, and between staging and deleting, so that walking the staged and current measurements list can be done locklessly in ima_dump_measurement_list(). Strict ordering of suspending and dumping is enforced by two reboot notifiers with different priority. Refusing to delete staged measurements also signals to user space that those measurements are already carried over to the secondary kernel, so that it does not save them twice. Finally, introduce the BINARY_STAGED and BINARY_FULL binary measurements list types, to maintain the counters and the binary size of staged measurements and the full measurements list (including records that were staged). BINARY still represents the current binary measurements list. Use the binary size for the BINARY + BINARY_STAGED types in ima_add_kexec_buffer(), since both measurements list types are copied to the secondary kernel during kexec. Use BINARY_FULL in ima_measure_kexec_event(), to generate a critical data record. It should be noted that the BINARY_FULL counter is not passed through kexec. Thus, the number of records included in the kexec critical data records refers to the records since the critical data records generated from the previous kexec event. Note: This code derives from the Alt-IMA Huawei project, whose license is GPL-2.0 OR MIT. Link: https://github.com/linux-integrity/linux/issues/1 Suggested-by: Gregory Lumen <gregorylumen@linux.microsoft.com> (staging revert) Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-06-08ima: Introduce ima_dump_measurement()Roberto Sassu
Introduce ima_dump_measurement() to simplify the code of ima_dump_measurement_list() and to avoid repeating the ima_dump_measurement() code block if iteration occurs on multiple lists. No functional change: only code moved to a separate function. Link: https://github.com/linux-integrity/linux/issues/1 Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-06-08ima: Use snprintf() in create_securityfs_measurement_listsRoberto Sassu
Use the more secure snprintf() function (accepting the buffer size) in create_securityfs_measurement_lists(). No functional change: sprintf() and snprintf() have the same behavior. Link: https://github.com/linux-integrity/linux/issues/1 Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-06-08ima: Mediate open/release method of the measurements listRoberto Sassu
Introduce the ima_measure_users counter, to implement a semaphore-like locking scheme where the binary and ASCII measurements list interfaces can be concurrently opened by multiple readers, or alternatively by a single writer. In addition, allow the same writer to open the other interfaces for write or read/write, so that it can see the same measurement state across all the interfaces. A semaphore cannot be used because the kernel cannot return to user space with a lock held. Introduce the ima_measure_lock() and ima_measure_unlock() primitives, to respectively lock/unlock the interfaces (safely with the ima_measure_users counter, without holding a lock). Finally, introduce _ima_measurements_open() to lock the interface before seq_open(), and call it from ima_measurements_open() and ima_ascii_measurements_open(). And, introduce ima_measurements_release(), to unlock the interface. Require CAP_SYS_ADMIN if the interface is opened for write (not possible for the current measurements interfaces, since they only have read permission). No functional changes: multiple readers are allowed as before. Link: https://github.com/linux-integrity/linux/issues/1 Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-06-08ima: Introduce _ima_measurements_start() and _ima_measurements_next()Roberto Sassu
Introduce _ima_measurements_start() and _ima_measurements_next(), renamed from ima_measurements_start() and ima_measurements_next(), to include the list head as an additional parameter, so that iteration on different lists can be implemented by calling those functions. No functional change: ima_measurements_start() and ima_measurements_next() pass the ima_measurements list head, used before. They become wrappers for the new functions. Link: https://github.com/linux-integrity/linux/issues/1 Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-06-08ima: Introduce per binary measurements list type binary_runtime_size valueRoberto Sassu
Make binary_runtime_size as an array, to have separate counters per binary measurements list type. Currently, define the BINARY type for the existing binary measurements list. Introduce ima_update_binary_runtime_size() to facilitate updating a binary_runtime_size value with a given binary measurement list type. Also add the binary measurements list type parameter to ima_get_binary_runtime_size(), to retrieve the desired value. Retrieving the value is now done under the ima_extend_list_mutex, since there can be concurrent updates. No functional change (except for the mutex usage, that fixes the concurrency issue): the BINARY array element is equivalent to the old binary_runtime_size. Link: https://github.com/linux-integrity/linux/issues/1 Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-06-08ima: Introduce per binary measurements list type ima_num_records counterRoberto Sassu
Make ima_num_records as an array, to have separate counters per binary measurements list type. Currently, define the BINARY type for the existing binary measurements list. No functional change: the BINARY type is equivalent to the value without the array. Link: https://github.com/linux-integrity/linux/issues/1 Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-06-08ima: Replace static htable queue with dynamically allocated arrayRoberto Sassu
The IMA hash table is a fixed-size array of hlist_head buckets: struct hlist_head ima_htable[IMA_MEASURE_HTABLE_SIZE]; IMA_MEASURE_HTABLE_SIZE is (1 << IMA_HASH_BITS) = 1024 buckets, each a struct hlist_head (one pointer, 8 bytes on 64-bit). That is 8 KiB allocated in BSS for every kernel, regardless of whether IMA is ever used, and regardless of how many measurements are actually made. Replace the fixed-size array with a RCU-protected pointer to a dynamically allocated array that is initialized in ima_init_htable(), which is called from ima_init() during early boot. ima_init_htable() calls the static function ima_alloc_replace_htable() which, other than initializing the hash table the first time, can also hot-swap the existing hash table with a blank one. The allocation in ima_alloc_replace_htable() uses kcalloc() so the buckets are zero-initialised (equivalent to HLIST_HEAD_INIT { .first = NULL }). Callers of ima_alloc_replace_htable() must call synchronize_rcu() and free the returned hash table. Finally, access the hash table with rcu_dereference() in ima_lookup_digest_entry() (reader side) and with rcu_dereference_protected() in ima_add_digest_entry() (writer side). No functional change: bucket count, hash function, and all locking remain identical. Link: https://github.com/linux-integrity/linux/issues/1 Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-06-08ima: Remove ima_h_table structureRoberto Sassu
The ima_h_table structure is a collection of IMA measurement list metadata - number of records in the IMA measurement list, number of integrity violations, and a hash table containing the IMA template data hash, needed to prevent measurement list record duplication. Removing records from the measurement list needs to be reflected in the hash table. As a pre-req to removing records from the measurement list, separate those counters from the hash table, remove the ima_h_table structure, and just replace the hash table pointer. Finally, rename ima_show_htable_value(), ima_show_htable_violations() and ima_htable_violations_ops respectively to ima_show_counter(), ima_show_num_violations() and ima_num_violations_ops. Link: https://github.com/linux-integrity/linux/issues/1 Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-05-13evm: terminate and bound the evm_xattrs read bufferPengpeng Hou
evm_read_xattrs() allocates size + 1 bytes, fills them from the list of enabled xattrs, and then passes strlen(temp) to simple_read_from_buffer(). When no configured xattrs are enabled, the fill loop stores nothing and temp[0] remains uninitialized, so strlen() reads beyond initialized memory. Explicitly terminate the buffer after allocation, use snprintf() for each formatted line, and pass the accumulated length, without risk of truncation, to simple_read_from_buffer(). Fixes: fa516b66a1bf ("EVM: Allow runtime modification of the set of verified xattrs") Signed-off-by: Pengpeng Hou <pengpeng@iscas.ac.cn> Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-05-13integrity: Add support for sigv3 verification using ML-DSA keysStefan Berger
Add support for sigv3 signature verification using ML-DSA in pure mode. When a sigv3 signature is verified, first check whether the key to use for verification is an ML-DSA key and therefore uses a hashless signature verification scheme. The hashless signature verification method uses the ima_file_id structure directly for signature verification rather than its digest. Suggested-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Kamlesh Kumar <kam@juniper.net> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-05-13integrity: Refactor asymmetric_verify for reusabilityStefan Berger
Refactor asymmetric_verify for reusability. Have it call asymmetric_verify_common with the signature verification key and the public_key structure as parameters. sigv3 support for ML-DSA will need to check the public key type first to decide how to do the signature verification and therefore will have these parameters available for calling asymmetric_verify_common. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Kamlesh Kumar <kam@juniper.net> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-05-13integrity: Check that algo parameter is within valid rangeStefan Berger
Check that the algo parameter passed to calc_file_id_hash is within valid range. Do this in asymmetric_verify_v3 since this value will also be passed to a hashless signature verification function from here. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Kamlesh Kumar <kam@juniper.net> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-05-13integrity: Check for NULL returned by asymmetric_key_public_keyStefan Berger
Check for a NULL pointer returned by asymmetric_key_public_key and return -ENOKEY in this case. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Kamlesh Kumar <kam@juniper.net> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-04-27ima: return error early if file xattr cannot be changedGoldwyn Rodrigues
During early boot, the filesystem is read-only and any changes to xattrs are not allowed. This fails in case of ext4 because changing xattr starts an ext4 transaction which fails with the following warning. WARNING: fs/ext4/ext4_jbd2.c:75 at ext4_journal_check_start+0x63/0xa0 [ext4], CPU#1: systemd-sysroot/561 CPU: 1 UID: 0 PID: 561 Comm: systemd-sysroot Not tainted 6.19.12-1-default #1 PREEMPT(voluntary) openSUSE Tumbleweed c2dfc3c9d9f6f1233251c5d4410574fe82a348ee Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022 RIP: 0010:ext4_journal_check_start+0x63/0xa0 [ext4] Call Trace: __ext4_journal_start_sb+0x3e/0x180 [ext4 6d025f3bc52c89a957b89a89d211fadf5e9434e1] ext4_xattr_set+0x104/0x150 [ext4 6d025f3bc52c89a957b89a89d211fadf5e9434e1] __vfs_setxattr+0x9a/0xd0 __vfs_setxattr_noperm+0x76/0x1f0 ima_appraise_measurement+0x23e/0xe40 ima_d_path+0x5a/0xd0 process_measurement+0xb29/0xc40 ? copy_from_kernel_nofault+0x21/0xe0 ? fscrypt_file_open+0xc0/0xe0 ? ext4_file_open+0x60/0x490 [ext4 6d025f3bc52c89a957b89a89d211fadf5e9434e1] ? bpf_prog_31efb7c56239148b_restrict_filesystems+0xab/0x126 ? __bpf_prog_exit+0x23/0xd0 ? __bpf_tramp_exit+0xd/0x50 ? bpf_trampoline_6442530367+0x9f/0xea ima_file_check+0x57/0x80 security_file_post_open+0x50/0xf0 path_openat+0x493/0x1650 do_filp_open+0xc7/0x170 Detect the state of the file early and return the error. Signed-off-by: Goldwyn Rodrigues <rgoldwyn@suse.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-04-27ima: Fix sigv3 signature handling for EVM_IMA_XATTR_DIGSIGKamlesh Kumar
ima_get_hash_algo() only recognizes version 2 signatures when the xattr type is EVM_IMA_XATTR_DIGSIG. Since sigv3 signatures also use EVM_IMA_XATTR_DIGSIG as the xattr type, version 3 must be accepted as well to correctly determine the hash algorithm. Additionally, ima_validate_rule() does not include IMA_SIGV3_REQUIRED in the allowed flags bitmask for MODULE_CHECK, KEXEC_KERNEL_CHECK, and KEXEC_INITRAMFS_CHECK hook functions. As a result, policy rules with "appraise_type=sigv3" are rejected for these functions. Add version 3 to the accepted versions in ima_get_hash_algo() for EVM_IMA_XATTR_DIGSIG, and add IMA_SIGV3_REQUIRED to the allowed flags for MODULE_CHECK, KEXEC_KERNEL_CHECK, and KEXEC_INITRAMFS_CHECK in ima_validate_rule(). Signed-off-by: Kamlesh Kumar <kam@juniper.net> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Fixes: de4c44a7f559 ("ima: add support to require IMA sigv3 signatures") Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-04-17Merge tag 'integrity-v7.1' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity Pull integrity updates from Mimi Zohar: "There are two main changes, one feature removal, some code cleanup, and a number of bug fixes. Main changes: - Detecting secure boot mode was limited to IMA. Make detecting secure boot mode accessible to EVM and other LSMs - IMA sigv3 support was limited to fsverity. Add IMA sigv3 support for IMA regular file hashes and EVM portable signatures Remove: - Remove IMA support for asychronous hash calculation originally added for hardware acceleration Cleanup: - Remove unnecessary Kconfig CONFIG_MODULE_SIG and CONFIG_KEXEC_SIG tests - Add descriptions of the IMA atomic flags Bug fixes: - Like IMA, properly limit EVM "fix" mode - Define and call evm_fix_hmac() to update security.evm - Fallback to using i_version to detect file change for filesystems that do not support STATX_CHANGE_COOKIE - Address missing kernel support for configured (new) TPM hash algorithms - Add missing crypto_shash_final() return value" * tag 'integrity-v7.1' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: evm: Enforce signatures version 3 with new EVM policy 'bit 3' integrity: Allow sigv3 verification on EVM_XATTR_PORTABLE_DIGSIG ima: add support to require IMA sigv3 signatures ima: add regular file data hash signature version 3 support ima: Define asymmetric_verify_v3() to verify IMA sigv3 signatures ima: remove buggy support for asynchronous hashes integrity: Eliminate weak definition of arch_get_secureboot() ima: Add code comments to explain IMA iint cache atomic_flags ima_fs: Correctly create securityfs files for unsupported hash algos ima: check return value of crypto_shash_final() in boot aggregate ima: Define and use a digest_size field in the ima_algo_desc structure powerpc/ima: Drop unnecessary check for CONFIG_MODULE_SIG ima: efi: Drop unnecessary check for CONFIG_MODULE_SIG/CONFIG_KEXEC_SIG ima: fallback to using i_version to detect file change evm: fix security.evm for a file with IMA signature s390: Drop unnecessary CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT evm: Don't enable fix mode when secure boot is enabled integrity: Make arch_ima_get_secureboot integrity-wide
2026-04-14Merge tag 'modules-7.1-rc1' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/modules/linux Pull module updates from Sami Tolvanen: "Kernel symbol flags: - Replace the separate *_gpl symbol sections (__ksymtab_gpl and __kcrctab_gpl) with a unified symbol table and a new __kflagstab section. This section stores symbol flags, such as the GPL-only flag, as an 8-bit bitset for each exported symbol. This is a cleanup that simplifies symbol lookup in the module loader by avoiding table fragmentation and will allow a cleaner way to add more flags later if needed. Module signature UAPI: - Move struct module_signature to the UAPI headers to allow reuse by tools outside the kernel proper, such as kmod and scripts/sign-file. This also renames a few constants for clarity and drops unused signature types as preparation for hash-based module integrity checking work that's in progress. Sysfs: - Add a /sys/module/<module>/import_ns sysfs attribute to show the symbol namespaces imported by loaded modules. This makes it easier to verify driver API access at runtime on systems that care about such things (e.g. Android). Cleanups and fixes: - Force sh_addr to 0 for all sections in module.lds. This prevents non-zero section addresses when linking modules with 'ld.bfd -r', which confused elfutils. - Fix a memory leak of charp module parameters on module unload when the kernel is configured with CONFIG_SYSFS=n. - Override the -EEXIST error code returned by module_init() to userspace. This prevents confusion with the errno reserved by the module loader to indicate that a module is already loaded. - Simplify the warning message and drop the stack dump on positive returns from module_init(). - Drop unnecessary extern keywords from function declarations and synchronize parse_args() arguments with their implementation" * tag 'modules-7.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/modules/linux: (23 commits) module: Simplify warning on positive returns from module_init() module: Override -EEXIST module return documentation: remove references to *_gpl sections module: remove *_gpl sections from vmlinux and modules module: deprecate usage of *_gpl sections in module loader module: use kflagstab instead of *_gpl sections module: populate kflagstab in modpost module: add kflagstab section to vmlinux and modules module: define ksym_flags enumeration to represent kernel symbol flags selftests/bpf: verify_pkcs7_sig: Use 'struct module_signature' from the UAPI headers sign-file: use 'struct module_signature' from the UAPI headers tools uapi headers: add linux/module_signature.h module: Move 'struct module_signature' to UAPI module: Give MODULE_SIG_STRING a more descriptive name module: Give 'enum pkey_id_type' a more specific name module: Drop unused signature types extract-cert: drop unused definition of PKEY_ID_PKCS7 docs: symbol-namespaces: mention sysfs attribute module: expose imported namespaces via sysfs module: Remove extern keyword from param prototypes ...
2026-04-13Merge tag 'libcrypto-for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux Pull crypto library updates from Eric Biggers: - Migrate more hash algorithms from the traditional crypto subsystem to lib/crypto/ Like the algorithms migrated earlier (e.g. SHA-*), this simplifies the implementations, improves performance, enables further simplifications in calling code, and solves various other issues: - AES CBC-based MACs (AES-CMAC, AES-XCBC-MAC, and AES-CBC-MAC) - Support these algorithms in lib/crypto/ using the AES library and the existing arm64 assembly code - Reimplement the traditional crypto API's "cmac(aes)", "xcbc(aes)", and "cbcmac(aes)" on top of the library - Convert mac80211 to use the AES-CMAC library. Note: several other subsystems can use it too and will be converted later - Drop the broken, nonstandard, and likely unused support for "xcbc(aes)" with key lengths other than 128 bits - Enable optimizations by default - GHASH - Migrate the standalone GHASH code into lib/crypto/ - Integrate the GHASH code more closely with the very similar POLYVAL code, and improve the generic GHASH implementation to resist cache-timing attacks and use much less memory - Reimplement the AES-GCM library and the "gcm" crypto_aead template on top of the GHASH library. Remove "ghash" from the crypto_shash API, as it's no longer needed - Enable optimizations by default - SM3 - Migrate the kernel's existing SM3 code into lib/crypto/, and reimplement the traditional crypto API's "sm3" on top of it - I don't recommend using SM3, but this cleanup is worthwhile to organize the code the same way as other algorithms - Testing improvements: - Add a KUnit test suite for each of the new library APIs - Migrate the existing ChaCha20Poly1305 test to KUnit - Make the KUnit all_tests.config enable all crypto library tests - Move the test kconfig options to the Runtime Testing menu - Other updates to arch-optimized crypto code: - Optimize SHA-256 for Zhaoxin CPUs using the Padlock Hash Engine - Remove some MD5 implementations that are no longer worth keeping - Drop big endian and voluntary preemption support from the arm64 code, as those configurations are no longer supported on arm64 - Make jitterentropy and samples/tsm-mr use the crypto library APIs * tag 'libcrypto-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux: (66 commits) lib/crypto: arm64: Assume a little-endian kernel arm64: fpsimd: Remove obsolete cond_yield macro lib/crypto: arm64/sha3: Remove obsolete chunking logic lib/crypto: arm64/sha512: Remove obsolete chunking logic lib/crypto: arm64/sha256: Remove obsolete chunking logic lib/crypto: arm64/sha1: Remove obsolete chunking logic lib/crypto: arm64/poly1305: Remove obsolete chunking logic lib/crypto: arm64/gf128hash: Remove obsolete chunking logic lib/crypto: arm64/chacha: Remove obsolete chunking logic lib/crypto: arm64/aes: Remove obsolete chunking logic lib/crypto: Include <crypto/utils.h> instead of <crypto/algapi.h> lib/crypto: aesgcm: Don't disable IRQs during AES block encryption lib/crypto: aescfb: Don't disable IRQs during AES block encryption lib/crypto: tests: Migrate ChaCha20Poly1305 self-test to KUnit lib/crypto: sparc: Drop optimized MD5 code lib/crypto: mips: Drop optimized MD5 code lib: Move crypto library tests to Runtime Testing menu crypto: sm3 - Remove 'struct sm3_state' crypto: sm3 - Remove the original "sm3_block_generic()" crypto: sm3 - Remove sm3_base.h ...
2026-04-01evm: Enforce signatures version 3 with new EVM policy 'bit 3'Stefan Berger
Enable the configuration of EVM so that it requires that asymmetric signatures it accepts are of version 3 (sigv3). To enable this, introduce bit 3 (value 0x0008) that the user may write to EVM's securityfs policy configuration file 'evm' for sigv3 enforcement. Mention bit 3 in the documentation. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-04-01integrity: Allow sigv3 verification on EVM_XATTR_PORTABLE_DIGSIGStefan Berger
Allow sigv3 verification on EVM_XATTR_PORTABLE_DIGSIG on RSA, ECDSA, ECRDSA, and SM2 signatures. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-04-01ima: add support to require IMA sigv3 signaturesMimi Zohar
Defining a policy rule with the "appraise_type=imasig" option allows either v2 or v3 signatures. Defining an IMA appraise rule with the "appraise_type=sigv3" option requires a file sigv3 signature. Define a new appraise type: IMA_SIGV3_REQUIRED Example: appraise func=BPRM_CHECK appraise_type=sigv3 Tested-by: Stefan Berger <stefanb@linux.ibm.com> Acked-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-04-01ima: add regular file data hash signature version 3 supportMimi Zohar
Instead of directly verifying the signature of a file data hash, signature v3 verifies the signature of the ima_file_id structure containing the file data hash. To disambiguate the signature usage, the ima_file_id structure also includes the hash algorithm and the type of data (e.g. regular file hash or fs-verity root hash). Tested-by: Stefan Berger <stefanb@linux.ibm.com> Acked-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-04-01ima: Define asymmetric_verify_v3() to verify IMA sigv3 signaturesMimi Zohar
Define asymmetric_verify_v3() to calculate the hash of the struct ima_file_id, before calling asymmetric_verify() to verify the signature. Move and update the existing calc_file_id_hash() function with a simpler, self contained version. In addition to the existing hash data and hash data length arguments, also pass the hash algorithm. Suggested-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Acked-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-03-24module: Give MODULE_SIG_STRING a more descriptive nameThomas Weißschuh
The purpose of the constant it is not entirely clear from its name. As this constant is going to be exposed in a UAPI header, give it a more specific name for clarity. As all its users call it 'marker', use that wording in the constant itself. Signed-off-by: Thomas Weißschuh <thomas.weissschuh@linutronix.de> Reviewed-by: Petr Pavlu <petr.pavlu@suse.com> Reviewed-by: Nicolas Schier <nsc@kernel.org> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
2026-03-23crypto: sm3 - Rename CRYPTO_SM3_GENERIC to CRYPTO_SM3Eric Biggers
The kconfig options for generic crypto API modules have traditionally *not* had a "_GENERIC" suffix. Also, the "_GENERIC" suffix will make even less sense once the architecture-optimized SM3 code is moved into lib/crypto/ and the "sm3" crypto_shash is reimplemented on top of that. Thus, rename CRYPTO_SM3_GENERIC to CRYPTO_SM3. Acked-by: Ard Biesheuvel <ardb@kernel.org> Link: https://lore.kernel.org/r/20260321040935.410034-4-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@kernel.org>
2026-03-17ima: remove buggy support for asynchronous hashesEric Biggers
IMA computes hashes using the crypto_shash or crypto_ahash API. The latter is used only when ima.ahash_minsize is set on the command line, and its purpose is ostensibly to make the hash computation faster. However, going off the CPU to a crypto engine and back again is actually quite slow, especially compared with the acceleration that is built into modern CPUs and the kernel now enables by default for most algorithms. Typical performance results for SHA-256 on a modern platform can be found at https://lore.kernel.org/linux-crypto/20250615184638.GA1480@sol/ Partly for this reason, several other kernel subsystems have already dropped support for the crypto_ahash API. The other problem with crypto_ahash is that bugs are also common, not just in the underlying drivers, but also in the code using it, since it is very difficult to use correctly. Just from a quick review, here are some of the bugs I noticed in IMA's ahash code: - [Use after free] ima_alloc_atfm() isn't thread-safe and can trigger a use-after-free if multiple threads try to initialize the global ima_ahash_tfm at the same time. - [Deadlock] If only one buffer is allocated and there is an error reading from the file, then ahash_wait() is executed twice, causing a deadlock in wait_for_completion(). - [Crash or incorrect hash computed] calc_buffer_ahash_atfm() is sometimes passed stack buffers which can be vmalloc addresses, but it puts them in a scatterlist assuming they are linear addresses. This causes the hashing to be done on the wrong physical address. - [Truncation to 32-bit length] ima_alloc_pages() incorrectly assumes an loff_t value fits in an unsigned long. calc_buffer_ahash_atfm() incorrectly assumes that a loff_t value fits in an unsigned int. So, not exactly a great track record so far, even disregarding driver bugs which are an even larger problem. Fortunately, in practice it's unlikely that many users are actually setting the ima.ahash_minsize kernel command-line parameter which enables this code. However, given that this code is almost certainly no longer useful (if it ever was), let's just remove it instead of attempting to fix all these issues. Signed-off-by: Eric Biggers <ebiggers@kernel.org> Acked-by: Dmitry Kasatkin <dmitry.kasatkin@gmail.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-03-17EVM: add comment describing why ino field is still unsigned longJeff Layton
Mimi pointed out that we didn't widen the inode number field in struct h_misc alongside the inode->i_ino widening. While we could make an equivalent change there, that would require EVM resigning on all 32-bit hosts. Instead, leave the field as an unsigned long. This should have no effect on 64-bit hosts, and allow things to continue working on 32-bit hosts in the cases where the i_ino fits in 32-bits. Add a comment explaining why it's being left as unsigned long. Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Jeff Layton <jlayton@kernel.org> Link: https://patch.msgid.link/20260316-iino-u64-v3-1-d1076b8f7a20@kernel.org Signed-off-by: Christian Brauner <brauner@kernel.org>
2026-03-13integrity: Eliminate weak definition of arch_get_secureboot()Nathan Chancellor
security/integrity/secure_boot.c contains a single __weak function, which breaks recordmcount when building with clang: $ make -skj"$(nproc)" ARCH=powerpc LLVM=1 ppc64_defconfig security/integrity/secure_boot.o Cannot find symbol for section 2: .text. security/integrity/secure_boot.o: failed Introduce a Kconfig symbol, CONFIG_HAVE_ARCH_GET_SECUREBOOT, to indicate that an architecture provides a definition of arch_get_secureboot(). Provide a static inline stub when this symbol is not defined to achieve the same effect as the __weak function, allowing secure_boot.c to be removed altogether. Move the s390 definition of arch_get_secureboot() out of the CONFIG_KEXEC_FILE block to ensure it is always available, as it does not actually depend on KEXEC_FILE. Reported-by: Arnd Bergmann <arnd@arndb.de> Fixes: 31a6a07eefeb ("integrity: Make arch_ima_get_secureboot integrity-wide") Signed-off-by: Nathan Chancellor <nathan@kernel.org> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-03-11ima: Add code comments to explain IMA iint cache atomic_flagsCoiby Xu
Explain these atomic flags to improve code readability. For example, the flag IMA_DIGSIG is to indicate we mustn't update a file's security.ima on close because the file already has IMA signature. The code comments for the first three flags come from commit 0d73a55208e9 ("ima: re-introduce own integrity cache lock") with a minor tweak. Signed-off-by: Coiby Xu <coxu@redhat.com> [zohar@linux.ibm.com: remove duplicate "integrity violation", unnecessary commas] Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-03-11ima_fs: Correctly create securityfs files for unsupported hash algosDmitry Safonov
ima_tpm_chip->allocated_banks[i].crypto_id is initialized to HASH_ALGO__LAST if the TPM algorithm is not supported. However there are places relying on the algorithm to be valid because it is accessed by hash_algo_name[]. On 6.12.40 I observe the following read out-of-bounds in hash_algo_name: ================================================================== BUG: KASAN: global-out-of-bounds in create_securityfs_measurement_lists+0x396/0x440 Read of size 8 at addr ffffffff83e18138 by task swapper/0/1 CPU: 4 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.40 #3 Call Trace: <TASK> dump_stack_lvl+0x61/0x90 print_report+0xc4/0x580 ? kasan_addr_to_slab+0x26/0x80 ? create_securityfs_measurement_lists+0x396/0x440 kasan_report+0xc2/0x100 ? create_securityfs_measurement_lists+0x396/0x440 create_securityfs_measurement_lists+0x396/0x440 ima_fs_init+0xa3/0x300 ima_init+0x7d/0xd0 init_ima+0x28/0x100 do_one_initcall+0xa6/0x3e0 kernel_init_freeable+0x455/0x740 kernel_init+0x24/0x1d0 ret_from_fork+0x38/0x80 ret_from_fork_asm+0x11/0x20 </TASK> The buggy address belongs to the variable: hash_algo_name+0xb8/0x420 Memory state around the buggy address: ffffffff83e18000: 00 01 f9 f9 f9 f9 f9 f9 00 01 f9 f9 f9 f9 f9 f9 ffffffff83e18080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffffffff83e18100: 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 00 05 f9 f9 ^ ffffffff83e18180: f9 f9 f9 f9 00 00 00 00 00 00 00 04 f9 f9 f9 f9 ffffffff83e18200: 00 00 00 00 00 00 00 00 04 f9 f9 f9 f9 f9 f9 f9 ================================================================== Seems like the TPM chip supports sha3_256, which isn't yet in tpm_algorithms: tpm tpm0: TPM with unsupported bank algorithm 0x0027 That's TPM_ALG_SHA3_256 == 0x0027 from "Trusted Platform Module 2.0 Library Part 2: Structures", page 51 [1]. See also the related U-Boot algorithms update [2]. Thus solve the problem by creating a file name with "_tpm_alg_<ID>" postfix if the crypto algorithm isn't initialized. This is how it looks on the test machine (patch ported to v6.12 release): # ls -1 /sys/kernel/security/ima/ ascii_runtime_measurements ascii_runtime_measurements_tpm_alg_27 ascii_runtime_measurements_sha1 ascii_runtime_measurements_sha256 binary_runtime_measurements binary_runtime_measurements_tpm_alg_27 binary_runtime_measurements_sha1 binary_runtime_measurements_sha256 policy runtime_measurements_count violations [1]: https://trustedcomputinggroup.org/wp-content/uploads/Trusted-Platform-Module-2.0-Library-Part-2-Version-184_pub.pdf [2]: https://lists.denx.de/pipermail/u-boot/2024-July/558835.html Fixes: 9fa8e7625008 ("ima: add crypto agility support for template-hash algorithm") Signed-off-by: Dmitry Safonov <dima@arista.com> Cc: Enrico Bravi <enrico.bravi@polito.it> Cc: Silvia Sisinni <silvia.sisinni@polito.it> Cc: Roberto Sassu <roberto.sassu@huawei.com> Cc: Mimi Zohar <zohar@linux.ibm.com> Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com> Tested-by: Roberto Sassu <roberto.sassu@huawei.com> Link: https://github.com/linux-integrity/linux/issues/14 Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-03-09ima: check return value of crypto_shash_final() in boot aggregateDaniel Hodges
The return value of crypto_shash_final() is not checked in ima_calc_boot_aggregate_tfm(). If the hash finalization fails, the function returns success and a corrupted boot aggregate digest could be used for IMA measurements. Capture the return value and propagate any error to the caller. Fixes: 76bb28f6126f ("ima: use new crypto_shash API instead of old crypto_hash") Signed-off-by: Daniel Hodges <hodgesd@meta.com> Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-03-08ima: Define and use a digest_size field in the ima_algo_desc structureRoberto Sassu
Add the digest_size field to the ima_algo_desc structure to determine the digest size from the correct source. If the hash algorithm is among allocated PCR banks, take the value from the TPM bank info (equal to the value from the crypto subsystem if the TPM algorithm is supported by it; otherwise, not exceding the size of the digest buffer in the tpm_digest structure, used by IMA). If the hash algorithm is SHA1, use the predefined value. Lastly, if the hash algorithm is the default one but not among the PCR banks, take the digest size from the crypto subsystem (the default hash algorithm is checked when parsing the ima_hash= command line option). Finally, use the new information to correctly show the template digest in ima_measurements_show() and ima_ascii_measurements_show(). Link: https://github.com/linux-integrity/linux/issues/14 Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-03-08ima: efi: Drop unnecessary check for CONFIG_MODULE_SIG/CONFIG_KEXEC_SIGThomas Weißschuh
When configuration settings are disabled the guarded functions are defined as empty stubs, so the check is unnecessary. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Reviewed-by: Aaron Tomlin <atomlin@atomlin.com> Reviewed-by: Nicolas Schier <nsc@kernel.org> [zohar@linux.ibm.com: fixed merge conflict with commit 63e8a44395a4] Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-03-08ima: fallback to using i_version to detect file changeMimi Zohar
Commit db1d1e8b9867 ("IMA: use vfs_getattr_nosec to get the i_version") replaced detecting file change based on i_version with STATX_CHANGE_COOKIE. On filesystems without STATX_CHANGE_COOKIE enabled, revert back to detecting file change based on i_version. On filesystems which do not support either, assume the file changed. Reported-by: Frederick Lawler <fred@cloudflare.com> Fixes: db1d1e8b9867 ("IMA: use vfs_getattr_nosec to get the i_version") Cc: stable@vger.kernel.org Reviewed-by: Frederick Lawler <fred@cloudflare.com> Tested-by: Frederick Lawler <fred@cloudflare.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-03-06treewide: change inode->i_ino from unsigned long to u64Jeff Layton
On 32-bit architectures, unsigned long is only 32 bits wide, which causes 64-bit inode numbers to be silently truncated. Several filesystems (NFS, XFS, BTRFS, etc.) can generate inode numbers that exceed 32 bits, and this truncation can lead to inode number collisions and other subtle bugs on 32-bit systems. Change the type of inode->i_ino from unsigned long to u64 to ensure that inode numbers are always represented as 64-bit values regardless of architecture. Update all format specifiers treewide from %lu/%lx to %llu/%llx to match the new type, along with corresponding local variable types. This is the bulk treewide conversion. Earlier patches in this series handled trace events separately to allow trace field reordering for better struct packing on 32-bit. Signed-off-by: Jeff Layton <jlayton@kernel.org> Link: https://patch.msgid.link/20260304-iino-u64-v3-12-2257ad83d372@kernel.org Acked-by: Damien Le Moal <dlemoal@kernel.org> Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Jan Kara <jack@suse.cz> Reviewed-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Christian Brauner <brauner@kernel.org>
2026-03-05evm: fix security.evm for a file with IMA signatureCoiby Xu
When both IMA and EVM fix modes are enabled, accessing a file with IMA signature but missing EVM HMAC won't cause security.evm to be fixed. Add a function evm_fix_hmac which will be explicitly called to fix EVM HMAC for this case. Suggested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Coiby Xu <coxu@redhat.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-03-05evm: Don't enable fix mode when secure boot is enabledCoiby Xu
Similar to IMA fix mode, forbid EVM fix mode when secure boot is enabled. Reported-and-suggested-by: Mimi Zohar <zohar@linux.ibm.com> Suggested-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Coiby Xu <coxu@redhat.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-03-05integrity: Make arch_ima_get_secureboot integrity-wideCoiby Xu
EVM and other LSMs need the ability to query the secure boot status of the system, without directly calling the IMA arch_ima_get_secureboot function. Refactor the secure boot status check into a general function named arch_get_secureboot. Reported-and-suggested-by: Mimi Zohar <zohar@linux.ibm.com> Suggested-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Coiby Xu <coxu@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2026-02-22Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL usesKees Cook
Conversion performed via this Coccinelle script: // SPDX-License-Identifier: GPL-2.0-only // Options: --include-headers-for-types --all-includes --include-headers --keep-comments virtual patch @gfp depends on patch && !(file in "tools") && !(file in "samples")@ identifier ALLOC = {kmalloc_obj,kmalloc_objs,kmalloc_flex, kzalloc_obj,kzalloc_objs,kzalloc_flex, kvmalloc_obj,kvmalloc_objs,kvmalloc_flex, kvzalloc_obj,kvzalloc_objs,kvzalloc_flex}; @@ ALLOC(... - , GFP_KERNEL ) $ make coccicheck MODE=patch COCCI=gfp.cocci Build and boot tested x86_64 with Fedora 42's GCC and Clang: Linux version 6.19.0+ (user@host) (gcc (GCC) 15.2.1 20260123 (Red Hat 15.2.1-7), GNU ld version 2.44-12.fc42) #1 SMP PREEMPT_DYNAMIC 1970-01-01 Linux version 6.19.0+ (user@host) (clang version 20.1.8 (Fedora 20.1.8-4.fc42), LLD 20.1.8) #1 SMP PREEMPT_DYNAMIC 1970-01-01 Signed-off-by: Kees Cook <kees@kernel.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2026-02-21Convert more 'alloc_obj' cases to default GFP_KERNEL argumentsLinus Torvalds
This converts some of the visually simpler cases that have been split over multiple lines. I only did the ones that are easy to verify the resulting diff by having just that final GFP_KERNEL argument on the next line. Somebody should probably do a proper coccinelle script for this, but for me the trivial script actually resulted in an assertion failure in the middle of the script. I probably had made it a bit _too_ trivial. So after fighting that far a while I decided to just do some of the syntactically simpler cases with variations of the previous 'sed' scripts. The more syntactically complex multi-line cases would mostly really want whitespace cleanup anyway. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2026-02-21Convert 'alloc_flex' family to use the new default GFP_KERNEL argumentLinus Torvalds
This is the exact same thing as the 'alloc_obj()' version, only much smaller because there are a lot fewer users of the *alloc_flex() interface. As with alloc_obj() version, this was done entirely with mindless brute force, using the same script, except using 'flex' in the pattern rather than 'objs*'. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2026-02-21Convert 'alloc_obj' family to use the new default GFP_KERNEL argumentLinus Torvalds
This was done entirely with mindless brute force, using git grep -l '\<k[vmz]*alloc_objs*(.*, GFP_KERNEL)' | xargs sed -i 's/\(alloc_objs*(.*\), GFP_KERNEL)/\1)/' to convert the new alloc_obj() users that had a simple GFP_KERNEL argument to just drop that argument. Note that due to the extreme simplicity of the scripting, any slightly more complex cases spread over multiple lines would not be triggered: they definitely exist, but this covers the vast bulk of the cases, and the resulting diff is also then easier to check automatically. For the same reason the 'flex' versions will be done as a separate conversion. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2026-02-21treewide: Replace kmalloc with kmalloc_obj for non-scalar typesKees Cook
This is the result of running the Coccinelle script from scripts/coccinelle/api/kmalloc_objs.cocci. The script is designed to avoid scalar types (which need careful case-by-case checking), and instead replace kmalloc-family calls that allocate struct or union object instances: Single allocations: kmalloc(sizeof(TYPE), ...) are replaced with: kmalloc_obj(TYPE, ...) Array allocations: kmalloc_array(COUNT, sizeof(TYPE), ...) are replaced with: kmalloc_objs(TYPE, COUNT, ...) Flex array allocations: kmalloc(struct_size(PTR, FAM, COUNT), ...) are replaced with: kmalloc_flex(*PTR, FAM, COUNT, ...) (where TYPE may also be *VAR) The resulting allocations no longer return "void *", instead returning "TYPE *". Signed-off-by: Kees Cook <kees@kernel.org>
2026-02-12Merge tag 'mm-nonmm-stable-2026-02-12-10-48' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull non-MM updates from Andrew Morton: - "ocfs2: give ocfs2 the ability to reclaim suballocator free bg" saves disk space by teaching ocfs2 to reclaim suballocator block group space (Heming Zhao) - "Add ARRAY_END(), and use it to fix off-by-one bugs" adds the ARRAY_END() macro and uses it in various places (Alejandro Colomar) - "vmcoreinfo: support VMCOREINFO_BYTES larger than PAGE_SIZE" makes the vmcore code future-safe, if VMCOREINFO_BYTES ever exceeds the page size (Pnina Feder) - "kallsyms: Prevent invalid access when showing module buildid" cleans up kallsyms code related to module buildid and fixes an invalid access crash when printing backtraces (Petr Mladek) - "Address page fault in ima_restore_measurement_list()" fixes a kexec-related crash that can occur when booting the second-stage kernel on x86 (Harshit Mogalapalli) - "kho: ABI headers and Documentation updates" updates the kexec handover ABI documentation (Mike Rapoport) - "Align atomic storage" adds the __aligned attribute to atomic_t and atomic64_t definitions to get natural alignment of both types on csky, m68k, microblaze, nios2, openrisc and sh (Finn Thain) - "kho: clean up page initialization logic" simplifies the page initialization logic in kho_restore_page() (Pratyush Yadav) - "Unload linux/kernel.h" moves several things out of kernel.h and into more appropriate places (Yury Norov) - "don't abuse task_struct.group_leader" removes the usage of ->group_leader when it is "obviously unnecessary" (Oleg Nesterov) - "list private v2 & luo flb" adds some infrastructure improvements to the live update orchestrator (Pasha Tatashin) * tag 'mm-nonmm-stable-2026-02-12-10-48' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: (107 commits) watchdog/hardlockup: simplify perf event probe and remove per-cpu dependency procfs: fix missing RCU protection when reading real_parent in do_task_stat() watchdog/softlockup: fix sample ring index wrap in need_counting_irqs() kcsan, compiler_types: avoid duplicate type issues in BPF Type Format kho: fix doc for kho_restore_pages() tests/liveupdate: add in-kernel liveupdate test liveupdate: luo_flb: introduce File-Lifecycle-Bound global state liveupdate: luo_file: Use private list list: add kunit test for private list primitives list: add primitives for private list manipulations delayacct: fix uapi timespec64 definition panic: add panic_force_cpu= parameter to redirect panic to a specific CPU netclassid: use thread_group_leader(p) in update_classid_task() RDMA/umem: don't abuse current->group_leader drm/pan*: don't abuse current->group_leader drm/amd: kill the outdated "Only the pthreads threading model is supported" checks drm/amdgpu: don't abuse current->group_leader android/binder: use same_thread_group(proc->tsk, current) in binder_mmap() android/binder: don't abuse current->group_leader kho: skip memoryless NUMA nodes when reserving scratch areas ...
2026-02-11Merge tag 'integrity-v7.0' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity Pull integrity updates from Mimi Zohar: "Just two bug fixes: IMA's detecting scripts (bprm_creds_for_exec), and calculating the EVM HMAC" * tag 'integrity-v7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: evm: Use ordered xattrs list to calculate HMAC in evm_init_hmac() ima: Fix stack-out-of-bounds in is_bprm_creds_for_exec()
2026-01-30pkcs7, x509: Rename ->digest to ->mDavid Howells
Rename ->digest and ->digest_len to ->m and ->m_size to represent the input to the signature verification algorithm, reflecting that ->digest may no longer actually *be* a digest. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> cc: Lukas Wunner <lukas@wunner.de> cc: Ignat Korchagin <ignat@cloudflare.com> cc: Stephan Mueller <smueller@chronox.de> cc: Eric Biggers <ebiggers@kernel.org> cc: Herbert Xu <herbert@gondor.apana.org.au> cc: keyrings@vger.kernel.org cc: linux-crypto@vger.kernel.org
2026-01-26ima: verify the previous kernel's IMA buffer lies in addressable RAMHarshit Mogalapalli
Patch series "Address page fault in ima_restore_measurement_list()", v3. When the second-stage kernel is booted via kexec with a limiting command line such as "mem=<size>" we observe a pafe fault that happens. BUG: unable to handle page fault for address: ffff97793ff47000 RIP: ima_restore_measurement_list+0xdc/0x45a #PF: error_code(0x0000) not-present page This happens on x86_64 only, as this is already fixed in aarch64 in commit: cbf9c4b9617b ("of: check previous kernel's ima-kexec-buffer against memory bounds") This patch (of 3): When the second-stage kernel is booted with a limiting command line (e.g. "mem=<size>"), the IMA measurement buffer handed over from the previous kernel may fall outside the addressable RAM of the new kernel. Accessing such a buffer can fault during early restore. Introduce a small generic helper, ima_validate_range(), which verifies that a physical [start, end] range for the previous-kernel IMA buffer lies within addressable memory: - On x86, use pfn_range_is_mapped(). - On OF based architectures, use page_is_ram(). Link: https://lkml.kernel.org/r/20251231061609.907170-1-harshit.m.mogalapalli@oracle.com Link: https://lkml.kernel.org/r/20251231061609.907170-2-harshit.m.mogalapalli@oracle.com Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Cc: Alexander Graf <graf@amazon.com> Cc: Ard Biesheuvel <ardb@kernel.org> Cc: Borislav Betkov <bp@alien8.de> Cc: guoweikang <guoweikang.kernel@gmail.com> Cc: Henry Willard <henry.willard@oracle.com> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Jiri Bohac <jbohac@suse.cz> Cc: Joel Granados <joel.granados@kernel.org> Cc: Jonathan McDowell <noodles@fb.com> Cc: Mike Rapoport <rppt@kernel.org> Cc: Paul Webb <paul.x.webb@oracle.com> Cc: Sohil Mehta <sohil.mehta@intel.com> Cc: Sourabh Jain <sourabhjain@linux.ibm.com> Cc: Thomas Gleinxer <tglx@linutronix.de> Cc: Yifei Liu <yifei.l.liu@oracle.com> Cc: Baoquan He <bhe@redhat.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>