This is an automated email from the git hooks/post-receive script.

unknown user pushed a change to branch master in repository linux.

from 8e143b90e4d4 Merge tag 'iommu-updates-v4.21' of git://git.kernel.org/pu [...] new 59637d5e1693 integrity: support new struct public_key_signature encoding field new 0914ade209c4 x86/ima: define arch_ima_get_secureboot new b5ca117365d9 ima: prevent kexec_load syscall based on runtime secureboot flag new c52657d93b05 ima: refactor ima_init_policy() new 6191706246de ima: add support for arch specific policies new d958083a8f64 x86/ima: define arch_get_ima_policy() for x86 new 4264f27a0815 docs: Extend trusted keys documentation for TPM 2.0 new 399574c64eaf x86/ima: retry detecting secure boot mode new 060190fbe676 ima: don't measure/appraise files on efivarfs new a802ed0dd9c2 selftests/ima: kexec_load syscall test new 9dc92c45177a integrity: Define a trusted platform keyring new 60740accf784 integrity: Load certs to the platform keyring new 5c126ba22f89 efi: Add EFI signature data types new 0bc9ae395b3f efi: Add an EFI signature blob parser new 15ea0e1e3e18 efi: Import certificates from UEFI Secure Boot new 386b49f51dc2 efi: Allow the "db" UEFI variable to be suppressed new d7cecb676dd3 ima: Support platform keyring for kernel appraisal new eed9de3b4f47 ima: Use inode_is_open_for_write new 5580b4a1a8ca Merge branch 'next-integrity' of git://git.kernel.org/pub/ [...] new c7f7e58fcbf3 integrity: Remove references to module keyring new f218a29c25ad Merge branch 'next-integrity' of git://git.kernel.org/pub/ [...] new db5113911aba seccomp: hoist struct seccomp_data recalculation higher new a5662e4d81c4 seccomp: switch system call argument type to void * new 6a21cc50f0c7 seccomp: add a return code to trap to userspace new fec7b6690541 samples: add an example of seccomp user trap new d63962e38cc0 Merge tag 'seccomp-next' of https://git.kernel.org/pub/scm [...] new 319deec7db6c seccomp: fix poor type promotion new 4fc96ee9085d seccomp, s390: fix build for syscall type change new 55b8cbe470d1 Merge tag 'seccomp-next-part2' of https://git.kernel.org/p [...] new d9a7fa67b4bf Merge branch 'next-seccomp' of git://git.kernel.org/pub/sc [...] new 1ac5cd497879 block: don't use un-ordered __set_current_state(TASK_UNINT [...] new 5b841bfab695 smack: fix access permissions for keyring new 55b078f031f5 Smack: Improve Documentation new 20bb4cb4fb9f Merge branch 'smack-for-4.21-a' of https://github.com/csch [...] new 19f2e267a5d0 Merge branch 'next-smack' of git://git.kernel.org/pub/scm/ [...] new 2ba5780ce305 tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x new 899102bc4518 tpm2: add new tpm2 commands according to TCG 1.36 new 100b16a6f290 tpm: sort objects in the Makefile new b2d6e6de005e tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c new d856c00f7d16 tpm: add tpm_calc_ordinal_duration() wrapper new 70a3199a7101 tpm: factor out tpm_get_timeouts() new 1ad6640cd614 tpm: move tpm1_pcr_extend to tpm1-cmd.c new f4d916b72fea tpm: move tpm_getcap to tpm1-cmd.c new 433d390f005d tpm: factor out tpm1_get_random into tpm1-cmd.c new d4a317563207 tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c new c82a330ceced tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c new 9db7fe187c54 tpm: factor out tpm_startup function new b03c43702e7b tpm: add tpm_auto_startup() into tpm-interface.c new b6b6036a5d55 tpm: tpm-interface.c drop unused macros new c22780ff0c76 tpm: tpm-space.c remove unneeded semicolon new 7aee9c52d7ac tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure new 5e335b5ecfa5 tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure new cfddcb05e134 tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() new 9315e73ac870 tpm1: reimplement SAVESTATE using tpm_buf new c82e59541a22 tpm1: reimplement tpm1_continue_selftest() using tpm_buf new 95adc6b410b7 tpm: use u32 instead of int for PCR index new 01f54664a4db tpm: tpm_try_transmit() refactor error flow. new 5122b5f0a846 tpm: fix kdoc for tpm2_flush_context_cmd() new 09c573ab853d tpm: tpm_ibmvtpm: fix kdoc warnings new 9488585b21be tpm: add support for partial reads new 0db51ef26e87 Merge tag 'tpmdd-next-20181217' of git://git.infradead.org [...] new 74673fc50bab Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/li [...]

The 62 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference.

Summary of changes: Documentation/admin-guide/LSM/Smack.rst | 4 + Documentation/ioctl/ioctl-number.txt | 1 + Documentation/security/keys/trusted-encrypted.rst | 31 +- Documentation/userspace-api/seccomp_filter.rst | 84 +++ arch/s390/kernel/compat_wrapper.c | 2 +- arch/x86/kernel/Makefile | 4 + arch/x86/kernel/ima_arch.c | 75 ++ drivers/char/tpm/Makefile | 16 +- drivers/char/tpm/st33zp24/st33zp24.c | 2 +- drivers/char/tpm/tpm-chip.c | 11 +- drivers/char/tpm/tpm-dev-common.c | 52 +- drivers/char/tpm/tpm-dev.h | 5 +- drivers/char/tpm/tpm-interface.c | 832 ++------------------- drivers/char/tpm/tpm-sysfs.c | 52 +- drivers/char/tpm/tpm.h | 97 +-- drivers/char/tpm/tpm1-cmd.c | 781 +++++++++++++++++++ drivers/char/tpm/tpm2-cmd.c | 308 ++++---- drivers/char/tpm/tpm2-space.c | 2 +- drivers/char/tpm/tpm_i2c_nuvoton.c | 11 +- drivers/char/tpm/tpm_ibmvtpm.c | 6 +- drivers/char/tpm/tpm_tis_core.c | 10 +- fs/block_dev.c | 7 +- fs/iomap.c | 3 +- include/linux/efi.h | 34 + include/linux/ima.h | 15 + include/linux/seccomp.h | 9 +- include/linux/syscalls.h | 2 +- include/linux/tpm.h | 11 +- include/uapi/linux/seccomp.h | 40 +- kernel/seccomp.c | 467 +++++++++++- mm/page_io.c | 3 +- samples/seccomp/.gitignore | 1 + samples/seccomp/Makefile | 7 +- samples/seccomp/user-trap.c | 375 ++++++++++ security/integrity/Kconfig | 11 + security/integrity/Makefile | 5 + security/integrity/digsig.c | 111 ++- security/integrity/ima/Kconfig | 10 +- security/integrity/ima/ima_appraise.c | 14 +- security/integrity/ima/ima_crypto.c | 5 +- security/integrity/ima/ima_main.c | 21 +- security/integrity/ima/ima_policy.c | 171 +++-- security/integrity/integrity.h | 22 +- security/integrity/platform_certs/efi_parser.c | 108 +++ security/integrity/platform_certs/load_uefi.c | 194 +++++ .../integrity/platform_certs/platform_keyring.c | 58 ++ security/smack/smack_lsm.c | 12 +- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/ima/Makefile | 11 + tools/testing/selftests/ima/config | 4 + tools/testing/selftests/ima/test_kexec_load.sh | 54 ++ tools/testing/selftests/seccomp/seccomp_bpf.c | 447 ++++++++++- 52 files changed, 3422 insertions(+), 1197 deletions(-) create mode 100644 arch/x86/kernel/ima_arch.c create mode 100644 drivers/char/tpm/tpm1-cmd.c create mode 100644 samples/seccomp/user-trap.c create mode 100644 security/integrity/platform_certs/efi_parser.c create mode 100644 security/integrity/platform_certs/load_uefi.c create mode 100644 security/integrity/platform_certs/platform_keyring.c create mode 100644 tools/testing/selftests/ima/Makefile create mode 100644 tools/testing/selftests/ima/config create mode 100755 tools/testing/selftests/ima/test_kexec_load.sh