<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-toradex.git/security, branch v5.14-rc4</title>
<subtitle>Linux kernel for Apalis and Colibri modules</subtitle>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/'/>
<entry>
<title>Merge tag 'asm-generic-unaligned-5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic</title>
<updated>2021-07-02T19:43:40+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2021-07-02T19:43:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=4cad67197989c81417810b89f09a3549b75a2441'/>
<id>4cad67197989c81417810b89f09a3549b75a2441</id>
<content type='text'>
Pull asm/unaligned.h unification from Arnd Bergmann:
 "Unify asm/unaligned.h around struct helper

  The get_unaligned()/put_unaligned() helpers are traditionally
  architecture specific, with the two main variants being the
  "access-ok.h" version that assumes unaligned pointer accesses always
  work on a particular architecture, and the "le-struct.h" version that
  casts the data to a byte aligned type before dereferencing, for
  architectures that cannot always do unaligned accesses in hardware.

  Based on the discussion linked below, it appears that the access-ok
  version is not realiable on any architecture, but the struct version
  probably has no downsides. This series changes the code to use the
  same implementation on all architectures, addressing the few
  exceptions separately"

Link: https://lore.kernel.org/lkml/75d07691-1e4f-741f-9852-38c0b4f520bc@synopsys.com/
Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100363
Link: https://lore.kernel.org/lkml/20210507220813.365382-14-arnd@kernel.org/
Link: git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic.git unaligned-rework-v2
Link: https://lore.kernel.org/lkml/CAHk-=whGObOKruA_bU3aPGZfoDqZM1_9wBkwREp0H0FgR-90uQ@mail.gmail.com/

* tag 'asm-generic-unaligned-5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic:
  asm-generic: simplify asm/unaligned.h
  asm-generic: uaccess: 1-byte access is always aligned
  netpoll: avoid put_unaligned() on single character
  mwifiex: re-fix for unaligned accesses
  apparmor: use get_unaligned() only for multi-byte words
  partitions: msdos: fix one-byte get_unaligned()
  asm-generic: unaligned always use struct helpers
  asm-generic: unaligned: remove byteshift helpers
  powerpc: use linux/unaligned/le_struct.h on LE power7
  m68k: select CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
  sh: remove unaligned access for sh4a
  openrisc: always use unaligned-struct header
  asm-generic: use asm-generic/unaligned.h for most architectures
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull asm/unaligned.h unification from Arnd Bergmann:
 "Unify asm/unaligned.h around struct helper

  The get_unaligned()/put_unaligned() helpers are traditionally
  architecture specific, with the two main variants being the
  "access-ok.h" version that assumes unaligned pointer accesses always
  work on a particular architecture, and the "le-struct.h" version that
  casts the data to a byte aligned type before dereferencing, for
  architectures that cannot always do unaligned accesses in hardware.

  Based on the discussion linked below, it appears that the access-ok
  version is not realiable on any architecture, but the struct version
  probably has no downsides. This series changes the code to use the
  same implementation on all architectures, addressing the few
  exceptions separately"

Link: https://lore.kernel.org/lkml/75d07691-1e4f-741f-9852-38c0b4f520bc@synopsys.com/
Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100363
Link: https://lore.kernel.org/lkml/20210507220813.365382-14-arnd@kernel.org/
Link: git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic.git unaligned-rework-v2
Link: https://lore.kernel.org/lkml/CAHk-=whGObOKruA_bU3aPGZfoDqZM1_9wBkwREp0H0FgR-90uQ@mail.gmail.com/

* tag 'asm-generic-unaligned-5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic:
  asm-generic: simplify asm/unaligned.h
  asm-generic: uaccess: 1-byte access is always aligned
  netpoll: avoid put_unaligned() on single character
  mwifiex: re-fix for unaligned accesses
  apparmor: use get_unaligned() only for multi-byte words
  partitions: msdos: fix one-byte get_unaligned()
  asm-generic: unaligned always use struct helpers
  asm-generic: unaligned: remove byteshift helpers
  powerpc: use linux/unaligned/le_struct.h on LE power7
  m68k: select CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
  sh: remove unaligned access for sh4a
  openrisc: always use unaligned-struct header
  asm-generic: use asm-generic/unaligned.h for most architectures
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge tag 'safesetid-5.14' of git://github.com/micah-morton/linux</title>
<updated>2021-06-30T22:30:47+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2021-06-30T22:30:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=92183137e6c14b68ff4de51f6ef371b2b1fe6e68'/>
<id>92183137e6c14b68ff4de51f6ef371b2b1fe6e68</id>
<content type='text'>
Pull SafeSetID update from Micah Morton:
 "One very minor code cleanup change that marks a variable as
  __initdata"

* tag 'safesetid-5.14' of git://github.com/micah-morton/linux:
  LSM: SafeSetID: Mark safesetid_initialized as __initdata
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull SafeSetID update from Micah Morton:
 "One very minor code cleanup change that marks a variable as
  __initdata"

* tag 'safesetid-5.14' of git://github.com/micah-morton/linux:
  LSM: SafeSetID: Mark safesetid_initialized as __initdata
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge tag 'Smack-for-5.14' of git://github.com/cschaufler/smack-next</title>
<updated>2021-06-30T22:28:43+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2021-06-30T22:28:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=5c874a5b29c264f88fafb323e8df7da7b214b6a9'/>
<id>5c874a5b29c264f88fafb323e8df7da7b214b6a9</id>
<content type='text'>
Pull smack updates from Casey Schaufler:
 "There is nothing more significant than an improvement to a byte count
  check in smackfs.

  All changes have been in next for weeks"

* tag 'Smack-for-5.14' of git://github.com/cschaufler/smack-next:
  Smack: fix doc warning
  Revert "Smack: Handle io_uring kernel thread privileges"
  smackfs: restrict bytes count in smk_set_cipso()
  security/smack/: fix misspellings using codespell tool
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull smack updates from Casey Schaufler:
 "There is nothing more significant than an improvement to a byte count
  check in smackfs.

  All changes have been in next for weeks"

* tag 'Smack-for-5.14' of git://github.com/cschaufler/smack-next:
  Smack: fix doc warning
  Revert "Smack: Handle io_uring kernel thread privileges"
  smackfs: restrict bytes count in smk_set_cipso()
  security/smack/: fix misspellings using codespell tool
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge tag 'audit-pr-20210629' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit</title>
<updated>2021-06-30T22:22:05+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2021-06-30T22:22:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=290fe0fa6f5a1a3374dfd03fe0eda6c43d53e6cf'/>
<id>290fe0fa6f5a1a3374dfd03fe0eda6c43d53e6cf</id>
<content type='text'>
Pull audit updates from Paul Moore:
 "Another merge window, another small audit pull request.

  Four patches in total: one is cosmetic, one removes an unnecessary
  initialization, one renames some enum values to prevent name
  collisions, and one converts list_del()/list_add() to list_move().

  None of these are earth shattering and all pass the audit-testsuite
  tests while merging cleanly on top of your tree from earlier today"

* tag 'audit-pr-20210629' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
  audit: remove unnecessary 'ret' initialization
  audit: remove trailing spaces and tabs
  audit: Use list_move instead of list_del/list_add
  audit: Rename enum audit_state constants to avoid AUDIT_DISABLED redefinition
  audit: add blank line after variable declarations
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull audit updates from Paul Moore:
 "Another merge window, another small audit pull request.

  Four patches in total: one is cosmetic, one removes an unnecessary
  initialization, one renames some enum values to prevent name
  collisions, and one converts list_del()/list_add() to list_move().

  None of these are earth shattering and all pass the audit-testsuite
  tests while merging cleanly on top of your tree from earlier today"

* tag 'audit-pr-20210629' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
  audit: remove unnecessary 'ret' initialization
  audit: remove trailing spaces and tabs
  audit: Use list_move instead of list_del/list_add
  audit: Rename enum audit_state constants to avoid AUDIT_DISABLED redefinition
  audit: add blank line after variable declarations
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge tag 'selinux-pr-20210629' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux</title>
<updated>2021-06-30T21:55:42+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2021-06-30T21:55:42+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=6bd344e55f73f7ae671bf5c1ebe5bd814f3c4b27'/>
<id>6bd344e55f73f7ae671bf5c1ebe5bd814f3c4b27</id>
<content type='text'>
Pull SELinux updates from Paul Moore:

 - The slow_avc_audit() function is now non-blocking so we can remove
   the AVC_NONBLOCKING tricks; this also includes the 'flags' variant of
   avc_has_perm().

 - Use kmemdup() instead of kcalloc()+copy when copying parts of the
   SELinux policydb.

 - The InfiniBand device name is now passed by reference when possible
   in the SELinux code, removing a strncpy().

 - Minor cleanups including: constification of avtab function args,
   removal of useless LSM/XFRM function args, SELinux kdoc fixes, and
   removal of redundant assignments.

* tag 'selinux-pr-20210629' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
  selinux: kill 'flags' argument in avc_has_perm_flags() and avc_audit()
  selinux: slow_avc_audit has become non-blocking
  selinux: Fix kernel-doc
  selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC
  lsm_audit,selinux: pass IB device name by reference
  selinux: Remove redundant assignment to rc
  selinux: Corrected comment to match kernel-doc comment
  selinux: delete selinux_xfrm_policy_lookup() useless argument
  selinux: constify some avtab function arguments
  selinux: simplify duplicate_policydb_cond_list() by using kmemdup()
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull SELinux updates from Paul Moore:

 - The slow_avc_audit() function is now non-blocking so we can remove
   the AVC_NONBLOCKING tricks; this also includes the 'flags' variant of
   avc_has_perm().

 - Use kmemdup() instead of kcalloc()+copy when copying parts of the
   SELinux policydb.

 - The InfiniBand device name is now passed by reference when possible
   in the SELinux code, removing a strncpy().

 - Minor cleanups including: constification of avtab function args,
   removal of useless LSM/XFRM function args, SELinux kdoc fixes, and
   removal of redundant assignments.

* tag 'selinux-pr-20210629' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
  selinux: kill 'flags' argument in avc_has_perm_flags() and avc_audit()
  selinux: slow_avc_audit has become non-blocking
  selinux: Fix kernel-doc
  selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC
  lsm_audit,selinux: pass IB device name by reference
  selinux: Remove redundant assignment to rc
  selinux: Corrected comment to match kernel-doc comment
  selinux: delete selinux_xfrm_policy_lookup() useless argument
  selinux: constify some avtab function arguments
  selinux: simplify duplicate_policydb_cond_list() by using kmemdup()
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge tag 'integrity-v5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity</title>
<updated>2021-06-28T23:15:50+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2021-06-28T23:15:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=a60c538ed2ff9d084544a894219eed9c5ab980e5'/>
<id>a60c538ed2ff9d084544a894219eed9c5ab980e5</id>
<content type='text'>
Pull integrity subsystem updates from Mimi Zohar:
 "The large majority of the changes are EVM portable &amp; immutable
  signature related: removing a dependency on loading an HMAC key,
  safely allowing file metadata included in the EVM portable &amp; immutable
  signatures to be modified, allowing EVM signatures to fulfill IMA file
  signature policy requirements, including the EVM file metadata
  signature in lieu of an IMA file data signature in the measurement
  list, and adding dynamic debugging of EVM file metadata.

  In addition, in order to detect critical data or file change
  reversions, duplicate measurement records are permitted in the IMA
  measurement list.

  The remaining patches address compiler, sparse, and doc warnings"

* tag 'integrity-v5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: (31 commits)
  evm: Check xattr size discrepancy between kernel and user
  evm: output EVM digest calculation info
  IMA: support for duplicate measurement records
  ima: Fix warning: no previous prototype for function 'ima_add_kexec_buffer'
  ima: differentiate between EVM failures in the audit log
  ima: Fix fall-through warning for Clang
  ima: Pass NULL instead of 0 to ima_get_action() in ima_file_mprotect()
  ima: Include header defining ima_post_key_create_or_update()
  ima/evm: Fix type mismatch
  ima: Set correct casting types
  doc: Fix warning in Documentation/security/IMA-templates.rst
  evm: Don't return an error in evm_write_xattrs() if audit is not enabled
  ima: Define new template evm-sig
  ima: Define new template fields xattrnames, xattrlengths and xattrvalues
  evm: Verify portable signatures against all protected xattrs
  ima: Define new template field imode
  ima: Define new template fields iuid and igid
  ima: Add ima_show_template_uint() template library function
  ima: Don't remove security.ima if file must not be appraised
  ima: Introduce template field evmsig and write to field sig as fallback
  ...
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull integrity subsystem updates from Mimi Zohar:
 "The large majority of the changes are EVM portable &amp; immutable
  signature related: removing a dependency on loading an HMAC key,
  safely allowing file metadata included in the EVM portable &amp; immutable
  signatures to be modified, allowing EVM signatures to fulfill IMA file
  signature policy requirements, including the EVM file metadata
  signature in lieu of an IMA file data signature in the measurement
  list, and adding dynamic debugging of EVM file metadata.

  In addition, in order to detect critical data or file change
  reversions, duplicate measurement records are permitted in the IMA
  measurement list.

  The remaining patches address compiler, sparse, and doc warnings"

* tag 'integrity-v5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: (31 commits)
  evm: Check xattr size discrepancy between kernel and user
  evm: output EVM digest calculation info
  IMA: support for duplicate measurement records
  ima: Fix warning: no previous prototype for function 'ima_add_kexec_buffer'
  ima: differentiate between EVM failures in the audit log
  ima: Fix fall-through warning for Clang
  ima: Pass NULL instead of 0 to ima_get_action() in ima_file_mprotect()
  ima: Include header defining ima_post_key_create_or_update()
  ima/evm: Fix type mismatch
  ima: Set correct casting types
  doc: Fix warning in Documentation/security/IMA-templates.rst
  evm: Don't return an error in evm_write_xattrs() if audit is not enabled
  ima: Define new template evm-sig
  ima: Define new template fields xattrnames, xattrlengths and xattrvalues
  evm: Verify portable signatures against all protected xattrs
  ima: Define new template field imode
  ima: Define new template fields iuid and igid
  ima: Add ima_show_template_uint() template library function
  ima: Don't remove security.ima if file must not be appraised
  ima: Introduce template field evmsig and write to field sig as fallback
  ...
</pre>
</div>
</content>
</entry>
<entry>
<title>evm: Check xattr size discrepancy between kernel and user</title>
<updated>2021-06-21T12:34:21+00:00</updated>
<author>
<name>Roberto Sassu</name>
<email>roberto.sassu@huawei.com</email>
</author>
<published>2021-06-21T12:29:12+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=907a399de7b0566236c480d0c01ff52220532fb1'/>
<id>907a399de7b0566236c480d0c01ff52220532fb1</id>
<content type='text'>
The kernel and the user obtain an xattr value in two different ways:

kernel (EVM): uses vfs_getxattr_alloc() which obtains the xattr value from
              the filesystem handler (raw value);

user (ima-evm-utils): uses vfs_getxattr() which obtains the xattr value
                      from the LSMs (normalized value).

Normally, this does not have an impact unless security.selinux is set with
setfattr, with a value not terminated by '\0' (this is not the recommended
way, security.selinux should be set with the appropriate tools such as
chcon and restorecon).

In this case, the kernel and the user see two different xattr values: the
former sees the xattr value without '\0' (raw value), the latter sees the
value with '\0' (value normalized by SELinux).

This could result in two different verification outcomes from EVM and
ima-evm-utils, if a signature was calculated with a security.selinux value
terminated by '\0' and the value set in the filesystem is not terminated by
'\0'. The former would report verification failure due to the missing '\0',
while the latter would report verification success (because it gets the
normalized value with '\0').

This patch mitigates this issue by comparing in evm_calc_hmac_or_hash() the
size of the xattr returned by the two xattr functions and by warning the
user if there is a discrepancy.

Signed-off-by: Roberto Sassu &lt;roberto.sassu@huawei.com&gt;
Suggested-by: Mimi Zohar &lt;zohar@linux.ibm.com&gt;
Signed-off-by: Mimi Zohar &lt;zohar@linux.ibm.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The kernel and the user obtain an xattr value in two different ways:

kernel (EVM): uses vfs_getxattr_alloc() which obtains the xattr value from
              the filesystem handler (raw value);

user (ima-evm-utils): uses vfs_getxattr() which obtains the xattr value
                      from the LSMs (normalized value).

Normally, this does not have an impact unless security.selinux is set with
setfattr, with a value not terminated by '\0' (this is not the recommended
way, security.selinux should be set with the appropriate tools such as
chcon and restorecon).

In this case, the kernel and the user see two different xattr values: the
former sees the xattr value without '\0' (raw value), the latter sees the
value with '\0' (value normalized by SELinux).

This could result in two different verification outcomes from EVM and
ima-evm-utils, if a signature was calculated with a security.selinux value
terminated by '\0' and the value set in the filesystem is not terminated by
'\0'. The former would report verification failure due to the missing '\0',
while the latter would report verification success (because it gets the
normalized value with '\0').

This patch mitigates this issue by comparing in evm_calc_hmac_or_hash() the
size of the xattr returned by the two xattr functions and by warning the
user if there is a discrepancy.

Signed-off-by: Roberto Sassu &lt;roberto.sassu@huawei.com&gt;
Suggested-by: Mimi Zohar &lt;zohar@linux.ibm.com&gt;
Signed-off-by: Mimi Zohar &lt;zohar@linux.ibm.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>evm: output EVM digest calculation info</title>
<updated>2021-06-20T15:10:25+00:00</updated>
<author>
<name>Mimi Zohar</name>
<email>zohar@linux.ibm.com</email>
</author>
<published>2021-05-13T22:36:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=87ac3d002d567fac3527d6612865e81cfd783727'/>
<id>87ac3d002d567fac3527d6612865e81cfd783727</id>
<content type='text'>
Output the data used in calculating the EVM digest and the resulting
digest as ascii hexadecimal strings.

Suggested-by: Lakshmi Ramasubramanian &lt;nramas@linux.microsoft.com&gt; (CONFIG_DYNAMIC_DEBUG)
Reviewed-by: Lakshmi Ramasubramanian &lt;nramas@linux.microsoft.com&gt;
Reported-by: kernel test robot &lt;lkp@intel.com&gt; (Use %zu for size_t)
Signed-off-by: Mimi Zohar &lt;zohar@linux.ibm.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Output the data used in calculating the EVM digest and the resulting
digest as ascii hexadecimal strings.

Suggested-by: Lakshmi Ramasubramanian &lt;nramas@linux.microsoft.com&gt; (CONFIG_DYNAMIC_DEBUG)
Reviewed-by: Lakshmi Ramasubramanian &lt;nramas@linux.microsoft.com&gt;
Reported-by: kernel test robot &lt;lkp@intel.com&gt; (Use %zu for size_t)
Signed-off-by: Mimi Zohar &lt;zohar@linux.ibm.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tomoyo: fix doc warnings</title>
<updated>2021-06-15T15:01:28+00:00</updated>
<author>
<name>ChenXiaoSong</name>
<email>chenxiaosong2@huawei.com</email>
</author>
<published>2021-06-10T07:49:00+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=98eaa63e96273de075f3ce4eac0f18b33d28b84c'/>
<id>98eaa63e96273de075f3ce4eac0f18b33d28b84c</id>
<content type='text'>
Fix gcc W=1 warnings:

security/tomoyo/audit.c:331: warning: Function parameter or member 'matched_acl' not described in 'tomoyo_get_audit'
security/tomoyo/securityfs_if.c:146: warning: Function parameter or member 'inode' not described in 'tomoyo_release'
security/tomoyo/tomoyo.c:122: warning: Function parameter or member 'path' not described in 'tomoyo_inode_getattr'
security/tomoyo/tomoyo.c:497: warning: Function parameter or member 'clone_flags' not described in 'tomoyo_task_alloc'
security/tomoyo/util.c:92: warning: Function parameter or member 'time64' not described in 'tomoyo_convert_time'

Signed-off-by: ChenXiaoSong &lt;chenxiaosong2@huawei.com&gt;
[ penguin-kernel: Also adjust spaces and similar warnings ]
Signed-off-by: Tetsuo Handa &lt;penguin-kernel@I-love.SAKURA.ne.jp&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Fix gcc W=1 warnings:

security/tomoyo/audit.c:331: warning: Function parameter or member 'matched_acl' not described in 'tomoyo_get_audit'
security/tomoyo/securityfs_if.c:146: warning: Function parameter or member 'inode' not described in 'tomoyo_release'
security/tomoyo/tomoyo.c:122: warning: Function parameter or member 'path' not described in 'tomoyo_inode_getattr'
security/tomoyo/tomoyo.c:497: warning: Function parameter or member 'clone_flags' not described in 'tomoyo_task_alloc'
security/tomoyo/util.c:92: warning: Function parameter or member 'time64' not described in 'tomoyo_convert_time'

Signed-off-by: ChenXiaoSong &lt;chenxiaosong2@huawei.com&gt;
[ penguin-kernel: Also adjust spaces and similar warnings ]
Signed-off-by: Tetsuo Handa &lt;penguin-kernel@I-love.SAKURA.ne.jp&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>audit: remove unnecessary 'ret' initialization</title>
<updated>2021-06-11T17:21:28+00:00</updated>
<author>
<name>Austin Kim</name>
<email>austin.kim@lge.com</email>
</author>
<published>2021-06-11T02:28:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=0ecc617858fce305bedcf735eb18a46cb7e9921f'/>
<id>0ecc617858fce305bedcf735eb18a46cb7e9921f</id>
<content type='text'>
The variable 'ret' is set to 0 when declared.
The 'ret' is unused until it is set to 0 again.

So it had better remove unnecessary initialization.

Signed-off-by: Austin Kim &lt;austin.kim@lge.com&gt;
Signed-off-by: Paul Moore &lt;paul@paul-moore.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The variable 'ret' is set to 0 when declared.
The 'ret' is unused until it is set to 0 again.

So it had better remove unnecessary initialization.

Signed-off-by: Austin Kim &lt;austin.kim@lge.com&gt;
Signed-off-by: Paul Moore &lt;paul@paul-moore.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
