Skip to content

(RHEL-152082) core: validate input cgroup path more prudently#405

Open
dtardon wants to merge 3 commits intoredhat-plumbers:rhel-9.8.0from
dtardon:RHEL-152082-assert
Open

(RHEL-152082) core: validate input cgroup path more prudently#405
dtardon wants to merge 3 commits intoredhat-plumbers:rhel-9.8.0from
dtardon:RHEL-152082-assert

Conversation

@dtardon
Copy link
Member

@dtardon dtardon commented Mar 10, 2026
edited by github-actions bot
Loading

(cherry picked from commit efa6ba2ab625aaa160ac435a09e6482fc63bdbe8)

Resolves: RHEL-152082

ifranzki and others added 3 commits February 26, 2026 14:42
@ifranzki @github-actions
integritysetup: Add support for hmac-sha512
24eef4e 
Currently the only supported integrity algorithm using HMAC is 'hmac-sha256'.
Add 'hmac-sha512' to the list of supported algorithms as well.

(cherry picked from commit 7bf1cfe3b20037f3732d8854833b00f6a3511d95)

Resolves: RHEL-50213
@ifranzki @github-actions
integritysetup: Add PHMAC algorithm to list of known algorithms
2ce62a3 
Add the PHMAC integrity algorithm to the list of supported algorithms.

The PHMAC algorithm is like the regular HMAC algorithm, but it takes a wrapped key
as input. A key for the PHMAC algorithm is an opaque key blob, who's physical size
has nothing to do with the cryptographic size. Currently PHMAC is only available
for the s390x architecture.

(cherry picked from commit eb7b0d413e5f7ca35e9f6a0b211dd71a710cb60d)

Resolves: RHEL-50213
@YHNdnzj @dtardon
core: validate input cgroup path more prudently
2cd8be6 
(cherry picked from commit efa6ba2ab625aaa160ac435a09e6482fc63bdbe8)

Resolves: RHEL-152082
@github-actions github-actions bot changed the title core: validate input cgroup path more prudently (RHEL-152082) core: validate input cgroup path more prudently Mar 10, 2026
@github-actions github-actions bot added pr/needs-ci Formerly needs-ci pr/needs-review Formerly needs-review labels Mar 10, 2026
@github-actions
Copy link

github-actions bot commented Mar 10, 2026
edited
Loading

Commit validation

Tracker - RHEL-50213, RHEL-152082

The following commits meet all requirements

commit upstream
24eef4e - integritysetup: Add support for hmac-sha512 systemd/systemd@7bf1cfe
2ce62a3 - integritysetup: Add PHMAC algorithm to list of known algorithms systemd/systemd@eb7b0d4
2cd8be6 - core: validate input cgroup path more prudently systemd/systemd@efa6ba2

Tracker validation

🔴 Missing tracker or Unknown tracker type; type: 'unknown'

Pull Request validation

Success

🟢 CI - All checks have passed
🟢 Review - Reviewed by a member
🟢 Approval - Changes were approved

@github-actions github-actions bot removed the pr/needs-ci Formerly needs-ci label Mar 10, 2026
@jamacku jamacku changed the base branch from main to rhel-9.8.0 March 12, 2026 09:15
@github-actions github-actions bot added tracker/missing Formerly needs-bz pr/needs-ci Formerly needs-ci and removed pr/needs-review Formerly needs-review pr/needs-ci Formerly needs-ci labels Mar 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lnykryn lnykryn lnykryn approved these changes

Assignees

No one assigned

Labels

tracker/missing Formerly needs-bz

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@dtardon @lnykryn @ifranzki @YHNdnzj