On 11/14/2024 8:25 AM, Shuah Khan wrote:
> On 11/12/24 11:28, Amit Vadhavana wrote:
>> - Remove unnecessary `tctx` variable, use `ctx` directly.
>> - Simplified code with no functional changes.
>>
>
> I would rephrase the short to simply say Remove unused variable,
> as refactor implies more exte
On 11/12/2024 10:28 AM, Amit Vadhavana wrote:
> - Remove unnecessary `tctx` variable, use `ctx` directly.
> - Simplified code with no functional changes.
>
> Signed-off-by: Amit Vadhavana
Reviewed-by: Casey Schaufler
> ---
> tools/testing/selftests/lsm/lsm_set_se
On 12/12/2023 9:59 AM, Michael S. Tsirkin wrote:
> On Tue, Dec 12, 2023 at 08:33:39AM -0800, Casey Schaufler wrote:
>> On 12/12/2023 5:17 AM, Maxime Coquelin wrote:
>>> This patch introduces a LSM hook for devices creation,
>>> destruction (ioctl()) and opening (open(
On 12/12/2023 5:17 AM, Maxime Coquelin wrote:
> This patch introduces a LSM hook for devices creation,
> destruction (ioctl()) and opening (open()) operations,
> checking the application is allowed to perform these
> operations for the Virtio device type.
My earlier comments on a vduse specific LS
On 4/16/2021 9:37 AM, Roberto Sassu wrote:
>> From: Casey Schaufler [mailto:ca...@schaufler-ca.com]
>> Sent: Thursday, April 15, 2021 10:44 PM
>> On 4/15/2021 3:04 AM, Roberto Sassu wrote:
>>> This patch set depends on:
>>>
>>> https://lore.ker
On 4/15/2021 3:04 AM, Roberto Sassu wrote:
> This patch set depends on:
>
> https://lore.kernel.org/linux-integrity/20210409114313.4073-1-roberto.sa...@huawei.com/
> https://lore.kernel.org/linux-integrity/20210407105252.30721-1-roberto.sa...@huawei.com/
>
> One of the challenges that must be tackl
On 4/8/2021 6:48 PM, James Morris wrote:
> I've added this to my tree at:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
> landlock_lsm_v33
>
> and merged that into the next-testing branch which is pulled into Linux
> next.
Thank you.
On 4/8/2021 1:49 AM, Zhongjun Tan wrote:
> From: Zhongjun Tan
>
> Delete selinux selinux_xfrm_policy_lookup() useless argument.
>
> Signed-off-by: Zhongjun Tan
> ---
> include/linux/lsm_hook_defs.h | 3 +--
> include/linux/security.h| 4 ++--
> net/xfrm/xfrm_policy.c | 6 ++---
t;
> This patch introduces the post hooks ima_inode_post_setxattr() and
> ima_inode_post_removexattr(), and adds the call to
> ima_reset_appraise_flags() in the new functions.
>
> Cc: Casey Schaufler
> Signed-off-by: Roberto Sassu
> ---
> fs/xattr.c
e change, and hangs after.
Is this a bug fix?
> In openssh case, it use SSH_LISTEN_BACKLOG as 128.
>
> At 2021-03-30 23:42:04, "Casey Schaufler" wrote:
>> Commit f211ac154577ec9ccf07c15f18a6abf0d9bdb4ab 'net: correct
>> sk_acceptq_is_full()' breaks a sy
On 3/30/2021 12:28 PM, Mickaël Salaün wrote:
> On 30/03/2021 20:40, Casey Schaufler wrote:
>> On 3/30/2021 11:11 AM, Mickaël Salaün wrote:
>>> On 30/03/2021 19:19, Casey Schaufler wrote:
>>>> On 3/30/2021 10:01 AM, Mickaël Salaün wrote:
>>>>> Hi,
&g
On 3/30/2021 11:11 AM, Mickaël Salaün wrote:
> On 30/03/2021 19:19, Casey Schaufler wrote:
>> On 3/30/2021 10:01 AM, Mickaël Salaün wrote:
>>> Hi,
>>>
>>> Is there new comments on this patch? Could we move forward?
>> I don't see that new comment
On 3/30/2021 11:11 AM, Mickaël Salaün wrote:
> On 30/03/2021 19:19, Casey Schaufler wrote:
>> On 3/30/2021 10:01 AM, Mickaël Salaün wrote:
>>> Hi,
>>>
>>> Is there new comments on this patch? Could we move forward?
>> I don't see that new comment
On 3/30/2021 10:01 AM, Mickaël Salaün wrote:
> Hi,
>
> Is there new comments on this patch? Could we move forward?
I don't see that new comments are necessary when I don't see
that you've provided compelling counters to some of the old ones.
It's possible to use minimal privilege with CAP_SYS_CHRO
Commit f211ac154577ec9ccf07c15f18a6abf0d9bdb4ab 'net: correct
sk_acceptq_is_full()' breaks a system with the Smack LSM.
Reverting this change results in a return to correct behavior.
The Smack testsuite can be found at:
https://github.com/smack-team/smack-testsuite.git
The failing test is
On 3/25/2021 5:44 PM, Jens Axboe wrote:
> The io_uring PF_IO_WORKER threads no longer have PF_KTHREAD set, so no
> need to special case them for credential checks.
Could you cite the commit where that change was made?
>
> Cc: Tetsuo Handa
> Signed-off-by: Jens Axboe
> ---
> security/tomoyo/net
dn't want to see this change back-ported to a kernel
that doesn't have that change as well.
>
> Cc: Casey Schaufler
> Signed-off-by: Jens Axboe
> ---
> security/smack/smack_access.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/
On 3/24/2021 4:58 AM, Dmitry Vyukov wrote:
> On Wed, Mar 24, 2021 at 12:49 PM Mimi Zohar wrote:
>> On Wed, 2021-03-24 at 12:37 +0100, Dmitry Vyukov wrote:
>>> On Wed, Mar 24, 2021 at 12:21 PM Tetsuo Handa
>>> wrote:
On 2021/03/24 20:10, Mimi Zohar wrote:
> On Wed, 2021-03-24 at 19:10 +09
On 3/10/2021 10:17 AM, Mickaël Salaün wrote:
> On 10/03/2021 18:22, Casey Schaufler wrote:
>> On 3/10/2021 8:09 AM, Mickaël Salaün wrote:
>>> Hi,
>>>
>>> The chroot system call is currently limited to be used by processes with
>>> the CAP_SYS_CHROOT
On 3/10/2021 8:09 AM, Mickaël Salaün wrote:
> Hi,
>
> The chroot system call is currently limited to be used by processes with
> the CAP_SYS_CHROOT capability. This protects against malicious
> procesess willing to trick SUID-like binaries. The following patch
> allows unprivileged users to safel
erferes in the multiple LSM case.
Acked-by: Stephen Smalley
Acked-by: John Johansen
Reviewed-by: Kees Cook
Signed-off-by: Casey Schaufler
---
security/apparmor/lsm.c | 20 +---
1 file changed, 1 insertion(+), 19 deletions(-)
diff --git a/security/apparmor/lsm.c b/security/appa
one of the
information will be displayed.
Reviewed-by: Kees Cook
Signed-off-by: Casey Schaufler
Cc: linux-...@vger.kernel.org
Cc: linux-...@vger.kernel.org
---
Documentation/ABI/testing/procfs-attr-context | 14
Documentation/security/lsm.rst| 14
fs/p
(1601152467.009:1050):
obj_selinux=unconfined_u:object_r:user_home_t:s0
Not all security modules that can provide object information
do so in all cases. It is possible that a security module won't
apply an object attribute in all cases.
Signed-off-by: Casey Schaufler
Cc: lin
en though it may not actually do so.
Signed-off-by: Casey Schaufler
To: p...@paul-moore.com
To: linux-au...@redhat.com
To: r...@redhat.com
Cc: net...@vger.kernel.org
---
drivers/android/binder.c| 2 +-
include/linux/audit.h | 24
include/linux/security.h
discarded immediately after the local associated records are
produced.
Signed-off-by: Richard Guy Briggs
Signed-off-by: Casey Schaufler
Cc: linux-au...@redhat.com
To: Richard Guy Briggs
---
include/linux/audit.h | 8
kernel/audit.h| 1 +
kernel/auditsc.c | 33
Verify that the tasks on the ends of a binder transaction
use the same "display" security module. This prevents confusion
of security "contexts".
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Scha
netlabel use the lsm_id.slot to access the
correct secid when using netlabel.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
Cc: net...@vger.kernel.org
---
include/net/netlabel.h | 8 +--
net/ipv4
Change netlink netfilter interfaces to use lsmcontext
pointers, and remove scaffolding.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Pablo Neira Ayuso
Signed-off-by: Casey Schaufler
Cc: net...@vger.kernel.org
Cc: netfilter-de...@vger.kernel.org
Reviewed-by: John Johansen
Signed-off-by: Casey Schaufler
Cc: linux-...@vger.kernel.org
---
fs/nfsd/nfs4xdr.c| 23 +--
include/linux/security.h | 5 +++--
security/security.c | 13 +++--
3 files changed, 23 insertions(+), 18 deletions(-)
diff --git a/fs/nfsd
new structure.
Reviewed-by: Kees Cook
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
Cc: net...@vger.kernel.org
Cc: linux-au...@redhat.com
Cc: netfilter-de...@vger.kernel.org
---
drivers/android/binder.c| 26 +++-
include/linux
allocates and destroys
them on each use, whereas Smack provides a pointer to an entry
in a list that never goes away.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Signed-off-by: Casey Schaufler
Cc: linux-integr...@vger.kernel.org
Cc: net...@vger.kernel.org
Cc
ot;interface_lsm" requires that all security modules using
setprocattr hooks allow the action. Each security module is
responsible for defining its policy.
AppArmor hook provided by John Johansen
SELinux hook provided by Stephen Smalley
Signed-off-by: Casey Schaufler
Cc: Kees Cook
Cc: S
The IMA interfaces ima_get_action() and ima_match_policy()
call LSM functions that use lsmblobs. Change the IMA functions
to pass the lsmblob to be compatible with the LSM functions.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Signed-off-by: Casey Schaufler
Cc
: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
Cc: linux-integr...@vger.kernel.org
Cc: linux-au...@redhat.com
---
include/linux/security.h | 2 +-
kernel/audit.c| 25 +++
kernel/audit.h| 3 ++-
kernel
: Paul Moore
Signed-off-by: Casey Schaufler
Cc: linux-integr...@vger.kernel.org
Cc: linux-au...@redhat.com
---
include/linux/security.h| 7 ---
kernel/auditsc.c| 6 +-
security/integrity/ima/ima_policy.c | 4 +---
security/security.c | 11
: Paul Moore
Signed-off-by: Casey Schaufler
Cc: linux-integr...@vger.kernel.org
Cc: linux-au...@redhat.com
Cc: net...@vger.kernel.org
---
drivers/android/binder.c | 12 +-
include/linux/security.h | 7 ++--
kernel/audit.c| 16 +++-
kernel
-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
Cc: linux-au...@redhat.com
---
include/linux/security.h | 7 ---
kernel/auditsc.c | 7 ++-
security/security.c | 12 +---
3 files changed, 19 insertions(+), 7 deletions
a secid to a string, as can occur in the
audit code.
Signed-off-by: Casey Schaufler
Cc: net...@vger.kernel.org
Cc: linux-au...@redhat.com
Cc: netfilter-de...@vger.kernel.org
To: Pablo Neira Ayuso
To: Paul Moore
---
drivers/android/binder.c| 12 +-
include/linux
lsmblob.
Signed-off-by: Casey Schaufler
Cc: net...@vger.kernel.org
Cc: netfilter-de...@vger.kernel.org
To: Pablo Neira Ayuso
---
include/linux/security.h | 26 ++--
kernel/cred.c | 4 +---
net/netfilter/nft_meta.c | 10
net/netfilter
mblob instead of a secid.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
To: David Howells
---
include/linux/cred.h | 3 ++-
include/linux/security.h | 5 +++--
kernel/cred.c| 10 ++
sec
dropped.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
Cc: linux-au...@redhat.com
Cc: linux-integr...@vger.kernel.org
To: Mimi Zohar
---
include/linux/security.h| 7 ---
kernel/auditfilter.c
registered module
that supports the audit_rule_match() LSM hook. Allow the user
to specify in the IMA policy an lsm= option to specify the
security module to use for a particular rule.
Signed-off-by: Casey Schaufler
To: Mimi Zohar
To: linux-integr...@vger.kernel.org
---
Documentation/ABI/testing
Provide interfaces to map LSM slot numbers and LSM names.
Update the LSM registration code to save this information.
Signed-off-by: Casey Schaufler
---
include/linux/security.h | 4
security/security.c | 45
2 files changed, 49 insertions
.
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Acked-by: John Johansen
Signed-off-by: Casey Schaufler
Cc:
Cc: linux-au...@redhat.com
Cc: linux-security-mod...@vger.kernel.org
Cc: seli...@vger.kernel.org
To: Mimi Zohar
---
include/linux/audit.h | 4 +-
include/linux/lsm_ho
ore
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Signed-off-by: Casey Schaufler
---
include/linux/lsm_hooks.h | 1 +
security/apparmor/include/net.h | 6 ++-
security/apparmor/lsm.c | 38 ---
security/security.c |
removes the exclusive bit from AppArmor. An unnecessary
stub hook was also removed.
The Ubuntu project is using an earlier version of this patchset in
their distribution to enable stacking for containers.
Performance measurements to date have the change within the "noise".
The sockper
nvoked immediately invoke EVM
as well. Instead of:
ima_do_stuff(x, y, z);
evm_do_stuff(x, y, z);
how about
integrity_do_stuff(x, y, z);
>
> Cc: Casey Schaufler
> Signed-off-by: Roberto Sassu
> ---
> fs/xattr.c| 2 ++
> include/linux/im
On 2/14/2021 10:21 AM, Mimi Zohar wrote:
> Hi Casey,
>
> On Tue, 2021-01-26 at 08:40 -0800, Casey Schaufler wrote:
>> Integrity measurement may filter on security module information
>> and needs to be clear in the case of multiple active security
>> modules which app
On 2/22/2021 1:12 PM, Nicolas Iooss wrote:
> On Mon, Feb 22, 2021 at 9:32 PM Casey Schaufler
> wrote:
>> On 2/22/2021 10:31 AM, Mickaël Salaün wrote:
>>> On 22/02/2021 17:51, Casey Schaufler wrote:
>>>> On 2/22/2021 7:06 AM, Mickaël Salaün wrote:
>>>
On 2/22/2021 10:31 AM, Mickaël Salaün wrote:
> On 22/02/2021 17:51, Casey Schaufler wrote:
>> On 2/22/2021 7:06 AM, Mickaël Salaün wrote:
>>> From: Mickaël Salaün
>>>
>>> Add a new option CONFIG_LSM_AUTO to enable users to delegate default LSM
>>> stac
LSM_AUTO with a make
> oldconfig.
>
> CONFIG_LSM and CONFIG_LSM_AUTO depend on CONFIG_SECURITY, which makes
> sense because an LSM depends on the security framework.
>
> Cc: Casey Schaufler
> Cc: James Morris
> Cc: Kees Cook
> Cc: Serge E. Hallyn
> Signed-off-by: Mickaël
Hello Linus
Here is a Smack change for the 5.12 release. It introduces bound checking
for the smackfs administrative interfaces where they were missing.
--
The following changes since commit 1048ba83fb1c00cd24172e23e8263972f6b5d9ac:
Linux 5.11-rc6 (2021-01-31 13:50:09 -0800)
are available in
On 2/14/2021 10:21 AM, Mimi Zohar wrote:
> Hi Casey,
>
> On Tue, 2021-01-26 at 08:40 -0800, Casey Schaufler wrote:
>> Integrity measurement may filter on security module information
>> and needs to be clear in the case of multiple active security
>> modules which app
On 2/5/2021 6:17 AM, Serge E. Hallyn wrote:
> On Tue, Feb 02, 2021 at 05:27:03PM +0100, Mickaël Salaün wrote:
>> From: Casey Schaufler
>>
>> Move management of the superblock->sb_security blob out of the
>> individual security modules and into the security infrastruc
On 2/5/2021 6:17 AM, Serge E. Hallyn wrote:
> On Tue, Feb 02, 2021 at 05:27:03PM +0100, Mickaël Salaün wrote:
>> From: Casey Schaufler
>>
>> Move management of the superblock->sb_security blob out of the
>> individual security modules and into the security infrastruc
On 2/2/2021 11:13 AM, Sabyrzhan Tasbolatov wrote:
>> if PAGE_SIZE >= SMK_LOADSIZE all legitimate requests can be made
>> using PAGE_SIZE as a limit. Your example with 19990 spaces before
>> the data demonstrates that the interface is inadequately documented.
>> Tizen and Automotive Grade Linux are
On 2/2/2021 9:12 AM, Topi Miettinen wrote:
> On 2.2.2021 17.30, Casey Schaufler wrote:
>> On 2/2/2021 4:05 AM, Topi Miettinen wrote:
>>> On 26.1.2021 18.40, Casey Schaufler wrote:
>>>> This patchset provides the changes required for
>>>> the AppArmor secu
On 2/2/2021 4:05 AM, Topi Miettinen wrote:
> On 26.1.2021 18.40, Casey Schaufler wrote:
>> This patchset provides the changes required for
>> the AppArmor security module to stack safely with any other.
>
> In my test, when kernel command line has apparmor before selinux in ls
On 2/1/2021 9:47 AM, Jason A. Donenfeld wrote:
> Hi Andy & others,
>
> I was reversing some NT stuff recently and marveling over how wild and
> crazy things are over in Windows-land. A few things related to process
> creation caught my interest:
>
> - It's possible to create a new process with an *
On 1/28/2021 6:24 AM, Tetsuo Handa wrote:
> On 2021/01/28 22:27, Sabyrzhan Tasbolatov wrote:
>>> Doesn't this change break legitimate requests like
>>>
>>> char buffer[2];
>>>
>>> memset(buffer, ' ', sizeof(buffer));
>>> memcpy(buffer + sizeof(buffer) - 10, "foo", 3);
>>> write(fd, buff
On 1/26/2021 10:42 AM, Richard Guy Briggs wrote:
> On 2021-01-26 08:41, Casey Schaufler wrote:
>> Standalone audit records have the timestamp and serial number generated
>> on the fly and as such are unique, making them standalone. This new
>> function audit_alloc_local() ge
erferes in the multiple LSM case.
Acked-by: Stephen Smalley
Acked-by: John Johansen
Reviewed-by: Kees Cook
Signed-off-by: Casey Schaufler
---
security/apparmor/lsm.c | 20 +---
1 file changed, 1 insertion(+), 19 deletions(-)
diff --git a/security/apparmor/lsm.c b/security/appa
one of the
information will be displayed.
Reviewed-by: Kees Cook
Signed-off-by: Casey Schaufler
Cc: linux-...@vger.kernel.org
Cc: linux-...@vger.kernel.org
---
Documentation/ABI/testing/procfs-attr-context | 14
Documentation/security/lsm.rst| 14
fs/p
(1601152467.009:1050):
obj_selinux=unconfined_u:object_r:user_home_t:s0
Not all security modules that can provide object information
do so in all cases. It is possible that a security module won't
apply an object attribute in all cases.
Signed-off-by: Casey Schaufler
Cc: lin
en though it may not actually do so.
Signed-off-by: Casey Schaufler
To: p...@paul-moore.com
To: linux-au...@redhat.com
To: r...@redhat.com
Cc: net...@vger.kernel.org
---
drivers/android/binder.c| 2 +-
include/linux/audit.h | 24
include/linux/security.h
discarded immediately after the local associated records are
produced.
Signed-off-by: Richard Guy Briggs
Signed-off-by: Casey Schaufler
Cc: linux-au...@redhat.com
To: Richard Guy Briggs
---
include/linux/audit.h | 8
kernel/audit.h| 1 +
kernel/auditsc.c | 33
Verify that the tasks on the ends of a binder transaction
use the same "display" security module. This prevents confusion
of security "contexts".
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Scha
: Paul Moore
Signed-off-by: Casey Schaufler
Cc: linux-integr...@vger.kernel.org
Cc: linux-au...@redhat.com
---
include/linux/security.h| 7 ---
kernel/auditsc.c| 6 +-
security/integrity/ima/ima_policy.c | 4 +---
security/security.c | 11
.
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Acked-by: John Johansen
Signed-off-by: Casey Schaufler
Cc:
Cc: linux-au...@redhat.com
Cc: linux-security-mod...@vger.kernel.org
Cc: seli...@vger.kernel.org
To: Mimi Zohar
---
include/linux/audit.h | 4 +-
include/linux/lsm_ho
netlabel use the lsm_id.slot to access the
correct secid when using netlabel.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
Cc: net...@vger.kernel.org
---
include/net/netlabel.h | 8 +--
net/ipv4
ore
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Signed-off-by: Casey Schaufler
---
include/linux/lsm_hooks.h | 1 +
security/apparmor/include/net.h | 6 ++-
security/apparmor/lsm.c | 38 ---
security/security.c |
: Paul Moore
Signed-off-by: Casey Schaufler
Cc: linux-integr...@vger.kernel.org
Cc: linux-au...@redhat.com
Cc: net...@vger.kernel.org
---
drivers/android/binder.c | 12 +-
include/linux/security.h | 7 ++--
kernel/audit.c| 16 +++-
kernel
Change netlink netfilter interfaces to use lsmcontext
pointers, and remove scaffolding.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Pablo Neira Ayuso
Signed-off-by: Casey Schaufler
Cc: net...@vger.kernel.org
Cc: netfilter-de...@vger.kernel.org
-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
Cc: linux-au...@redhat.com
---
include/linux/security.h | 7 ---
kernel/auditsc.c | 7 ++-
security/security.c | 12 +---
3 files changed, 19 insertions(+), 7 deletions
of this patchset in
their distribution to enable stacking for containers.
Performance measurements to date have the change within the "noise".
The sockperf and dbench results are on the order of 0.2% to 0.8%
difference, with better performance being as common as worse. The
benchmarks
Reviewed-by: John Johansen
Signed-off-by: Casey Schaufler
Cc: linux-...@vger.kernel.org
---
fs/nfsd/nfs4xdr.c| 23 +--
include/linux/security.h | 5 +++--
security/security.c | 13 +++--
3 files changed, 23 insertions(+), 18 deletions(-)
diff --git a/fs/nfsd
a secid to a string, as can occur in the
audit code.
Signed-off-by: Casey Schaufler
Cc: net...@vger.kernel.org
Cc: linux-au...@redhat.com
Cc: netfilter-de...@vger.kernel.org
To: Pablo Neira Ayuso
To: Paul Moore
---
drivers/android/binder.c| 12 +-
include/linux
lsmblob.
Signed-off-by: Casey Schaufler
Cc: net...@vger.kernel.org
Cc: netfilter-de...@vger.kernel.org
To: Pablo Neira Ayuso
---
include/linux/security.h | 26 ++--
kernel/cred.c | 4 +---
net/netfilter/nft_meta.c | 10
net/netfilter
new structure.
Reviewed-by: Kees Cook
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
Cc: net...@vger.kernel.org
Cc: linux-au...@redhat.com
Cc: netfilter-de...@vger.kernel.org
---
drivers/android/binder.c| 26 +++-
include/linux
mblob instead of a secid.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
To: David Howells
---
include/linux/cred.h | 3 ++-
include/linux/security.h | 5 +++--
kernel/cred.c| 10 ++
sec
allocates and destroys
them on each use, whereas Smack provides a pointer to an entry
in a list that never goes away.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Signed-off-by: Casey Schaufler
Cc: linux-integr...@vger.kernel.org
Cc: net...@vger.kernel.org
Cc
registered module
that supports the audit_rule_match() LSM hook. Allow the user
to specify in the IMA policy an lsm= option to specify the
security module to use for a particular rule.
Signed-off-by: Casey Schaufler
To: Mimi Zohar
To: linux-integr...@vger.kernel.org
---
Documentation/ABI/testing
ot;interface_lsm" requires that all security modules using
setprocattr hooks allow the action. Each security module is
responsible for defining its policy.
AppArmor hook provided by John Johansen
SELinux hook provided by Stephen Smalley
Signed-off-by: Casey Schaufler
Cc: Kees Cook
Cc: S
dropped.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
Cc: linux-au...@redhat.com
Cc: linux-integr...@vger.kernel.org
To: Mimi Zohar
---
include/linux/security.h| 7 ---
kernel/auditfilter.c
The IMA interfaces ima_get_action() and ima_match_policy()
call LSM functions that use lsmblobs. Change the IMA functions
to pass the lsmblob to be compatible with the LSM functions.
Reviewed-by: Kees Cook
Reviewed-by: John Johansen
Acked-by: Stephen Smalley
Signed-off-by: Casey Schaufler
Cc
Provide interfaces to map LSM slot numbers and LSM names.
Update the LSM registration code to save this information.
Signed-off-by: Casey Schaufler
---
include/linux/security.h | 4
security/security.c | 45
2 files changed, 49 insertions
: Stephen Smalley
Acked-by: Paul Moore
Signed-off-by: Casey Schaufler
Cc: linux-integr...@vger.kernel.org
Cc: linux-au...@redhat.com
---
include/linux/security.h | 2 +-
kernel/audit.c| 25 +++
kernel/audit.h| 3 ++-
kernel
On 1/24/2021 6:36 AM, Sabyrzhan Tasbolatov wrote:
> syzbot found WARNINGs in several smackfs write operations where
> bytes count is passed to memdup_user_nul which exceeds
> GFP MAX_ORDER. Check count size if bigger SMK_LONGLABEL,
> for smk_write_syslog if bigger than PAGE_SIZE - 1.
>
> Reported-b
On 1/12/2021 1:36 AM, pna...@codeaurora.org wrote:
> On 2021-01-08 22:41, Casey Schaufler wrote:
>> On 1/8/2021 1:49 AM, Preeti Nagar wrote:
>>> The changes introduce a new security feature, RunTime Integrity Check
>>> (RTIC), designed to protect Linux Kernel at runtime
On 1/8/2021 1:49 AM, Preeti Nagar wrote:
> The changes introduce a new security feature, RunTime Integrity Check
> (RTIC), designed to protect Linux Kernel at runtime. The motivation
> behind these changes is:
> 1. The system protection offered by SE for Android relies on the
> assumption of kernel
On 12/28/2020 5:53 PM, Mimi Zohar wrote:
> On Mon, 2020-12-28 at 15:20 -0800, Casey Schaufler wrote:
>> On 12/28/2020 2:14 PM, Mimi Zohar wrote:
>>> On Mon, 2020-12-28 at 12:06 -0800, Casey Schaufler wrote:
>>>> On 12/28/2020 11:24 AM, Mimi Zohar wrote:
>>>&
On 12/28/2020 2:14 PM, Mimi Zohar wrote:
> On Mon, 2020-12-28 at 12:06 -0800, Casey Schaufler wrote:
>> On 12/28/2020 11:24 AM, Mimi Zohar wrote:
>>> Hi Casey,
>>>
>>> On Fri, 2020-11-20 at 12:14 -0800, Casey Schaufler wrote:
>>>> diff --git a/secu
On 12/28/2020 11:24 AM, Mimi Zohar wrote:
> Hi Casey,
>
> On Fri, 2020-11-20 at 12:14 -0800, Casey Schaufler wrote:
>> diff --git a/security/security.c b/security/security.c
>> index 5da8b3643680..d01363cb0082 100644
>> --- a/security/security.c
>> +++ b/sec
On 12/28/2020 9:54 AM, Mimi Zohar wrote:
> Hi Casey,
>
> On Fri, 2020-11-20 at 12:14 -0800, Casey Schaufler wrote:
>> When more than one security module is exporting data to
>> audit and networking sub-systems a single 32 bit integer
>> is no longer sufficient t
next smack-for-5.11
for you to fetch changes up to 942cb357ae7d9249088e3687ee6a00ed2745a0c7:
Smack: Handle io_uring kernel thread privileges (2020-12-22 15:34:24 -0800)
--------
Casey Schaufler (1):
Smack: Handle io_uring kernel thread
Smack assumes that kernel threads are privileged for smackfs
operations. This was necessary because the credential of the
kernel thread was not related to a user operation. With io_uring
the credential does reflect a user's rights and can be used.
Suggested-by: Jens Axboe
Signed-off-by:
On 12/15/2020 2:04 PM, Eric W. Biederman wrote:
> Casey Schaufler writes:
>
>> On 12/13/2020 3:00 PM, Paul Moore wrote:
>>> On Sun, Dec 13, 2020 at 11:30 AM Matthew Wilcox wrote:
>>>> On Sun, Dec 13, 2020 at 08:22:32AM -0600, Eric W. Biederman wrote:
>>>
Hello Linus
Here are the Smack tree changes for the v5.11 release. There are no functional
changes. There a code clean-up and some function header comment corrections.
--
The following changes since commit f8394f232b1eab649ce2df5c5f15b0e528c92091:
Linux 5.10-rc3 (2020-11-08 16:10:16 -0800)
a
On 12/13/2020 3:00 PM, Paul Moore wrote:
> On Sun, Dec 13, 2020 at 11:30 AM Matthew Wilcox wrote:
>> On Sun, Dec 13, 2020 at 08:22:32AM -0600, Eric W. Biederman wrote:
>>> Matthew Wilcox writes:
>>>
On Thu, Dec 03, 2020 at 04:02:12PM -0800, Stephen Brennan wrote:
> -void pid_update_inode
On 12/13/2020 8:29 AM, Matthew Wilcox wrote:
> On Sun, Dec 13, 2020 at 08:22:32AM -0600, Eric W. Biederman wrote:
>> Matthew Wilcox writes:
>>
>>> On Thu, Dec 03, 2020 at 04:02:12PM -0800, Stephen Brennan wrote:
-void pid_update_inode(struct task_struct *task, struct inode *inode)
+stati
1 - 100 of 1003 matches
Mail list logo
