abstract FS struct */
> };
Looks like a spurious empty line.
--
James Morris
er can
> easily check if the current kernel support that.
Don't call it an ABI, perhaps minimum policy version (similar to
what SELinux does). Changes need to be made so that any existing
userspace still works.
--
James Morris
<jmor...@namei.org>
er can
> easily check if the current kernel support that.
Don't call it an ABI, perhaps minimum policy version (similar to
what SELinux does). Changes need to be made so that any existing
userspace still works.
--
James Morris
On Tue, 22 Aug 2017, Alexei Starovoitov wrote:
> more general question: what is the status of security/ bits?
> I'm assuming they still need to be reviewed and explicitly acked by James,
> right?
Yep, along with other core security developers where possible.
--
James Mor
On Tue, 22 Aug 2017, Alexei Starovoitov wrote:
> more general question: what is the status of security/ bits?
> I'm assuming they still need to be reviewed and explicitly acked by James,
> right?
Yep, along with other core security developers where possible.
--
James Morris
at is
> missing is a way to enforce a security policy for any application by its
> developer and *unprivileged user* as seccomp can do for raw syscall filtering.
>
You could mention here that the first case is Mandatory Access Control,
in general terms.
--
James Morris
<jmor...@namei.org>
at is
> missing is a way to enforce a security policy for any application by its
> developer and *unprivileged user* as seccomp can do for raw syscall filtering.
>
You could mention here that the first case is Mandatory Access Control,
in general terms.
--
James Morris
tion(-)
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<jmor...@namei.org>
Rothwell
> Fixes: c6bf1adaecaa ("apparmor: add the ability to mediate signals")
> Signed-off-by: John Johansen
> ---
> security/apparmor/include/sig_names.h | 5 -
> 1 file changed, 4 insertions(+), 1 deletion(-)
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
017-08-18
> 06:45:37 -0700)
>
> are available in the git repository at:
>
> git://git.infradead.org/users/jjs/linux-tpmdd.git tags/tpmdd-next-20170819
>
> for you to fetch changes up to 08f49ffce0522ae4738308f400795ee4d92f6e3d:
Pulled.
--
James Morris
<jmor...@namei.org>
017-08-18
> 06:45:37 -0700)
>
> are available in the git repository at:
>
> git://git.infradead.org/users/jjs/linux-tpmdd.git tags/tpmdd-next-20170819
>
> for you to fetch changes up to 08f49ffce0522ae4738308f400795ee4d92f6e3d:
Pulled.
--
James Morris
On Fri, 18 Aug 2017, John Johansen wrote:
> Hi James,
>
> Please pull these apparmor changes for next.
>
Pulled, thanks.
--
James Morris
<jmor...@namei.org>
On Fri, 18 Aug 2017, John Johansen wrote:
> Hi James,
>
> Please pull these apparmor changes for next.
>
Pulled, thanks.
--
James Morris
On Fri, 18 Aug 2017, John Johansen wrote:
> Hi James,
>
> Please pull these apparmor changes for next.
>
> Thanks!
>
> -Kees
>
Just wondering why this is signed '-Kees' -- copy & paste from Kees'
seccomp pull request?
--
James Morris
<jmor...@namei.org>
On Fri, 18 Aug 2017, John Johansen wrote:
> Hi James,
>
> Please pull these apparmor changes for next.
>
> Thanks!
>
> -Kees
>
Just wondering why this is signed '-Kees' -- copy & paste from Kees'
seccomp pull request?
--
James Morris
chromium.org>
> ---
> Hi James, this should fix the samples build failure seen during -next
> cross compiles.
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<jmor...@namei.org>
samples build failure seen during -next
> cross compiles.
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
On Tue, 15 Aug 2017, Kees Cook wrote:
> Hi James,
>
> Please pull these seccomp changes for next.
>
Pulled to -next, thanks!
--
James Morris
<jmor...@namei.org>
On Tue, 15 Aug 2017, Kees Cook wrote:
> Hi James,
>
> Please pull these seccomp changes for next.
>
Pulled to -next, thanks!
--
James Morris
o
need to parse package file formats in the kernel.
I'm not really clear on exactly how this patch series works. Can you
provide a more concrete explanation of what steps would occur during boot
and attestation?
--
James Morris
<jmor...@namei.org>
o
need to parse package file formats in the kernel.
I'm not really clear on exactly how this patch series works. Can you
provide a more concrete explanation of what steps would occur during boot
and attestation?
--
James Morris
On Mon, 31 Jul 2017, Kees Cook wrote:
> Ugh, please ignore this v4. There's a typo that snuck in. I'll send a v5
> soon...
Aside from that, it's looking good. This touches a lot of stuff in
security/ so it may make sense for it to go in via my tree.
--
James Morris
<jmor...@namei.org>
On Mon, 31 Jul 2017, Kees Cook wrote:
> Ugh, please ignore this v4. There's a typo that snuck in. I'll send a v5
> soon...
Aside from that, it's looking good. This touches a lot of stuff in
security/ so it may make sense for it to go in via my tree.
--
James Morris
ees Cook <keesc...@chromium.org>
> Acked-by: Serge Hallyn <se...@hallyn.com>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
s Cook
> Acked-by: Serge Hallyn
Reviewed-by: James Morris
--
James Morris
On Mon, 31 Jul 2017, Kees Cook wrote:
> Cc: David Howells <dhowe...@redhat.com>
> Signed-off-by: Kees Cook <keesc...@chromium.org>
> Acked-by: Serge Hallyn <se...@hallyn.com>
> ---
> fs/exec.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
Re
ck_lsm.c | 15 ---
> 1 file changed, 15 deletions(-)
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
On Mon, 31 Jul 2017, Kees Cook wrote:
> Cc: David Howells
> Signed-off-by: Kees Cook
> Acked-by: Serge Hallyn
> ---
> fs/exec.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
Reviewed-by: James Morris
--
James Morris
is now being checked for clearing pdeath_signal, this
> is redundant to the common exec code.
>
> Cc: Casey Schaufler
> Signed-off-by: Kees Cook
> Acked-by: Serge Hallyn
> ---
> security/smack/smack_lsm.c | 15 ---
> 1 file changed, 15 deletions(-)
Reviewed-by: James Morris
--
James Morris
yn.com>
> ---
> fs/exec.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
t_creds() checks for. So, fix this test to
> use secureexec (the removed euid tests are redundant to the commoncap
> secureexec checks now).
>
> Cc: David Howells
> Signed-off-by: Kees Cook
> Acked-by: Serge Hallyn
> ---
> fs/exec.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: James Morris
--
James Morris
Kees Cook <keesc...@chromium.org>
> Acked-by: Serge Hallyn <se...@hallyn.com>
> ---
> security/smack/smack_lsm.c | 21 -
> 1 file changed, 4 insertions(+), 17 deletions(-)
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
: Serge Hallyn
> ---
> security/smack/smack_lsm.c | 21 -
> 1 file changed, 4 insertions(+), 17 deletions(-)
Reviewed-by: James Morris
--
James Morris
Kees Cook <keesc...@chromium.org>
> Acked-by: Paul Moore <p...@paul-moore.com>
> Tested-by: Paul Moore <p...@paul-moore.com>
> Acked-by: Serge Hallyn <se...@hallyn.com>
> ---
> security/selinux/hooks.c | 24 +-------
> 1 file changed, 5 i
Moore
> Tested-by: Paul Moore
> Acked-by: Serge Hallyn
> ---
> security/selinux/hooks.c | 24 +---
> 1 file changed, 5 insertions(+), 19 deletions(-)
Reviewed-by: James Morris
--
James Morris
> fs/binfmt_elf.c | 2 +-
> fs/binfmt_elf_fdpic.c | 2 +-
> fs/exec.c | 2 ++
> include/linux/binfmts.h | 6 ++
> 4 files changed, 10 insertions(+), 2 deletions(-)
>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
x/binfmts.h | 6 ++
> 4 files changed, 10 insertions(+), 2 deletions(-)
>
Reviewed-by: James Morris
--
James Morris
linux.vnet.ibm.com>
> ---
> security/commoncap.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<jmor...@namei.org>
security/commoncap.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
'ulimit -s'
> unlimited
> $ sudo /bin/sh -c 'ulimit -s'
> 8192
>
> Cc: Linus Torvalds <torva...@linux-foundation.org>
> Signed-off-by: Kees Cook <keesc...@chromium.org>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
'ulimit -s'
> unlimited
> $ sudo /bin/sh -c 'ulimit -s'
> 8192
>
> Cc: Linus Torvalds
> Signed-off-by: Kees Cook
Reviewed-by: James Morris
--
James Morris
On Tue, 18 Jul 2017, Kees Cook wrote:
> This removes the bprm_secureexec hook since the logic has been folded into
> the bprm_set_creds hook for all LSMs now.
>
> Cc: James Morris <james.l.mor...@oracle.com>
> Cc: Eric W. Biederman <ebied...@xmission.com>
> S
On Tue, 18 Jul 2017, Kees Cook wrote:
> This removes the bprm_secureexec hook since the logic has been folded into
> the bprm_set_creds hook for all LSMs now.
>
> Cc: James Morris
> Cc: Eric W. Biederman
> Signed-off-by: Kees Cook
> ---
> fs/binfmt_elf.
existing local "is_setid".
>
> Cc: Serge Hallyn <se...@hallyn.com>
> Cc: Andy Lutomirski <l...@kernel.org>
> Signed-off-by: Kees Cook <keesc...@chromium.org>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
existing local "is_setid".
>
> Cc: Serge Hallyn
> Cc: Andy Lutomirski
> Signed-off-by: Kees Cook
Reviewed-by: James Morris
--
James Morris
flag is merged with the bprm->secureexec flag in setup_new_exec()
> since this marks the end of any further prepare_binprm() calls.
>
> Cc: Serge Hallyn <se...@hallyn.com>
> Cc: Andy Lutomirski <l...@kernel.org>
> Signed-off-by: Kees Cook <keesc...@chromium.org>
Acked-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
flag is merged with the bprm->secureexec flag in setup_new_exec()
> since this marks the end of any further prepare_binprm() calls.
>
> Cc: Serge Hallyn
> Cc: Andy Lutomirski
> Signed-off-by: Kees Cook
Acked-by: James Morris
--
James Morris
drops the bprm_secureexec hook.
>
> Cc: John Johansen <john.johan...@canonical.com>
> Signed-off-by: Kees Cook <keesc...@chromium.org>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
drops the bprm_secureexec hook.
>
> Cc: John Johansen
> Signed-off-by: Kees Cook
Reviewed-by: James Morris
--
James Morris
.@redhat.com>
> Cc: John Johansen <john.johan...@canonical.com>
> Cc: Paul Moore <p...@paul-moore.com>
> Cc: Stephen Smalley <s...@tycho.nsa.gov>
> Cc: Casey Schaufler <ca...@schaufler-ca.com>
> Cc: James Morris <james.l.mor...@oracle.com>
> Sign
ohn Johansen
> Cc: Paul Moore
> Cc: Stephen Smalley
> Cc: Casey Schaufler
> Cc: James Morris
> Signed-off-by: Kees Cook
Acked-by: James Morris
--
James Morris
t happens when say the uid=2000
container and associated user is deleted from the system, then another is
created with the same uid?
Won't this mean that you have unexpected capabilities turning up in the
new container?
--
James Morris
<jmor...@namei.org>
t happens when say the uid=2000
container and associated user is deleted from the system, then another is
created with the same uid?
Won't this mean that you have unexpected capabilities turning up in the
new container?
--
James Morris
Hi Linus,
Please pull these patches for the keys subsystem, which includes a minor
fix and documentation updates.
---
The following changes since commit b86faee6d111294fa95a2e89b5f771b2da3c9782:
Merge tag 'nfs-for-4.13-1' of git://git.linux-nfs.org/projects/anna/linux-nfs
(2017-07-13
Hi Linus,
Please pull these patches for the keys subsystem, which includes a minor
fix and documentation updates.
---
The following changes since commit b86faee6d111294fa95a2e89b5f771b2da3c9782:
Merge tag 'nfs-for-4.13-1' of git://git.linux-nfs.org/projects/anna/linux-nfs
(2017-07-13
at there have been a *lot* of
> changes, many of them discussed in private emails.
Please try and keep technical discussions public or at least document them
when reposting the patches.
--
James Morris
<jmor...@namei.org>
lease try and keep technical discussions public or at least document them
when reposting the patches.
--
James Morris
On Tue, 11 Jul 2017, Stefan Berger wrote:
> + buflen = sizeof("@uid=") - 1 + sizeof("4294967295") - 1 + 1;
Why not strlen() here?
--
James Morris
<jmor...@namei.org>
On Tue, 11 Jul 2017, Stefan Berger wrote:
> + buflen = sizeof("@uid=") - 1 + sizeof("4294967295") - 1 + 1;
Why not strlen() here?
--
James Morris
Please pull these bugfixes for TPM and SELinux.
---
The following changes since commit b4b8cbf679c4866a523a35d1454884a31bd5d8dc:
Cavium CNN55XX: fix broken default Kconfig entry (2017-07-05 13:03:05 -0700)
are available in the git repository at:
Please pull these bugfixes for TPM and SELinux.
---
The following changes since commit b4b8cbf679c4866a523a35d1454884a31bd5d8dc:
Cavium CNN55XX: fix broken default Kconfig entry (2017-07-05 13:03:05 -0700)
are available in the git repository at:
avo A. R. Silva (1):
tpm/tpm_atmel: remove unnecessary NULL check
James Morris (4):
Sync to mainline for security submaintainers to work against
Merge branch 'smack-for-4.13' of git://github.com/cschaufler/smack-next
into next
Merge branch 'stable-4.13' of
git://git.infra
avo A. R. Silva (1):
tpm/tpm_atmel: remove unnecessary NULL check
James Morris (4):
Sync to mainline for security submaintainers to work against
Merge branch 'smack-for-4.13' of git://github.com/cschaufler/smack-next
into next
Merge branch 'stable-4.13' of
git://git.infra
On Tue, 27 Jun 2017, Kees Cook wrote:
> On Mon, Jun 26, 2017 at 8:33 PM, James Morris <jmor...@namei.org> wrote:
> > On Mon, 26 Jun 2017, Kees Cook wrote:
> >
> >> >> Fixes: 8014370f1257 ("apparmor: move path_link mediation to using
> >> >
On Tue, 27 Jun 2017, Kees Cook wrote:
> On Mon, Jun 26, 2017 at 8:33 PM, James Morris wrote:
> > On Mon, 26 Jun 2017, Kees Cook wrote:
> >
> >> >> Fixes: 8014370f1257 ("apparmor: move path_link mediation to using
> >> >> labels")
> &g
> Hi James,
>
> Just a ping; this needs to get into -next to avoid build errors.
Surely Linus will resolve this when he pulls the trees in?
--
James Morris
<jmor...@namei.org>
avoid build errors.
Surely Linus will resolve this when he pulls the trees in?
--
James Morris
On Mon, 26 Jun 2017, Kees Cook wrote:
> Hi James,
>
> Please pull these seccomp changes for next. These are all tiny changes,
> but I got delayed sending them to you. I'd like have these land for v4.13;
> I should have sent them for v4.12. :P
Pulled to -next, thanks.
--
Jam
On Mon, 26 Jun 2017, Kees Cook wrote:
> Hi James,
>
> Please pull these seccomp changes for next. These are all tiny changes,
> but I got delayed sending them to you. I'd like have these land for v4.13;
> I should have sent them for v4.12. :P
Pulled to -next, thanks.
--
James Morris
- Sanitize endian conversions for TPM 1.2 commands i.e. call
> cpu_to_be32() in place when required. Do not have it in the constant
> definition.
Pulled to -next, thanks.
--
James Morris
<jmor...@namei.org>
- Sanitize endian conversions for TPM 1.2 commands i.e. call
> cpu_to_be32() in place when required. Do not have it in the constant
> definition.
Pulled to -next, thanks.
--
James Morris
d Howells <dhowe...@redhat.com>
> Cc: keyri...@vger.kernel.org
> Cc: sta...@vger.kernel.org
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
On Sat, 10 Jun 2017, Jason A. Donenfeld wrote:
> Otherwise, we enable a MAC forgery via timing attack.
>
> Signed-off-by: Jason A. Donenfeld
> Cc: David Safford
> Cc: Mimi Zohar
> Cc: David Howells
> Cc: keyri...@vger.kernel.org
> Cc: sta...@vger.kernel.org
R
to control
mount options")
Cc: sta...@vger.kernel.org
Cc: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
Reported-by: Dmitry Vyukov <dvyu...@google.com>
Signed-off-by: Paul Moore <p...@paul-moore.com>
Signed-off-by: James Morris <james.l.mor...@oracl
t;)
Cc: sta...@vger.kernel.org
Cc: Tetsuo Handa
Reported-by: Dmitry Vyukov
Signed-off-by: Paul Moore
Signed-off-by: James Morris
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index e67a526..819fd68 100644
--- a/security/selinux/hooks.c
+++ b/security/selin
On Sat, 10 Jun 2017, John Johansen wrote:
> Hi James,
>
> Here is the apparmor pull request for 4.13
Pulled, thanks.
--
James Morris
<jmor...@namei.org>
On Sat, 10 Jun 2017, John Johansen wrote:
> Hi James,
>
> Here is the apparmor pull request for 4.13
Pulled, thanks.
--
James Morris
or. I have had a few ideas recently that would
> not be possible under the current setup of one shared blob.
Please post details of these ideas once you have say a prototype working
with Casey's patches.
--
James Morris
<jmor...@namei.org>
or. I have had a few ideas recently that would
> not be possible under the current setup of one shared blob.
Please post details of these ideas once you have say a prototype working
with Casey's patches.
--
James Morris
Please pull these Keys subsystem fixes for 4.12. From David Howells:
"Here are a bunch of fixes for Linux keyrings, including:
(*) Fixing up the refcount handling now that key structs use the
refcount_t type and the refcount_t ops don't allow a 0->1 transition.
(*) Fix a potential NULL
Please pull these Keys subsystem fixes for 4.12. From David Howells:
"Here are a bunch of fixes for Linux keyrings, including:
(*) Fixing up the refcount handling now that key structs use the
refcount_t type and the refcount_t ops don't allow a 0->1 transition.
(*) Fix a potential NULL
On Thu, 8 Jun 2017, David Howells wrote:
> Note that I rebased the patches on top of -rc4 to avoid problems with a tty
> locking bug encountered whilst trying to test it.
This is for current Linus, correct?
--
James Morris
<jmor...@namei.org>
On Thu, 8 Jun 2017, David Howells wrote:
> Note that I rebased the patches on top of -rc4 to avoid problems with a tty
> locking bug encountered whilst trying to test it.
This is for current Linus, correct?
--
James Morris
On Thu, 1 Jun 2017, Casey Schaufler wrote:
> Subject: [PATCH] procfs: add smack subdir to attrs
Is there value in this without major stacking support?
--
James Morris
<jmor...@namei.org>
On Thu, 1 Jun 2017, Casey Schaufler wrote:
> Subject: [PATCH] procfs: add smack subdir to attrs
Is there value in this without major stacking support?
--
James Morris
On Wed, 31 May 2017, Igor Stoppa wrote:
> On 30/05/17 13:32, James Morris wrote:
>
> > This seems like pointless churn in security-critical code in anticipation
> > of features which are still in development and may not be adopted.
> >
> > Is there a compelling re
On Wed, 31 May 2017, Igor Stoppa wrote:
> On 30/05/17 13:32, James Morris wrote:
>
> > This seems like pointless churn in security-critical code in anticipation
> > of features which are still in development and may not be adopted.
> >
> > Is there a compelling re
my customers remain unable to use LSM modules which they want.
> This is really unfortunate for me.
And they'll be able to get vendor support when they have their own custom
LSMs installed?
--
James Morris
<jmor...@namei.org>
my customers remain unable to use LSM modules which they want.
> This is really unfortunate for me.
And they'll be able to get vendor support when they have their own custom
LSMs installed?
--
James Morris
rnel against attack; and
- modifying the kernel to try and harden userspace.
These patches are the latter, and the case for them is not as
straightforward.
- James
--
James Morris
<jmor...@namei.org>
rnel against attack; and
- modifying the kernel to try and harden userspace.
These patches are the latter, and the case for them is not as
straightforward.
- James
--
James Morris
On Tue, 30 May 2017, Alan Cox wrote:
> On Tue, 30 May 2017 23:29:10 +0900
> Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp> wrote:
>
> > James Morris wrote:
> > > On Sun, 28 May 2017, Tetsuo Handa wrote:
> > >
> > > > can afford enabl
On Tue, 30 May 2017, Alan Cox wrote:
> On Tue, 30 May 2017 23:29:10 +0900
> Tetsuo Handa wrote:
>
> > James Morris wrote:
> > > On Sun, 28 May 2017, Tetsuo Handa wrote:
> > >
> > > > can afford enabling". And we know that we cannot merge a
com>
> Signed-off-by: David Howells <dhowe...@redhat.com>
> cc: x...@kernel.org
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
> cc: x...@kernel.org
Reviewed-by: James Morris
--
James Morris
you're accessing a randomized
> struct with a different struct!) and the security head list (all
> entries are lists, and we're just initializing them).
Fix randstruct perhaps, rather than modifying kernel code to shut it up.
--
James Morris
<jmor...@namei.org>
t; struct with a different struct!) and the security head list (all
> entries are lists, and we're just initializing them).
Fix randstruct perhaps, rather than modifying kernel code to shut it up.
--
James Morris
ecurity_hook_heads, it will help us to use that allocator for LSM hooks.
>
This seems like pointless churn in security-critical code in anticipation
of features which are still in development and may not be adopted.
Is there a compelling reason to merge this now? (And I don't mean worrying
about non-existent compliers).
--
James Morris
<jmor...@namei.org>
ecurity_hook_heads, it will help us to use that allocator for LSM hooks.
>
This seems like pointless churn in security-critical code in anticipation
of features which are still in development and may not be adopted.
Is there a compelling reason to merge this now? (And I don't mean worrying
about non-existent compliers).
--
James Morris
ist against this.
--
James Morris
<jmor...@namei.org>
601 - 700 of 2193 matches
Mail list logo