Hi James,
Nine patches for v4.5; there are a handful of minor fixes (constify
parameters, warning rate-limits, etc.) but there are a couple of significant
patches that invalidate/revalidate inode labels (needed for gfs2) and make
validate_trans decisions visible via selinuxfs. All the patches pass the
selinux-testsuite and have been included in the pcmoore/kernel-secnext Fedora
COPR repository[1] for some time now, all looks good.
As of about five minutes ago, selinux#upstream applied cleanly on top of
linux-security#next so I don't expect you should have any problems merging the
code.
Happy holidays and merry merging,
-Paul
[1] https://copr.fedoraproject.org/coprs/pcmoore/kernel-secnext
---
The following changes since commit ebd68df3f24b318d391d15c458d6f43f340ba36a:
Sync to Linus v4.4-rc2 for LSM developers. (2015-11-23 22:46:28 +1100)
are available in the git repository at:
git://git.infradead.org/users/pcmoore/selinux upstream
for you to fetch changes up to 76319946f321e30872dd72af7de867cb26e7a373:
selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()
(2015-12-24 11:09:41 -0500)
Andreas Gruenbacher (7):
selinux: Remove unused variable in selinux_inode_init_security
security: Make inode argument of inode_getsecurity non-const
security: Make inode argument of inode_getsecid non-const
selinux: Add accessor functions for inode->i_security
security: Add hook to invalidate inode security labels
selinux: Revalidate invalid inode security labels
gfs2: Invalid security labels of inodes when they go invalid
Andrew Perepechko (1):
selinux: export validatetrans decisions
Vladis Dronov (1):
selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()
fs/gfs2/glops.c | 2 +
include/linux/audit.h | 8 +-
include/linux/lsm_hooks.h | 10 +-
include/linux/security.h| 13 ++-
kernel/audit.c | 2 +-
kernel/audit.h | 2 +-
kernel/auditsc.c| 6 +-
security/security.c | 12 ++-
security/selinux/hooks.c| 206 --
security/selinux/include/classmap.h | 2 +-
security/selinux/include/objsec.h | 6 ++
security/selinux/include/security.h | 3 +
security/selinux/selinuxfs.c| 80 ++
security/selinux/ss/services.c | 34 --
security/smack/smack_lsm.c | 4 +-
15 files changed, 302 insertions(+), 88 deletions(-)
--
paul moore
security @ redhat
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html