t-tpm branch, but forgot to drop them
from there after sending them to Linus as a v5.1 fix. Linus was not happy
to see them again in the v5.2 merge window.
Apologies for the confusion.
--
James Morris
tw, Linus wants security subsystem maintainers to submit PRs directly to
him from now on.
I'll only be carrying patches for the core LSM and new security mechanisms
before they're merged and have a maintainer assigned.
--
James Morris
].func);
> > - if (entries[i].func == POLICY_CHECK)
> > + if (entries[i].func == IMA_POLICY_CHECK)
> > temp_ima_appraise |= IMA_APPRAISE_POLICY;
> > }
> > }
> > @@ -846,29 +846,29 @@ static int ima_parse_rule(char *rule, struct
> > ima_rule_entry *entry)
> > result = -EINVAL;
> >
> > if (strcmp(args[0].from, "FILE_CHECK") == 0)
> > - entry->func = FILE_CHECK;
> > + entry->func = IMA_FILE_CHECK;
> > /* PATH_CHECK is for backwards compat */
> > else if (strcmp(args[0].from, "PATH_CHECK") == 0)
> > - entry->func = FILE_CHECK;
> > + entry->func = IMA_FILE_CHECK;
> > else if (strcmp(args[0].from, "MODULE_CHECK") == 0)
> > - entry->func = MODULE_CHECK;
> > + entry->func = IMA_MODULE_CHECK;
> > else if (strcmp(args[0].from, "FIRMWARE_CHECK") == 0)
> > - entry->func = FIRMWARE_CHECK;
> > + entry->func = IMA_FIRMWARE_CHECK;
> > else if ((strcmp(args[0].from, "FILE_MMAP") == 0)
> > || (strcmp(args[0].from, "MMAP_CHECK") == 0))
> > - entry->func = MMAP_CHECK;
> > + entry->func = IMA_MMAP_CHECK;
> > else if (strcmp(args[0].from, "BPRM_CHECK") == 0)
> > - entry->func = BPRM_CHECK;
> > + entry->func = IMA_BPRM_CHECK;
> > else if (strcmp(args[0].from, "CREDS_CHECK") == 0)
> > - entry->func = CREDS_CHECK;
> > + entry->func = IMA_CREDS_CHECK;
> > else if (strcmp(args[0].from, "KEXEC_KERNEL_CHECK") ==
> > 0)
> > - entry->func = KEXEC_KERNEL_CHECK;
> > + entry->func = IMA_KEXEC_KERNEL_CHECK;
> > else if (strcmp(args[0].from, "KEXEC_INITRAMFS_CHECK")
> > == 0)
> > - entry->func = KEXEC_INITRAMFS_CHECK;
> > + entry->func = IMA_KEXEC_INITRAMFS_CHECK;
> > else if (strcmp(args[0].from, "POLICY_CHECK") == 0)
> > - entry->func = POLICY_CHECK;
> > + entry->func = IMA_POLICY_CHECK;
> > else
> > result = -EINVAL;
> > if (!result)
> > @@ -1194,7 +1194,7 @@ void ima_policy_stop(struct seq_file *m, void *v)
> > */
> > static void policy_func_show(struct seq_file *m, enum ima_hooks func)
> > {
> > - if (func > 0 && func < MAX_CHECK)
> > + if (func > 0 && func < IMA_MAX_CHECK)
> > seq_printf(m, "func=%s ", func_tokens[func]);
> > else
> > seq_printf(m, "func=%d ", func);
>
--
James Morris
Acked-by: Serge Hallyn
> - replace 'rc' with 'xattr_len' when calling integrity_digsig_verify()
> with INTEGRITY_KEYRING_IMA for readability
> Suggested-by: Serge Hallyn
Reviewed-by: James Morris
--
James Morris
e db
> variable if it is found.
>
> Signed-off-by: Josh Boyer
> Signed-off-by: David Howells
> Acked-by: Nayna Jain
> Acked-by: Serge Hallyn
Reviewed-by: James Morris
--
James Morris
+ len * 2 + 1, GFP_KERNEL);
> + if (!hash)
> + return;
> + p = memcpy(hash, "bin:", 4);
> + p += 4;
> + bin2hex(p, data, len);
> + p += len * 2;
> + *p = 0;
> +
> + mark_hash_blacklisted(hash);
> + kfree(hash);
> +}
>
These could be refactored into one function.
--
James Morris
Jain
> Acked-by: Serge Hallyn
Reviewed-by: James Morris
--
James Morris
ain
> Reviewed-by: Mimi Zohar
> Acked-by: Serge Hallyn
Reviewed-by: James Morris
--
James Morris
This keyring can be enabled by setting CONFIG_INTEGRITY_PLATFORM_KEYRING.
>
> Signed-off-by: Nayna Jain
> Reviewed-by: Mimi Zohar
> Acked-by: Serge Hallyn
Reviewed-by: James Morris
--
James Morris
It's surely reasonable to allow an already secure-booted system to be
debugged without needing to be rebooted.
- James
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majord...@vger
On Tue, 3 Apr 2018, Ard Biesheuvel wrote:
> [snip]
Thanks for the input -- there are obviously still issues to be resolved.
I'll now not be pushing these to Linus for v4.17.
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubsc
re boot.
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
next-lockdown and next-testing
Are there any known coverage gaps now?
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body o
- Recently suggested, query sent to maintainer
> perf- Not looked at yet.
How useful is this really if it's incomplete?
And I think it really needs more testing in -next.
--
James Morris
<james.l.mor...@oracle.com>
--
To unsubscribe from this list: send the line "unsubs
n");
Perhaps make this pr_warning and include the unknown mode value?
--
James Morris
<james.l.mor...@oracle.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Thu, 19 Oct 2017, David Howells wrote:
> Disallow access to /proc/kcore when the kernel is locked down to prevent
> access to cryptographic data.
>
> Signed-off-by: David Howells <dhowe...@redhat.com>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
I have
but not in git:
> https://lkml.org/lkml/2015/3/13/778
>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<james.l.mor...@oracle.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to ma
com>
> cc: ke...@lists.infradead.org
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<james.l.mor...@oracle.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Thu, 19 Oct 2017, David Howells wrote:
> If the kernel is locked down, require that all modules have valid
> signatures that we can verify.
>
> Signed-off-by: David Howells <dhowe...@redhat.com>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
J
en't validly signed with a key we recognise, fiddling with
> MSR registers and disallowing hibernation,
>
> Signed-off-by: David Howells <dhowe...@redhat.com>
Acked-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<james.l.mor...@oracle.com>
--
To un
On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
> The way I've agreed with James Morris to have my tree is to be rooted to
> security trees next branch.
>
> James, what actions should we take?
This process has changed recently -- I posted to lsm but forgot to post to
linux-inte
com>
> Signed-off-by: David Howells <dhowe...@redhat.com>
> cc: x...@kernel.org
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a m
en't validly signed with a key we recognise, fiddling with
> MSR registers and disallowing hibernation,
>
> Signed-off-by: David Howells <dhowe...@redhat.com>
Acked-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this
On Thu, 6 Apr 2017, David Howells wrote:
> James Morris <jmor...@namei.org> wrote:
>
> > > +static __read_mostly bool kernel_locked_down;
> >
> > How about marking this __ro_after_init if ALLOW_LOCKDOWN_LIFT is not
> > configured?
>
> I guess lo
On Wed, 5 Apr 2017, David Howells wrote:
> +#include
> +#include
> +
> +static __read_mostly bool kernel_locked_down;
How about marking this __ro_after_init if ALLOW_LOCKDOWN_LIFT is not
configured?
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this l
- in future we can potentially relax this for
sufficiently IOMMU-isolated devices.
Signed-off-by: Matthew Garrett matthew.garr...@nebula.com
Reviewed-by: James Morris jmor...@namei.org
---
drivers/pci/pci-sysfs.c | 10 ++
drivers/pci/proc.c | 8 +++-
drivers/pci
...@nebula.com
Reviewed-by: James Morris jmor...@namei.org
---
drivers/char/mem.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
index 1af8664..61406c8 100644
--- a/drivers/char/mem.c
+++ b/drivers/char/mem.c
@@ -159,6 +159,9 @@ static
...@nebula.com
Reviewed-by: James Morris jmor...@namei.org
---
drivers/acpi/custom_method.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/acpi/custom_method.c b/drivers/acpi/custom_method.c
index 12b62f2..50647b3 100644
--- a/drivers/acpi/custom_method.c
+++ b/drivers
.
Signed-off-by: Matthew Garrett matthew.garr...@nebula.com
Reviewed-by: James Morris jmor...@namei.org
---
arch/x86/kernel/ioport.c | 5 +++--
drivers/char/mem.c | 4
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c
matthew.garr...@nebula.com
Reviewed-by: James Morris jmor...@namei.org
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-efi in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
...@nebula.com
Reviewed-by: James Morris jmor...@namei.org
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-efi in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, 3 Sep 2013, Matthew Garrett wrote:
+ status = efi_call_phys5(sys_table-runtime-get_variable,
+ LSecureBoot, var_guid, NULL, datasize, sb);
+
What's 'L' ?
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe
On Wed, 20 Mar 2013, Mimi Zohar wrote:
On Tue, 2013-03-19 at 15:47 +1100, James Morris wrote:
On Mon, 18 Mar 2013, Matthew Garrett wrote:
This patch introduces CAP_COMPROMISE_KERNEL.
I'd like to see this named CAP_MODIFY_KERNEL, which is more accurate and
less emotive
that, I like the idea, especially when it's wired up to MAC
security.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-efi in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
33 matches
Mail list logo