on this.
e.g. doesn't SELinux already handle this via policy directives?
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
: remove unnecessary sizeof(u8)
Hon Ching (Vicky) Lo (1):
tpm: Fix NULL return in tpm_ibmvtpm_get_desired_dma
James Morris (4):
Merge tag 'keys-next-fixes-20150114' of
git://git.kernel.org/.../dhowells/linux-fs into next
Merge branch 'smack-for-3.20-rebased' of
git
This is to announce the date location of the 2015 Linux Security Summit.
LSS 2015 will be co-located with LinuxCon North America, in Seattle WA,
USA, on 20 and 21 August.
As with previous events, LSS 2015 will be open to all registered LinuxCon
attendees.
Please see the event web site for
/kernel/git/dhowells/linux-fs.git
tags/keys-next-20150123
for you to fetch changes up to e994393acd65e729a574aaca466eab22b5b39cc6:
X.509: silence asn1 compiler debug output (2015-01-23 12:10:39 +)
Pulled, thanks.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list
On Fri, 30 Jan 2015, David Howells wrote:
/proc/keys is now mandatory and its config option no longer exists, so it
doesn't need selecting.
Reported-by: Paul Bolle pebo...@tiscali.nl
Signed-off-by: David Howells dhowe...@redhat.com
Applied.
--
James Morris
jmor...@namei.org
...@redhat.com
Signed-off-by: David Howells dhowe...@redhat.com
Applied.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo
://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
for-linus
Casey Schaufler (1):
Smack: secmark connections
David Jeffery (1):
Don't leak a key reference if request_key() tries to use a revoked keyring
James Morris (2):
Merge https://github.com/PeterHuewe/linux-tpmdd
.genkey #emailAddress =
unspecified.user@unspecified.company
@echo x509.genkey
@echo x509.genkey [ myexts ]
@echo x509.genkey basicConstraints=critical,CA:FALSE
Acked-by: James Morris james.l.mor...@oracle.com
--
James Morris
jmor...@namei.org
--
To unsubscribe from
for-linus
James Morris (1):
Merge branch 'for-current' of https://github.com/PeterHuewe/linux-tpmdd
into for-linus
Jarkko Sakkinen (1):
tpm: fix call order in tpm-chip.c
jmlat...@linux.vnet.ibm.com (1):
tpm/ibmvtpm: Additional LE support for tpm_ibmvtpm_send
drivers/char/tpm/tpm
://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
for-linus
James Morris (1):
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux
into for-linus
Joe Perches (1):
selinux: fix sel_write_enforce broken return value
security/selinux/selinuxfs.c
to be
bugfixes.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
On Fri, 27 Feb 2015, Kees Cook wrote:
Hi,
Please pull these yama changes for 4.0.
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel
On Wed, 29 Apr 2015, John Johansen wrote:
On 04/29/2015 06:55 PM, James Morris wrote:
On Tue, 21 Apr 2015, Casey Schaufler wrote:
James, do you want to take the module stacking changes in through
the security tree? Are there remaining objections or concerns? What
procedure would you
and necessary, and is it ready to go in?
Any objections or concerns?
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo
words in total.
PROGRAM COMMITTEE
The Linux Security Summit for 2015 is organized by:
* James Morris, Oracle
* Serge Hallyn, Canonical
* Paul Moore, Red Hat
* Stephen Smalley, NSA
* Joshua Brindle, Quark Security
* Herbert Xu, Red Hat
* John Johansen, Canonical
On Sat, 2 May 2015, Casey Schaufler wrote:
Subject: [PATCH 0/7 v22] LSM: Multiple concurrent LSMs
Please add all of the Acked-by etc. from the patch review process.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body
at:
g...@github.com:cschaufler/smack-next.git stacking-v22-acked
fyi, this is not a public URN.
for you to fetch changes up to f17cd945a8761544ac9bfdaf55e952e558dbee3e:
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
jmor...@namei.org
On Wed, 8 Apr 2015, Mateusz Guzik wrote:
This is still a problem. Any feedback about the patch?
I'd like to see feedback from vfs folk (Al).
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord
/spi: Add st33zp24 spi phy
tpm/st33zp24/dts/st33zp24-spi: Add dts documentation for st33zp24 spi phy
tpm/st33zp24: Add proper wait for ordinal duration in case of irq mode
tpm/st33zp24/spi: Add missing device table for spi phy.
James Morris (3):
Merge tag 'yama-4.0' of git
-love.sakura.ne.jp
Signed-off-by: Richard Guy Briggs r...@redhat.com
Applied.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo
developers -- any
interesting/novel application of Linux security or research is welcome.
We're also looking for round-table discussion topics, and people to lead
those discussions.
Get your proposals in soon!
- James
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send
(to follow later).
I'm still seeing these warnings:
scripts/sign-file.c: In function ‘main’:
scripts/sign-file.c:188: warning: value computed is not used
WARNING: modpost: missing MODULE_LICENSE() in
crypto/asymmetric_keys/pkcs7_test_key.o
--
James Morris
jmor...@namei.org
();
#endif
pr_info(Yama: becoming mindful.\n);
It looks like your mailer is converting tabs to spaces, please fix and
resend.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
baolin.w...@linaro.org
Reviewed-by: James Morris james.l.mor...@oracle.com
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http
to update the module-signing.txt document, the config option or
the git pull request/cover note?
Yes :)
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http
.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
(to follow later).
Pulled into -next.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http
(to follow later).
I get a build failure:
HOSTCC scripts/sign-file
scripts/sign-file.c:20:25: error: openssl/bio.h: No such file or directory
followed by many lines of error.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel
On Mon, 10 Aug 2015, David Howells wrote:
James Morris jmor...@namei.org wrote:
I get a build failure:
HOSTCC scripts/sign-file
scripts/sign-file.c:20:25: error: openssl/bio.h: No such file or directory
followed by many lines of error.
What openssl do you have installed
:
- SSL error:02001002:system library:fopen:No such file or directory:
bss_file.c:169
- SSL error:2006D080:BIO routines:BIO_new_file:no such file:
bss_file.c:172
extract-cert: signing_key.pem: No such file or directory
rm: cannot remove `signing_key.x509': No such file or directory
--
James Morris
On Tue, 11 Aug 2015, David Howells wrote:
The keyrings mailing list has moved to keyri...@vger.kernel.org
Signed-off-by: David Howells dhowe...@redhat.com
Applied.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body
On Wed, 12 Aug 2015, David Woodhouse wrote:
On Wed, 2015-08-12 at 19:08 +1000, James Morris wrote:
CHK include/generated/compile.h
EXTRACT_CERTS signing_key.pem
At main.c:146:
- SSL error:02001002:system library:fopen:No such file or directory:
bss_file.c:169
- SSL
On Wed, 12 Aug 2015, David Woodhouse wrote:
On Wed, 2015-08-12 at 20:08 +1000, James Morris wrote:
make-3.81-20.el6.x86_64
The machine is not accessible, sorry.
No matter. I have a CentOS 6 VM in which I can attempt to reproduce.
Where is MODULE_SIG_KEY_FILENAME assigned
On Wed, 12 Aug 2015, James Morris wrote:
define config_filename =
This may be relevant:
http://stackoverflow.com/questions/13260396/gnu-make-3-81-eval-function-not-working
This works for me:
diff --git a/kernel/Makefile b/kernel/Makefile
index 9e31922..65ef384 100644
--- a/kernel
On Wed, 12 Aug 2015, David Woodhouse wrote:
On Wed, 2015-08-12 at 14:20 +1000, James Morris wrote:
At main.c:146:
- SSL error:02001002:system library:fopen:No such file or directory:
bss_file.c:169
- SSL error:2006D080:BIO routines:BIO_new_file:no such file:
bss_file.c:172
On Wed, 12 Aug 2015, David Woodhouse wrote:
On Wed, 2015-08-12 at 19:27 +1000, James Morris wrote:
Yep:
# CONFIG_MODULE_SIG_SHA512 is not set
CONFIG_MODULE_SIG_HASH=sha1
CONFIG_MODULE_SIG_KEY=signing_key.pem
# CONFIG_MODULE_COMPRESS is not set
Can I have the full config please
On Mon, 27 Jul 2015, Kees Cook wrote:
On Sun, Jul 26, 2015 at 9:26 PM, James Morris jmor...@namei.org wrote:
On Thu, 23 Jul 2015, Kees Cook wrote:
+
+/*
+ * Return an allocated string that has been escaped of special characters
+ * and double quotes, making it safe to log in quotes
it to stack, this is effectively
a no-op change.
Additionally add MAINTAINERS entry.
Signed-off-by: Kees Cook keesc...@chromium.org
Applied to -next.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message
On Thu, 23 Jul 2015, Kees Cook wrote:
+
+/*
+ * Return an allocated string that has been escaped of special characters
+ * and double quotes, making it safe to log in quotes.
+ */
+static char *kstrdup_quotable(char *src)
+{
Do you think these should go into a library?
--
James Morris
capabilities easier to use for real-world
scenarios.
Has it had enough security review? This is a significant new behavior
being added to a widely enabled security module.
- James
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel
(2015-06-18 23:28:40 +1000)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git
tags/seccomp-next
for you to fetch changes up to 221272f97ca528048a577a3ff23d7774286ca5fd:
Pulled.
--
James Morris
jmor...@namei.org
Secure module is responsible of grant/revoke memory access.
>
This documentation is highly inadequate.
What does "allocate memory that can be securing" mean?
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel
/8/629
Also, is there any application of this beyond DRM?
- James
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.or
) Condense the type-specific data in the key struct into the payload
> data as it doesn't really make any sense to keep them separate.
>
Pulled.
Have these been in next yet?
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscrib
t with postings about security
modules.
--
James Morris
<jmor...@namei.org>
s do.
>
> Signed-off-by: Arnd Bergmann <a...@arndb.de>
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the
On Thu, 5 Nov 2015, Jarkko Sakkinen wrote:
> v4:
>
> * Added missing select CRYPTO_HASH_INFO in drivers/char/tpm/Kconfig
>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
Jame
validation [ver #2]
James Morris (1):
Merge tag 'tpmdd-next-20151110' of
https://github.com/jsakkine/linux-tpmdd into for-linus
Jarkko Sakkinen (3):
TPM: revert the list handling logic fixed in 398a1e7
tpm: fix missing migratable flag in sealing functionality for TPM2
tpm: fix
On Wed, 11 Nov 2015, David Howells wrote:
> This fixes CVE-2015-5327. It affects kernels from 4.3-rc1 onwards.
This doesn't apply to current Linus, please fix and resend.
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscrib
Insu Yun (1):
keys: Be more consistent in selection of union members used
James Morris (4):
Merge branch 'next' of git://git.kernel.org/.../zohar/linux-integrity
into next
Merge branch 'smack-for-4.4' of https://github.com/cschaufler/smack-next
into next
Merge branch
nning on enabling this? I gather RH is...
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Please pull these key susbystem fixes for 4.3, per the message from David
Howells:
"Here are two patches, the first of which at least should go upstream
immediately:
(1) Prevent a user-triggerable crash in the keyrings destructor when a
negatively instantiated keyring is garbage
he rationale for them?
This url doesn't work: http://acl.bestbits.at/richacl/
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http
are welcome to
attend the Weds 19th August reception.
Hope to see you there!
- James (on behalf of the program committee).
[1]
http://www.reddit.com/r/linux/comments/2xqn12/im_part_of_the_sysadmin_team_behind_kernelorg_and/
--
James Morris
jmor...@namei.org
ied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http:/
org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majo
;seth.fors...@canonical.com>
> Acked-by: Stephen Smalley <s...@tycho.nsa.gov>
Acked-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body
f-by: Seth Forshee <seth.fors...@canonical.com>
Nice cleanup.
Acked-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord..
ld change the
> caller's security context in a way that should not have been
> possible, even inside the namespace in which the task is confined.
>
> As a hardening measure, this would have made CVE-2014-5207 much
> more difficult to exploit.
>
> Signed-off-by: Andy Lutomirs
On Tue, 17 Nov 2015, Seth Forshee wrote:
> + sbsp = inode->i_sb->s_security;
> + if ((sbsp->smk_flags & SMK_SB_UNTRUSTED) &&
Where is SMK_SB_UNTRUSTED defined?
I can't see it in this patch series, mainline or security next.
--
James Morris
<jmor...@name
return -EINVAL;
Do you need to kfree it here on error?
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
...@redhat.com
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http
/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read
in the git repository at:
g...@github.com:cschaufler/tracking-linus.git lsm-fix-for-4.3
This is not a valid url for me to pull from.
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord
.
Pulled to my next branch, thanks.
- James
--
James Morris
jmor...@namei.org
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ
vid Howells <dhowe...@redhat.com>
> Tested-By: Valdis Kletnieks <valdis.kletni...@vt.edu>
> ---
Please always specify which kernel a patch/pull request is for.
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe l
ning key in source tree
James Morris (7):
Merge tag 'seccomp-next' of git://git.kernel.org/.../kees/linux into next
Merge tag 'asn1-fixes-20150805' of
git://git.kernel.org/.../dhowells/linux-fs into next
Merge branch 'smack-for-4.3' of https://github.com/cschaufler/smack-
ix which was sent out just before Linus dropped 4.2.
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-i
jbeul...@suse.com
Signed-off-by: Casey Schaufler ca...@schaufler-ca.com
Signed-off-by: James Morris james.l.mor...@oracle.com
diff --git a/security/security.c b/security/security.c
index 595fffa..9942836 100644
--- a/security/security.c
+++ b/security/security.c
@@ -380,8 +380,8 @@ int
On Tue, 29 Sep 2015, James Morris wrote:
> On Fri, 25 Sep 2015, David Howells wrote:
>
> > ---
> > The following changes since commit ced255c0c5fb9ab52c9465982f23b1c14005ef8b:
> >
> > Merge branch 'next' of
> > git://git.kernel.org/pub/scm/linux/kernel/git
when constructing key
description
MODSIGN: Change from CMS to PKCS#7 signing if the openssl is too old
James Morris (1):
Merge tag 'keys-fixes-20150925' of
git://git.kernel.org/.../dhowells/linux-fs into for-linus
Documentation/Changes| 2 +-
crypto
On Fri, 25 Sep 2015, David Howells wrote:
> ---
> The following changes since commit ced255c0c5fb9ab52c9465982f23b1c14005ef8b:
>
> Merge branch 'next' of
> git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux (2015-09-24
> 20:14:26 -0700)
>
> are available in the git repository at:
>
On Mon, 7 Dec 2015, Jarkko Sakkinen wrote:
> On Fri, Nov 20, 2015 at 01:34:35PM +1100, James Morris wrote:
> > On Wed, 18 Nov 2015, Jarkko Sakkinen wrote:
> >
> > > On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote:
> > > > On Tue
> Partially revert commit 41c89b64d7184a780f12f2cccdabe65cb2408893:
>
> Author: Petko Manolov <pet...@mip-labs.com>
> Date: Wed Dec 2 17:47:55 2015 +0200
> IMA: create machine owner and blacklist keyrings
>
If you need this applied to a tree, please
ption of small fix from Stefan to tpm_ibmvtpm, which I considered
> trivial enough to be included.
>
Applied.
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger
d Howells <dhowe...@redhat.com>
Tested-by: Dmitry Vyukov <dvyu...@google.com>
Cc: sta...@vger.kernel.org
Signed-off-by: James Morris <james.l.mor...@oracle.com>
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index fb111ea..1c3872a 100644
--- a/security/k
Vyukov <dvyu...@google.com>
Signed-off-by: David Howells <dhowe...@redhat.com>
Acked-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Signed-off-by: James Morris <james.l.mor...@oracle.com>
diff --git a/security/keys/encrypted-keys/encrypted.c
b/security/keys/encryp
handling of stored error in a negatively instantiated user key
James Morris (1):
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux
into for-linus2
Stephen Smalley (1):
selinux: fix bug in conditional rules handling
security/keys/encrypted-keys/encrypted.c |2
On Tue, 24 Nov 2015, Ben Hutchings wrote:
> 3.2.74-rc1 review patch. If anyone has any objections, please let me know.
>
> --
>
> From: Kees Cook <keesc...@chromium.org>
>
> commit 9520628e8ceb69fa9a4aee6b57f22675d9e1b709 upstream.
>
Reviewed
On Tue, 24 Nov 2015, David Howells wrote:
> Hi James,
>
> Can this be passed straight to Linus please?
Is this triggerable by normal users?
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the bo
On Mon, 30 Nov 2015, Andreas Gruenbacher wrote:
> This function was only briefly used in security/integrity/evm, between
> commits 66dbc325 and 15647eb3.
>
> Signed-off-by: Andreas Gruenbacher <agrue...@redhat.com>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
t;
> Cc: cluster-de...@redhat.com
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info
On Mon, 30 Nov 2015, Andreas Gruenbacher wrote:
> Remove POSIX_ACL_XATTR_{ACCESS,DEFAULT} and GFS2_POSIX_ACL_{ACCESS,DEFAULT}
> and replace them with the definitions in .
>
> Signed-off-by: Andreas Gruenbacher <agrue...@redhat.com>
Reviewed-by: James Morris <jame
x and with a non-empty suffix.
>
> This patch should avoid bugs like the one fixed in commit c361016a in
> the future.
>
> Signed-off-by: Andreas Gruenbacher <agrue...@redhat.com>
Is it worth making an inline wrapper for 'handler->prefix ?:
handler->name' ?
Rev
linux...@kvack.org
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vge
to implement kernfs_iop_removexattr as well.
>
> Signed-off-by: Andreas Gruenbacher <agrue...@redhat.com>
> Cc: Hugh Dickins <hu...@google.com>
> Cc: linux...@kvack.org
Reviewed-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
gt;
> *result += total_len;
>
> + /* FIXME: Not checking the ->list operation here ... */
> +
What does this mean?
--
James Morris
<jmor...@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to ma
GI...
>
> Because hosting companies sell containers as "full virtual machines"
> and customers expect to be able mount stuff like disk images they upload.
I don't think this is a valid reason for merging functionality into the
kernel.
--
James Morris
<jmor...@namei.o
On Wed, 18 Nov 2015, Jarkko Sakkinen wrote:
> On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote:
> > On Tue, 17 Nov 2015, Jarkko Sakkinen wrote:
> >
> > > }
> > > break;
> > > + case Opt_polic
se two bug fix patches? Thanks!
>
> Hello - Just checking in again to see if you plan on taking these
> through the security tree?
Sure, please resend.
--
James Morris
<jmor...@namei.org>
ttps://launchpad.net/bugs/1465724
>
> Signed-off-by: Tyler Hicks <tyhi...@canonical.com>
> Acked-by: Serge E. Hallyn <serge.hal...@ubuntu.com>
Both applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<jmor...@namei.org>
d to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<jmor...@namei.org>
schaufler-ca.com>
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<jmor...@namei.org>
Signed-off-by: Stephan Mueller <smuel...@chronox.de>
Signed-off-by: David Howells <dhowe...@redhat.com>
Signed-off-by: James Morris <james.l.mor...@oracle.com>
diff --git a/Documentation/security/keys.txt b/Documentation/security/keys.txt
index 20d0571..3849814 100644
---
This patch is tested both for ptrace attach and ptrace traceme.
Fixes: 8a56038c2aef ("Yama: consolidate error reporting")
Signed-off-by: Jann Horn <j...@thejh.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Signed-off-by: James Morris <james.l.mor...@orac
On Tue, 14 Jun 2016, Kees Cook wrote:
> Hi,
>
> Please pull these seccomp changes for next. These have been tested by
> myself and Andy, and close a long-standing issue with seccomp where tracers
> could change the syscall out from under seccomp.
Pulled to security -next.
-
small fixes and cleanups.
>
Pulled, thanks.
--
James Morris
<jmor...@namei.org>
ed-off-by: Mateusz Guzik <mgu...@redhat.com>
> Signed-off-by: Andreas Gruenbacher <agrue...@redhat.com>
> Cc: <sta...@vger.kernel.org> # 4.4
Acked-by: James Morris <james.l.mor...@oracle.com>
--
James Morris
<jmor...@namei.org>
off-by: Ryan Ware <w...@linux.intel.com>
Cc: sta...@vger.kernel.org
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Signed-off-by: James Morris <james.l.mor...@oracle.com>
diff --git a/security/integrity/evm/evm_main.c
b/security/integrity/evm/evm_main.c
1 - 100 of 2193 matches
Mail list logo