on entry to VFS or socket methods.
Shouldn't Eric Biederman be cc'd on this?
--
James Morris
].func);
> > - if (entries[i].func == POLICY_CHECK)
> > + if (entries[i].func == IMA_POLICY_CHECK)
> > temp_ima_appraise |= IMA_APPRAISE_POLICY;
> > }
> > }
> > @@ -846,29 +846,29 @@ static int ima_parse_rule(char *rule, struct
> > ima_rule_entry *entry)
> > result = -EINVAL;
> >
> > if (strcmp(args[0].from, "FILE_CHECK") == 0)
> > - entry->func = FILE_CHECK;
> > + entry->func = IMA_FILE_CHECK;
> > /* PATH_CHECK is for backwards compat */
> > else if (strcmp(args[0].from, "PATH_CHECK") == 0)
> > - entry->func = FILE_CHECK;
> > + entry->func = IMA_FILE_CHECK;
> > else if (strcmp(args[0].from, "MODULE_CHECK") == 0)
> > - entry->func = MODULE_CHECK;
> > + entry->func = IMA_MODULE_CHECK;
> > else if (strcmp(args[0].from, "FIRMWARE_CHECK") == 0)
> > - entry->func = FIRMWARE_CHECK;
> > + entry->func = IMA_FIRMWARE_CHECK;
> > else if ((strcmp(args[0].from, "FILE_MMAP") == 0)
> > || (strcmp(args[0].from, "MMAP_CHECK") == 0))
> > - entry->func = MMAP_CHECK;
> > + entry->func = IMA_MMAP_CHECK;
> > else if (strcmp(args[0].from, "BPRM_CHECK") == 0)
> > - entry->func = BPRM_CHECK;
> > + entry->func = IMA_BPRM_CHECK;
> > else if (strcmp(args[0].from, "CREDS_CHECK") == 0)
> > - entry->func = CREDS_CHECK;
> > + entry->func = IMA_CREDS_CHECK;
> > else if (strcmp(args[0].from, "KEXEC_KERNEL_CHECK") ==
> > 0)
> > - entry->func = KEXEC_KERNEL_CHECK;
> > + entry->func = IMA_KEXEC_KERNEL_CHECK;
> > else if (strcmp(args[0].from, "KEXEC_INITRAMFS_CHECK")
> > == 0)
> > - entry->func = KEXEC_INITRAMFS_CHECK;
> > + entry->func = IMA_KEXEC_INITRAMFS_CHECK;
> > else if (strcmp(args[0].from, "POLICY_CHECK") == 0)
> > - entry->func = POLICY_CHECK;
> > + entry->func = IMA_POLICY_CHECK;
> > else
> > result = -EINVAL;
> > if (!result)
> > @@ -1194,7 +1194,7 @@ void ima_policy_stop(struct seq_file *m, void *v)
> > */
> > static void policy_func_show(struct seq_file *m, enum ima_hooks func)
> > {
> > - if (func > 0 && func < MAX_CHECK)
> > + if (func > 0 && func < IMA_MAX_CHECK)
> > seq_printf(m, "func=%s ", func_tokens[func]);
> > else
> > seq_printf(m, "func=%d ", func);
>
--
James Morris
On Thu, 14 Feb 2019, David Howells wrote:
>
> Hi James,
>
> Here are some keyrings fixes.
For which kernel, -rc or 5.1?
--
James Morris
On Wed, 13 Feb 2019, Jarkko Sakkinen wrote:
> James,
>
> Quite a fat release this time. I'll try to enumerate the highlights.
Thanks!
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
next-tpm
--
James Morris
+ pr_info("security= is ignored because of lsm=\n");
> >
> > This is a little awkward. How about "lsm= supersedes security=".
>
> Fine by me. James? What would you like here?
How about security= is ignored because it is superseded by lsm= ?
--
James Morris
//github.com/jsakkine-intel/tpm2-scripts
> >
> > Cc: Tadeusz Struk
> > Signed-off-by: Jarkko Sakkinen
> > Acked-By: Joey Pabalinas
> > Reviewed-by: Petr Vorel
>
> Wondering if I can put this to my 5.1 PR?
Yep, should be fine.
--
James Morris
> yours and mine.
> >>
> >> What do you prefer?
> >
> > Either way is fine.
> >
>
> OK. Well, I think in this case less is more, so I will integrate our changes
> into a single patch.
WFM
--
James Morris
>
> Signed-off-by: Micah Morton
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
next-general
--
James Morris
t may fall through
> [-Wimplicit-fallthrough=]
>
> Signed-off-by: Mathieu Malaterre
All 3 applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
next-general
--
James Morris
ris/linux-security.git
next-general
--
James Morris
on free (2019-01-16 15:41:11 -0800)
James Morris (1):
LSM: Check for NULL cred-security on free
Kees Cook (1):
Yama: Check for pid death before checking ancestry
Tycho Andersen (1):
seccomp: fix UAF in user-trap
patches which you are submitting for inclusion, start a new
thread and include [PATCH] in the subject line.
--
James Morris
free(struct cred *cred)
> {
> + /*
> + * There is a failure case in prepare_creds() that
> + * may result in a call here with ->security being NULL.
> + */
> + if (unlikely(cred->security == NULL))
> + return;
> +
> call_void_hook(cred_free, cred);
>
> kfree(cred->security);
>
--
James Morris
On Thu, 17 Jan 2019, James Morris wrote:
> On Wed, 16 Jan 2019, Kees Cook wrote:
>
> > It's possible that a pid has died before we take the rcu lock, in which
> > case we can't walk the ancestry list as it may be detached. Instead, check
> > for death fir
(!pid_alive(child))
> + rc = -EPERM;
> + if (!rc && !task_is_descendant(current, child) &&
> !ptracer_exception_found(current, child) &&
> !ns_capable(__task_cred(child)->user_ns,
> CAP_SYS_PTRACE))
> rc = -EPERM;
>
--
James Morris
On Sat, 12 Jan 2019, Kees Cook wrote:
> This makes sense to me. Thanks for fixing it!
>
> Acked-by: Kees Cook
>
> James, can you add this to your fixes tree for sending to Linus?
Sure.
--
James Morris
like with the SELinux
testsuite.
--
James Morris
te on my system, and I'm now running this
on my laptop.
Please test!
--
James Morris
On Mon, 7 Jan 2019, Kees Cook wrote:
> On Tue, Dec 11, 2018 at 1:19 PM Kees Cook wrote:
> >
> > On Tue, Dec 11, 2018 at 10:57 AM James Morris wrote:
> > >
> > > On Tue, 4 Dec 2018, Kees Cook wrote:
> > >
> > > > On Mon, Nov 26, 2018 at
to link correctly.
Fixes: fec7b6690541 ("samples: add an example of seccomp user trap")
Signed-off-by: Tycho Andersen
Reported-by: Ingo Molnar
Signed-off-by: James Morris
diff --git a/samples/seccomp/Makefile b/samples/seccomp/Makefile
index 4920903c8009..a5
On Sat, 29 Dec 2018, Mimi Zohar wrote:
> On Sat, 2018-12-29 at 10:34 -0800, Casey Schaufler wrote:
> > On 12/28/2018 8:15 PM, Linus Torvalds wrote:
> > > On Fri, Dec 28, 2018 at 8:09 PM James Morris wrote:
> > >> Yep, I understand what you mean. I can't fi
nown regression?
>
Not that I'm aware of (cc Kees).
--
James Morris
ge tag 'tpmdd-next-20181217' of
git://git.infradead.org/users/jjs/linux-tpmdd into next-tpm (2018-12-17
11:31:58 -0800)
----
James Morris (1):
Merge tag 'tpmdd-next-20181217' of
git://git.infradead.org/users/jjs/linux-tpmdd into next
er/next-smack
into next-smack (2018-12-13 19:30:33 -0800)
----
James Morris (1):
Merge branch 'smack-for-4.21-a' of
https://github.com/cschaufler/next-smack into next-smack
José Bollo (1):
Smack: Improve Documentation
Zora
2018-12-17 11:36:26 -0800)
----
James Morris (2):
Merge tag 'seccomp-next' of https://git.kernel.org/.../kees/linux into
next-seccomp
Merge tag 'seccomp-next-part2' of https://git.kernel.org/.../kees/linux
into next-s
data types
efi: Add an EFI signature blob parser
Eric Richter (1):
x86/ima: define arch_get_ima_policy() for x86
James Morris (1):
Merge branch 'next-integrity' of
git://git.kernel.org/.../zohar/linux-integrity into next-integrity
Josh Boyer (2):
efi: Import certificates fro
On Fri, 28 Dec 2018, Linus Torvalds wrote:
> On Fri, Dec 28, 2018 at 7:11 PM James Morris wrote:
> >
> > I do this every development cycle, after requests from security subsystem
> > maintainers to sync to -rc kernels.
>
> Why?
>
> A merge should have a *rea
On Thu, 27 Dec 2018, Linus Torvalds wrote:
> On Mon, Dec 24, 2018 at 11:55 AM James Morris wrote:
> >
> > The main changes here are Paul Gortmaker's removal of unneccesary module.h
> > infrastructure.
>
> I will point out a merge with a horrible commit message:
>
09:59:12 -0800)
James Morris (2):
Merge tag 'v4.20-rc2' into next-general
Merge tag 'v4.20-rc7' into next-general
Paul Gortmaker (6):
security: integrity: make ima_main explicitly non-modular
keys: remove
config selections used in build testing
> provide an implicit presence, and so normal/typical
> build testing did not immediately reveal my incorrect assumption.
>
> Cc: Mimi Zohar
> Cc: Dmitry Kasatkin
> Cc: James Morris
> Cc: "Serge E. Hallyn"
> Cc: linux-ima-de...@lis
On Mon, 17 Dec 2018, Mimi Zohar wrote:
> On Tue, 2018-12-18 at 06:33 +1100, James Morris wrote:
> > On Wed, 12 Dec 2018, Thiago Jung Bauermann wrote:
> >
> > > >From what I can tell, it has never been used.
>
> This was introduced prior to Rusty's deci
gt; > Tycho Andersen (2):
> > seccomp: fix poor type promotion
> > seccomp, s390: fix build for syscall type change
> >
> > arch/s390/kernel/compat_wrapper.c | 2 +-
> > kernel/seccomp.c | 3 +--
> > 2 files changed, 2 insertions(+), 3 deletions(-)
> >
> > --
> > Kees Cook
>
>
>
>
--
James Morris
1
> -#define INTEGRITY_KEYRING_MODULE 2
> -#define INTEGRITY_KEYRING_PLATFORM 3
> -#define INTEGRITY_KEYRING_MAX4
> +#define INTEGRITY_KEYRING_PLATFORM 2
> +#define INTEGRITY_KEYRING_MAX3
>
> extern struct dentry *integrity_dir;
>
>
--
James Morris
t; i.e. struct tpm_buf.
Pulled to next-tpm and next-testing.
--
James Morris
On Wed, 12 Dec 2018, Kees Cook wrote:
> Hi James,
>
> Please pull these seccomp changes for next.
>
Pulled to next-seccomp and next-testing in:
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
--
James Morris
: make evm_main explicitly non-modular
> security: integrity: make ima_main explicitly non-modular
All applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
next-general
and next-general
--
James Morris
On Wed, 12 Dec 2018, Florian Weimer wrote:
> * James Morris:
>
> > If you're depending on the script interpreter to flag that the user may
> > execute code, this seems to be equivalent in security terms to depending
> > on the user. e.g. what if the user uses ptr
rpreter to flag that the user may
execute code, this seems to be equivalent in security terms to depending
on the user. e.g. what if the user uses ptrace and clears O_MAYEXEC?
--
James Morris
ines in the body, etc?
>
> Beyond that, I obviously like it. James, what's needed for this to move
> forward?
If there are no outstanding issues, I plan to merge this for 4.21.
--
James Morris
Acked-by: Serge Hallyn
> - replace 'rc' with 'xattr_len' when calling integrity_digsig_verify()
> with INTEGRITY_KEYRING_IMA for readability
> Suggested-by: Serge Hallyn
Reviewed-by: James Morris
--
James Morris
e db
> variable if it is found.
>
> Signed-off-by: Josh Boyer
> Signed-off-by: David Howells
> Acked-by: Nayna Jain
> Acked-by: Serge Hallyn
Reviewed-by: James Morris
--
James Morris
+ len * 2 + 1, GFP_KERNEL);
> + if (!hash)
> + return;
> + p = memcpy(hash, "bin:", 4);
> + p += 4;
> + bin2hex(p, data, len);
> + p += len * 2;
> + *p = 0;
> +
> + mark_hash_blacklisted(hash);
> + kfree(hash);
> +}
>
These could be refactored into one function.
--
James Morris
Jain
> Acked-by: Serge Hallyn
Reviewed-by: James Morris
--
James Morris
ain
> Reviewed-by: Mimi Zohar
> Acked-by: Serge Hallyn
Reviewed-by: James Morris
--
James Morris
This keyring can be enabled by setting CONFIG_INTEGRITY_PLATFORM_KEYRING.
>
> Signed-off-by: Nayna Jain
> Reviewed-by: Mimi Zohar
> Acked-by: Serge Hallyn
Reviewed-by: James Morris
--
James Morris
Denis Kenzior
Signed-off-by: James Morris
diff --git a/security/integrity/digsig_asymmetric.c
b/security/integrity/digsig_asymmetric.c
index 6dc075144508..d775e03fbbcc 100644
--- a/security/integrity/digsig_asymmetric.c
+++ b/security/integrity/digsig_asymmetric.c
@@ -106,6 +106,7 @@ int asymmet
Denis Kenzior
Signed-off-by: James Morris
diff --git a/security/integrity/digsig_asymmetric.c
b/security/integrity/digsig_asymmetric.c
index 6dc075144508..d775e03fbbcc 100644
--- a/security/integrity/digsig_asymmetric.c
+++ b/security/integrity/digsig_asymmetric.c
@@ -106,6 +106,7 @@ int asymmet
On Thu, 1 Nov 2018, Linus Torvalds wrote:
> On Fri, Oct 26, 2018 at 2:36 AM James Morris wrote:
> >
> > From David: "Provide five new operations in the key_type struct that can
> > be used to provide access to asymmetric key operations. These will be
> > impleme
On Thu, 1 Nov 2018, Linus Torvalds wrote:
> On Fri, Oct 26, 2018 at 2:36 AM James Morris wrote:
> >
> > From David: "Provide five new operations in the key_type struct that can
> > be used to provide access to asymmetric key operations. These will be
> > impleme
Please pull. Note these patches have been in next and my tree under a
different branch for some weeks.
>From David: "Provide five new operations in the key_type struct that can
be used to provide access to asymmetric key operations. These will be
implemented for the asymmetric key type in a
Please pull. Note these patches have been in next and my tree under a
different branch for some weeks.
>From David: "Provide five new operations in the key_type struct that can
be used to provide access to asymmetric key operations. These will be
implemented for the asymmetric key type in a
security-next' of
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux into next-loadpin
(2018-10-18 17:20:08 -0700)
----
James Morris (1):
Merge tag 'loadpin-security-next' of
https://git.kernel.org/.../kees/linux into next-
security-next' of
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux into next-loadpin
(2018-10-18 17:20:08 -0700)
----
James Morris (1):
Merge tag 'loadpin-security-next' of
https://git.kernel.org/.../kees/linux into next-
ck
into next-smack (2018-09-25 11:15:12 -0700)
Casey Schaufler (1):
Smack: ptrace capability use fixes
Gustavo A. R. Silva (1):
Smack: Mark expected switch fall-through
James Morris (1):
Merge branch 'smack-for-4
ck
into next-smack (2018-09-25 11:15:12 -0700)
Casey Schaufler (1):
Smack: ptrace capability use fixes
Gustavo A. R. Silva (1):
Smack: Mark expected switch fall-through
James Morris (1):
Merge branch 'smack-for-4
g/users/jjs/linux-tpmdd into next-tpm (2018-10-05
11:21:23 -0700)
Dr. Greg Wettstein (1):
tpm: Restore functionality to xen vtpm driver.
James Morris (1):
Merge tag 'tpmdd-next-20181005' of
git://git.infradead.org/users/jj
g/users/jjs/linux-tpmdd into next-tpm (2018-10-05
11:21:23 -0700)
Dr. Greg Wettstein (1):
tpm: Restore functionality to xen vtpm driver.
James Morris (1):
Merge tag 'tpmdd-next-20181005' of
git://git.infradead.org/users/jj
Please pull.
>From Mimi: "This pull request contains a couple of bug fixes, including
one for a recent problem with calculating file hashes on overlayfs, and
some code cleanup."
---
The following changes since commit e6123c524064a571616ec978b1317f1696eff0ae:
security: fix LSM description
Please pull.
>From Mimi: "This pull request contains a couple of bug fixes, including
one for a recent problem with calculating file hashes on overlayfs, and
some code cleanup."
---
The following changes since commit e6123c524064a571616ec978b1317f1696eff0ae:
security: fix LSM description
On Tue, 23 Oct 2018, Linus Torvalds wrote:
> Comments?
I'm used to watching the git-commits-head mailing list to see what's being
pulled and don't need anything further as an ack.
--
James Morris
On Tue, 23 Oct 2018, Linus Torvalds wrote:
> Comments?
I'm used to watching the git-commits-head mailing list to see what's being
pulled and don't need anything further as an ack.
--
James Morris
++ keyword "private" in uapi/linux/keyctl.h
Ding Xiang (1):
security: tomoyo: Fix obsolete function
Igor Stoppa (1):
seccomp: remove unnecessary unlikely()
James Morris (1):
Merge tag 'v4.19-rc2' into next-general
Kees Cook (10):
LSM: Correctly announce st
++ keyword "private" in uapi/linux/keyctl.h
Ding Xiang (1):
security: tomoyo: Fix obsolete function
Igor Stoppa (1):
seccomp: remove unnecessary unlikely()
James Morris (1):
Merge tag 'v4.19-rc2' into next-general
Kees Cook (10):
LSM: Correctly announce st
ees/linux.git
> tags/loadpin-security-next
>
Thanks, pulled to next-loadpin and next-testing.
--
James Morris
ees/linux.git
> tags/loadpin-security-next
>
Thanks, pulled to next-loadpin and next-testing.
--
James Morris
t-general
and next-testing.
--
James Morris
t-general
and next-testing.
--
James Morris
On Tue, 9 Oct 2018, David Howells wrote:
>
> Hi James,
>
> Here's a set of patches that does the following, if you could pull it please:
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
next-keys
and next-testing
Please test.
--
James Morris
On Tue, 9 Oct 2018, David Howells wrote:
>
> Hi James,
>
> Here's a set of patches that does the following, if you could pull it please:
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
next-keys
and next-testing
Please test.
--
James Morris
On Sat, 6 Oct 2018, James Morris wrote:
> On Fri, 5 Oct 2018, David Howells wrote:
>
> > James Morris wrote:
> >
> > > > + if (strcmp(encoding, "raw") == 0) {
> > > > + strcpy(alg_name, pkey->pkey_algo);
> > >
On Sat, 6 Oct 2018, James Morris wrote:
> On Fri, 5 Oct 2018, David Howells wrote:
>
> > James Morris wrote:
> >
> > > > + if (strcmp(encoding, "raw") == 0) {
> > > > + strcpy(alg_name, pkey->pkey_algo);
> > >
On Fri, 5 Oct 2018, Jarkko Sakkinen wrote:
> Hi James,
>
> These are the updates to v4.20. The only new feature is non-blocking
> operation for /dev/tpm0.
Thanks, pulled to next-tpm and next-testing.
--
James Morris
On Fri, 5 Oct 2018, Jarkko Sakkinen wrote:
> Hi James,
>
> These are the updates to v4.20. The only new feature is non-blocking
> operation for /dev/tpm0.
Thanks, pulled to next-tpm and next-testing.
--
James Morris
On Fri, 5 Oct 2018, James Morris wrote:
> On Thu, 4 Oct 2018, Kees Cook wrote:
> > And a user would need to specify ALL lsms on the "lsm=" line?
> >
>
> Yes, the ones they want enabled.
If they're overriding the kconfig value.
--
James Morris
On Fri, 5 Oct 2018, James Morris wrote:
> On Thu, 4 Oct 2018, Kees Cook wrote:
> > And a user would need to specify ALL lsms on the "lsm=" line?
> >
>
> Yes, the ones they want enabled.
If they're overriding the kconfig value.
--
James Morris
On Fri, 5 Oct 2018, David Howells wrote:
> James Morris wrote:
>
> > > + if (strcmp(encoding, "raw") == 0) {
> > > + strcpy(alg_name, pkey->pkey_algo);
> > > + return 0;
> > > + }
> >
> > Can encoding here also
On Fri, 5 Oct 2018, David Howells wrote:
> James Morris wrote:
>
> > > + if (strcmp(encoding, "raw") == 0) {
> > > + strcpy(alg_name, pkey->pkey_algo);
> > > + return 0;
> > > + }
> >
> > Can encoding here also
t; + struct key *key;
> + const char *encoding; /* Encoding (eg. "oaep" or NULL for
> raw) */
--
James Morris
t; + struct key *key;
> + const char *encoding; /* Encoding (eg. "oaep" or NULL for
> raw) */
--
James Morris
= "sha224";
> - ctx->cert->sig->pkey_algo = "rsa";
> - break;
> + goto rsa_pkcs1;
> }
>
> +rsa_pkcs1:
> + ctx->cert->sig->pkey_algo = "rsa";
> + ctx->cert->sig->encoding = "pkcs1";
> ctx->algo_oid = ctx->last_oid;
> return 0;
> }
Perhaps I'm missing something here but why do you need the gotos vs. just
breaking to this code?
--
James Morris
= "sha224";
> - ctx->cert->sig->pkey_algo = "rsa";
> - break;
> + goto rsa_pkcs1;
> }
>
> +rsa_pkcs1:
> + ctx->cert->sig->pkey_algo = "rsa";
> + ctx->cert->sig->encoding = "pkcs1";
> ctx->algo_oid = ctx->last_oid;
> return 0;
> }
Perhaps I'm missing something here but why do you need the gotos vs. just
breaking to this code?
--
James Morris
> +
> + pr_devel("==>%s()\n", __func__);
Are you planning on leaving these pr_devel()s in?
--
James Morris
> +
> + pr_devel("==>%s()\n", __func__);
Are you planning on leaving these pr_devel()s in?
--
James Morris
t; for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) {
> init_debug("initializing %s\n", lsm->name);
> - lsm->init();
> + ret = lsm->init();
> + WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret);
> }
> }
>
>
--
James Morris
t; for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) {
> init_debug("initializing %s\n", lsm->name);
> - lsm->init();
> + ret = lsm->init();
> + WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret);
> }
> }
>
>
--
James Morris
On Tue, 2 Oct 2018, Dave Chinner wrote:
> On Tue, Oct 02, 2018 at 06:08:16AM +1000, James Morris wrote:
> > On Mon, 1 Oct 2018, Darrick J. Wong wrote:
> >
> > > If we /did/ replace CAP_SYS_ADMIN checking with a pile of LSM hooks,
> >
> > Not sure we'd need a
On Tue, 2 Oct 2018, Dave Chinner wrote:
> On Tue, Oct 02, 2018 at 06:08:16AM +1000, James Morris wrote:
> > On Mon, 1 Oct 2018, Darrick J. Wong wrote:
> >
> > > If we /did/ replace CAP_SYS_ADMIN checking with a pile of LSM hooks,
> >
> > Not sure we'd need a
vfs/tests/0001_at_beneath.sh| 72
> >>> .../selftests/vfs/tests/0002_at_xdev.sh | 54 ++
> >>> .../vfs/tests/0003_at_no_proclinks.sh | 50 ++
> >>> .../vfs/tests/0004_at_no_symlinks.sh | 49 ++
> >>> .../selftests/vfs/tests/0005_at_this_root.sh | 66
> >>> tools/testing/selftests/vfs/vfs_helper.c | 154 +
> >>> 19 files changed, 707 insertions(+), 56 deletions(-)
> >>> create mode 100644 tools/testing/selftests/vfs/.gitignore
> >>> create mode 100644 tools/testing/selftests/vfs/Makefile
> >>> create mode 100644 tools/testing/selftests/vfs/at_flags.h
> >>> create mode 100644 tools/testing/selftests/vfs/common.sh
> >>> create mode 100755 tools/testing/selftests/vfs/tests/0001_at_beneath.sh
> >>> create mode 100755 tools/testing/selftests/vfs/tests/0002_at_xdev.sh
> >>> create mode 100755
> >>> tools/testing/selftests/vfs/tests/0003_at_no_proclinks.sh
> >>> create mode 100755
> >>> tools/testing/selftests/vfs/tests/0004_at_no_symlinks.sh
> >>> create mode 100755 tools/testing/selftests/vfs/tests/0005_at_this_root.sh
> >>> create mode 100644 tools/testing/selftests/vfs/vfs_helper.c
> >>>
> >>
> >
> >
>
>
--
James Morris
vfs/tests/0001_at_beneath.sh| 72
> >>> .../selftests/vfs/tests/0002_at_xdev.sh | 54 ++
> >>> .../vfs/tests/0003_at_no_proclinks.sh | 50 ++
> >>> .../vfs/tests/0004_at_no_symlinks.sh | 49 ++
> >>> .../selftests/vfs/tests/0005_at_this_root.sh | 66
> >>> tools/testing/selftests/vfs/vfs_helper.c | 154 +
> >>> 19 files changed, 707 insertions(+), 56 deletions(-)
> >>> create mode 100644 tools/testing/selftests/vfs/.gitignore
> >>> create mode 100644 tools/testing/selftests/vfs/Makefile
> >>> create mode 100644 tools/testing/selftests/vfs/at_flags.h
> >>> create mode 100644 tools/testing/selftests/vfs/common.sh
> >>> create mode 100755 tools/testing/selftests/vfs/tests/0001_at_beneath.sh
> >>> create mode 100755 tools/testing/selftests/vfs/tests/0002_at_xdev.sh
> >>> create mode 100755
> >>> tools/testing/selftests/vfs/tests/0003_at_no_proclinks.sh
> >>> create mode 100755
> >>> tools/testing/selftests/vfs/tests/0004_at_no_symlinks.sh
> >>> create mode 100755 tools/testing/selftests/vfs/tests/0005_at_this_root.sh
> >>> create mode 100644 tools/testing/selftests/vfs/vfs_helper.c
> >>>
> >>
> >
> >
>
>
--
James Morris
You can build that model where for example only an administrative
> > login from a trusted console may launch processes to do that
> > management.
> >
> > Or you could - if things were not going around the LSM hooks.
> >
> > Alan
>
--
James Morris
You can build that model where for example only an administrative
> > login from a trusted console may launch processes to do that
> > management.
> >
> > Or you could - if things were not going around the LSM hooks.
> >
> > Alan
>
--
James Morris
On Mon, 24 Sep 2018, Kees Cook wrote:
> In preparation for doing more interesting LSM init probing, this converts
> the existing initcall system into an explicit call into a function pointer
> from a section-collected struct lsm_info array.
>
> Cc: James Morris
> Cc: "
On Mon, 24 Sep 2018, Kees Cook wrote:
> In preparation for doing more interesting LSM init probing, this converts
> the existing initcall system into an explicit call into a function pointer
> from a section-collected struct lsm_info array.
>
> Cc: James Morris
> Cc: "
struct to the keyutils package named the symbol "priv", not "private".
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
next-general
and next-testing.
--
James Morris
struct to the keyutils package named the symbol "priv", not "private".
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
next-general
and next-testing.
--
James Morris
On Thu, 27 Sep 2018, Schaufler, Casey wrote:
> > > On 9/27/2018 2:45 PM, James Morris wrote:
> > > > On Wed, 26 Sep 2018, Casey Schaufler wrote:
> > > >
> > > >> + /*
> > > >> + * Namespace checks. Considere
On Thu, 27 Sep 2018, Schaufler, Casey wrote:
> > > On 9/27/2018 2:45 PM, James Morris wrote:
> > > > On Wed, 26 Sep 2018, Casey Schaufler wrote:
> > > >
> > > >> + /*
> > > >> + * Namespace checks. Considere
On Thu, 27 Sep 2018, Casey Schaufler wrote:
> On 9/27/2018 2:45 PM, James Morris wrote:
> > On Wed, 26 Sep 2018, Casey Schaufler wrote:
> >
> >> + /*
> >> + * Namespace checks. Considered safe if:
> >> + * cgroup namespace is the same
On Thu, 27 Sep 2018, Casey Schaufler wrote:
> On 9/27/2018 2:45 PM, James Morris wrote:
> > On Wed, 26 Sep 2018, Casey Schaufler wrote:
> >
> >> + /*
> >> + * Namespace checks. Considered safe if:
> >> + * cgroup namespace is the same
fic code has
> to go. The poisioning could be introduced into the infrastructure
> at some later date.
If it's useful, it should be incorporated into core LSM, otherwise that's
a regression for SELinux.
--
James Morris
201 - 300 of 2193 matches
Mail list logo