Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v5.18.6 2022-04-25T15:26:40Z 2022-04-25T15:26:40Z Eric Biggers ebiggers@google.com 2022-04-22T00:27:31Z urn:sha1:5a7e470e460fb90657343d843732325e53bb875f Fix the documentation for the hsiphash functions to avoid conflating the HalfSipHash algorithm with the hsiphash functions, since these functions actually implement either HalfSipHash or SipHash, and random.c now uses HalfSipHash (in a very special way) without the hsiphash functions. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2022-04-25T15:26:40Z Bagas Sanjaya bagasdotme@gmail.com 2022-04-17T07:50:58Z urn:sha1:2fbfeb4fa61684955980b99603c29d2002a67118 Render usage example of HalfSipHash function as code block by using literal block syntax. Cc: Jonathan Corbet <corbet@lwn.net> Cc: Eric Biggers <ebiggers@google.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Mauro Carvalho Chehab <mchehab+huawei@kernel.org> Cc: linux-kernel@vger.kernel.org Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com> Signed-off-by: Jonathan Corbet <corbet@lwn.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2022-04-25T15:26:40Z Bagas Sanjaya bagasdotme@gmail.com 2022-04-17T07:50:57Z urn:sha1:ec862155c3ccbde59644336eec58468e7d07519b Render danger paragraph into warning block for emphasization. Cc: Jonathan Corbet <corbet@lwn.net> Cc: Eric Biggers <ebiggers@google.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Mauro Carvalho Chehab <mchehab+huawei@kernel.org> Cc: linux-kernel@vger.kernel.org Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com> Signed-off-by: Jonathan Corbet <corbet@lwn.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2022-03-22T03:47:54Z Linus Torvalds torvalds@linux-foundation.org 2022-03-22T03:47:54Z urn:sha1:c269497d248e43558aafc6b3f87b49d4dd3c2713 Pull selinux updates from Paul Moore: "We've got a number of SELinux patches queued up, the highlights are: - Fixup the security_fs_context_parse_param() LSM hook so it executes all of the LSM hook implementations unless a serious error occurs. We also correct the SELinux hook implementation so that it returns zero on success. - In addition to a few SELinux mount option parsing fixes, we simplified the parsing by moving it earlier in the process. The logic was that it was unlikely an admin/user would use the new mount API and not have the policy loaded before passing the SELinux options. - Properly fixed the LSM/SELinux/SCTP hooks with the addition of the security_sctp_assoc_established() hook. This work was done in conjunction with the netdev folks and should complete the move of the SCTP labeling from the endpoints to the associations. - Fixed a variety of sparse warnings caused by changes in the "__rcu" markings of some core kernel structures. - Ensure we access the superblock's LSM security blob using the stacking-safe accessors. - Added the ability for the kernel to always allow FIOCLEX and FIONCLEX if the "ioctl_skip_cloexec" policy capability is specified. - Various constifications improvements, type casting improvements, additional return value checks, and dead code/parameter removal. - Documentation fixes" * tag 'selinux-pr-20220321' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: (23 commits) selinux: shorten the policy capability enum names docs: fix 'make htmldocs' warning in SCTP.rst selinux: allow FIOCLEX and FIONCLEX with policy capability selinux: use correct type for context length selinux: drop return statement at end of void functions security: implement sctp_assoc_established hook in selinux security: add sctp_assoc_established hook selinux: parse contexts for mount options early selinux: various sparse fixes selinux: try to use preparsed sid before calling parse_sid() selinux: Fix selinux_sb_mnt_opts_compat() LSM: general protection fault in legacy_parse_param selinux: fix a type cast problem in cred_init_security() selinux: drop unused macro selinux: simplify cred_init_security selinux: do not discard const qualifier in cast selinux: drop unused parameter of avtab_insert_node selinux: drop cast to same type selinux: enclose macro arguments in parenthesis selinux: declare name parameter of hash_eval const ... 2022-02-28T16:09:10Z Wan Jiabing wanjiabing@vivo.com 2022-02-28T02:56:41Z urn:sha1:70868c6b8fd80db585da57a264c50a69af8fd3c3 Fix following 'make htmldocs' warnings: ./Documentation/security/SCTP.rst:123: WARNING: Title underline too short. security_sctp_assoc_established() ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./Documentation/security/SCTP.rst:123: WARNING: Title underline too short. security_sctp_assoc_established() ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./Documentation/security/SCTP.rst:273: WARNING: Title underline too short. security_sctp_assoc_established() ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./Documentation/security/SCTP.rst:273: WARNING: Title underline too short. security_sctp_assoc_established() ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Fixes: 5e50f5d4ff31 ("security: add sctp_assoc_established hook") Signed-off-by: Wan Jiabing <wanjiabing@vivo.com> Reviewed-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: Paul Moore <paul@paul-moore.com> 2022-02-22T00:47:45Z Yael Tzur yaelt@google.com 2022-02-15T14:19:53Z urn:sha1:cd3bc044af483422cc81a93f23c78c20c978b17c For availability and performance reasons master keys often need to be released outside of a Key Management Service (KMS) to clients. It would be beneficial to provide a mechanism where the wrapping/unwrapping of data encryption keys (DEKs) is not dependent on a remote call at runtime yet security is not (or only minimally) compromised. Master keys could be securely stored in the Kernel and be used to wrap/unwrap keys from Userspace. The encrypted.c class supports instantiation of encrypted keys with either an already-encrypted key material, or by generating new key material based on random numbers. This patch defines a new datablob format: [<format>] <master-key name> <decrypted data length> <decrypted data> that allows to inject and encrypt user-provided decrypted data. The decrypted data must be hex-ascii encoded. Signed-off-by: Yael Tzur <yaelt@google.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> 2022-02-15T20:03:38Z Ondrej Mosnacek omosnace@redhat.com 2022-02-12T17:59:21Z urn:sha1:5e50f5d4ff31e95599d695df1f0a4e7d2d6fef99 security_sctp_assoc_established() is added to replace security_inet_conn_established() called in sctp_sf_do_5_1E_ca(), so that asoc can be accessed in security subsystem and save the peer secid to asoc->peer_secid. Fixes: 72e89f50084c ("security: Add support for SCTP security hooks") Reported-by: Prashanth Prahlad <pprahlad@redhat.com> Based-on-patch-by: Xin Long <lucien.xin@gmail.com> Reviewed-by: Xin Long <lucien.xin@gmail.com> Tested-by: Richard Haines <richard_c_haines@btinternet.com> Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com> 2021-12-10T21:02:06Z Shuah Khan skhan@linuxfoundation.org 2021-12-08T16:40:51Z urn:sha1:b080e52110ea30b1ec6dcc2e9dbac786ac104ddd __ro_after_init is no longer new and under development. Update the document to reflect the correct status. Signed-off-by: Shuah Khan <skhan@linuxfoundation.org> Link: https://lore.kernel.org/r/20211208164051.8783-1-skhan@linuxfoundation.org Signed-off-by: Jonathan Corbet <corbet@lwn.net> 2021-11-12T17:07:02Z Paul Moore paul@paul-moore.com 2021-11-12T17:07:02Z urn:sha1:32a370abf12f82c8383e430c21365f5355d8b288 This patch reverts two prior patches, e7310c94024c ("security: implement sctp_assoc_established hook in selinux") and 7c2ef0240e6a ("security: add sctp_assoc_established hook"), which create the security_sctp_assoc_established() LSM hook and provide a SELinux implementation. Unfortunately these two patches were merged without proper review (the Reviewed-by and Tested-by tags from Richard Haines were for previous revisions of these patches that were significantly different) and there are outstanding objections from the SELinux maintainers regarding these patches. Work is currently ongoing to correct the problems identified in the reverted patches, as well as others that have come up during review, but it is unclear at this point in time when that work will be ready for inclusion in the mainline kernel. In the interest of not keeping objectionable code in the kernel for multiple weeks, and potentially a kernel release, we are reverting the two problematic patches. Signed-off-by: Paul Moore <paul@paul-moore.com> 2021-11-03T11:09:20Z Xin Long lucien.xin@gmail.com 2021-11-02T12:02:49Z urn:sha1:7c2ef0240e6abfd3cc59511339517358350a8910 security_sctp_assoc_established() is added to replace security_inet_conn_established() called in sctp_sf_do_5_1E_ca(), so that asoc can be accessed in security subsystem and save the peer secid to asoc->peer_secid. v1->v2: - fix the return value of security_sctp_assoc_established() in security.h, found by kernel test robot and Ondrej. Fixes: 72e89f50084c ("security: Add support for SCTP security hooks") Reported-by: Prashanth Prahlad <pprahlad@redhat.com> Reviewed-by: Richard Haines <richard_c_haines@btinternet.com> Tested-by: Richard Haines <richard_c_haines@btinternet.com> Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>