Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v5.4.38 2019-07-09T19:24:21Z 2019-07-09T19:24:21Z Linus Torvalds torvalds@linux-foundation.org 2019-07-09T19:24:21Z urn:sha1:9d22167f34305280c5dd57a74c21651da3c23015 Pull capabilities update from James Morris: "Minor fixes for capabilities: - Update the commoncap.c code to utilize XATTR_SECURITY_PREFIX_LEN, from Carmeli tamir. - Make the capability hooks static, from Yue Haibing" * 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: security/commoncap: Use xattr security prefix len security: Make capability_hooks static 2019-07-07T02:55:54Z Carmeli Tamir carmeli.tamir@gmail.com 2019-07-06T15:07:38Z urn:sha1:c5eaab1d131d0a6272df7d55a971a67400d63f56 Using the existing defined XATTR_SECURITY_PREFIX_LEN instead of sizeof(XATTR_SECURITY_PREFIX) - 1. Pretty simple cleanup. Signed-off-by: Carmeli Tamir <carmeli.tamir@gmail.com> Signed-off-by: James Morris <jamorris@linux.microsoft.com> 2019-06-11T21:05:16Z YueHaibing yuehaibing@huawei.com 2019-06-11T13:48:15Z urn:sha1:d1c5947ec6789b7d72cd7365f4e37ec326dbd9b6 Fix sparse warning: security/commoncap.c:1347:27: warning: symbol 'capability_hooks' was not declared. Should it be static? Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: James Morris <jamorris@linux.microsoft.com> 2019-05-30T18:26:32Z Thomas Gleixner tglx@linutronix.de 2019-05-27T06:55:01Z urn:sha1:2874c5fd284268364ece81a7bd936f3c8168e567 Based on 1 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license as published by the free software foundation either version 2 of the license or at your option any later version extracted by the scancode license scanner the SPDX license identifier GPL-2.0-or-later has been chosen to replace the boilerplate/reference in 3029 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Allison Randal <allison@lohutok.net> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190527070032.746973796@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-03-07T20:20:11Z Linus Torvalds torvalds@linux-foundation.org 2019-03-07T20:20:11Z urn:sha1:be37f21a08ce65c7632c7f45e1755a4b07f278a0 Pull audit updates from Paul Moore: "A lucky 13 audit patches for v5.1. Despite the rather large diffstat, most of the changes are from two bug fix patches that move code from one Kconfig option to another. Beyond that bit of churn, the remaining changes are largely cleanups and bug-fixes as we slowly march towards container auditing. It isn't all boring though, we do have a couple of new things: file capabilities v3 support, and expanded support for filtering on filesystems to solve problems with remote filesystems. All changes pass the audit-testsuite. Please merge for v5.1" * tag 'audit-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit: audit: mark expected switch fall-through audit: hide auditsc_get_stamp and audit_serial prototypes audit: join tty records to their syscall audit: remove audit_context when CONFIG_ AUDIT and not AUDITSYSCALL audit: remove unused actx param from audit_rule_match audit: ignore fcaps on umount audit: clean up AUDITSYSCALL prototypes and stubs audit: more filter PATH records keyed on filesystem magic audit: add support for fcaps v3 audit: move loginuid and sessionid from CONFIG_AUDITSYSCALL to CONFIG_AUDIT audit: add syscall information to CONFIG_CHANGE records audit: hand taken context to audit_kill_trees for syscall logging audit: give a clue what CONFIG_CHANGE op was involved 2019-02-25T23:16:25Z Micah Morton mortonm@chromium.org 2019-02-25T22:17:10Z urn:sha1:e88ed488af0a70cbc925d2cce60788378bbe26e3 This should have gone in with commit c1a85a00ea66cb6f0bd0f14e47c28c2b0999799f. Signed-off-by: Micah Morton <mortonm@chromium.org> Signed-off-by: James Morris <james.morris@microsoft.com> 2019-01-25T18:31:23Z Richard Guy Briggs rgb@redhat.com 2019-01-24T02:36:25Z urn:sha1:2fec30e245a3b46fef89c4cb1f74eefc5fbb29a6 V3 namespaced file capabilities were introduced in commit 8db6c34f1dbc ("Introduce v3 namespaced file capabilities") Add support for these by adding the "frootid" field to the existing fcaps fields in the NAME and BPRM_FCAPS records. Please see github issue https://github.com/linux-audit/audit-kernel/issues/103 Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Acked-by: Serge Hallyn <serge@hallyn.com> [PM: comment tweak to fit an 80 char line width] Signed-off-by: Paul Moore <paul@paul-moore.com> 2019-01-10T22:16:06Z Micah Morton mortonm@chromium.org 2019-01-08T00:10:53Z urn:sha1:c1a85a00ea66cb6f0bd0f14e47c28c2b0999799f This patch provides a general mechanism for passing flags to the security_capable LSM hook. It replaces the specific 'audit' flag that is used to tell security_capable whether it should log an audit message for the given capability check. The reason for generalizing this flag passing is so we can add an additional flag that signifies whether security_capable is being called by a setid syscall (which is needed by the proposed SafeSetID LSM). Signed-off-by: Micah Morton <mortonm@chromium.org> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.morris@microsoft.com> 2019-01-08T21:18:44Z Kees Cook keescook@chromium.org 2018-09-14T22:40:45Z urn:sha1:d117a154e6128abac5409d3f173584e7b25981a2 This converts capabilities to use the new LSM_ORDER_FIRST position. Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Casey Schaufler <casey@schaufler-ca.com> 2018-12-12T22:58:51Z Paul Gortmaker paul.gortmaker@windriver.com 2018-12-09T20:36:29Z urn:sha1:876979c9308b7228cdaf6785909c57eebc85d911 Historically a lot of these existed because we did not have a distinction between what was modular code and what was providing support to modules via EXPORT_SYMBOL and friends. That changed when we forked out support for the latter into the export.h file. This means we should be able to reduce the usage of module.h in code that is obj-y Makefile or bool Kconfig. The advantage in removing such instances is that module.h itself sources about 15 other headers; adding significantly to what we feed cpp, and it can obscure what headers we are effectively using. Since module.h might have been the implicit source for init.h (for __init) and for export.h (for EXPORT_SYMBOL) we consider each instance for the presence of either and replace as needed. Cc: James Morris <jmorris@namei.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: John Johansen <john.johansen@canonical.com> Cc: Mimi Zohar <zohar@linux.ibm.com> Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com> Cc: David Howells <dhowells@redhat.com> Cc: linux-security-module@vger.kernel.org Cc: linux-integrity@vger.kernel.org Cc: keyrings@vger.kernel.org Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> Signed-off-by: James Morris <james.morris@microsoft.com>