user/sven/linux.git/security, branch v3.18.24 Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v3.18.24 2015-08-27T17:25:53Z ima: extend "mask" policy matching support 2015-08-27T17:25:53Z Mimi Zohar zohar@linux.vnet.ibm.com 2014-11-05T12:53:55Z urn:sha1:36ac1d14682122e3d792c66c8ae8d6d1bd093547 [ Upstream commit 747cadeb108665b0474624a374aa9e13f12c9274 ] commit 4351c294b8c1028077280f761e158d167b592974 upstream. The current "mask" policy option matches files opened as MAY_READ, MAY_WRITE, MAY_APPEND or MAY_EXEC. This patch extends the "mask" option to match files opened containing one of these modes. For example, "mask=^MAY_READ" would match files opened read-write. Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Dr. Greg Wettstein <gw@idfusion.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> ima: add support for new "euid" policy condition 2015-08-27T17:25:52Z Mimi Zohar zohar@linux.vnet.ibm.com 2014-11-05T12:48:36Z urn:sha1:9a957a6622ab900a78a256d8c9d941b618135980 [ Upstream commit 139069eff7388407f19794384c42a534d618ccd7 ] The new "euid" policy condition measures files with the specified effective uid (euid). In addition, for CAP_SETUID files it measures files with the specified uid or suid. Changelog: - fixed checkpatch.pl warnings - fixed avc denied {setuid} messages - based on Roberto's feedback Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Dr. Greg Wettstein <gw@idfusion.org> Cc: stable@vger.kernel.org Signed-off-by: Sasha Levin <sasha.levin@oracle.com> evm: labeling pseudo filesystems exception 2015-08-04T18:29:15Z Mimi Zohar zohar@linux.vnet.ibm.com 2015-04-21T17:59:31Z urn:sha1:7a889192e322242945874e52b25f88c8841c8f47 [ Upstream commit 5101a1850bb7ccbf107929dee9af0cd2f400940f ] To prevent offline stripping of existing file xattrs and relabeling of them at runtime, EVM allows only newly created files to be labeled. As pseudo filesystems are not persistent, stripping of xattrs is not a concern. Some LSMs defer file labeling on pseudo filesystems. This patch permits the labeling of existing files on pseudo files systems. Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> KEYS: ensure we free the assoc array edit if edit is valid 2015-08-04T18:28:38Z Colin Ian King colin.king@canonical.com 2015-07-27T14:23:43Z urn:sha1:66db51c9f7b2fe7ebdfa753b2aa9abbb9feddc87 [ Upstream commit HEAD ] commit ca4da5dd1f99fe9c59f1709fb43e818b18ad20e0 upstream. __key_link_end is not freeing the associated array edit structure and this leads to a 512 byte memory leak each time an identical existing key is added with add_key(). The reason the add_key() system call returns okay is that key_create_or_update() calls __key_link_begin() before checking to see whether it can update a key directly rather than adding/replacing - which it turns out it can. Thus __key_link() is not called through __key_instantiate_and_link() and __key_link_end() must cancel the edit. CVE-2015-1333 Signed-off-by: Colin Ian King <colin.king@canonical.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> (cherry picked from commit c9cd9b18dac801040ada16562dc579d5ac366d75) Signed-off-by: Sasha Levin <sasha.levin@oracle.com> selinux: fix setting of security labels on NFS 2015-07-21T01:12:42Z J. Bruce Fields bfields@redhat.com 2015-06-04T19:57:25Z urn:sha1:f0f61c29dfb02b38431cef9058044a86bfa8f0cc [ Upstream commit 9fc2b4b436cff7d8403034676014f1be9d534942 ] Before calling into the filesystem, vfs_setxattr calls security_inode_setxattr, which ends up calling selinux_inode_setxattr in our case. That returns -EOPNOTSUPP whenever SBLABEL_MNT is not set. SBLABEL_MNT was supposed to be set by sb_finish_set_opts, which sets it only if selinux_is_sblabel_mnt returns true. The selinux_is_sblabel_mnt logic was broken by eadcabc697e9 "SELinux: do all flags twiddling in one place", which didn't take into the account the SECURITY_FS_USE_NATIVE behavior that had been introduced for nfs with eb9ae686507b "SELinux: Add new labeling type native labels". This caused setxattr's of security labels over NFSv4.2 to fail. Cc: stable@kernel.org # 3.13 Cc: Eric Paris <eparis@redhat.com> Cc: David Quigley <dpquigl@davequigley.com> Reported-by: Richard Chan <rc556677@outlook.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> [PM: added the stable dependency] Signed-off-by: Paul Moore <pmoore@redhat.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> ima: fix ima_show_template_data_ascii() 2015-07-04T03:02:31Z Mimi Zohar zohar@linux.vnet.ibm.com 2015-06-11T15:54:42Z urn:sha1:cdbbbe19dd7dde385233508367aeec020e089c25 [ Upstream commit 45b26133b97871896b8c5241d59f4ff7839db7b2 ] This patch fixes a bug introduced in "4d7aeee ima: define new template ima-ng and template fields d-ng and n-ng". Changelog: - change int to uint32 (Roberto Sassu's suggestion) Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Roberto Sassu <rsassu@suse.de> Cc: stable@vger.kernel.org # 3.13 Signed-off-by: Sasha Levin <sasha.levin@oracle.com> selinux/nlmsg: add XFRM_MSG_MAPPING 2015-06-28T17:39:25Z Nicolas Dichtel nicolas.dichtel@6wind.com 2015-04-10T14:24:28Z urn:sha1:8db8f8f39c21d93bb50de6a4e12ad1aea21411ef [ Upstream commit bd2cba07381a6dba60bc1c87ed8b37931d244da1 ] This command is missing. Fixes: 3a2dfbe8acb1 ("xfrm: Notify changes in UDP encapsulation via netlink") CC: Martin Willi <martin@strongswan.org> Reported-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> selinux/nlmsg: add XFRM_MSG_MIGRATE 2015-06-28T17:39:25Z Nicolas Dichtel nicolas.dichtel@6wind.com 2015-04-10T14:24:27Z urn:sha1:d4c2dc5980c149689974c3c4761f4f33978d20c4 [ Upstream commit 8d465bb777179c4bea731b828ec484088cc9fbc1 ] This command is missing. Fixes: 5c79de6e79cd ("[XFRM]: User interface for handling XFRM_MSG_MIGRATE") Reported-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> selinux/nlmsg: add XFRM_MSG_REPORT 2015-06-28T17:39:25Z Nicolas Dichtel nicolas.dichtel@6wind.com 2015-04-10T14:24:26Z urn:sha1:9829c06108276253371439db20497efbbf0115a5 [ Upstream commit b0b59b0056acd6f157a04cc895f7e24692fb08aa ] This command is missing. Fixes: 97a64b4577ae ("[XFRM]: Introduce XFRM_MSG_REPORT.") Reported-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> selinux/nlmsg: add XFRM_MSG_[NEW|GET]SADINFO 2015-06-28T17:39:24Z Nicolas Dichtel nicolas.dichtel@6wind.com 2015-04-08T16:36:42Z urn:sha1:3d5df8d994d3711eeed211cf6897435467ba0442 [ Upstream commit 5b5800fad072133e4a9c2efbf735baaac83dec86 ] These commands are missing. Fixes: 28d8909bc790 ("[XFRM]: Export SAD info.") Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <sasha.levin@oracle.com>