1. 07 Apr, 2015 1 commit
  2. 02 Apr, 2015 1 commit
  3. 31 Mar, 2015 1 commit
  4. 27 Mar, 2015 2 commits
  5. 23 Mar, 2015 4 commits
    • Paul Gortmaker's avatar
      smack: Fix gcc warning from unused smack_syslog_lock mutex in smackfs.c · f43b65ba
      Paul Gortmaker authored
      In commit 00f84f3f ("Smack: Make the
      syslog control configurable") this mutex was added, but the rest of
      the final commit never actually made use of it, resulting in:
      
       In file included from include/linux/mutex.h:29:0,
                        from include/linux/notifier.h:13,
                        from include/linux/memory_hotplug.h:6,
                        from include/linux/mmzone.h:821,
                        from include/linux/gfp.h:5,
                        from include/linux/slab.h:14,
                        from include/linux/security.h:27,
                        from security/smack/smackfs.c:21:
       security/smack/smackfs.c:63:21: warning: ‘smack_syslog_lock’ defined but not used [-Wunused-variable]
        static DEFINE_MUTEX(smack_syslog_lock);
                            ^
      
      A git grep shows no other instances/references to smack_syslog_lock.
      Delete it, assuming that the mutex addition was just a leftover from
      an earlier work in progress version of the change.
      Signed-off-by: default avatarPaul Gortmaker <paul.gortmaker@windriver.com>
      f43b65ba
    • Casey Schaufler's avatar
      Smack: Allow an unconfined label in bringup mode · bf4b2fee
      Casey Schaufler authored
      I have vehemently opposed adding a "permissive" mode to Smack
      for the simple reasons that it would be subject to massive abuse
      and that developers refuse to turn it off come product release.
      I still believe that this is true, and still refuse to add a
      general "permissive mode". So don't ask again.
      
      Bumjin Im suggested an approach that addresses most of the concerns,
      and I have implemented it here. I still believe that we'd be better
      off without this sort of thing, but it looks like this minimizes the
      abuse potential.
      
      Firstly, you have to configure Smack Bringup Mode. That allows
      for "release" software to be ammune from abuse. Second, only one
      label gets to be "permissive" at a time. You can use it for
      debugging, but that's about it.
      
      A label written to smackfs/unconfined is treated specially.
      If either the subject or object label of an access check
      matches the "unconfined" label, and the access would not
      have been allowed otherwise an audit record and a console
      message are generated. The audit record "request" string is
      marked with either "(US)" or "(UO)", to indicate that the
      request was granted because of an unconfined label. The
      fact that an inode was accessed by an unconfined label is
      remembered, and subsequent accesses to that "impure"
      object are noted in the log. The impurity is not stored in
      the filesystem, so a file mislabled as a side effect of
      using an unconfined label may still cause concern after
      a reboot.
      
      So, it's there, it's dangerous, but so many application
      developers seem incapable of living without it I have
      given in. I've tried to make it as safe as I can, but
      in the end it's still a chain saw.
      Signed-off-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
      bf4b2fee
    • José Bollo's avatar
      Smack: getting the Smack security context of keys · 7fc5f36e
      José Bollo authored
      With this commit, the LSM Smack implements the LSM
      side part of the system call keyctl with the action
      code KEYCTL_GET_SECURITY.
      
      It is now possible to get the context of, for example,
      the user session key using the command "keyctl security @s".
      
      The original patch has been modified for merge.
      Signed-off-by: default avatarJosé Bollo <jose.bollo@open.eurogiciel.org>
      Signed-off-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
      7fc5f36e
    • Marcin Lis's avatar
      Smack: Assign smack_known_web as default smk_in label for kernel thread's socket · 7412301b
      Marcin Lis authored
      This change fixes the bug associated with sockets owned by kernel threads. These
      sockets, created usually by network devices' drivers tasks, received smk_in
      label from the task that created them - the "floor" label in the most cases. The
      result was that they were not able to receive data packets because of missing
      smack rules. The main reason of the access deny is that the socket smk_in label
      is placed as the object during smk check, kernel thread's capabilities are
      omitted.
      Signed-off-by: default avatarMarcin Lis <m.lis@samsung.com>
      7412301b
  6. 18 Mar, 2015 8 commits
  7. 05 Mar, 2015 2 commits
    • Jarkko Sakkinen's avatar
      tpm: fix call order in tpm-chip.c · d972b052
      Jarkko Sakkinen authored
      - tpm_dev_add_device(): cdev_add() must be done before uevent is
        propagated in order to avoid races.
      - tpm_chip_register(): tpm_dev_add_device() must be done as the
        last step before exposing device to the user space in order to
        avoid races.
      
      In addition clarified description in tpm_chip_register().
      
      Fixes: 313d21ee ("tpm: device class for tpm")
      Fixes: afb5abc2 ("tpm: two-phase chip management functions")
      Signed-off-by: default avatarJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      Reviewed-by: default avatarPeter Huewe <peterhuewe@gmx.de>
      Signed-off-by: default avatarPeter Huewe <peterhuewe@gmx.de>
      d972b052
    • jmlatten@linux.vnet.ibm.com's avatar
      tpm/ibmvtpm: Additional LE support for tpm_ibmvtpm_send · 6da2517d
      jmlatten@linux.vnet.ibm.com authored
      Problem: When IMA and VTPM are both enabled in kernel config,
      kernel hangs during bootup on LE OS.
      
      Why?: IMA calls tpm_pcr_read() which results in tpm_ibmvtpm_send
      and tpm_ibmtpm_recv getting called. A trace showed that
      tpm_ibmtpm_recv was hanging.
      
      Resolution: tpm_ibmtpm_recv was hanging because tpm_ibmvtpm_send
      was sending CRQ message that probably did not make much sense
      to phype because of Endianness. The fix below sends correctly
      converted CRQ for LE. This was not caught before because it
      seems IMA is not enabled by default in kernel config and
      IMA exercises this particular code path in vtpm.
      
      Tested with IMA and VTPM enabled in kernel config and VTPM
      enabled on both a BE OS and a LE OS ppc64 lpar. This exercised
      CRQ and TPM command code paths in vtpm.
      Patch is against Peter's tpmdd tree on github which included
      Vicky's previous vtpm le patches.
      Signed-off-by: default avatarJoy Latten <jmlatten@linux.vnet.ibm.com>
      Cc: <stable@vger.kernel.org> # eb71f8a5: "Added Little Endian support to vtpm module"
      Cc: <stable@vger.kernel.org>
      Reviewed-by: default avatarAshley Lai <ashley@ahsleylai.com>
      Signed-off-by: default avatarPeter Huewe <peterhuewe@gmx.de>
      6da2517d
  8. 03 Mar, 2015 1 commit
  9. 28 Feb, 2015 2 commits
  10. 23 Feb, 2015 3 commits
    • Linus Torvalds's avatar
      Linux 4.0-rc1 · c517d838
      Linus Torvalds authored
      .. after extensive statistical analysis of my G+ polling, I've come to
      the inescapable conclusion that internet polls are bad.
      
      Big surprise.
      
      But "Hurr durr I'ma sheep" trounced "I like online polls" by a 62-to-38%
      margin, in a poll that people weren't even supposed to participate in.
      Who can argue with solid numbers like that? 5,796 votes from people who
      can't even follow the most basic directions?
      
      In contrast, "v4.0" beat out "v3.20" by a slimmer margin of 56-to-44%,
      but with a total of 29,110 votes right now.
      
      Now, arguably, that vote spread is only about 3,200 votes, which is less
      than the almost six thousand votes that the "please ignore" poll got, so
      it could be considered noise.
      
      But hey, I asked, so I'll honor the votes.
      c517d838
    • Linus Torvalds's avatar
      Merge tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 · feaf2229
      Linus Torvalds authored
      Pull ext4 fixes from Ted Ts'o:
       "Ext4 bug fixes.
      
        We also reserved code points for encryption and read-only images (for
        which the implementation is mostly just the reserved code point for a
        read-only feature :-)"
      
      * tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
        ext4: fix indirect punch hole corruption
        ext4: ignore journal checksum on remount; don't fail
        ext4: remove duplicate remount check for JOURNAL_CHECKSUM change
        ext4: fix mmap data corruption in nodelalloc mode when blocksize < pagesize
        ext4: support read-only images
        ext4: change to use setup_timer() instead of init_timer()
        ext4: reserve codepoints used by the ext4 encryption feature
        jbd2: complain about descriptor block checksum errors
      feaf2229
    • Linus Torvalds's avatar
      Merge branch 'for-linus-2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · be5e6616
      Linus Torvalds authored
      Pull more vfs updates from Al Viro:
       "Assorted stuff from this cycle.  The big ones here are multilayer
        overlayfs from Miklos and beginning of sorting ->d_inode accesses out
        from David"
      
      * 'for-linus-2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (51 commits)
        autofs4 copy_dev_ioctl(): keep the value of ->size we'd used for allocation
        procfs: fix race between symlink removals and traversals
        debugfs: leave freeing a symlink body until inode eviction
        Documentation/filesystems/Locking: ->get_sb() is long gone
        trylock_super(): replacement for grab_super_passive()
        fanotify: Fix up scripted S_ISDIR/S_ISREG/S_ISLNK conversions
        Cachefiles: Fix up scripted S_ISDIR/S_ISREG/S_ISLNK conversions
        VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
        SELinux: Use d_is_positive() rather than testing dentry->d_inode
        Smack: Use d_is_positive() rather than testing dentry->d_inode
        TOMOYO: Use d_is_dir() rather than d_inode and S_ISDIR()
        Apparmor: Use d_is_positive/negative() rather than testing dentry->d_inode
        Apparmor: mediated_filesystem() should use dentry->d_sb not inode->i_sb
        VFS: Split DCACHE_FILE_TYPE into regular and special types
        VFS: Add a fallthrough flag for marking virtual dentries
        VFS: Add a whiteout dentry type
        VFS: Introduce inode-getting helpers for layered/unioned fs environments
        Infiniband: Fix potential NULL d_inode dereference
        posix_acl: fix reference leaks in posix_acl_create
        autofs4: Wrong format for printing dentry
        ...
      be5e6616
  11. 22 Feb, 2015 15 commits