* [GIT PULL] SELinux updates for 3.12
@ 2013-10-17 13:15 Paul Moore
2013-10-20 22:49 ` James Morris
0 siblings, 1 reply; 6+ messages in thread
From: Paul Moore @ 2013-10-17 13:15 UTC (permalink / raw)
To: James Morris; +Cc: selinux, linux-security-module
Hi James,
Here are a collection of SELinux updates that should be included in 3.12.
This request contains mostly various cleanup patches with a few bugfixes and
performance improvements thrown in for good measure. The bulk of these
patches were inherited from Eric's old tree, hence the merge/pull in the log.
Lastly, all of these patches have been in linux-next for some time now, and
they all pass the SELinux testsuite with flying colors.
Enjoy,
-Paul
---
The following changes since commit 6e4664525b1db28f8c4e1130957f70a94c19213e:
Linux 3.11 (2013-09-02 13:46:10 -0700)
are available in the git repository at:
git://git.infradead.org/users/pcmoore/selinux
for you to fetch changes up to 42d64e1add3a1ce8a787116036163b8724362145:
selinux: correct locking in selinux_netlbl_socket_connect)
(2013-09-26 17:00:46 -0400)
----------------------------------------------------------------
Anand Avati (1):
selinux: consider filesystem subtype in policies
Chris PeBenito (1):
Add SELinux policy capability for always checking packet and peer
classes.
Duan Jiong (1):
selinux: Use kmemdup instead of kmalloc + memcpy
Eric Paris (12):
SELinux: fix selinuxfs policy file on big endian systems
SELinux: remove crazy contortions around proc
SELinux: make it harder to get the number of mnt opts wrong
SELinux: use define for number of bits in the mnt flags mask
SELinux: rename SE_SBLABELSUPP to SBLABEL_MNT
SELinux: do all flags twiddling in one place
SELinux: renumber the superblock options
SELinux: change sbsec->behavior to short
SELinux: do not handle seclabel as a special flag
SELinux: pass a superblock to security_fs_use
SELinux: use a helper function to determine seclabel
Revert "SELinux: do not handle seclabel as a special flag"
Paul Moore (12):
lsm: split the xfrm_state_alloc_security() hook implementation
selinux: cleanup and consolidate the XFRM alloc/clone/delete/free code
selinux: cleanup selinux_xfrm_policy_lookup() and
selinux_xfrm_state_pol_flow_match()
selinux: cleanup selinux_xfrm_sock_rcv_skb() and
selinux_xfrm_postroute_last()
selinux: cleanup some comment and whitespace issues in the XFRM code
selinux: cleanup selinux_xfrm_decode_session()
selinux: cleanup the XFRM header
selinux: remove the BUG_ON() from selinux_skb_xfrm_sid()
selinux: fix problems in netnode when BUG() is compiled out
Merge git://git.infradead.org/users/eparis/selinux
selinux: add Paul Moore as a SELinux maintainer
selinux: correct locking in selinux_netlbl_socket_connect)
Stephen Smalley (1):
SELinux: Enable setting security contexts on rootfs inodes.
Waiman Long (2):
SELinux: Reduce overhead of mls_level_isvalid() function call
SELinux: Increase ebitmap_node size for 64-bit configuration
MAINTAINERS | 3 +-
include/linux/security.h | 26 ++-
security/capability.c | 15 +-
security/security.c | 13 +-
security/selinux/hooks.c | 146 +++++++-----
security/selinux/include/objsec.h | 4 +-
security/selinux/include/security.h | 13 +-
security/selinux/include/xfrm.h | 45 ++--
security/selinux/netlabel.c | 6 +-
security/selinux/netnode.c | 2 +
security/selinux/selinuxfs.c | 4 +-
security/selinux/ss/ebitmap.c | 20 +-
security/selinux/ss/ebitmap.h | 10 +-
security/selinux/ss/mls.c | 22 +-
security/selinux/ss/mls_types.h | 2 +-
security/selinux/ss/policydb.c | 3 +-
security/selinux/ss/services.c | 66 ++++--
security/selinux/xfrm.c | 453 +++++++++++++++-------------------
18 files changed, 452 insertions(+), 401 deletions(-)
--
paul moore
security and virtualization @ redhat
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [GIT PULL] SELinux updates for 3.12
2013-10-17 13:15 [GIT PULL] SELinux updates for 3.12 Paul Moore
@ 2013-10-20 22:49 ` James Morris
2013-10-21 13:39 ` Paul Moore
0 siblings, 1 reply; 6+ messages in thread
From: James Morris @ 2013-10-20 22:49 UTC (permalink / raw)
To: Paul Moore; +Cc: selinux, linux-security-module
On Thu, 17 Oct 2013, Paul Moore wrote:
> Hi James,
>
> Here are a collection of SELinux updates that should be included in 3.12.
> This request contains mostly various cleanup patches with a few bugfixes and
> performance improvements thrown in for good measure. The bulk of these
> patches were inherited from Eric's old tree, hence the merge/pull in the log.
>
> Lastly, all of these patches have been in linux-next for some time now, and
> they all pass the SELinux testsuite with flying colors.
>
> Enjoy,
> -Paul
>
> ---
> The following changes since commit 6e4664525b1db28f8c4e1130957f70a94c19213e:
>
> Linux 3.11 (2013-09-02 13:46:10 -0700)
>
> are available in the git repository at:
>
> git://git.infradead.org/users/pcmoore/selinux
>
Why is no branch specified?
git-pull fails in any case.
--
James Morris
<jmorris@namei.org>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [GIT PULL] SELinux updates for 3.12
2013-10-20 22:49 ` James Morris
@ 2013-10-21 13:39 ` Paul Moore
2013-10-22 11:20 ` James Morris
0 siblings, 1 reply; 6+ messages in thread
From: Paul Moore @ 2013-10-21 13:39 UTC (permalink / raw)
To: James Morris; +Cc: selinux, linux-security-module
On Monday, October 21, 2013 09:49:54 AM James Morris wrote:
> On Thu, 17 Oct 2013, Paul Moore wrote:
> > Hi James,
> >
> > Here are a collection of SELinux updates that should be included in 3.12.
> > This request contains mostly various cleanup patches with a few bugfixes
> > and performance improvements thrown in for good measure. The bulk of
> > these patches were inherited from Eric's old tree, hence the merge/pull
> > in the log.
> >
> > Lastly, all of these patches have been in linux-next for some time now,
> > and
> > they all pass the SELinux testsuite with flying colors.
> >
> > Enjoy,
> > -Paul
> >
> > ---
> >
> > The following changes since commit 6e4664525b1db28f8c4e1130957f70....
> > Linux 3.11 (2013-09-02 13:46:10 -0700)
> >
> > are available in the git repository at:
> > git://git.infradead.org/users/pcmoore/selinux
>
> Why is no branch specified?
Why does a branch need to be specified? The changes live in master and my
understanding was that if a branch was not explicitly listed then master
should be used.
> git-pull fails in any case.
Can you be more explicit? It works for me ...
# git pull git://git.infradead.org/users/pcmoore/selinux
remote: Counting objects: 238, done.
remote: Compressing objects: 100% (38/38), done.
remote: Total 199 (delta 169), reused 189 (delta 161)
Receiving objects: 100% (199/199), 31.38 KiB | 0 bytes/s, done.
Resolving deltas: 100% (169/169), completed with 38 local objects.
>From git://git.infradead.org/users/pcmoore/selinux
* branch HEAD -> FETCH_HEAD
Auto-merging security/selinux/include/xfrm.h
Auto-merging security/selinux/hooks.c
Auto-merging security/security.c
Auto-merging security/capability.c
Auto-merging include/linux/security.h
Auto-merging MAINTAINERS
Merge made by the 'recursive' strategy.
MAINTAINERS | 3 +-
include/linux/security.h | 26 ++-
security/capability.c | 15 +-
security/security.c | 13 +-
security/selinux/hooks.c | 146 +++++++-----
security/selinux/include/objsec.h | 4 +-
security/selinux/include/security.h | 13 +-
security/selinux/include/xfrm.h | 45 ++--
security/selinux/netlabel.c | 6 +-
security/selinux/netnode.c | 2 +
security/selinux/selinuxfs.c | 4 +-
security/selinux/ss/ebitmap.c | 20 +-
security/selinux/ss/ebitmap.h | 10 +-
security/selinux/ss/mls.c | 22 +-
security/selinux/ss/mls_types.h | 2 +-
security/selinux/ss/policydb.c | 3 +-
security/selinux/ss/services.c | 66 ++++--
security/selinux/xfrm.c | 453 +++++++++++++++-------------------
18 files changed, 452 insertions(+), 401 deletions(-)
--
paul moore
security and virtualization @ redhat
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [GIT PULL] SELinux updates for 3.12
2013-10-21 13:39 ` Paul Moore
@ 2013-10-22 11:20 ` James Morris
2013-10-22 18:10 ` Paul Moore
0 siblings, 1 reply; 6+ messages in thread
From: James Morris @ 2013-10-22 11:20 UTC (permalink / raw)
To: Paul Moore; +Cc: selinux, linux-security-module
On Mon, 21 Oct 2013, Paul Moore wrote:
> Why does a branch need to be specified? The changes live in master and my
> understanding was that if a branch was not explicitly listed then master
> should be used.
>
Ok, I'll do that. I'm not going to assume it.
> > git-pull fails in any case.
>
> Can you be more explicit? It works for me ...
$ git pull git://git.infradead.org/users/pcmoore/selinux
You asked to pull from the remote
'git://git.infradead.org/users/pcmoore/selinux', but did not specify
a branch. Because this is not the default configured remote
for your current branch, you must specify a branch on the command line.
--
James Morris
<jmorris@namei.org>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [GIT PULL] SELinux updates for 3.12
2013-10-22 11:20 ` James Morris
@ 2013-10-22 18:10 ` Paul Moore
2013-10-22 22:57 ` James Morris
0 siblings, 1 reply; 6+ messages in thread
From: Paul Moore @ 2013-10-22 18:10 UTC (permalink / raw)
To: James Morris; +Cc: selinux, linux-security-module
On Tuesday, October 22, 2013 10:20:38 PM James Morris wrote:
> On Mon, 21 Oct 2013, Paul Moore wrote:
> > Why does a branch need to be specified? The changes live in master and my
> > understanding was that if a branch was not explicitly listed then master
> > should be used.
>
> Ok, I'll do that. I'm not going to assume it.
>
> > > git-pull fails in any case.
> >
> > Can you be more explicit? It works for me ...
>
> $ git pull git://git.infradead.org/users/pcmoore/selinux
> You asked to pull from the remote
> 'git://git.infradead.org/users/pcmoore/selinux', but did not specify
> a branch. Because this is not the default configured remote
> for your current branch, you must specify a branch on the command line.
Looking at your next branch, it looks like you were able to pull successfully
from my master branch ... are you set for 3.12?
--
paul moore
security and virtualization @ redhat
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [GIT PULL] SELinux updates for 3.12
2013-10-22 18:10 ` Paul Moore
@ 2013-10-22 22:57 ` James Morris
0 siblings, 0 replies; 6+ messages in thread
From: James Morris @ 2013-10-22 22:57 UTC (permalink / raw)
To: Paul Moore; +Cc: selinux, linux-security-module
On Tue, 22 Oct 2013, Paul Moore wrote:
> On Tuesday, October 22, 2013 10:20:38 PM James Morris wrote:
> > On Mon, 21 Oct 2013, Paul Moore wrote:
> > > Why does a branch need to be specified? The changes live in master and my
> > > understanding was that if a branch was not explicitly listed then master
> > > should be used.
> >
> > Ok, I'll do that. I'm not going to assume it.
> >
> > > > git-pull fails in any case.
> > >
> > > Can you be more explicit? It works for me ...
> >
> > $ git pull git://git.infradead.org/users/pcmoore/selinux
> > You asked to pull from the remote
> > 'git://git.infradead.org/users/pcmoore/selinux', but did not specify
> > a branch. Because this is not the default configured remote
> > for your current branch, you must specify a branch on the command line.
>
> Looking at your next branch, it looks like you were able to pull successfully
> from my master branch ... are you set for 3.12?
Yep, thanks.
--
James Morris
<jmorris@namei.org>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2013-10-22 22:56 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-10-17 13:15 [GIT PULL] SELinux updates for 3.12 Paul Moore
2013-10-20 22:49 ` James Morris
2013-10-21 13:39 ` Paul Moore
2013-10-22 11:20 ` James Morris
2013-10-22 18:10 ` Paul Moore
2013-10-22 22:57 ` James Morris
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.