* [GIT PULL] SELinux patches for 3.17
@ 2014-07-18 19:37 Paul Moore
2014-07-19 7:26 ` James Morris
2014-08-01 15:28 ` Paul Moore
0 siblings, 2 replies; 4+ messages in thread
From: Paul Moore @ 2014-07-18 19:37 UTC (permalink / raw)
To: James Morris; +Cc: linux-security-module, selinux
Hi James,
Here are the SELinux patches for 3.17. A total of eight patches, none
particularly controversial: a few cleanups, a few bug fixes, and a minor tweak
to reduce the SELinux overhead during boot. One nice thing is that we remove
more code than we add in 3.17, so if nothing else we're doing our part to
fight code bloat :)
All the patches pass the SELinux testsuite and apply cleanly on top of linux-
security #next.
Enjoy,
-Paul
---
The following changes since commit 170b5910d9fbea79de1bb40df22eda5f98250c0c:
Merge tag 'v3.15' into next (2014-06-17 17:30:23 -0400)
are available in the git repository at:
git://git.infradead.org/users/pcmoore/selinux next
for you to fetch changes up to 615e51fdda6f274e94b1e905fcaf6111e0d9aa20:
selinux: reduce the number of calls to synchronize_net() when flushing
caches (2014-06-26 14:33:56 -0400)
----------------------------------------------------------------
Gideon Israel Dsouza (1):
security: Used macros from compiler.h instead of __attribute__((...))
Himangi Saraogi (1):
SELinux: use ARRAY_SIZE
Masahiro Yamada (1):
selinux, kbuild: remove unnecessary $(hostprogs-y) from clean-files
Namhyung Kim (3):
selinux: introduce str_read() helper
selinux: simple cleanup for cond_read_node()
selinux: fix a possible memory leak in cond_read_node()
Paul Moore (1):
selinux: reduce the number of calls to synchronize_net() when flushing
caches
Waiman Long (1):
selinux: no recursive read_lock of policy_rwlock in security_genfs_sid()
scripts/selinux/genheaders/Makefile | 1 -
scripts/selinux/mdp/Makefile | 2 +-
security/selinux/hooks.c | 14 ++++
security/selinux/include/netif.h | 2 +
security/selinux/include/netnode.h | 2 +
security/selinux/include/netport.h | 2 +
security/selinux/include/security.h | 3 +-
security/selinux/netif.c | 15 +---
security/selinux/netnode.c | 15 +---
security/selinux/netport.c | 15 +---
security/selinux/ss/conditional.c | 11 +--
security/selinux/ss/policydb.c | 141 ++++++++++------------------------
security/selinux/ss/services.c | 41 ++++++++---
13 files changed, 102 insertions(+), 162 deletions(-)
--
paul moore
security and virtualization @ redhat
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [GIT PULL] SELinux patches for 3.17
2014-07-18 19:37 [GIT PULL] SELinux patches for 3.17 Paul Moore
@ 2014-07-19 7:26 ` James Morris
2014-08-01 15:28 ` Paul Moore
1 sibling, 0 replies; 4+ messages in thread
From: James Morris @ 2014-07-19 7:26 UTC (permalink / raw)
To: Paul Moore; +Cc: linux-security-module, selinux
On Fri, 18 Jul 2014, Paul Moore wrote:
> Hi James,
>
> Here are the SELinux patches for 3.17. A total of eight patches, none
> particularly controversial: a few cleanups, a few bug fixes, and a minor tweak
> to reduce the SELinux overhead during boot. One nice thing is that we remove
> more code than we add in 3.17, so if nothing else we're doing our part to
> fight code bloat :)
>
> All the patches pass the SELinux testsuite and apply cleanly on top of linux-
> security #next.
Thanks for testing! Pulled.
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [GIT PULL] SELinux patches for 3.17
2014-07-18 19:37 [GIT PULL] SELinux patches for 3.17 Paul Moore
2014-07-19 7:26 ` James Morris
@ 2014-08-01 15:28 ` Paul Moore
2014-08-02 12:50 ` James Morris
1 sibling, 1 reply; 4+ messages in thread
From: Paul Moore @ 2014-08-01 15:28 UTC (permalink / raw)
To: James Morris; +Cc: linux-security-module, selinux
On Friday, July 18, 2014 03:37:19 PM Paul Moore wrote:
> Hi James,
>
> Here are the SELinux patches for 3.17. A total of eight patches, none
> particularly controversial: a few cleanups, a few bug fixes, and a minor
> tweak to reduce the SELinux overhead during boot...
Hi James,
A late addition to the SELinux patches for 3.17. Normally I would just wait
for the next release, but these patches are pretty significant (marked for
stable as well) so I think they merit the late add. I just posted the patches
yesterday with an explanation so I won't bother repeating myself here since
they are still likely fresh in your inbox.
I did a quick test pull and everything applies cleanly on top of the linux-
security #next tree.
Thanks,
-Paul
---
The following changes since commit 615e51fdda6f274e94b1e905fcaf6111e0d9aa20:
selinux: reduce the number of calls to synchronize_net() when flushing
caches (2014-06-26 14:33:56 -0400)
are available in the git repository at:
git://git.infradead.org/users/pcmoore/selinux next
for you to fetch changes up to 4fbe63d1c773cceef3fe1f6ed0c9c268f4f24760:
netlabel: shorter names for the NetLabel catmap funcs/structs
(2014-08-01 11:17:37 -0400)
----------------------------------------------------------------
Paul Moore (4):
netlabel: fix a problem when setting bits below the previously
lowest bit
netlabel: fix the horribly broken catmap functions
netlabel: fix the catmap walking functions
netlabel: shorter names for the NetLabel catmap funcs/structs
include/net/netlabel.h | 94 ++++++------
net/ipv4/cipso_ipv4.c | 47 +++---
net/netlabel/netlabel_kapi.c | 327 +++++++++++++++++++++++++++-----------
security/selinux/ss/ebitmap.c | 133 +++++++----------
security/selinux/ss/ebitmap.h | 8 +-
security/smack/smack_access.c | 11 +-
security/smack/smack_lsm.c | 6 +-
security/smack/smackfs.c | 14 +-
8 files changed, 366 insertions(+), 274 deletions(-)
--
paul moore
security and virtualization @ redhat
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [GIT PULL] SELinux patches for 3.17
2014-08-01 15:28 ` Paul Moore
@ 2014-08-02 12:50 ` James Morris
0 siblings, 0 replies; 4+ messages in thread
From: James Morris @ 2014-08-02 12:50 UTC (permalink / raw)
To: Paul Moore; +Cc: linux-security-module, selinux
On Fri, 1 Aug 2014, Paul Moore wrote:
> On Friday, July 18, 2014 03:37:19 PM Paul Moore wrote:
> > Hi James,
> >
> > Here are the SELinux patches for 3.17. A total of eight patches, none
> > particularly controversial: a few cleanups, a few bug fixes, and a minor
> > tweak to reduce the SELinux overhead during boot...
>
> Hi James,
>
> A late addition to the SELinux patches for 3.17. Normally I would just wait
> for the next release, but these patches are pretty significant (marked for
> stable as well) so I think they merit the late add. I just posted the patches
> yesterday with an explanation so I won't bother repeating myself here since
> they are still likely fresh in your inbox.
>
> I did a quick test pull and everything applies cleanly on top of the linux-
> security #next tree.
Thanks, pulled.
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-08-02 12:50 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-07-18 19:37 [GIT PULL] SELinux patches for 3.17 Paul Moore
2014-07-19 7:26 ` James Morris
2014-08-01 15:28 ` Paul Moore
2014-08-02 12:50 ` James Morris
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.