* [GIT PULL] SELinux patches for v5.4
@ 2019-09-17 19:38 Paul Moore
2019-09-23 19:05 ` pr-tracker-bot
0 siblings, 1 reply; 2+ messages in thread
From: Paul Moore @ 2019-09-17 19:38 UTC (permalink / raw)
To: Linus Torvalds; +Cc: selinux, linux-kernel, linux-security-module
Hi Linus,
Eight SELinux patches for v5.4, the highlights are listed below and
all pass the selinux-testsuite, please merge for v5.4.
- Add LSM hooks, and SELinux access control hooks, for dnotify,
fanotify, and inotify watches. This has been discussed with both the
LSM and fs/notify folks and everybody is good with these new hooks.
- The LSM stacking changes missed a few calls to current_security() in
the SELinux code; we fix those and remove current_security() for good.
- Improve our network object labeling cache so that we always return
the object's label, even when under memory pressure. Previously we
would return an error if we couldn't allocate a new cache entry, now
we always return the label even if we can't create a new cache entry
for it.
- Convert the sidtab atomic_t counter to a normal u32 with
READ/WRITE_ONCE() and memory barrier protection.
- A few patches to policydb.c to clean things up (remove forward
declarations, long lines, bad variable names, etc.).
Thanks,
-Paul
--
The following changes since commit 45385237f65aeee73641f1ef737d7273905a233f:
selinux: fix memory leak in policydb_init() (2019-07-31 16:51:23 -0400)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
tags/selinux-pr-20190917
for you to fetch changes up to 15322a0d90b6fd62ae8f22e5b87f735c3fdfeff7:
lsm: remove current_security() (2019-09-04 18:53:39 -0400)
----------------------------------------------------------------
selinux/stable-5.4 PR 20190917
----------------------------------------------------------------
Aaron Goidel (1):
fanotify, inotify, dnotify, security: add security hook for fs
notifications
Ondrej Mosnacek (3):
selinux: policydb - fix some checkpatch.pl warnings
selinux: policydb - rename type_val_to_struct_array
selinux: avoid atomic_t usage in sidtab
Paul Moore (3):
selinux: shuffle around policydb.c to get rid of forward declarations
selinux: always return a secid from the network caches if we find one
lsm: remove current_security()
Stephen Smalley (1):
selinux: fix residual uses of current_security() for the SELinux blob
fs/notify/dnotify/dnotify.c | 15 +-
fs/notify/fanotify/fanotify_user.c | 19 +-
fs/notify/inotify/inotify_user.c | 14 +-
include/linux/cred.h | 1 -
include/linux/lsm_hooks.h | 9 +-
include/linux/security.h | 10 +-
security/security.c | 6 +
security/selinux/hooks.c | 49 ++++-
security/selinux/include/classmap.h | 5 +-
security/selinux/include/objsec.h | 20 +-
security/selinux/netif.c | 31 ++-
security/selinux/netnode.c | 30 ++-
security/selinux/netport.c | 24 +--
security/selinux/ss/policydb.c | 402 +++++++++++++++---------------
security/selinux/ss/policydb.h | 2 +-
security/selinux/ss/services.c | 6 +-
security/selinux/ss/sidtab.c | 48 ++---
security/selinux/ss/sidtab.h | 19 +-
18 files changed, 403 insertions(+), 307 deletions(-)
--
paul moore
www.paul-moore.com
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [GIT PULL] SELinux patches for v5.4
2019-09-17 19:38 [GIT PULL] SELinux patches for v5.4 Paul Moore
@ 2019-09-23 19:05 ` pr-tracker-bot
0 siblings, 0 replies; 2+ messages in thread
From: pr-tracker-bot @ 2019-09-23 19:05 UTC (permalink / raw)
To: Paul Moore; +Cc: Linus Torvalds, selinux, linux-kernel, linux-security-module
The pull request you sent on Tue, 17 Sep 2019 15:38:05 -0400:
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git tags/selinux-pr-20190917
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/5825a95fe92566ada2292a65de030850b5cff1da
Thank you!
--
Deet-doot-dot, I am a bot.
https://korg.wiki.kernel.org/userdoc/prtracker
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-09-23 19:05 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-17 19:38 [GIT PULL] SELinux patches for v5.4 Paul Moore
2019-09-23 19:05 ` pr-tracker-bot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).