[GIT PULL] Security subsystem updates for 4.8

From: James Morris
Date: Wed Jul 27 2016 - 07:04:56 EST


Please pull these changes for 4.8.

Highlights:

- TPM core and driver updates/fixes
- IPv6 security labeling (CALIPSO)
- Lots of Apparmor fixes
- Seccomp: remove 2-phase API, close hole where ptrace can change syscall #

---

The following changes since commit e65805251f2db69c9f67ed8062ab82526be5a374:

Merge branch 'irq-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip (2016-07-25 21:35:03 -0700)

are available in the git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next

Andrew Zamansky (1):
tpm2_i2c_nuvoton: add irq validity check

Andrey Pronin (1):
tpm: read burstcount from TPM_STS in one 32-bit transaction

Andy Lutomirski (2):
seccomp: Add a seccomp_data parameter secure_computing()
x86/entry: Get rid of two-phase syscall entry work

Arnd Bergmann (3):
tpm: fix tpm_bios_log_setup stub prototype
tpm: select ANON_INODES for proxy driver
apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling

Casey Schaufler (2):
LSM: Fix for security_inode_getsecurity and -EOPNOTSUPP
MAINTAINERS - Location of the Smack repository

Christophe Ricard (40):
tpm/st33zp24/spi: Remove nbr_dummy_bytes variable usage
tpm/st33zp24/spi: Use functions name with st33zp24_spi_ prefix
tpm/st33zp24/spi: Remove useless use of memcpy.
tpm/st33zp24/spi: Remove field spi_xfer from st33zp24_spi_phy structure
tpm/st33zp24: Remove unneeded CONFIG_OF switches
tpm/st33zp24: Auto-select core module
tpm/st33zp24/spi: Improve st33zp24_spi_evaluate_latency
tpm/st33zp24: Extend Copyright headers
tpm/st33zp24: Add support for acpi probing for i2c device.
tpm: st33zp24: Add support for acpi probing for spi device.
tpm/st33zp24/i2c: Change xxx_request_resources header
tpm/st33zp24/spi: Change xxx_request_resources header
tpm/st33zp24/spi: Remove nbr_dummy_bytes variable usage
tpm/st33zp24/spi: Use functions name with st33zp24_spi_ prefix
tpm/st33zp24/spi: Remove useless use of memcpy.
tpm/st33zp24/spi: Remove field spi_xfer from st33zp24_spi_phy structure
tpm/st33zp24: Remove unneeded CONFIG_OF switches
tpm/st33zp24/spi: Improve st33zp24_spi_evaluate_latency
tpm/st33zp24: Extend Copyright headers
tpm/st33zp24: Add support for acpi probing for i2c device.
tpm: st33zp24: Add support for acpi probing for spi device.
tpm/st33zp24/i2c: Change xxx_request_resources header
tpm/st33zp24/spi: Change xxx_request_resources header
tpm/st33zp24/i2c: Drop two useless checks in ACPI probe path
tpm/st33zp24/spi: Drop two useless checks in ACPI probe path
tpm/st33zp24: Remove unneeded tpm_reg in get_burstcount
tpm: drop list from struct tpm_vendor_specific
tpm: drop 'iobase' from struct tpm_vendor_specific
tpm: drop 'irq' from struct tpm_vendor_specific
tpm: drop 'read_queue' from struct tpm_vendor_specific
tpm: drop 'locality' from struct tpm_vendor_specific
tpm: Move tpm_vendor_specific data related with PTP specification to tpm_chip
tpm: Remove useless priv field in struct tpm_vendor_specific
tpm: Add include guards in tpm.h
tpm: tpm_tis: Share common data between phys
tpm_tis: Introduce intermediate layer for TPM access
devicetree: Add infineon to vendor-prefix.txt
devicetree: Add Trusted Computing Group to vendor-prefix.txt
tpm/tpm_tis: Split tpm_tis driver into a core and TCG TIS compliant phy
tpm/tpm_tis_spi: Add support for spi phy

David Howells (2):
KEYS: Strip trailing spaces
modsign: Make sign-file determine the format of the X.509 cert

Eric Richter (8):
integrity: add measured_pcrs field to integrity cache
ima: add policy support for extending different pcrs
ima: extend ima_get_action() to return the policy pcr
ima: include pcr for each measurement log entry
ima: change ima_measurements_show() to display the entry specific pcr
ima: redefine duplicate template entries
ima: change integrity cache to store measured pcr
ima: extend the measurement entry specific pcr

Geliang Tang (1):
apparmor: use list_next_entry instead of list_entry_next

Heinrich Schuchardt (2):
selinux: fix type mismatch
apparmor: do not expose kernel stack

Huw Davies (19):
netlabel: Mark rcu pointers with __rcu.
netlabel: Add an address family to domain hash entries.
netlabel: Initial support for the CALIPSO netlink protocol.
netlabel: Add support for querying a CALIPSO DOI.
netlabel: Add support for enumerating the CALIPSO DOI list.
netlabel: Add support for creating a CALIPSO protocol domain mapping.
netlabel: Add support for removing a CALIPSO DOI.
ipv6: Add ipv6_renew_options_kern() that accepts a kernel mem pointer.
netlabel: Move bitmap manipulation functions to the NetLabel core.
calipso: Set the calipso socket label to match the secattr.
netlabel: Prevent setsockopt() from changing the hop-by-hop option.
ipv6: Allow request socks to contain IPv6 options.
calipso: Allow request sockets to be relabelled by the lsm.
ipv6: constify the skb pointer of ipv6_find_tlv().
calipso: Allow the lsm to label the skbuff directly.
netlabel: Pass a family parameter to netlbl_skbuff_err().
calipso: Add validation of CALIPSO option.
calipso: Add a label cache.
netlabel: Implement CALIPSO config functions for SMACK.

James Morris (3):
Merge branch 'stable-4.8' of git://git.infradead.org/users/pcmoore/selinux into next
Merge branch 'smack-for-4.8' of https://github.com/cschaufler/smack-next into next
Merge tag 'keys-misc-20160708' of git://git.kernel.org/.../dhowells/linux-fs into next

Jarkko Sakkinen (12):
tpm: cleanup tpm_tis_remove()
tpm: fix crash in tpm_tis deinitialization
tpm_crb: drop struct resource res from struct crb_priv
tpm_crb: fix mapping of the buffers
tpm: check for TPM_CHIP_FLAG_TPM2 before calling tpm2_shutdown()
tpm: drop int_queue from tpm_vendor_specific
tpm: drop tpm_atmel specific fields from tpm_vendor_specific
tpm: drop manufacturer_id from struct tpm_vendor_specific
tpm: drop 'base' from struct tpm_vendor_specific
tpm: drop the field 'time_expired' from struct tpm_chip
tpm_vtpm_proxy: fix address space of a user pointer in vtpmx_fops_ioctl()
tpm_crb: fix address space of the return pointer in crb_map_res()

Jason Gunthorpe (8):
tpm: Get rid of chip->pdev
tpm: Get rid of devname
tpm: Provide strong locking for device removal
tpm: Split out the devm stuff from tpmm_chip_alloc
tpm: Remove all uses of drvdata from the TPM Core
tpm: Fix IRQ unwind ordering in TIS
tpm: Factor out common startup code
tpm: Add TPM 2.0 support to the Nuvoton i2c driver (NPCT6xx family)

Jeff Mahoney (1):
apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task

John Johansen (20):
apparmor: fix refcount bug in profile replacement
apparmor: fix replacement bug that adds new child to old parent
apparmor: fix uninitialized lsm_audit member
apparmor: exec should not be returning ENOENT when it denies
apparmor: fix update the mtime of the profile file on replacement
apparmor: fix disconnected bind mnts reconnection
apparmor: internal paths should be treated as disconnected
apparmor: add parameter to control whether policy hashing is used
apparmor: fix put() parent ref after updating the active ref
apparmor: fix log failures for all profiles in a set
apparmor: fix audit full profile hname on successful load
apparmor: ensure the target profile name is always audited
apparmor: check that xindex is in trans_table bounds
apparmor: fix ref count leak when profile sha1 hash is read
apparmor: fix refcount race when finding a child profile
apparmor: add missing id bounds check on dfa verification
apparmor: don't check for vmalloc_addr if kvzalloc() failed
apparmor: fix oops in profile_unpack() when policy_db is not present
apparmor: fix module parameters can be changed after policy is locked
apparmor: fix arg_size computation for when setprocattr is null terminated

Kees Cook (12):
seccomp: add tests for ptrace hole
seccomp: remove 2-phase API
seccomp: recheck the syscall after RET_TRACE
x86/ptrace: run seccomp after ptrace
arm/ptrace: run seccomp after ptrace
arm64/ptrace: run seccomp after ptrace
MIPS/ptrace: run seccomp after ptrace
parisc/ptrace: run seccomp after ptrace
s390/ptrace: run seccomp after ptrace
powerpc/ptrace: run seccomp after ptrace
tile/ptrace: run seccomp after ptrace
um/ptrace: run seccomp after ptrace

Mike Danese (1):
security: tomoyo: simplify the gc kthread creation

Olof Johansson (1):
samples/seccomp: Add standalone config option

Paul Moore (4):
netlabel: add address family checks to netlbl_{sock,req}_delattr()
iucv: properly clone LSM attributes to newly created child sockets
selinux: import NetLabel category bitmaps correctly
netlabel: handle sparse category maps in netlbl_catmap_getlong()

Rafal Krypa (1):
Smack: ignore null signal in smack_task_kill

Serge E. Hallyn (1):
MAINTAINERS: update Serge Hallyn's email address

Stefan Berger (6):
tpm: Get rid of module locking
tpm: Replace device number bitmap with IDR
tpm: Introduce TPM_CHIP_FLAG_VIRTUAL
tpm: Proxy driver for supporting multiple emulated TPMs
tpm: Add documentation for the tpm_vtpm_proxy device driver
tpm: Fix suspend regression

Stephen Rothwell (1):
tpm: fix for typo in tpm/tpm_ibmvtpm.c

Stephen Smalley (1):
selinux: Only apply bounds checking to source types

Sudip Mukherjee (1):
tpm: use devm_add_action_or_reset

Tyler Hicks (2):
kernel: Add noaudit variant of ns_capable()
net: Use ns_capable_noaudit() when determining net sysctl permissions

Vegard Nossum (1):
apparmor: fix oops, validate buffer size in apparmor_setprocattr()

apronin@xxxxxxxxxxxx (2):
tpm_tis_core: convert max timeouts from msec to jiffies
tpm: fix byte-order for the value read by tpm2_get_tpm_pt

.../devicetree/bindings/i2c/trivial-devices.txt | 1 +
.../bindings/security/tpm/tpm_tis_spi.txt | 24 +
.../devicetree/bindings/vendor-prefixes.txt | 2 +
Documentation/ioctl/ioctl-number.txt | 1 +
Documentation/tpm/tpm_vtpm_proxy.txt | 71 +
MAINTAINERS | 4 +-
arch/arm/kernel/ptrace.c | 13 +-
arch/arm64/kernel/ptrace.c | 8 +-
arch/mips/kernel/ptrace.c | 9 +-
arch/parisc/kernel/ptrace.c | 9 +-
arch/powerpc/kernel/ptrace.c | 46 +-
arch/s390/kernel/ptrace.c | 21 +-
arch/tile/kernel/ptrace.c | 11 +-
arch/um/kernel/skas/syscall.c | 9 +-
arch/x86/entry/common.c | 106 +--
arch/x86/entry/vsyscall/vsyscall_64.c | 2 +-
arch/x86/include/asm/ptrace.h | 6 -
drivers/char/tpm/Kconfig | 30 +
drivers/char/tpm/Makefile | 3 +
drivers/char/tpm/st33zp24/Kconfig | 11 +-
drivers/char/tpm/st33zp24/i2c.c | 70 +-
drivers/char/tpm/st33zp24/spi.c | 184 ++-
drivers/char/tpm/st33zp24/st33zp24.c | 129 +--
drivers/char/tpm/st33zp24/st33zp24.h | 14 +-
drivers/char/tpm/tpm-chip.c | 299 +++--
drivers/char/tpm/tpm-dev.c | 15 +-
drivers/char/tpm/tpm-interface.c | 132 ++-
drivers/char/tpm/tpm-sysfs.c | 78 +-
drivers/char/tpm/tpm.h | 82 +-
drivers/char/tpm/tpm2-cmd.c | 59 +-
drivers/char/tpm/tpm_atmel.c | 63 +-
drivers/char/tpm/tpm_atmel.h | 16 +-
drivers/char/tpm/tpm_crb.c | 85 +-
drivers/char/tpm/tpm_eventlog.c | 2 +-
drivers/char/tpm/tpm_eventlog.h | 4 +-
drivers/char/tpm/tpm_i2c_atmel.c | 45 +-
drivers/char/tpm/tpm_i2c_infineon.c | 59 +-
drivers/char/tpm/tpm_i2c_nuvoton.c | 131 +-
drivers/char/tpm/tpm_ibmvtpm.c | 38 +-
drivers/char/tpm/tpm_infineon.c | 22 +-
drivers/char/tpm/tpm_nsc.c | 84 +-
drivers/char/tpm/tpm_tis.c | 829 +----------
drivers/char/tpm/tpm_tis_core.c | 835 +++++++++++
drivers/char/tpm/tpm_tis_core.h | 156 +++
drivers/char/tpm/tpm_tis_spi.c | 272 ++++
drivers/char/tpm/tpm_vtpm_proxy.c | 637 +++++++++
drivers/char/tpm/xen-tpmfront.c | 36 +-
include/keys/rxrpc-type.h | 2 +-
include/linux/capability.h | 5 +
include/linux/platform_data/st33zp24.h | 2 +-
include/linux/seccomp.h | 14 +-
include/linux/tpm.h | 5 +
include/net/calipso.h | 91 ++
include/net/inet_sock.h | 7 +-
include/net/ipv6.h | 10 +-
include/net/netlabel.h | 101 ++-
include/uapi/linux/Kbuild | 1 +
include/uapi/linux/audit.h | 2 +
include/uapi/linux/in6.h | 1 +
include/uapi/linux/vtpm_proxy.h | 36 +
kernel/capability.c | 46 +-
kernel/seccomp.c | 144 +--
net/dccp/ipv6.c | 12 +-
net/ipv4/cipso_ipv4.c | 88 +--
net/ipv4/tcp_input.c | 3 +
net/ipv6/Makefile | 1 +
net/ipv6/af_inet6.c | 9 +-
net/ipv6/calipso.c | 1473 ++++++++++++++++++++
net/ipv6/exthdrs.c | 76 +
net/ipv6/exthdrs_core.c | 2 +-
net/ipv6/ipv6_sockglue.c | 1 -
net/ipv6/sysctl_net_ipv6.c | 19 +
net/ipv6/tcp_ipv6.c | 12 +-
net/iucv/af_iucv.c | 5 +-
net/netlabel/Kconfig | 1 +
net/netlabel/Makefile | 2 +-
net/netlabel/netlabel_calipso.c | 740 ++++++++++
net/netlabel/netlabel_calipso.h | 151 ++
net/netlabel/netlabel_domainhash.c | 293 ++++-
net/netlabel/netlabel_domainhash.h | 17 +-
net/netlabel/netlabel_kapi.c | 394 +++++-
net/netlabel/netlabel_mgmt.c | 85 ++-
net/netlabel/netlabel_mgmt.h | 27 +-
net/netlabel/netlabel_unlabeled.c | 5 +-
net/netlabel/netlabel_user.c | 5 +
net/sysctl_net.c | 2 +-
samples/Kconfig | 7 +
samples/seccomp/Makefile | 2 +-
scripts/sign-file.c | 34 +-
security/apparmor/Kconfig | 21 +-
security/apparmor/apparmorfs.c | 11 +-
security/apparmor/audit.c | 3 +-
security/apparmor/crypto.c | 3 +
security/apparmor/domain.c | 22 +-
security/apparmor/file.c | 3 +-
security/apparmor/include/apparmor.h | 1 +
security/apparmor/include/match.h | 1 +
security/apparmor/include/policy.h | 2 +
security/apparmor/lsm.c | 66 +-
security/apparmor/match.c | 16 +-
security/apparmor/path.c | 61 +-
security/apparmor/policy.c | 61 +-
security/apparmor/policy_unpack.c | 7 +-
security/apparmor/resource.c | 6 +-
security/integrity/iint.c | 2 +
security/integrity/ima/ima.h | 11 +-
security/integrity/ima/ima_api.c | 21 +-
security/integrity/ima/ima_appraise.c | 3 +-
security/integrity/ima/ima_fs.c | 9 +-
security/integrity/ima/ima_init.c | 3 +-
security/integrity/ima/ima_main.c | 12 +-
security/integrity/ima/ima_policy.c | 35 +-
security/integrity/ima/ima_queue.c | 13 +-
security/integrity/integrity.h | 1 +
security/keys/persistent.c | 2 +-
security/keys/request_key.c | 2 +-
security/security.c | 29 +-
security/selinux/hooks.c | 21 +-
security/selinux/include/netlabel.h | 4 +-
security/selinux/netlabel.c | 36 +-
security/selinux/selinuxfs.c | 2 +-
security/selinux/ss/ebitmap.c | 2 +-
security/selinux/ss/services.c | 70 +-
security/smack/smack_lsm.c | 5 +-
security/tomoyo/gc.c | 9 +-
tools/testing/selftests/seccomp/seccomp_bpf.c | 176 +++-
126 files changed, 7300 insertions(+), 2148 deletions(-)
create mode 100644 Documentation/devicetree/bindings/security/tpm/tpm_tis_spi.txt
create mode 100644 Documentation/tpm/tpm_vtpm_proxy.txt
create mode 100644 drivers/char/tpm/tpm_tis_core.c
create mode 100644 drivers/char/tpm/tpm_tis_core.h
create mode 100644 drivers/char/tpm/tpm_tis_spi.c
create mode 100644 drivers/char/tpm/tpm_vtpm_proxy.c
create mode 100644 include/net/calipso.h
create mode 100644 include/uapi/linux/vtpm_proxy.h
create mode 100644 net/ipv6/calipso.c
create mode 100644 net/netlabel/netlabel_calipso.c
create mode 100644 net/netlabel/netlabel_calipso.h