[GIT PULL] Security subsystem updates for 4.5
From: James Morris
Date: Wed Jan 13 2016 - 20:14:28 EST
In this update:
- EVM gains support for loading an x509 cert from the kernel
(EVM_LOAD_X509), into the EVM trusted kernel keyring.
- Smack implements 'file receive' process-based permission checking for
sockets, rather than just depending on inode checks.
- Misc. enhancments for TPM & TPM2.
- Cleanups and bugfixes for SELinux, Keys, and IMA.
Please pull.
The following changes since commit cbd88cd4c07f9361914ab7fd7e21c9227986fe68:
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux (2016-01-13 13:16:16 -0800)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git for-linus
Andreas Gruenbacher (8):
selinux: Remove unused variable in selinux_inode_init_security
security: Make inode argument of inode_getsecurity non-const
security: Make inode argument of inode_getsecid non-const
selinux: Add accessor functions for inode->i_security
security: Add hook to invalidate inode security labels
selinux: Revalidate invalid inode security labels
gfs2: Invalid security labels of inodes when they go invalid
selinux: Inode label revalidation performance fix
Andrew Perepechko (1):
selinux: export validatetrans decisions
Arnd Bergmann (1):
evm: EVM_LOAD_X509 depends on EVM
Casey Schaufler (1):
Smack: File receive for sockets
Dmitry Kasatkin (5):
integrity: define '.evm' as a builtin 'trusted' keyring
evm: load an x509 certificate from the kernel
evm: enable EVM when X509 certificate is loaded
evm: provide a function to set the EVM key from the kernel
evm: reset EVM status when file attributes change
James Morris (6):
Sync to Linus v4.4-rc2 for LSM developers.
Merge branch 'next' of git://git.kernel.org/.../zohar/linux-integrity into next
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into next
Merge branch 'smack-for-4.5' of https://github.com/cschaufler/smack-next into next
Merge branch 'next' of git://git.kernel.org/.../zohar/linux-integrity into ra-next
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux into next
Jarkko Sakkinen (3):
keys, trusted: fix: *do not* allow duplicate key options
keys, trusted: select hash algorithm for TPM2 chips
keys, trusted: seal with a TPM2 authorization policy
Jason Gunthorpe (6):
tpm_tis: Use devm_free_irq not free_irq
tpm_tis: Ensure interrupts are disabled when the driver starts
tpm: rework tpm_get_timeouts()
tpm_tis: Get rid of the duplicate IRQ probing code
tpm_tis: Refactor the interrupt setup
tpm_tis: Tighten IRQ auto-probing
Martin Wilck (1):
tpm_tis: further simplify calculation of ordinal duration
Mimi Zohar (4):
KEYS: prevent keys from being removed from specified keyrings
IMA: prevent keys on the .ima_blacklist from being removed
ima: update appraise flags after policy update completes
KEYS: refcount bug fix
Paul Gortmaker (1):
security/integrity: make ima/ima_mok.c explicitly non-modular
Petko Manolov (4):
IMA: policy can now be updated multiple times
IMA: create machine owner and blacklist keyrings
IMA: allow reading back the current IMA policy
ima: ima_write_policy() limit locking
Roman Kubiak (1):
Smack: type confusion in smak sendmsg() handler
Sasha Levin (1):
IMA: policy can be updated zero times
Stefan Berger (1):
tpm_ibmvtpm: properly handle interrupted packet receptions
Vladis Dronov (1):
selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()
Yaowei Bai (2):
security: remove unused cap_is_fs_cap function
security/capability.h: cap_issubset/isclear can be boolean
Documentation/security/keys-trusted-encrypted.txt | 31 ++-
crypto/asymmetric_keys/x509_public_key.c | 2 +
crypto/hash_info.c | 2 +
drivers/char/tpm/tpm-interface.c | 23 ++-
drivers/char/tpm/tpm.h | 11 +-
drivers/char/tpm/tpm2-cmd.c | 60 ++++-
drivers/char/tpm/tpm_crb.c | 14 +-
drivers/char/tpm/tpm_ibmvtpm.c | 22 ++-
drivers/char/tpm/tpm_ibmvtpm.h | 1 +
drivers/char/tpm/tpm_tis.c | 256 ++++++++----------
fs/gfs2/glops.c | 2 +
include/crypto/hash_info.h | 3 +
include/keys/system_keyring.h | 24 ++
include/keys/trusted-type.h | 5 +
include/linux/audit.h | 8 +-
include/linux/capability.h | 22 +-
include/linux/evm.h | 7 +
include/linux/key.h | 1 +
include/linux/lsm_hooks.h | 10 +-
include/linux/security.h | 13 +-
include/uapi/linux/hash_info.h | 1 +
kernel/audit.c | 2 +-
kernel/audit.h | 2 +-
kernel/auditsc.c | 6 +-
security/integrity/Kconfig | 11 +
security/integrity/digsig.c | 14 +-
security/integrity/digsig_asymmetric.c | 14 +
security/integrity/evm/Kconfig | 17 ++
security/integrity/evm/evm.h | 3 +
security/integrity/evm/evm_crypto.c | 54 ++++-
security/integrity/evm/evm_main.c | 32 ++-
security/integrity/evm/evm_secfs.c | 12 +-
security/integrity/iint.c | 1 +
security/integrity/ima/Kconfig | 44 +++-
security/integrity/ima/Makefile | 1 +
security/integrity/ima/ima.h | 24 +-
security/integrity/ima/ima_fs.c | 53 ++++-
security/integrity/ima/ima_init.c | 2 +-
security/integrity/ima/ima_mok.c | 55 ++++
security/integrity/ima/ima_policy.c | 301 ++++++++++++++++++---
security/integrity/integrity.h | 13 +-
security/keys/Kconfig | 1 +
security/keys/key.c | 5 +-
security/keys/keyctl.c | 49 +++-
security/keys/trusted.c | 56 ++++-
security/security.c | 12 +-
security/selinux/hooks.c | 200 ++++++++++-----
security/selinux/include/classmap.h | 2 +-
security/selinux/include/objsec.h | 6 +
security/selinux/include/security.h | 3 +
security/selinux/selinuxfs.c | 80 ++++++
security/selinux/ss/services.c | 34 ++-
security/smack/smack_lsm.c | 28 ++-
53 files changed, 1281 insertions(+), 374 deletions(-)
create mode 100644 security/integrity/ima/ima_mok.c