[Pull][ARTFUL] LSM stacking
John Johansen
john.johansen at canonical.com
Thu Sep 28 20:08:58 UTC 2017
The following changes since commit 80253b13f72f2637dafb4a63cde565e1ffb8e84d:
UBUNTU: SAUCE: apparmor: fix apparmorfs DAC access permissions (2017-08-31 16:35:09 -0700)
are available in the git repository at:
git://kernel.ubuntu.com/jj/ubuntu-artful.git lsm-stacking-revised
for you to fetch changes up to e4c8b7ce83f9d9b74396f35a4f8bcffd591e356e:
UBUNTU: SAUCE: LSM stacking: add configs for LSM stacking (2017-09-28 14:25:37 -0400)
----------------------------------------------------------------
Casey Schaufler (7):
UBUNTU: SAUCE: LSM stacking: procfs: add smack subdir to attrs
UBUNTU: SAUCE: LSM stacking: LSM: manage credential security blobs
UBUNTU: SAUCE: LSM stacking: LSM: Manage file security blobs
UBUNTU: SAUCE: LSM stacking: LSM: manage task security blobs
UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of the remaining blobs
UBUNTU: SAUCE: LSM stacking: LSM: general but not extreme module stacking
UBUNTU: SAUCE: LSM stacking: LSM: Complete task_alloc hook
John Johansen (17):
UBUNTU: SAUCE: LSM stacking: fixup procsfs: add smack subdir to attrs
UBUNTU: SAUCE: LSM stacking: fixup initialize task->security
UBUNTU: SAUCE: LSM stacking: fixup: alloc_task_ctx is dead code
UBUNTU: SAUCE: LSM stacking: add support for stacking getpeersec_stream
UBUNTU: SAUCE: LSM stacking: add stacking support to apparmor network hooks
UBUNTU: SAUCE: LSM stacking: fixup apparmor stacking enablement
UBUNTU: SAUCE: LSM stacking: fixup stacking kconfig
UBUNTU: SAUCE: LSM stacking: allow selecting multiple LSMs using kernel boot params
UBUNTU: SAUCE: LSM stacking: provide prctl interface for setting context
UBUNTU: SAUCE: LSM stacking: inherit current display LSM
UBUNTU: SAUCE: LSM stacking: keep an index for each registered LSM
UBUNTU: SAUCE: LSM stacking: verify display LSM
UBUNTU: SAUCE: LSM stacking: provide a way to specify the default display lsm
UBUNTU: SAUCE: LSM stacking: make sure LSM blob align on 64 bit boundaries
UBUNTU: SAUCE: LSM stacking: add /proc/<pid>/attr/display_lsm
UBUNTU: SAUCE: LSM stacking: add Kconfig to set default display LSM
UBUNTU: SAUCE: LSM stacking: add configs for LSM stacking
Documentation/admin-guide/LSM/index.rst | 31 +-
debian.master/config/annotations | 10 +-
debian.master/config/config.common.ubuntu | 13 +
fs/proc/base.c | 98 +++-
fs/proc/internal.h | 1 +
include/linux/lsm_hooks.h | 40 +-
include/linux/security.h | 15 +-
include/uapi/linux/prctl.h | 6 +
kernel/cred.c | 13 -
kernel/fork.c | 3 +
security/Kconfig | 141 +++++
security/apparmor/context.c | 12 -
security/apparmor/include/context.h | 25 +-
security/apparmor/include/file.h | 2 +-
security/apparmor/include/net.h | 12 +-
security/apparmor/lsm.c | 118 ++--
security/security.c | 876 +++++++++++++++++++++++++++++-
security/selinux/hooks.c | 513 ++++++-----------
security/selinux/include/objsec.h | 87 ++-
security/selinux/netlabel.c | 15 +-
security/selinux/selinuxfs.c | 5 +-
security/selinux/ss/services.c | 3 +-
security/selinux/xfrm.c | 4 +-
security/smack/smack.h | 90 ++-
security/smack/smack_access.c | 2 +-
security/smack/smack_lsm.c | 526 ++++++------------
security/smack/smack_netfilter.c | 8 +-
security/smack/smackfs.c | 18 +-
security/tomoyo/common.h | 30 +-
security/tomoyo/domain.c | 4 +-
security/tomoyo/securityfs_if.c | 13 +-
security/tomoyo/tomoyo.c | 52 +-
32 files changed, 1929 insertions(+), 857 deletions(-)
More information about the kernel-team
mailing list