Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f39d420f authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 

Pull security subsystem updates from James Morris:
 "In this update, Smack learns to love IPv6 and to mount a filesystem
  with a transmutable hierarchy (i.e.  security labels are inherited
  from parent directory upon creation rather than creating process).

  The rest of the changes are maintenance"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (37 commits)
  tpm/tpm_i2c_infineon: Remove unused header file
  tpm: tpm_i2c_infinion: Don't modify i2c_client->driver
  evm: audit integrity metadata failures
  integrity: move integrity_audit_msg()
  evm: calculate HMAC after initializing posix acl on tmpfs
  maintainers:  add Dmitry Kasatkin
  Smack: Fix the bug smackcipso can't set CIPSO correctly
  Smack: Fix possible NULL pointer dereference at smk_netlbl_mls()
  Smack: Add smkfstransmute mount option
  Smack: Improve access check performance
  Smack: Local IPv6 port based controls
  tpm: fix regression caused by section type conflict of tpm_dev_release() in ppc builds
  maintainers: Remove Kent from maintainers
  tpm: move TPM_DIGEST_SIZE defintion
  tpm_tis: missing platform_driver_unregister() on error in init_tis()
  security: clarify cap_inode_getsecctx description
  apparmor: no need to delay vfree()
  apparmor: fix fully qualified name parsing
  apparmor: fix setprocattr arg processing for onexec
  apparmor: localize getting the security context to a few macros
  ...
parents fe489bf4 572e5b01

Documentation/kernel-parameters.txt

+5 −5
Original line number Diff line number Diff line
@@ -1129,11 +1129,6 @@ bytes respectively. Such letter suffixes can also be entirely omitted. 
			The builtin appraise policy appraises all files

			owned by uid=0.



	ima_audit=	[IMA]

			Format: { "0" | "1" }

			0 -- integrity auditing messages. (Default)

			1 -- enable informational integrity auditing messages.



	ima_hash=	[IMA]

			Format: { "sha1" | "md5" }

			default: "sha1"
@@ -1160,6 +1155,11 @@ bytes respectively. Such letter suffixes can also be entirely omitted. 


	int_pln_enable  [x86] Enable power limit notification interrupt



	integrity_audit=[IMA]

			Format: { "0" | "1" }

			0 -- basic integrity auditing messages. (Default)

			1 -- additional integrity auditing messages.



	intel_iommu=	[DMAR] Intel IOMMU driver (DMAR) option

		on

			Enable intel iommu driver.

MAINTAINERS

+5 −2
Original line number Diff line number Diff line
@@ -4001,7 +4001,8 @@ S: Maintained 
F:	arch/ia64/



IBM Power in-Nest Crypto Acceleration

M:	Kent Yoder <key@linux.vnet.ibm.com>

M:	Marcelo Henrique Cerri <mhcerri@linux.vnet.ibm.com>

M:	Fionnuala Gunter <fin@linux.vnet.ibm.com>

L:	linux-crypto@vger.kernel.org

S:	Supported

F:	drivers/crypto/nx/
@@ -4130,6 +4131,7 @@ F: drivers/ipack/ 


INTEGRITY MEASUREMENT ARCHITECTURE (IMA)

M:	Mimi Zohar <zohar@us.ibm.com>

M:	Dmitry Kasatkin <d.kasatkin@samsung.com>

S:	Supported

F:	security/integrity/ima/
@@ -8282,7 +8284,8 @@ S: Odd fixes 
F:	drivers/media/usb/tm6000/



TPM DEVICE DRIVER

M:	Kent Yoder <key@linux.vnet.ibm.com>

M:	Leonidas Da Silva Barbosa <leosilva@linux.vnet.ibm.com>

M:	Ashley Lai <ashley@ashleylai.com>

M:	Rajiv Andrade <mail@srajiv.net>

W:	http://tpmdd.sourceforge.net

M:	Marcel Selhorst <tpmdd@selhorst.net>

drivers/char/tpm/tpm.c

+1 −1
Original line number Diff line number Diff line
@@ -1472,7 +1472,7 @@ EXPORT_SYMBOL_GPL(tpm_dev_vendor_release); 
 * Once all references to platform device are down to 0,

 * release all allocated structures.

 */

static void tpm_dev_release(struct device *dev)

void tpm_dev_release(struct device *dev)

{

	struct tpm_chip *chip = dev_get_drvdata(dev);

drivers/char/tpm/tpm.h

+1 −1
Original line number Diff line number Diff line
@@ -272,7 +272,6 @@ typedef union { 
	struct	tpm_output_header out;

} tpm_cmd_header;



#define TPM_DIGEST_SIZE 20

struct tpm_pcrread_out {

	u8	pcr_result[TPM_DIGEST_SIZE];

} __packed;
@@ -333,6 +332,7 @@ extern struct tpm_chip* tpm_register_hardware(struct device *, 
				 const struct tpm_vendor_specific *);

extern int tpm_open(struct inode *, struct file *);

extern int tpm_release(struct inode *, struct file *);

extern void tpm_dev_release(struct device *dev);

extern void tpm_dev_vendor_release(struct tpm_chip *);

extern ssize_t tpm_write(struct file *, const char __user *, size_t,

			 loff_t *);

drivers/char/tpm/tpm_i2c_infineon.c

+0 −4
Original line number Diff line number Diff line
@@ -24,7 +24,6 @@ 
#include <linux/init.h>

#include <linux/i2c.h>

#include <linux/module.h>

#include <linux/moduleparam.h>

#include <linux/wait.h>

#include "tpm.h"
@@ -74,7 +73,6 @@ struct tpm_inf_dev { 
};



static struct tpm_inf_dev tpm_dev;

static struct i2c_driver tpm_tis_i2c_driver;



/*

 * iic_tpm_read() - read from TPM register
@@ -744,11 +742,9 @@ static int tpm_tis_i2c_probe(struct i2c_client *client, 
		return -ENODEV;

	}



	client->driver = &tpm_tis_i2c_driver;

	tpm_dev.client = client;

	rc = tpm_tis_i2c_init(&client->dev);

	if (rc != 0) {

		client->driver = NULL;

		tpm_dev.client = NULL;

		rc = -ENODEV;

	}