Merge branch 'for-linus' of git://git.selinuxproject.org/~jmorris/linux-security (e36d5058) · Commits · e / devices / android_kernel_samsung_universal8895

security/keys/encrypted-keys/Makefile

+6 −2

Original line number	Original line	Diff line number	Diff line
	@@ -2,5 +2,9 @@
	# Makefile for encrypted keys		# Makefile for encrypted keys
	#		#

	obj-$(CONFIG_ENCRYPTED_KEYS) += encrypted.o ecryptfs_format.o		obj-$(CONFIG_ENCRYPTED_KEYS) += encrypted-keys.o
	obj-$(CONFIG_TRUSTED_KEYS) += masterkey_trusted.o
			encrypted-keys-y := encrypted.o ecryptfs_format.o
			masterkey-$(CONFIG_TRUSTED_KEYS) := masterkey_trusted.o
			masterkey-$(CONFIG_TRUSTED_KEYS)-$(CONFIG_ENCRYPTED_KEYS) := masterkey_trusted.o
			encrypted-keys-y += $(masterkey-y) $(masterkey-m-m)

security/keys/encrypted-keys/encrypted.c

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -444,7 +444,7 @@ static struct key request_master_key(struct encrypted_key_payload epayload,
	goto out;		goto out;

	if (IS_ERR(mkey)) {		if (IS_ERR(mkey)) {
	int ret = PTR_ERR(epayload);		int ret = PTR_ERR(mkey);

	if (ret == -ENOTSUPP)		if (ret == -ENOTSUPP)
	pr_info("encrypted_key: key %s not supported",		pr_info("encrypted_key: key %s not supported",

security/keys/encrypted-keys/encrypted.h

+2 −1

Original line number	Original line	Diff line number	Diff line
	@@ -2,7 +2,8 @@
	#define __ENCRYPTED_KEY_H		#define __ENCRYPTED_KEY_H

	#define ENCRYPTED_DEBUG 0		#define ENCRYPTED_DEBUG 0
	#ifdef CONFIG_TRUSTED_KEYS		#if defined(CONFIG_TRUSTED_KEYS) \|\| \
			(defined(CONFIG_TRUSTED_KEYS_MODULE) && defined(CONFIG_ENCRYPTED_KEYS_MODULE))
	extern struct key request_trusted_key(const char trusted_desc,		extern struct key request_trusted_key(const char trusted_desc,
	u8 *master_key, size_t master_keylen);		u8 *master_key, size_t master_keylen);
	#else		#else

security/smack/smackfs.c

+39 −76

Original line number	Original line	Diff line number	Diff line
	@@ -102,9 +102,6 @@ static int smk_cipso_doi_value = SMACK_CIPSO_DOI_DEFAULT;

	const char *smack_cipso_option = SMACK_CIPSO_OPTION;		const char *smack_cipso_option = SMACK_CIPSO_OPTION;


	#define SEQ_READ_FINISHED ((loff_t)-1)

	/*		/*
	* Values for parsing cipso rules		* Values for parsing cipso rules
	* SMK_DIGITLEN: Length of a digit field in a rule.		* SMK_DIGITLEN: Length of a digit field in a rule.
	@@ -357,10 +354,12 @@ static ssize_t smk_write_load_list(struct file file, const char __user buf,

	rc = count;		rc = count;
	/*		/*
			* If this is "load" as opposed to "load-self" and a new rule
			* it needs to get added for reporting.
	* smk_set_access returns true if there was already a rule		* smk_set_access returns true if there was already a rule
	* for the subject/object pair, and false if it was new.		* for the subject/object pair, and false if it was new.
	*/		*/
	if (!smk_set_access(rule, rule_list, rule_lock)) {		if (load && !smk_set_access(rule, rule_list, rule_lock)) {
	smlp = kzalloc(sizeof(*smlp), GFP_KERNEL);		smlp = kzalloc(sizeof(*smlp), GFP_KERNEL);
	if (smlp != NULL) {		if (smlp != NULL) {
	smlp->smk_rule = rule;		smlp->smk_rule = rule;
	@@ -377,12 +376,12 @@ out:
	return rc;		return rc;
	}		}


	/*		/*
	* Seq_file read operations for /smack/load		* Core logic for smackfs seq list operations.
	*/		*/

	static void load_seq_start(struct seq_file s, loff_t *pos)		static void smk_seq_start(struct seq_file s, loff_t *pos,
			struct list_head *head)
	{		{
	struct list_head *list;		struct list_head *list;

	@@ -390,7 +389,7 @@ static void load_seq_start(struct seq_file s, loff_t *pos)
	* This is 0 the first time through.		* This is 0 the first time through.
	*/		*/
	if (s->index == 0)		if (s->index == 0)
	s->private = &smack_rule_list;		s->private = head;

	if (s->private == NULL)		if (s->private == NULL)
	return NULL;		return NULL;
	@@ -404,11 +403,12 @@ static void load_seq_start(struct seq_file s, loff_t *pos)
	return list;		return list;
	}		}

	static void load_seq_next(struct seq_file s, void v, loff_t pos)		static void smk_seq_next(struct seq_file s, void v, loff_t pos,
			struct list_head *head)
	{		{
	struct list_head *list = v;		struct list_head *list = v;

	if (list_is_last(list, &smack_rule_list)) {		if (list_is_last(list, head)) {
	s->private = NULL;		s->private = NULL;
	return NULL;		return NULL;
	}		}
	@@ -416,6 +416,25 @@ static void load_seq_next(struct seq_file s, void v, loff_t pos)
	return list->next;		return list->next;
	}		}

			static void smk_seq_stop(struct seq_file s, void v)
			{
			/* No-op */
			}

			/*
			* Seq_file read operations for /smack/load
			*/

			static void load_seq_start(struct seq_file s, loff_t *pos)
			{
			return smk_seq_start(s, pos, &smack_rule_list);
			}

			static void load_seq_next(struct seq_file s, void v, loff_t pos)
			{
			return smk_seq_next(s, v, pos, &smack_rule_list);
			}

	static int load_seq_show(struct seq_file s, void v)		static int load_seq_show(struct seq_file s, void v)
	{		{
	struct list_head *list = v;		struct list_head *list = v;
	@@ -446,16 +465,11 @@ static int load_seq_show(struct seq_file s, void v)
	return 0;		return 0;
	}		}

	static void load_seq_stop(struct seq_file s, void v)
	{
	/* No-op */
	}

	static const struct seq_operations load_seq_ops = {		static const struct seq_operations load_seq_ops = {
	.start = load_seq_start,		.start = load_seq_start,
	.next = load_seq_next,		.next = load_seq_next,
	.show = load_seq_show,		.show = load_seq_show,
	.stop = load_seq_stop,		.stop = smk_seq_stop,
	};		};

	/**		/**
	@@ -574,28 +588,12 @@ static void smk_unlbl_ambient(char *oldambient)

	static void cipso_seq_start(struct seq_file s, loff_t *pos)		static void cipso_seq_start(struct seq_file s, loff_t *pos)
	{		{
	if (*pos == SEQ_READ_FINISHED)		return smk_seq_start(s, pos, &smack_known_list);
	return NULL;
	if (list_empty(&smack_known_list))
	return NULL;

	return smack_known_list.next;
	}		}

	static void cipso_seq_next(struct seq_file s, void v, loff_t pos)		static void cipso_seq_next(struct seq_file s, void v, loff_t pos)
	{		{
	struct list_head *list = v;		return smk_seq_next(s, v, pos, &smack_known_list);

	/*
	* labels with no associated cipso value wont be printed
	* in cipso_seq_show
	*/
	if (list_is_last(list, &smack_known_list)) {
	*pos = SEQ_READ_FINISHED;
	return NULL;
	}

	return list->next;
	}		}

	/*		/*
	@@ -634,16 +632,11 @@ static int cipso_seq_show(struct seq_file s, void v)
	return 0;		return 0;
	}		}

	static void cipso_seq_stop(struct seq_file s, void v)
	{
	/* No-op */
	}

	static const struct seq_operations cipso_seq_ops = {		static const struct seq_operations cipso_seq_ops = {
	.start = cipso_seq_start,		.start = cipso_seq_start,
	.stop = cipso_seq_stop,
	.next = cipso_seq_next,		.next = cipso_seq_next,
	.show = cipso_seq_show,		.show = cipso_seq_show,
			.stop = smk_seq_stop,
	};		};

	/**		/**
	@@ -788,23 +781,12 @@ static const struct file_operations smk_cipso_ops = {

	static void netlbladdr_seq_start(struct seq_file s, loff_t *pos)		static void netlbladdr_seq_start(struct seq_file s, loff_t *pos)
	{		{
	if (*pos == SEQ_READ_FINISHED)		return smk_seq_start(s, pos, &smk_netlbladdr_list);
	return NULL;
	if (list_empty(&smk_netlbladdr_list))
	return NULL;
	return smk_netlbladdr_list.next;
	}		}

	static void netlbladdr_seq_next(struct seq_file s, void v, loff_t pos)		static void netlbladdr_seq_next(struct seq_file s, void v, loff_t pos)
	{		{
	struct list_head *list = v;		return smk_seq_next(s, v, pos, &smk_netlbladdr_list);

	if (list_is_last(list, &smk_netlbladdr_list)) {
	*pos = SEQ_READ_FINISHED;
	return NULL;
	}

	return list->next;
	}		}
	#define BEBITS (sizeof(__be32) * 8)		#define BEBITS (sizeof(__be32) * 8)

	@@ -828,16 +810,11 @@ static int netlbladdr_seq_show(struct seq_file s, void v)
	return 0;		return 0;
	}		}

	static void netlbladdr_seq_stop(struct seq_file s, void v)
	{
	/* No-op */
	}

	static const struct seq_operations netlbladdr_seq_ops = {		static const struct seq_operations netlbladdr_seq_ops = {
	.start = netlbladdr_seq_start,		.start = netlbladdr_seq_start,
	.stop = netlbladdr_seq_stop,
	.next = netlbladdr_seq_next,		.next = netlbladdr_seq_next,
	.show = netlbladdr_seq_show,		.show = netlbladdr_seq_show,
			.stop = smk_seq_stop,
	};		};

	/**		/**
	@@ -1405,23 +1382,14 @@ static void load_self_seq_start(struct seq_file s, loff_t *pos)
	{		{
	struct task_smack *tsp = current_security();		struct task_smack *tsp = current_security();

	if (*pos == SEQ_READ_FINISHED)		return smk_seq_start(s, pos, &tsp->smk_rules);
	return NULL;
	if (list_empty(&tsp->smk_rules))
	return NULL;
	return tsp->smk_rules.next;
	}		}

	static void load_self_seq_next(struct seq_file s, void v, loff_t pos)		static void load_self_seq_next(struct seq_file s, void v, loff_t pos)
	{		{
	struct task_smack *tsp = current_security();		struct task_smack *tsp = current_security();
	struct list_head *list = v;

	if (list_is_last(list, &tsp->smk_rules)) {		return smk_seq_next(s, v, pos, &tsp->smk_rules);
	*pos = SEQ_READ_FINISHED;
	return NULL;
	}
	return list->next;
	}		}

	static int load_self_seq_show(struct seq_file s, void v)		static int load_self_seq_show(struct seq_file s, void v)
	@@ -1453,16 +1421,11 @@ static int load_self_seq_show(struct seq_file s, void v)
	return 0;		return 0;
	}		}

	static void load_self_seq_stop(struct seq_file s, void v)
	{
	/* No-op */
	}

	static const struct seq_operations load_self_seq_ops = {		static const struct seq_operations load_self_seq_ops = {
	.start = load_self_seq_start,		.start = load_self_seq_start,
	.next = load_self_seq_next,		.next = load_self_seq_next,
	.show = load_self_seq_show,		.show = load_self_seq_show,
	.stop = load_self_seq_stop,		.stop = smk_seq_stop,
	};		};