Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bb2cbf5e authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 

Pull security subsystem updates from James Morris:
 "In this release:

   - PKCS#7 parser for the key management subsystem from David Howells
   - appoint Kees Cook as seccomp maintainer
   - bugfixes and general maintenance across the subsystem"

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (94 commits)
  X.509: Need to export x509_request_asymmetric_key()
  netlabel: shorter names for the NetLabel catmap funcs/structs
  netlabel: fix the catmap walking functions
  netlabel: fix the horribly broken catmap functions
  netlabel: fix a problem when setting bits below the previously lowest bit
  PKCS#7: X.509 certificate issuer and subject are mandatory fields in the ASN.1
  tpm: simplify code by using %*phN specifier
  tpm: Provide a generic means to override the chip returned timeouts
  tpm: missing tpm_chip_put in tpm_get_random()
  tpm: Properly clean sysfs entries in error path
  tpm: Add missing tpm_do_selftest to ST33 I2C driver
  PKCS#7: Use x509_request_asymmetric_key()
  Revert "selinux: fix the default socket labeling in sock_graft()"
  X.509: x509_request_asymmetric_keys() doesn't need string length arguments
  PKCS#7: fix sparse non static symbol warning
  KEYS: revert encrypted key change
  ima: add support for measuring and appraising firmware
  firmware_class: perform new LSM checks
  security: introduce kernel_fw_from_file hook
  PKCS#7: Missing inclusion of linux/err.h
  ...
parents e7fda6c4 478d0855

Documentation/ABI/testing/ima_policy

+3 −1
Original line number Diff line number Diff line
@@ -26,6 +26,7 @@ Description: 
			option:	[[appraise_type=]] [permit_directio]



		base: 	func:= [BPRM_CHECK][MMAP_CHECK][FILE_CHECK][MODULE_CHECK]

				[FIRMWARE_CHECK]

			mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]

			fsmagic:= hex value

			fsuuid:= file system UUID (e.g 8bcbe394-4f13-4144-be8e-5aa9ea2ce2f6)
@@ -57,7 +58,8 @@ Description: 
			measure func=BPRM_CHECK

			measure func=FILE_MMAP mask=MAY_EXEC

			measure func=FILE_CHECK mask=MAY_READ uid=0

			measure func=MODULE_CHECK uid=0

			measure func=MODULE_CHECK

			measure func=FIRMWARE_CHECK

			appraise fowner=0



		The default policy measures all executables in bprm_check,

Documentation/kernel-parameters.txt

+22 −0
Original line number Diff line number Diff line
@@ -566,6 +566,11 @@ bytes respectively. Such letter suffixes can also be entirely omitted. 
			possible to determine what the correct size should be.

			This option provides an override for these situations.



	ca_keys=	[KEYS] This parameter identifies a specific key(s) on

			the system trusted keyring to be used for certificate

			trust validation.

			format: { id:<keyid> | builtin }



	ccw_timeout_log [S390]

			See Documentation/s390/CommonIO for details.
@@ -1319,6 +1324,23 @@ bytes respectively. Such letter suffixes can also be entirely omitted. 
			Formats: { "ima" | "ima-ng" }

			Default: "ima-ng"



	ima.ahash_minsize= [IMA] Minimum file size for asynchronous hash usage

			Format: <min_file_size>

			Set the minimal file size for using asynchronous hash.

			If left unspecified, ahash usage is disabled.



			ahash performance varies for different data sizes on

			different crypto accelerators. This option can be used

			to achieve the best performance for a particular HW.



	ima.ahash_bufsize= [IMA] Asynchronous hash buffer size

			Format: <bufsize>

			Set hashing buffer size. Default: 4k.



			ahash performance varies for different chunk sizes on

			different crypto accelerators. This option can be used

			to achieve best performance for particular HW.



	init=		[KNL]

			Format: <full_path>

			Run specified binary instead of /sbin/init as init

Documentation/security/keys.txt

+10 −4
Original line number Diff line number Diff line
@@ -1150,18 +1150,22 @@ The structure has a number of fields, some of which are mandatory: 
		const void	*data;

		size_t		datalen;

		size_t		quotalen;

		time_t		expiry;

	};



     Before calling the method, the caller will fill in data and datalen with

     the payload blob parameters; quotalen will be filled in with the default

     quota size from the key type and the rest will be cleared.

     quota size from the key type; expiry will be set to TIME_T_MAX and the

     rest will be cleared.



     If a description can be proposed from the payload contents, that should be

     attached as a string to the description field.  This will be used for the

     key description if the caller of add_key() passes NULL or "".



     The method can attach anything it likes to type_data[] and payload.  These

     are merely passed along to the instantiate() or update() operations.

     are merely passed along to the instantiate() or update() operations.  If

     set, the expiry time will be applied to the key if it is instantiated from

     this data.



     The method should return 0 if successful or a negative error code

     otherwise.
@@ -1172,7 +1176,9 @@ The structure has a number of fields, some of which are mandatory: 
     This method is only required if the preparse() method is provided,

     otherwise it is unused.  It cleans up anything attached to the

     description, type_data and payload fields of the key_preparsed_payload

     struct as filled in by the preparse() method.

     struct as filled in by the preparse() method.  It will always be called

     after preparse() returns successfully, even if instantiate() or update()

     succeed.





 (*) int (*instantiate)(struct key *key, struct key_preparsed_payload *prep);

MAINTAINERS

+10 −0
Original line number Diff line number Diff line
@@ -8002,6 +8002,16 @@ S: Maintained 
F:	drivers/mmc/host/sdhci.*

F:	drivers/mmc/host/sdhci-pltfm.[ch]



SECURE COMPUTING

M:	Kees Cook <keescook@chromium.org>

T:	git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git seccomp

S:	Supported

F:	kernel/seccomp.c

F:	include/uapi/linux/seccomp.h

F:	include/linux/seccomp.h

K:	\bsecure_computing

K:	\bTIF_SECCOMP\b



SECURE DIGITAL HOST CONTROLLER INTERFACE, OPEN FIRMWARE BINDINGS (SDHCI-OF)

M:	Anton Vorontsov <anton@enomsg.org>

L:	linuxppc-dev@lists.ozlabs.org

arch/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -321,6 +321,7 @@ config HAVE_ARCH_SECCOMP_FILTER 
	  - secure_computing is called from a ptrace_event()-safe context

	  - secure_computing return value is checked and a return value of -1

	    results in the system call being skipped immediately.

	  - seccomp syscall wired up



config SECCOMP_FILTER

	def_bool y