Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8d80ce80 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'for-linus' of... 

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (71 commits)
  SELinux: inode_doinit_with_dentry drop no dentry printk
  SELinux: new permission between tty audit and audit socket
  SELinux: open perm for sock files
  smack: fixes for unlabeled host support
  keys: make procfiles per-user-namespace
  keys: skip keys from another user namespace
  keys: consider user namespace in key_permission
  keys: distinguish per-uid keys in different namespaces
  integrity: ima iint radix_tree_lookup locking fix
  TOMOYO: Do not call tomoyo_realpath_init unless registered.
  integrity: ima scatterlist bug fix
  smack: fix lots of kernel-doc notation
  TOMOYO: Don't create securityfs entries unless registered.
  TOMOYO: Fix exception policy read failure.
  SELinux: convert the avc cache hash list to an hlist
  SELinux: code readability with avc_cache
  SELinux: remove unused av.decided field
  SELinux: more careful use of avd in avc_has_perm_noaudit
  SELinux: remove the unused ae.used
  SELinux: check seqno when updating an avc_node
  ...
parents 1646df40 703a3cd7

Documentation/ABI/testing/ima_policy

0 → 100644
+61 −0
Original line number Diff line number Diff line 
What:		security/ima/policy

Date:		May 2008

Contact:	Mimi Zohar <zohar@us.ibm.com>

Description:

		The Trusted Computing Group(TCG) runtime Integrity

		Measurement Architecture(IMA) maintains a list of hash

		values of executables and other sensitive system files

		loaded into the run-time of this system.  At runtime,

		the policy can be constrained based on LSM specific data.

		Policies are loaded into the securityfs file ima/policy

		by opening the file, writing the rules one at a time and

		then closing the file.  The new policy takes effect after

		the file ima/policy is closed.



		rule format: action [condition ...]



		action: measure | dont_measure

		condition:= base | lsm

			base:	[[func=] [mask=] [fsmagic=] [uid=]]

			lsm:	[[subj_user=] [subj_role=] [subj_type=]

				 [obj_user=] [obj_role=] [obj_type=]]



		base: 	func:= [BPRM_CHECK][FILE_MMAP][INODE_PERMISSION]

			mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]

			fsmagic:= hex value

			uid:= decimal value

		lsm:  	are LSM specific



		default policy:

			# PROC_SUPER_MAGIC

			dont_measure fsmagic=0x9fa0

			# SYSFS_MAGIC

			dont_measure fsmagic=0x62656572

			# DEBUGFS_MAGIC

			dont_measure fsmagic=0x64626720

			# TMPFS_MAGIC

			dont_measure fsmagic=0x01021994

			# SECURITYFS_MAGIC

			dont_measure fsmagic=0x73636673



			measure func=BPRM_CHECK

			measure func=FILE_MMAP mask=MAY_EXEC

			measure func=INODE_PERM mask=MAY_READ uid=0



		The default policy measures all executables in bprm_check,

		all files mmapped executable in file_mmap, and all files

		open for read by root in inode_permission.



		Examples of LSM specific definitions:



		SELinux:

			# SELINUX_MAGIC

			dont_measure fsmagic=0xF97CFF8C



			dont_measure obj_type=var_log_t

			dont_measure obj_type=auditd_log_t

			measure subj_user=system_u func=INODE_PERM mask=MAY_READ

			measure subj_role=system_r func=INODE_PERM mask=MAY_READ



		Smack:

			measure subj_user=_ func=INODE_PERM mask=MAY_READ

Documentation/kernel-parameters.txt

+10 −0
Original line number Diff line number Diff line
@@ -44,6 +44,7 @@ parameter is applicable: 
	FB	The frame buffer device is enabled.

	HW	Appropriate hardware is enabled.

	IA-64	IA-64 architecture is enabled.

	IMA     Integrity measurement architecture is enabled.

	IOSCHED	More than one I/O scheduler is enabled.

	IP_PNP	IP DHCP, BOOTP, or RARP is enabled.

	ISAPNP	ISA PnP code is enabled.
@@ -902,6 +903,15 @@ and is between 256 and 4096 characters. It is defined in the file 
	ihash_entries=	[KNL]

			Set number of hash buckets for inode cache.



	ima_audit=	[IMA]

			Format: { "0" | "1" }

			0 -- integrity auditing messages. (Default)

			1 -- enable informational integrity auditing messages.



	ima_hash=	[IMA]

			Formt: { "sha1" | "md5" }

			default: "sha1"



	in2000=		[HW,SCSI]

			See header of drivers/scsi/in2000.c.

MAINTAINERS

+19 −0
Original line number Diff line number Diff line
@@ -2216,6 +2216,11 @@ M: stefanr@s5r6.in-berlin.de 
L:	linux1394-devel@lists.sourceforge.net

S:	Maintained



INTEGRITY MEASUREMENT ARCHITECTURE (IMA)

P:	Mimi Zohar

M:	zohar@us.ibm.com

S:	Supported



IMS TWINTURBO FRAMEBUFFER DRIVER

L:	linux-fbdev-devel@lists.sourceforge.net (moderated for non-subscribers)

S:	Orphan
@@ -3844,6 +3849,7 @@ M: jmorris@namei.org 
L:	linux-kernel@vger.kernel.org

L:	linux-security-module@vger.kernel.org (suggested Cc:)

T:	git kernel.org:pub/scm/linux/kernel/git/jmorris/security-testing-2.6.git

W:	http://security.wiki.kernel.org/

S:	Supported



SECURITY CONTACT
@@ -4285,6 +4291,19 @@ L: tlan-devel@lists.sourceforge.net (subscribers-only) 
W:	http://sourceforge.net/projects/tlan/

S:	Maintained



TOMOYO SECURITY MODULE

P:	Kentaro Takeda

M:	takedakn@nttdata.co.jp

P:	Tetsuo Handa

M:	penguin-kernel@I-love.SAKURA.ne.jp

L:	linux-kernel@vger.kernel.org (kernel issues)

L:	tomoyo-users-en@lists.sourceforge.jp (subscribers-only, for developers and users in English)

L:	tomoyo-dev@lists.sourceforge.jp (subscribers-only, for developers in Japanese)

L:	tomoyo-users@lists.sourceforge.jp (subscribers-only, for users in Japanese)

W:	http://tomoyo.sourceforge.jp/

T:	quilt http://svn.sourceforge.jp/svnroot/tomoyo/trunk/2.2.x/tomoyo-lsm/patches/

S:	Maintained



TOSHIBA ACPI EXTRAS DRIVER

P:	John Belmonte

M:	toshiba_acpi@memebeam.org

drivers/char/tpm/tpm.c

+248 −282

File changed.

Preview size limit exceeded, changes collapsed.

drivers/char/tpm/tpm.h

+142 −0

File changed.

Preview size limit exceeded, changes collapsed.