Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fad0701e authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'serge-next-1' of git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux-security 

Pull security layer updates from Serge Hallyn:
 "This is a merge of James Morris' security-next tree from 3.14 to
  yesterday's master, plus four patches from Paul Moore which are in
  linux-next, plus one patch from Mimi"

* 'serge-next-1' of git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux-security:
  ima: audit log files opened with O_DIRECT flag
  selinux: conditionally reschedule in hashtab_insert while loading selinux policy
  selinux: conditionally reschedule in mls_convert_context while loading selinux policy
  selinux: reject setexeccon() on MNT_NOSUID applications with -EACCES
  selinux:  Report permissive mode in avc: denied messages.
  Warning in scanf string typing
  Smack: Label cgroup files for systemd
  Smack: Verify read access on file open - v3
  security: Convert use of typedef ctl_table to struct ctl_table
  Smack: bidirectional UDS connect check
  Smack: Correctly remove SMACK64TRANSMUTE attribute
  SMACK: Fix handling value==NULL in post setxattr
  bugfix patch for SMACK
  Smack: adds smackfs/ptrace interface
  Smack: unify all ptrace accesses in the smack
  Smack: fix the subject/object order in smack_ptrace_traceme()
  Minor improvement of 'smack_sb_kern_mount'
  smack: fix key permission verification
  KEYS: Move the flags representing required permission to linux/key.h
parents d53b47c0 f9b2a735

Documentation/ABI/testing/ima_policy

+1 −1
Original line number Diff line number Diff line
@@ -23,7 +23,7 @@ Description: 
				 [fowner]]

			lsm:	[[subj_user=] [subj_role=] [subj_type=]

				 [obj_user=] [obj_role=] [obj_type=]]

			option:	[[appraise_type=]]

			option:	[[appraise_type=]] [permit_directio]



		base: 	func:= [BPRM_CHECK][MMAP_CHECK][FILE_CHECK][MODULE_CHECK]

			mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]

Documentation/security/Smack.txt

+10 −0
Original line number Diff line number Diff line
@@ -204,6 +204,16 @@ onlycap 
	these capabilities are effective at for processes with any

	label. The value is set by writing the desired label to the

	file or cleared by writing "-" to the file.

ptrace

	This is used to define the current ptrace policy

	0 - default: this is the policy that relies on smack access rules.

	    For the PTRACE_READ a subject needs to have a read access on

	    object. For the PTRACE_ATTACH a read-write access is required.

	1 - exact: this is the policy that limits PTRACE_ATTACH. Attach is

	    only allowed when subject's and object's labels are equal.

	    PTRACE_READ is not affected. Can be overriden with CAP_SYS_PTRACE.

	2 - draconian: this policy behaves like the 'exact' above with an

	    exception that it can't be overriden with CAP_SYS_PTRACE.

revoke-subject

	Writing a Smack label here sets the access to '-' for all access

	rules with that subject label.

include/linux/key.h

+11 −0
Original line number Diff line number Diff line
@@ -309,6 +309,17 @@ static inline key_serial_t key_serial(const struct key *key) 


extern void key_set_timeout(struct key *, unsigned);



/*

 * The permissions required on a key that we're looking up.

 */

#define	KEY_NEED_VIEW	0x01	/* Require permission to view attributes */

#define	KEY_NEED_READ	0x02	/* Require permission to read content */

#define	KEY_NEED_WRITE	0x04	/* Require permission to update / modify */

#define	KEY_NEED_SEARCH	0x08	/* Require permission to search (keyring) or find (key) */

#define	KEY_NEED_LINK	0x10	/* Require permission to link */

#define	KEY_NEED_SETATTR 0x20	/* Require permission to change attributes */

#define	KEY_NEED_ALL	0x3f	/* All the above permissions */



/**

 * key_is_instantiated - Determine if a key has been positively instantiated

 * @key: The key to check.

include/linux/security.h

+3 −3
Original line number Diff line number Diff line
@@ -1708,7 +1708,7 @@ struct security_operations { 
	void (*key_free) (struct key *key);

	int (*key_permission) (key_ref_t key_ref,

			       const struct cred *cred,

			       key_perm_t perm);

			       unsigned perm);

	int (*key_getsecurity)(struct key *key, char **_buffer);

#endif	/* CONFIG_KEYS */
@@ -3034,7 +3034,7 @@ static inline int security_path_chroot(struct path *path) 
int security_key_alloc(struct key *key, const struct cred *cred, unsigned long flags);

void security_key_free(struct key *key);

int security_key_permission(key_ref_t key_ref,

			    const struct cred *cred, key_perm_t perm);

			    const struct cred *cred, unsigned perm);

int security_key_getsecurity(struct key *key, char **_buffer);



#else
@@ -3052,7 +3052,7 @@ static inline void security_key_free(struct key *key) 


static inline int security_key_permission(key_ref_t key_ref,

					  const struct cred *cred,

					  key_perm_t perm)

					  unsigned perm)

{

	return 0;

}

security/capability.c

+1 −1
Original line number Diff line number Diff line
@@ -879,7 +879,7 @@ static void cap_key_free(struct key *key) 
}



static int cap_key_permission(key_ref_t key_ref, const struct cred *cred,

			      key_perm_t perm)

			      unsigned perm)

{

	return 0;

}