[ANNOUNCE] Linux Security Summit North Americ (LSS-NA) CfP

a three day event, co-located with Open Source Summit North America [1]. The LSS-NA CfP is open until March 1st, 2023. Note that announcements relating to the Linux Security Summit may be found now on the Fediverse, via: https://social.kernel.org/LinuxSecSummit -- James Morris [1] https

Re: [ANNOUNCE][CFP] Linux Security Summit North America 2022

On Tue, 8 Feb 2022, James Morris wrote: > * Event:September 23-24 Correction: This should be 23-24 June per the top of the email. -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://listman.redhat.com/mailman/listinfo/linux-audit

[ANNOUNCE][CFP] Linux Security Summit North America 2022

follow: https://twitter.com/LinuxSecSummit #linuxsecuritysummit PROGRAM COMMITTEE The program committee for LSS 2021 is: * James Morris, Microsoft * Serge Hallyn, Cisco * Paul Moore, Microsoft * Stephen Smalley, NSA * Elena Reshetova, Intel * John Johansen, Ca

Re: [ANNOUNCE][CFP] Linux Security Summit 2021

For folks presenting remotely, the deadline for video talks is extended to 20th September, 2021. Reminder: you can keep track LSS event information via: https://twitter.com/LinuxSecSummit -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://listman.redhat.com/mailman

Re: [ANNOUNCE][CFP] Linux Security Summit 2021

Two further (and hopefully final) changes: - LSS 2021 will now be a hybrid event, catering to both in-person and remote attendees and presenters - The CFP is extended to July 11th. On Wed, 26 May 2021, James Morris wrote: > Note that the venue of LSS 2021 has now changed to Seat

Re: [ANNOUNCE][CFP] Linux Security Summit 2021

Note that the venue of LSS 2021 has now changed to Seattle, USA. See https://events.linuxfoundation.org/linux-security-summit-north-america/ The new event dates are 29 September to 01 October. The CFP closes on June 27th. On Tue, 9 Feb 2021, James Morris wrote

Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants

, &secctx, &secctx_sz); > if (ret) { > return_error = BR_FAILED_REPLY; Can someone from the Android project confirm this is correct for binder? -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://listman.redhat.com/mailman/listinfo/linux-audit

Re: security_task_getsecid() and subjective vs objective task creds

On Thu, 18 Feb 2021, Paul Moore wrote: > Hi all, > > When looking into a problem I noticed that audit was recording the > wrong subject label for a process. Is this a public bug? It would be good to know what the extent of this issue may be and whether it warrants a CVE. --

[ANNOUNCE][CFP] Linux Security Summit 2021

LinuxSecSummit #linuxsecuritysummit PROGRAM COMMITTEE The program committee for LSS 2021 is: * James Morris, Microsoft * Serge Hallyn, Cisco * Paul Moore, Cisco * Stephen Smalley, NSA * Elena Reshetova, Intel * John Johansen, Canonical * Kees Cook, Google * Casey Sc

Re: [PATCH v22 16/23] LSM: security_secid_to_secctx in netlink netfilter

(skb, ct, ctinfo, NFQA_CT, NFQA_CT_INFO) < 0) > > @@ -632,10 +627,8 @@ nfqnl_build_packet_message(struct net *net, struct > > nfqnl_instance *queue, > > } > > > > nlh->nlmsg_len = skb->len; > > - if (seclen) { > > - lsmcontext_init(&scaff, se

Re: [PATCH v22 05/23] LSM: Use lsmblob in security_secctx_to_secid

ng back a secid. > The infrastructure passes the correct entry from the lsmblob. > > Signed-off-by: Casey Schaufler > Cc: net...@vger.kernel.org You probably need to include Netfilter maintainers specifically for this (added them + the Netfilter list). This also needs signoffs from LS

Re: [PATCH v22 06/23] LSM: Use lsmblob in security_secid_to_secctx

ntainers on the To: line or they may miss the email. -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH v20 20/23] Audit: Add new record for multiple process LSM attributes

,13 +2244,32 @@ int security_ismaclabel(const char *name) > } > EXPORT_SYMBOL(security_ismaclabel); > > -int security_secid_to_secctx(struct lsmblob *blob, struct lsmcontext *cp) > +int security_secid_to_secctx(struct lsmblob *blob, struct lsmcontext *cp, > +

Re: [PATCH v20 05/23] net: Prepare UDS for security module stacking

hook(socket_getpeersec_dgram, -ENOPROTOOPT, sock, > - skb, secid); > + struct security_hook_list *hp; > + int rc = -ENOPROTOOPT; > + > + hlist_for_each_entry(hp, &security_hook_heads.socket_getpeersec_dgram, > + list) { > + if (WARN_ON(hp->lsmid->slot < 0 || hp->lsmid->slot >= lsm_slot)) > + continue; > + rc = hp->hook.socket_getpeersec_dgram(sock, skb, > + &blob->secid[hp->lsmid->slot]); > + if (rc != 0) > + break; > + } > + return rc; > } > EXPORT_SYMBOL(security_socket_getpeersec_dgram); > > -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

fied or otherwise trusted rootfs. Future versions will support FS-Verity, at least. IPE was designed to be extensible in this way, with a strong separation of mechanism and policy. Whatever is implemented for NFS should be able to plug in to IPE pretty easily. -- James Morris -- Linux-audit

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

able to attend, so I've submitted a BoF proposal: https://www.linuxplumbersconf.org/event/7/abstracts/732/ -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

On Thu, 6 Aug 2020, Mimi Zohar wrote: > On Thu, 2020-08-06 at 09:51 +1000, James Morris wrote: > > On Wed, 5 Aug 2020, Mimi Zohar wrote: > > > > > If block layer integrity was enough, there wouldn't have been a need > > > for fs-verity. Even fs-veri

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

On Wed, 5 Aug 2020, Mimi Zohar wrote: > If block layer integrity was enough, there wouldn't have been a need > for fs-verity. Even fs-verity is limited to read only filesystems, > which makes validating file integrity so much easier. From the > beginning, we've said that fs-verity signatures sh

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

t;You've tried to differentiate yours by making it more Kconfig > based, but policy has a way of becoming user space supplied because > the distros hate config options, so I think you're going to end up > with a policy parser very like IMAs. -- James M

Re: [PATCH v19 13/23] LSM: Specify which LSM to display

sen > SELinux hook provided by Stephen Smalley > > Reviewed-by: Kees Cook > Acked-by: Stephen Smalley > Acked-by: Paul Moore > Signed-off-by: Casey Schaufler jj: do you have any review/feedback on this? -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH v19 21/23] Audit: Add a new record for multiple object LSM attributes

p and serial number. > > Signed-off-by: Casey Schaufler > Cc: linux-audit@redhat.com These audit patches will need ack/review from Paul. -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH v19 17/23] LSM: security_secid_to_secctx in netlink netfilter

ger.kernel.org I'd like to see Paul's acks on any networking related changes. -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

[ANNOUNCE][CFP] Linux Security Summit North America 2020

S 2020 is: * James Morris, Microsoft * Serge Hallyn, Cisco * Paul Moore, Cisco * Stephen Smalley, NSA * Elena Reshetova, Intel * John Johansen, Canonical * Kees Cook, Google * Casey Schaufler, Intel * Mimi Zohar, IBM * David A. Wheeler, Institute for Defense Analys

Re: [RFC PATCH v2] security,lockdown,selinux: implement SELinux lockdown

- > security/lsm_audit.c| 5 + > security/security.c | 30 + > security/selinux/hooks.c| 30 + > security/selinux/include/classmap.h | 2 ++ > 7 files changed, 71 insertions(+), 2

Re: [RFC PATCH v3] security,capability: pass object information to security_capable

audit logs look the same once the 2nd patch is applied? We need to be careful about breaking existing userland. -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: Preferred subj= with multiple LSMs

which is an assumption that dbus is already relying on since I checked > it in the thread around > <https://marc.info/?l=linux-security-module&m=142323508321029&w=2>? > Or is that restriction so fundamental that it's considered OK? Security labels are strings, so this is imp

Re: Preferred subj= with multiple LSMs

that none of > > the existing modules use, how would it be wrong to > > reserve it? > > "We've never had to think about having general rules on what security > modules do before..." > > We famously haven't imposed restrictions on the label format before &g

Re: Preferred subj= with multiple LSMs

e, right? We can't do that. > Once again, I believe that the subj_X approach is going to be faster > than safely parsing the multiplexed format. What about emitting one audit record for each LSM? -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.red

[ANNOUNCE][CFP] Linux Security Summit North America 2019

SecSummit PROGRAM COMMITTEE The program committee for LSS 2019 is: * James Morris, Microsoft * Serge Hallyn, Cisco * Paul Moore, Cisco * Stephen Smalley, NSA * Elena Reshetova, Intel * John Johansen, Canonical * Kees Cook, Google * Casey Schaufler, Intel * Mimi Z

Re: [PATCH v2 1/4] seccomp: Separate read and write code for actions_logged sysctl

itional code paths on whether or not the > 'write' parameter evaluates to true. > > Signed-off-by: Tyler Hicks Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH v2 3/4] seccomp: Audit attempts to modify the actions_logged sysctl

actions_logged sysctl. > > Suggested-by: Steve Grubb > Signed-off-by: Tyler Hicks Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH v2 2/4] seccomp: Configurable separator for the actions_logged string

ator. This patch allows the separator character to be > configurable to meet both needs. > > Signed-off-by: Tyler Hicks Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

[ANNOUNCE] Linux Security Summit North America 2018 - CFP

S 2018 is: * James Morris, Microsoft * Serge Hallyn, Cisco * Paul Moore, Red Hat * Stephen Smalley, NSA * Elena Reshetova, Intel * John Johansen, Canonical * Kees Cook, Google * Casey Schaufler, Intel * Mimi Zohar, IBM * David A. Wheeler, Institute for Defense Analys

Re: [PATCH] Audit: remove unused audit_log_secctx function

t security module. > > Signed-off-by: Casey Schaufler Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH GHAK16 V5 00/10] capabilities: do not audit log BPRM_FCAPS on set*id

id. > > > > Serge? James? Can one of you two take this via your trees since Paul > has backed down citing (reasonably) that it is mostly capabilities > patches rather than audit? Applied to git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-gene

Re: [PATCH GHAK16 V5 00/10] capabilities: do not audit log BPRM_FCAPS on set*id

sing conditions > > > > security/commoncap.c | 193 > > ++- > > 1 file changed, 128 insertions(+), 65 deletions(-) > > > > -- > > 1.8.3.1 > > > > -- > > To unsubscribe from this list: send the line "unsubscribe > > linux-security-module" in > > the body of a message to majord...@vger.kernel.org > > More majordomo info at http://vger.kernel.org/majordomo-info.html > > - RGB > > -- > Richard Guy Briggs > Sr. S/W Engineer, Kernel Security, Base Operating Systems > Remote, Ottawa, Red Hat Canada > IRC: rgb, SunRaycer > Voice: +1.647.777.2635, Internal: (81) 32635 > -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH V4 01/10] capabilities: factor out cap_bprm_set_creds privileged root

> --- > security/commoncap.c | 63 +++-- > 1 files changed, 35 insertions(+), 28 deletions(-) Acked-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH V3 05/10] capabilities: use intuitive names for id changes

r > existence > is justified. Perhaps document them better and maybe prefix them with __ to emphasize that they're internal only? -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH V3 06/10] capabilities: move audit log decision to function

ty/commoncap.c | 50 > ++ > 1 files changed, 30 insertions(+), 20 deletions(-) Acked-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH V3 05/10] capabilities: use intuitive names for id changes

, 21 insertions(+), 5 deletions(-) Acked-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH V3 04/10] capabilities: use root_priveleged inline to clarify logic

sertions(+), 4 deletions(-) Acked-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH V3 10/10] capabilities: audit log other surprising conditions

; pA_gained > > - These last two are combined into one due to the common first parameter. > > Related: https://github.com/linux-audit/audit-kernel/issues/16 > > Signed-off-by: Richard Guy Briggs Acked-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH V3 07/10] capabilities: remove a layer of conditional logic

On Wed, 23 Aug 2017, Richard Guy Briggs wrote: > Remove a layer of conditional logic to make the use of conditions > easier to read and analyse. > > Signed-off-by: Richard Guy Briggs Acked-by: James Morris > --- > security/commoncap.c | 13 ++--- > 1 files

Re: [PATCH V3 03/10] capabilities: rename has_cap to has_fcap

1 files changed, 10 insertions(+), 10 deletions(-) Acked-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH V3 09/10] capabilities: fix logic for effective root or real root

the > unnecessary record. > > Ref: 3fc689e96c0c (Add audit_log_bprm_fcaps/AUDIT_BPRM_FCAPS) > See: https://github.com/linux-audit/audit-kernel/issues/16 > > Signed-off-by: Richard Guy Briggs > --- > security/commoncap.c |6 +++--- > 1 files changed, 3 insertions(+)

Re: [PATCH V3 08/10] capabilities: invert logic for clarity

On Wed, 23 Aug 2017, Richard Guy Briggs wrote: > The way the logic was presented, it was awkward to read and verify. Invert > the > logic using DeMorgan's Law to be more easily able to read and understand. > > Signed-off-by: Richard Guy Briggs Acked-by: James Morris

Re: [PATCH V3 02/10] capabilities: intuitive names for cap gain status

1 files changed, 10 insertions(+), 6 deletions(-) Acked-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH V3 01/10] capabilities: factor out cap_bprm_set_creds privileged root

+481,38 @@ static int get_file_caps(struct linux_binprm *bprm, bool > *effective, bool *has_c > return rc; > } > > +void handle_privileged_root(struct linux_binprm *bprm, bool has_cap, bool > *effective, kuid_t root_uid) Can this be static? -- James Morri

[ANNOUNCE] Linux Security Summit 2017 - CFP

ut to the development process. WEB SITE http://events.linuxfoundation.org/events/linux-security-summit TWITTER For event updates and announcements, follow: https://twitter.com/LinuxSecSummit PROGRAM COMMITTEE The program committee for LSS 2017 is: * James Morris, Oracle

Re: [PATCH] lsm: copy comm before calling audit_log to avoid race in string printing

audit_log_untrustedstring() with comm. > > Reported-by: Tetsuo Handa > Signed-off-by: Richard Guy Briggs Applied. -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [audit] Suppress runtime loading of audit module.

cribe from this list: send the line "unsubscribe > linux-security-module" in > the body of a message to majord...@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH -v3] SELinux: Convert avc_audit to use lsm_audit.h

On Fri, 14 Aug 2009, Stephen Smalley wrote: > Acked-by: Stephen Smalley > Applied to git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#next -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH] SELinux: define audit permissions for audit tree netlink messages

{ AUDIT_TTY_SET, NETLINK_AUDIT_SOCKET__NLMSG_TTY_AUDIT }, > }; > -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 0/2] security/smack implement logging V3

s/security-testing-2.6#next Note: Please ensure that each patch has a distinct and descriptive subject line. Also, the format for the subject is: [PATCH x/y] subsystem: short description See section 15 of Documentation/SubmittingPatches. -- James Morris -- Linux-audit mailing list Linu

Re: [PATCH 3/15] sanitize audit_ipc_obj()

On Wed, 17 Dec 2008, Al Viro wrote: > On Wed, Dec 17, 2008 at 06:24:40PM +1100, James Morris wrote: > > On Wed, 17 Dec 2008, Al Viro wrote: > > > > > + struct { > > > + uid_t uid; > > > +

Re: [PATCH 15/15] audit: validate comparison operations, store them in sane form

rule() and ->audit_match_rule() get new values now; in-tree > instances updated. > > Signed-off-by: Al Viro Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 14/15] clean up audit_rule_{add,del} a bit

On Wed, 17 Dec 2008, Al Viro wrote: > > Signed-off-by: Al Viro Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 13/15] make sure that filterkey of task, always rules is reported

On Wed, 17 Dec 2008, Al Viro wrote: > > Signed-off-by: Al Viro Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 12/15] audit rules ordering, part 2

On Wed, 17 Dec 2008, Al Viro wrote: > > Fix the actual rule listing; add per-type lists _not_ used for matching, > with all exit,... sitting on one such list. Simplifies "do something > for all rules" logics, while we are at it... > > Signed-off-by: Al Viro

Re: [PATCH 11/15] fixing audit rule ordering mess, part 1

tion: assign priorities to rules, keep track of the current > highest-priority matching rule and its result (always/never). > > Signed-off-by: Al Viro Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 10/15] audit_update_lsm_rules() misses the audit_inode_hash[] ones

On Wed, 17 Dec 2008, Al Viro wrote: > > Signed-off-by: Al Viro Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 9/15] sanitize audit_fd_pair()

On Wed, 17 Dec 2008, Al Viro wrote: > > * no allocations > * return void > > Signed-off-by: Al Viro Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 8/15] sanitize audit_mq_open()

On Wed, 17 Dec 2008, Al Viro wrote: > > * don't bother with allocations > * don't do double copy_from_user() > * don't duplicate parts of check for audit_dummy_context() > > Signed-off-by: Al Viro Reviewed-by: James Morris -- James Morris -- Lin

Re: [PATCH 7/15] sanitize AUDIT_MQ_SENDRECV

. > * merge __audit_mq_timed{send,receive} > * don't do copy_from_user() twice > * don't mess with allocations in auditsc part > * ... and don't bother checking !audit_enabled and !context in there - > we'd already checked for audit_dummy_context(). > >

Re: [PATCH 6/15] sanitize audit_mq_notify()

On Wed, 17 Dec 2008, Al Viro wrote: > > * don't copy_from_user() twice > * don't bother with allocations > * don't duplicate parts of audit_dummy_context() > * make it return void > > Signed-off-by: Al Viro Reviewed-by: James Morris -- James Morris

Re: [PATCH 5/15] sanitize audit_mq_getsetattr()

On Wed, 17 Dec 2008, Al Viro wrote: > > * get rid of allocations > * make it return void > * don't duplicate parts of audit_dummy_context() > > Signed-off-by: Al Viro Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com

Re: [PATCH 4/15] sanitize audit_ipc_set_perm()

On Wed, 17 Dec 2008, Al Viro wrote: > > * get rid of allocations > * make it return void > * simplify callers > > Signed-off-by: Al Viro Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 3/15] sanitize audit_ipc_obj()

} ipc; 'osid' should be converted into 'secid' someday. Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 2/15] sanitize audit_socketcall

On Wed, 17 Dec 2008, Al Viro wrote: > > * don't bother with allocations > * now that it can't fail, make it return void > > Signed-off-by: Al Viro Reviewed-by: James Morris -- James Morris -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.c

Re: [PATCH 1/15] don't reallocate buffer in every audit_sockaddr()

On Wed, 17 Dec 2008, Al Viro wrote: > > No need to do that more than once per process lifetime; allocating/freeing > on each sendto/accept/etc. is bloody pointless. > > Signed-off-by: Al Viro Reviewed-by: James Morris > --- > ke

Re: [PATCH 10/12] Tell git about security/selinux/include/audit.h

On Thu, 17 Apr 2008, Greg KH wrote: > On Thu, Apr 17, 2008 at 11:06:07AM +0000, James Morris wrote: > > Signed-off-by: James Morris <[EMAIL PROTECTED]> > > --- > > security/selinux/include/audit.h | 65 > > ++ > > Sho

[PATCH 05/12] SELinux: remove redundant exports

alents respectively: new LSM hook, inode_getsecid(inode, secid) new LSM hook, ipc_getsecid*(ipcp, secid) LSM hook, task_getsecid(tsk, secid) LSM hook, sid_to_secctx(sid, ctx, len) Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: Ja

[PATCH 10/12] Tell git about security/selinux/include/audit.h

Signed-off-by: James Morris <[EMAIL PROTECTED]> --- security/selinux/include/audit.h | 65 ++ 1 files changed, 65 insertions(+), 0 deletions(-) create mode 100644 security/selinux/include/audit.h diff --git a/security/selinux/include/audit.h b/se

[PATCH 07/12] Audit: internally use the new LSM audit hooks

tively) : selinux_audit_rule_init selinux_audit_rule_free audit_rule_has_selinux selinux_audit_rule_match Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> --- kernel/audit.c |7 +- ker

[PATCH 11/12] Security: Introduce security= boot parameter

as not chosen on boot. Smackfs assumes that smack hooks are registered and the initial task security setup (swapper->security) is done. Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> --- Documentation/kernel-parameters.txt |6

[PATCH 12/12] security: fix up documentation for security_module_enable

security_module_enable() can only be called during kernel init. Signed-off-by: James Morris <[EMAIL PROTECTED]> --- security/security.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/security/security.c b/security/security.c index 2ed153c..7787c59 100644 --- a/se

[PATCH 09/12] Audit: Final renamings and cleanup

From: Ahmed S. Darwish <[EMAIL PROTECTED]> Rename the se_str and se_rule audit fields elements to lsm_str and lsm_rule to avoid confusion. Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris

[PATCH 08/12] SELinux: use new audit hooks, remove redundant exports

tation of the new LSM hook 'audit_rule_known'. Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> --- include/linux/audit.h | 29 include/linux/selinux.h|

[PATCH 04/12] Netlink: Use generic LSM hook

From: Ahmed S. Darwish <[EMAIL PROTECTED]> Don't use SELinux exported selinux_get_task_sid symbol. Use the generic LSM equivalent instead. Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[

[PATCH 06/12] LSM/Audit: Introduce generic Audit LSM hooks

ks are only available if CONFIG_AUDIT is enabled. Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> Reviewed-by: Paul Moore <[EMAIL PROTECTED]> --- i

Security testing tree patch review for 2.6.26

Introduce security= boot parameter James Morris (2): Tell git about security/selinux/include/audit.h security: fix up documentation for security_module_enable Documentation/kernel-parameters.txt |6 ++ include/linux/audit.h | 29 include/linux/

[PATCH 02/12] SELinux: setup new inode/ipc getsecid hooks

From: Ahmed S. Darwish <[EMAIL PROTECTED]> Setup the new inode_getsecid and ipc_getsecid() LSM hooks for SELinux. Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> Reviewe

[PATCH 03/12] Audit: use new LSM hooks instead of SELinux exports

lt;[EMAIL PROTECTED]> Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> Reviewed-by: Paul Moore <[EMAIL PROTECTED]> --- kernel/audit.c | 17 --- kernel/auditfilter.c |8 -

[PATCH 01/12] LSM: Introduce inode_getsecid and ipc_getsecid hooks

efined or if the hook is set to NULL (dummy). This is done to notify the caller that no valid secid exists. Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> Reviewed-by: Paul

Re: [PATCH-v2 -mm 0/9] LSM-neutral Audit (SELinux audit separation)

ested & managed together. - James -- James Morris <[EMAIL PROTECTED]> -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 7/9] Audit: internally use the new LSM audit hooks

tches need to be acked by the likes of Al Viro (cc'd, who possibly should also be added to the MAINTAINERS entry for audit). - James -- James Morris <[EMAIL PROTECTED]> -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 7/9] Audit: internally use the new LSM audit hooks

ormat-patch should "just work". -- James Morris <[EMAIL PROTECTED]> -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 6/9] LSM/Audit: Introduce generic Audit LSM hooks

audit_rule_free(rule) > > Those hooks are only available if CONFIG_AUDIT is enabled. > > Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> > Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> -- James Morris <[E

Re: [PATCH 7/9] Audit: internally use the new LSM audit hooks

> instad of (respectively) : > selinux_audit_rule_init > selinux_audit_rule_free > audit_rule_has_selinux > selinux_audit_rule_match > > Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> > Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James M

Re: [PATCH 8/9] SELinux: use new audit hooks, remove redundant exports

mplementation of the > new LSM hook 'audit_rule_known'. > > Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> > Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> -- James Morris <[EMAIL PROTECTED]>

Re: [PATCH 9/9] Audit: Final renamings and cleanup

On Sat, 1 Mar 2008, Ahmed S. Darwish wrote: > Rename the se_str and se_rule audit fields elements to > lsm_str and lsm_rule to avoid confusion. > > Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> > Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: Jam

Re: [PATCH 3/9] Audit: use new LSM hooks instead of SELinux exports

only if security_secid_to_secctx > succeeded. > > Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> > Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> -- James Morris <[EMAIL PROTECTED]> -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 4/9] Netlink: Use generic LSM hook

On Sat, 1 Mar 2008, Ahmed S. Darwish wrote: > Don't use SELinux exported selinux_get_task_sid symbol. > Use the generic LSM equivalent instead. > > Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> > Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by

Re: [PATCH 5/9] SELinux: remove redundant exports

; Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> -- James Morris <[EMAIL PROTECTED]> -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

Re: [PATCH 2/9] SELinux: setup new inode/ipc getsecid hooks

On Sat, 1 Mar 2008, Ahmed S. Darwish wrote: > Setup the new inode_getsecid and ipc_getsecid() LSM hooks > for SELinux. > > Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> > Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PRO

Re: [PATCH 1/9] LSM: Introduce inode_getsecid and ipc_getsecid hooks

if CONFIG_SECURITY is not defined or if the hook is set to > NULL (dummy). This is done to notify the caller that no valid > secid exists. > > Signed-off-by: Casey Schaufler <[EMAIL PROTECTED]> > Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]> Acked-by: James

Re: [PATCH 3/3] XFRM: Drop packets when replay counter would overflow

pt to transmit a packet that would result in sequence number >overflow is an auditable event. The audit log entry for this event >SHOULD include the SPI value, current date/time, Source Address, >Destination Address, and (in IPv6) the cleartext Flow ID. > > Signed-of

Re: [PATCH 2/3] XFRM: RFC4303 compliant auditing

sake of consistency. > > Signed-off-by: Paul Moore <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> > --- > > include/net/xfrm.h | 33 -- > net/ipv4/ah4.c |4 + > net/ipv4/esp4.c|1 > net/ipv6/ah6.c

Re: [PATCH 1/3] XFRM: Assorted IPsec fixups

ary memcpy() calls > > * Move common code to xfrm_audit_common_stateinfo() >Code consolidation from the "less is more" book on software development > > * Proper spacing around commas in function arguments >Minor style tweak since I was already touching the

Re: [PATCH]: revised make xfrm_audit_log more generic patch

igned-off-by: Joy Latten <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> -- James Morris <[EMAIL PROTECTED]> -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

  1   2   >