Signed-off-by: Andreas Gruenbacher
> Cc: # 4.4
Acked-by: James Morris
--
James Morris
On Wed, 27 Jan 2016, David Howells wrote:
> Hi James,
>
> Can you pass this onto Linus asap? The thing it fixes breaks kerberos and
> sssd.
>
I'd like to see some acks on this.
--
James Morris
> Partially revert commit 41c89b64d7184a780f12f2cccdabe65cb2408893:
>
> Author: Petko Manolov
> Date: Wed Dec 2 17:47:55 2015 +0200
> IMA: create machine owner and blacklist keyrings
>
If you need this applied to a tree, please state which.
--
Ja
David Howells
Tested-by: Dmitry Vyukov
Cc: sta...@vger.kernel.org
Signed-off-by: James Morris
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index fb111ea..1c3872a 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -751,16 +751,16 @@ long keyctl_read_k
exception of small fix from Stefan to tpm_ibmvtpm, which I considered
> trivial enough to be included.
>
Applied.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo in
On Mon, 7 Dec 2015, Jarkko Sakkinen wrote:
> On Fri, Nov 20, 2015 at 01:34:35PM +1100, James Morris wrote:
> > On Wed, 18 Nov 2015, Jarkko Sakkinen wrote:
> >
> > > On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote:
> > > > On Tue
gt;
> *result += total_len;
>
> + /* FIXME: Not checking the ->list operation here ... */
> +
What does this mean?
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
On Mon, 30 Nov 2015, Andreas Gruenbacher wrote:
> When a file on tmpfs has an ACL or a Default ACL, listxattr should include the
> corresponding xattr name.
>
> Signed-off-by: Andreas Gruenbacher
> Cc: Hugh Dickins
> Cc: linux...@kvack.org
Reviewed-by: James Morris
--
Ja
to implement kernfs_iop_removexattr as well.
>
> Signed-off-by: Andreas Gruenbacher
> Cc: Hugh Dickins
> Cc: linux...@kvack.org
Reviewed-by: James Morris
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message
x and with a non-empty suffix.
>
> This patch should avoid bugs like the one fixed in commit c361016a in
> the future.
>
> Signed-off-by: Andreas Gruenbacher
Is it worth making an inline wrapper for 'handler->prefix ?:
handler->name' ?
Reviewed-by: James Morris
On Mon, 30 Nov 2015, Andreas Gruenbacher wrote:
> Remove POSIX_ACL_XATTR_{ACCESS,DEFAULT} and GFS2_POSIX_ACL_{ACCESS,DEFAULT}
> and replace them with the definitions in .
>
> Signed-off-by: Andreas Gruenbacher
Reviewed-by: James Morris
--
James Morris
--
To unsubscribe fr
On Mon, 30 Nov 2015, Andreas Gruenbacher wrote:
> Function gfs2_xattr_acl_chmod is unused since commit e01580bf.
>
> Signed-off-by: Andreas Gruenbacher
> Cc: Steven Whitehouse
> Cc: Bob Peterson
> Cc: cluster-de...@redhat.com
Reviewed-by: James Morris
--
James Morris
On Mon, 30 Nov 2015, Andreas Gruenbacher wrote:
> This function was only briefly used in security/integrity/evm, between
> commits 66dbc325 and 15647eb3.
>
> Signed-off-by: Andreas Gruenbacher
Reviewed-by: James Morris
--
James Morris
--
To unsubscribe from this list: s
KEYS: Fix handling of stored error in a negatively instantiated user key
James Morris (1):
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux
into for-linus2
Stephen Smalley (1):
selinux: fix bug in conditional rules handling
security/keys/encrypted-key
d-off-by: David Howells
Acked-by: Mimi Zohar
Signed-off-by: James Morris
diff --git a/security/keys/encrypted-keys/encrypted.c
b/security/keys/encrypted-keys/encrypted.c
index 927db9f..696ccfa 100644
--- a/security/keys/encrypted-keys/encrypted.c
+++ b/security/keys/encrypted-keys/encry
On Tue, 24 Nov 2015, David Howells wrote:
> Hi James,
>
> Can this be passed straight to Linus please?
Is this triggerable by normal users?
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@v
On Tue, 24 Nov 2015, Ben Hutchings wrote:
> 3.2.74-rc1 review patch. If anyone has any objections, please let me know.
>
> --
>
> From: Kees Cook
>
> commit 9520628e8ceb69fa9a4aee6b57f22675d9e1b709 upstream.
>
Reviewed-by: James Morris
On Wed, 18 Nov 2015, Jarkko Sakkinen wrote:
> On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote:
> > On Tue, 17 Nov 2015, Jarkko Sakkinen wrote:
> >
> > > }
> > > break;
> > > + case Opt_polic
Because hosting companies sell containers as "full virtual machines"
> and customers expect to be able mount stuff like disk images they upload.
I don't think this is a valid reason for merging functionality into the
kernel.
--
James Morris
--
To unsubscribe from this list: send th
return -EINVAL;
Do you need to kfree it here on error?
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
On Tue, 17 Nov 2015, Seth Forshee wrote:
> + sbsp = inode->i_sb->s_security;
> + if ((sbsp->smk_flags & SMK_SB_UNTRUSTED) &&
Where is SMK_SB_UNTRUSTED defined?
I can't see it in this patch series, mainline or security next.
--
James Morris
--
To unsu
f-by: Seth Forshee
Nice cleanup.
Acked-by: James Morris
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read th
cked-by: Stephen Smalley
Acked-by: James Morris
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
er's security context in a way that should not have been
> possible, even inside the namespace in which the task is confined.
>
> As a hardening measure, this would have made CVE-2014-5207 much
> more difficult to exploit.
>
> Signed-off-by: Andy Lutomirski
> Signed-off-b
inux-security.git next
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
ux/kernel/git/jmorris/linux-security.git next
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
x the time validation [ver #2]
James Morris (1):
Merge tag 'tpmdd-next-20151110' of
https://github.com/jsakkine/linux-tpmdd into for-linus
Jarkko Sakkinen (3):
TPM: revert the list handling logic fixed in 398a1e7
tpm: fix missing migratable flag in sealing functionality for
On Wed, 11 Nov 2015, David Howells wrote:
> This fixes CVE-2015-5327. It affects kernels from 4.3-rc1 onwards.
This doesn't apply to current Linus, please fix and resend.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the bo
On Thu, 5 Nov 2015, Jarkko Sakkinen wrote:
> v4:
>
> * Added missing select CRYPTO_HASH_INFO in drivers/char/tpm/Kconfig
>
> Signed-off-by: Jarkko Sakkinen
Reviewed-by: James Morris
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux
conversion
Insu Yun (1):
keys: Be more consistent in selection of union members used
James Morris (4):
Merge branch 'next' of git://git.kernel.org/.../zohar/linux-integrity
into next
Merge branch 'smack-for-4.4' of https://github.com/cschaufler/smack-next
ondense the type-specific data in the key struct into the payload
> data as it doesn't really make any sense to keep them separate.
>
Pulled.
Have these been in next yet?
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
t
t with postings about security
modules.
--
James Morris
a lot of other
> subsystems do.
>
> Signed-off-by: Arnd Bergmann
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message
/8/629
Also, is there any application of this beyond DRM?
- James
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please
> Secure module is responsible of grant/revoke memory access.
>
This documentation is highly inadequate.
What does "allocate memory that can be securing" mean?
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a mess
Please pull these key susbystem fixes for 4.3, per the message from David
Howells:
"Here are two patches, the first of which at least should go upstream
immediately:
(1) Prevent a user-triggerable crash in the keyrings destructor when a
negatively instantiated keyring is garbage collected.
bling this? I gather RH is...
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
is the rationale for them?
This url doesn't work: http://acl.bestbits.at/richacl/
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
leading 00's from key ID when constructing key
description
MODSIGN: Change from CMS to PKCS#7 signing if the openssl is too old
James Morris (1):
Merge tag 'keys-fixes-20150925' of
git://git.kernel.org/.../dhowells/linux-fs into for-linus
Documentation/Ch
On Tue, 29 Sep 2015, James Morris wrote:
> On Fri, 25 Sep 2015, David Howells wrote:
>
> > ---
> > The following changes since commit ced255c0c5fb9ab52c9465982f23b1c14005ef8b:
> >
> > Merge branch 'next' of
> > git://git.kernel.org/pub/scm/linux/
On Fri, 25 Sep 2015, David Howells wrote:
> ---
> The following changes since commit ced255c0c5fb9ab52c9465982f23b1c14005ef8b:
>
> Merge branch 'next' of
> git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux (2015-09-24
> 20:14:26 -0700)
>
> are available in the git repository at:
>
ix which was sent out just before Linus dropped 4.2.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
modsign: Handle signing key in source tree
James Morris (7):
Merge tag 'seccomp-next' of git://git.kernel.org/.../kees/linux into next
Merge tag 'asn1-fixes-20150805' of
git://git.kernel.org/.../dhowells/linux-fs into next
Merge branch 'smack-for-
Valdis Kletnieks
> ---
Please always specify which kernel a patch/pull request is for.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.
el/git/jmorris/linux-security.git next
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
/git/jmorris/linux-security.git next
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
lich
Signed-off-by: Casey Schaufler
Signed-off-by: James Morris
diff --git a/security/security.c b/security/security.c
index 595fffa..9942836 100644
--- a/security/security.c
+++ b/security/security.c
@@ -380,8 +380,8 @@ int security_inode_init_security(struct inode *inode
> place to make them easier to find and clean up.
>
Pulled to my next branch, thanks.
- James
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.ke
59 -0700)
>
> are available in the git repository at:
>
> g...@github.com:cschaufler/tracking-linus.git lsm-fix-for-4.3
This is not a valid url for me to pull from.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body o
for
> firmware signatures (to follow later).
Pulled into -next.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
for
> firmware signatures (to follow later).
I'm still seeing these warnings:
scripts/sign-file.c: In function ‘main’:
scripts/sign-file.c:188: warning: value computed is not used
WARNING: modpost: missing MODULE_LICENSE() in
crypto/asymmetric_keys/pkcs7_test_key.o
--
James Morris
On Wed, 12 Aug 2015, James Morris wrote:
> > define config_filename =
>
> This may be relevant:
>
> http://stackoverflow.com/questions/13260396/gnu-make-3-81-eval-function-not-working
>
This works for me:
diff --git a/kernel/Makefile b/kernel/Makefile
index 9e31922.
On Wed, 12 Aug 2015, David Woodhouse wrote:
> On Wed, 2015-08-12 at 20:08 +1000, James Morris wrote:
> > make-3.81-20.el6.x86_64
> >
> > The machine is not accessible, sorry.
>
> No matter. I have a CentOS 6 VM in which I can attempt to reproduce.
>
> &
On Wed, 12 Aug 2015, David Woodhouse wrote:
> On Wed, 2015-08-12 at 19:27 +1000, James Morris wrote:
> >
> > Yep:
> >
> > # CONFIG_MODULE_SIG_SHA512 is not set
> > CONFIG_MODULE_SIG_HASH="sha1"
> > CONFIG_MODULE_SIG_KEY="signing_key.pem&qu
On Wed, 12 Aug 2015, David Woodhouse wrote:
> On Wed, 2015-08-12 at 19:08 +1000, James Morris wrote:
> >
> > CHK include/generated/compile.h
> > EXTRACT_CERTS signing_key.pem
> > At main.c:146:
> > - SSL error:02001002:system library:fopen:No such file
On Wed, 12 Aug 2015, David Woodhouse wrote:
> On Wed, 2015-08-12 at 14:20 +1000, James Morris wrote:
> >
> > At main.c:146:
> > - SSL error:02001002:system library:fopen:No such file or directory:
> > bss_file.c:169
> > - SSL error:2006D080:BIO r
On Tue, 11 Aug 2015, David Howells wrote:
> The keyrings mailing list has moved to keyri...@vger.kernel.org
>
> Signed-off-by: David Howells
Applied.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of
ot used
At main.c:146:
- SSL error:02001002:system library:fopen:No such file or directory:
bss_file.c:169
- SSL error:2006D080:BIO routines:BIO_new_file:no such file:
bss_file.c:172
extract-cert: signing_key.pem: No such file or directory
rm: cannot remove `signing_key.x509': No such file or
ypto library.
>
> Would it help to update the module-signing.txt document, the config option or
> the git pull request/cover note?
Yes :)
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@v
On Mon, 10 Aug 2015, David Howells wrote:
> James Morris wrote:
>
> > I get a build failure:
> >
> > HOSTCC scripts/sign-file
> > scripts/sign-file.c:20:25: error: openssl/bio.h: No such file or directory
> >
> > followed by many lines of error.
&
for
> firmware signatures (to follow later).
>
I get a build failure:
HOSTCC scripts/sign-file
scripts/sign-file.c:20:25: error: openssl/bio.h: No such file or directory
followed by many lines of error.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linu
his
class of bugfix.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
ate in the -rc cycle.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
ble("yama"))
> return 0;
> +yama_add_hooks();
> #endif
> pr_info("Yama: becoming mindful.\n");
It looks like your mailer is converting tabs to spaces, please fix and
resend.
--
James Morris
--
To unsubscribe from this list: send the lin
anges.
>
> Signed-off-by: Baolin Wang
Reviewed-by: James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
are already forcing it to stack, this is effectively
> a no-op change.
>
> Additionally add MAINTAINERS entry.
>
> Signed-off-by: Kees Cook
Applied to -next.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a
On Mon, 27 Jul 2015, Kees Cook wrote:
> On Sun, Jul 26, 2015 at 9:26 PM, James Morris wrote:
> > On Thu, 23 Jul 2015, Kees Cook wrote:
> >
> >> +
> >> +/*
> >> + * Return an allocated string that has been escaped of special characters
> >> + *
On Thu, 23 Jul 2015, Kees Cook wrote:
> +
> +/*
> + * Return an allocated string that has been escaped of special characters
> + * and double quotes, making it safe to log in quotes.
> + */
> +static char *kstrdup_quotable(char *src)
> +{
Do you think these should go into a
ernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into next
> (2015-06-18 23:28:40 +1000)
>
> are available in the git repository at:
>
>
> git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git
> tags/seccomp-next
>
> for you to fetch changes up to 221272f
eople will find capabilities easier to use for real-world
scenarios.
Has it had enough security review? This is a significant new behavior
being added to a widely enabled security module.
- James
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kern
welcome to
attend the Weds 19th August reception.
Hope to see you there!
- James (on behalf of the program committee).
[1]
http://www.reddit.com/r/linux/comments/2xqn12/im_part_of_the_sysadmin_team_behind_kernelorg_and/
--
James Morris
even developers -- any
interesting/novel application of Linux security or research is welcome.
We're also looking for round-table discussion topics, and people to lead
those discussions.
Get your proposals in soon!
- James
--
James Morris
--
To unsubscribe from this list: send the line &q
> are available in the git repository at:
>
> g...@github.com:cschaufler/smack-next.git stacking-v22-acked
fyi, this is not a public URN.
>
> for you to fetch changes up to f17cd945a8761544ac9bfdaf55e952e558dbee3e:
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/l
e approximately 150 words in total.
PROGRAM COMMITTEE
The Linux Security Summit for 2015 is organized by:
* James Morris, Oracle
* Serge Hallyn, Canonical
* Paul Moore, Red Hat
* Stephen Smalley, NSA
* Joshua Brindle, Quark Security
* Herbert Xu, Red Hat
* John
On Sat, 2 May 2015, Casey Schaufler wrote:
> Subject: [PATCH 0/7 v22] LSM: Multiple concurrent LSMs
Please add all of the Acked-by etc. from the patch review process.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of
On Wed, 29 Apr 2015, John Johansen wrote:
> On 04/29/2015 06:55 PM, James Morris wrote:
> > On Tue, 21 Apr 2015, Casey Schaufler wrote:
> >
> >>
> >> James, do you want to take the module stacking changes in through
> >> the security tree? Are th
nerally see it as
useful and necessary, and is it ready to go in?
Any objections or concerns?
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org
m/st33zp24/spi: Add st33zp24 spi phy
tpm/st33zp24/dts/st33zp24-spi: Add dts documentation for st33zp24 spi phy
tpm/st33zp24: Add proper wait for ordinal duration in case of irq mode
tpm/st33zp24/spi: Add missing device table for spi phy.
James Morris (3):
Merge tag 'y
audit_log_untrustedstring() with comm.
>
> Reported-by: Tetsuo Handa
> Signed-off-by: Richard Guy Briggs
Applied.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordom
On Wed, 8 Apr 2015, Mateusz Guzik wrote:
> This is still a problem. Any feedback about the patch?
>
I'd like to see feedback from vfs folk (Al).
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majo
at:
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
for-linus
James Morris (1):
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/selinux
into for-linus
Joe Perches (1):
selinux: fix sel_write_enforce broken return value
security
-linus
James Morris (1):
Merge branch 'for-current' of https://github.com/PeterHuewe/linux-tpmdd
into for-linus
Jarkko Sakkinen (1):
tpm: fix call order in tpm-chip.c
jmlat...@linux.vnet.ibm.com (1):
tpm/ibmvtpm: Additional LE support for tpm_ibmvtpm_send
drivers/ch
On Fri, 27 Feb 2015, Kees Cook wrote:
> Hi,
>
> Please pull these yama changes for 4.0.
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel&quo
be in 4.0? Changes in the rc series need to be
bugfixes.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
"
> + @echo >>x509.genkey "#O = Unspecified company"
> + @echo >>x509.genkey "CN = Build time autogenerated kernel key"
> + @echo >>x509.genkey "#emailAddress =
> unspecified.user@unspecified.company"
> @echo >
at:
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
for-linus
Casey Schaufler (1):
Smack: secmark connections
David Jeffery (1):
Don't leak a key reference if request_key() tries to use a revoked keyring
James Morris (2):
Merge https://github.com/PeterHu
;
> Signed-off-by: David Jeffery
> Signed-off-by: David Howells
Applied.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This is to announce the date & location of the 2015 Linux Security Summit.
LSS 2015 will be co-located with LinuxCon North America, in Seattle WA,
USA, on 20 and 21 August.
As with previous events, LSS 2015 will be open to all registered LinuxCon
attendees.
Please see the event web site for fu
tpm: remove unnecessary sizeof(u8)
Hon Ching (Vicky) Lo (1):
tpm: Fix NULL return in tpm_ibmvtpm_get_desired_dma
James Morris (4):
Merge tag 'keys-next-fixes-20150114' of
git://git.kernel.org/.../dhowells/linux-fs into next
Merge branch 'smack-
On Fri, 30 Jan 2015, David Howells wrote:
> /proc/keys is now mandatory and its config option no longer exists, so it
> doesn't need selecting.
>
> Reported-by: Paul Bolle
> Signed-off-by: David Howells
Applied.
--
James Morris
--
To unsubscribe from this list: send t
t;
> are available in the git repository at:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
> tags/keys-next-20150123
>
> for you to fetch changes up to e994393acd65e729a574aaca466eab22b5b39cc6:
>
> X.509: silence asn1 compiler debug output (2015-01-23
trs.
It'd be useful to get some input from LSM module maintainers on this.
e.g. doesn't SELinux already handle this via policy directives?
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord..
kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
for-linus
Dan Carpenter (1):
KEYS: remove a bogus NULL check
James Morris (1):
Merge branch 'next' of git://git.kernel.org/.../zohar/linux-integrity
into for-linus
Michael Ellerman (1):
ima: Fix build fai
On Mon, 1 Dec 2014, Kees Cook wrote:
> On Mon, Dec 1, 2014 at 2:56 PM, James Morris wrote:
> > On Mon, 1 Dec 2014, Kees Cook wrote:
> >
> >> On Thu, Nov 27, 2014 at 3:37 PM, James Morris wrote:
> >> > On Wed, 26 Nov 2014, Kees Cook wrote:
> >> &
l/git/jmorris/linux-security.git
for-linus
David Howells (3):
KEYS: Fix the size of the key description passed to/from userspace
KEYS: Simplify KEYRING_SEARCH_{NO,DO}_STATE_CHECK flags
KEYS: request_key() should reget expired keys rather than give EKEYEXPIRED
James Morris (1):
On Mon, 1 Dec 2014, Kees Cook wrote:
> On Thu, Nov 27, 2014 at 3:37 PM, James Morris wrote:
> > On Wed, 26 Nov 2014, Kees Cook wrote:
> >
> >> > That would be because your tree is based on v3.17 and Kees' is based on
> >> > v3.18-rc6 ...
> >>
going to current Linus, you need to apply these
patches to a tree based on his tree, and send a pull req to me for that.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
; different. :)
It's best to track my next branch as your upstream.
--
James Morris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
arrier_depends() with lockless_dereference()
>
> kernel/seccomp.c | 7 +++
> 1 file changed, 3 insertions(+), 4 deletions(-)
>
This is what I get when pulling to my next branch:
9128 files changed, 468773 insertions(+), 340317 deletions(-)
--
James Morris
--
To unsubsc
ository at:
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
for-linus
James Morris (1):
Merge branch 'stable-3.18' of
git://git.infradead.org/users/pcmoore/selinux into for-linus
Richard Guy Briggs (1):
selinux: convert WARN_ONCE() to printk() i
601 - 700 of 1222 matches
Mail list logo
