--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Thu, 2007-11-08 at 16:37 -0500, Eric Paris wrote:
Adds security_get_sb_mnt_opts, security_set_sb_mnt_opts, and
security_clont_sb_mnt_opts to the LSM and to SELinux. This will allow
filesystems to directly own and control all of their mount
On Thu, 2007-11-08 at 23:20 -0600, Lin Tan wrote:
Seems that an unauthorized user can send file through sockets due to
the following missing check errors.
There is not security_file_permission() check from sys_splice(),
which can invoke sock_sendpage(). The call chain is as follows.
On Fri, 2007-11-09 at 08:29 -0800, Casey Schaufler wrote:
--- Stephen Smalley [EMAIL PROTECTED] wrote:
On Thu, 2007-11-08 at 16:37 -0500, Eric Paris wrote:
Adds security_get_sb_mnt_opts, security_set_sb_mnt_opts, and
security_clont_sb_mnt_opts to the LSM and to SELinux. This will
This is an update to the patcheset sent earlier this week and the first time
these patches have been sent to the LSM list. The most notable change
between this patchset and the v5 patches is the addition of the
fallback/static label patches that were discussed on the SELinux list a few
months
This patch removes some unneeded RCU read locks as we can treat the reads as
safe even without RCU. It also converts the NetLabel configuration refcount
from a spinlock protected u32 into atomic_t to be more consistent with the rest
of the kernel.
---
net/netlabel/netlabel_cipso_v4.c |5
The NetLabel/LSM domain hash table search function used a argument to specify
if the default entry should be returned if an exact match couldn't be found in
the hash table. This is a bit against the kernel's style so make two separate
functions to represent the separate behaviors.
---
Add a new policy capabilities bitmap to SELinux policy version 22. This bitmap
will enable the security server to query the policy to determine which features
it supports.
---
security/selinux/Kconfig|2 -
security/selinux/include/security.h | 15 ++
Add additional Flask definitions to support the new peer object class.
---
security/selinux/include/av_perm_to_string.h |3 +++
security/selinux/include/av_permissions.h|3 +++
security/selinux/include/class_to_string.h |7 +++
security/selinux/include/flask.h |
This patch introduces a mechanism for checking when labeled IPsec or SECMARK
are in use by keeping introducing a configuration reference counter for each
subsystem. In the case of labeled IPsec, whenever a labeled SA or SPD entry
is created the labeled IPsec/XFRM reference count is increased and
Most trusted OSs, with the exception of Linux, have the ability to specify
static security labels for unlabeled networks. This patch adds this ability to
the NetLabel packet labeling framework.
If the NetLabel subsystem is called to determine the security attributes of an
incoming packet it
This patch adds auditing support to the NetLabel static labeling mechanism.
---
include/linux/audit.h |2 +
net/netlabel/netlabel_unlabeled.c | 127 +++--
2 files changed, 107 insertions(+), 22 deletions(-)
diff --git a/include/linux/audit.h
In order to do any sort of IP header inspection of incoming packets we need to
know which address family, AF_INET/AF_INET6/etc., it belongs to and since the
sk_buff structure does not store this information we need to pass along the
address family separate from the packet itself.
---
Now that the SELinux NetLabel base SID is always the netmsg initial SID we
can do a big optimization - caching the SID and not just the MLS attributes.
This not only saves a lot of per-packet memory allocations and copies but it
has a nice side effect of removing a chunk of code.
---
Rename the existing selinux_skb_extlbl_sid() function to
selinux_skb_peerlbl_sid() and modify it's behavior such that it now reconciles
multiple peer/external labels and if reconciliation is not possible it returns
an error to the caller.
---
security/selinux/hooks.c| 94
--- Paul Moore [EMAIL PROTECTED] wrote:
Add a secctx_to_secid() LSM hook to go along with the existing
secid_to_secctx() LSM hook.
I'll bite. Where does this get used?
There are already places in the networking and audit code where
a secid is gotten and saved for the sole purpose of getting
Adds security_get_sb_mnt_opts, security_set_sb_mnt_opts, and
security_clont_sb_mnt_opts to the LSM and to SELinux. This will allow
filesystems to directly own and control all of their mount options if
they so choose. This interface deals only with option identifiers and
strings so it should
On Wed, 07 Nov 2007 23:44:49 -0800
Andrew Morgan [EMAIL PROTECTED] wrote:
The attached patch (e3d27bcb07485a6c8927c8e4f5483d35a99680c3) adds
64-bit capability support to the kernel. This version of the patch is
designed to apply against the 2.6.23-mm1 tree.
FWIW libcap-2.00 supports this
--- Eric Paris [EMAIL PROTECTED] wrote:
Adds security_get_sb_mnt_opts, security_set_sb_mnt_opts, and
security_clont_sb_mnt_opts to the LSM and to SELinux. This will allow
filesystems to directly own and control all of their mount options if
they so choose.
I understand why you would want
Added apparmor-devel because Rob proposes something that could be an
enhancement to AppArmor.
Rob Meijer wrote:
A while ago I asked some questions on the subject of at* system calls
on the list and got rather dismissive responses.
After having given up on the whole concept for a while, the
Quoting Andrew Morton ([EMAIL PROTECTED]):
On Wed, 07 Nov 2007 23:44:49 -0800
Andrew Morgan [EMAIL PROTECTED] wrote:
The attached patch (e3d27bcb07485a6c8927c8e4f5483d35a99680c3) adds
64-bit capability support to the kernel. This version of the patch is
designed to apply against the
Quoting Andrew Morgan ([EMAIL PROTECTED]):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrew, Serge
The attached patch (e3d27bcb07485a6c8927c8e4f5483d35a99680c3) adds
64-bit capability support to the kernel. This version of the patch is
designed to apply against the 2.6.23-mm1 tree.
On Friday 09 November 2007 5:19:02 pm Casey Schaufler wrote:
--- Paul Moore [EMAIL PROTECTED] wrote:
Add a secctx_to_secid() LSM hook to go along with the existing
secid_to_secctx() LSM hook.
I'll bite. Where does this get used?
Patch 12/13, functions netlbl_unlabel_staticadd() and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge E. Hallyn wrote:
Note: to apply this patch against Linus' upstream kernel, you will first
have to undo this other patch from Serge:
From b68680e4731abbd78863063aaa0dca2a6d8cc723 Mon Sep 17 00:00:00 2001
From: Serge E. Hallyn [EMAIL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge,
I guess I'm not sure what to do about this.
In the caller there is an explicit check for negative rc in which case
the modifed function is not called.
The argument really is an unsigned quantity and I felt this change was
an improvement/fix.
[snip from fs/super.c:vfs_kern_mount() just for reference]
if (data) {
secdata = alloc_secdata();
if (!secdata)
goto out_mnt;
error = security_sb_copy_data(type, data, secdata);
if (error)
25 matches
Mail list logo