| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20140718191908.GA20534@www.outflux.net>
Date: Fri, 18 Jul 2014 12:19:08 -0700
From: Kees Cook <keescook@...omium.org>
To: James Morris <jmorris@...ei.org>
Cc: linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org,
Andy Lutomirski <luto@...capital.net>,
Oleg Nesterov <oleg@...hat.com>,
Will Drewry <wad@...omium.org>,
Julien Tinnes <jln@...omium.org>,
David Drysdale <drysdale@...gle.com>
Subject: [PULL] seccomp update (3.17)
Hi James,
Please pull these seccomp changes for 3.17.
(And if I should base off something other than security-next, please
let me know. Or if there are any things I should be doing differently
with this tree.)
Thanks!
-Kees
The following changes since commit 32c2e6752ff0f48fe03b9e1c7c64bde580a840d2:
ima: provide double buffering for hash calculation (2014-07-17 09:35:11 -0400)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/seccomp-3.17
for you to fetch changes up to c2e1f2e30daa551db3c670c0ccfeab20a540b9e1:
seccomp: implement SECCOMP_FILTER_FLAG_TSYNC (2014-07-18 12:13:40 -0700)
----------------------------------------------------------------
seccomp TSYNC support for 3.17
----------------------------------------------------------------
Kees Cook (12):
MAINTAINERS: create seccomp entry
seccomp: create internal mode-setting function
seccomp: extract check/assign mode helpers
seccomp: split mode setting routines
seccomp: add "seccomp" syscall
ARM: add seccomp syscall
MIPS: add seccomp syscall
sched: move no_new_privs into new atomic flags
seccomp: split filter prep from check and apply
seccomp: introduce writer locking
seccomp: allow mode setting across threads
seccomp: implement SECCOMP_FILTER_FLAG_TSYNC
MAINTAINERS | 10 +
arch/Kconfig | 1 +
arch/arm/include/uapi/asm/unistd.h | 1 +
arch/arm/kernel/calls.S | 1 +
arch/mips/include/uapi/asm/unistd.h | 15 +-
arch/mips/kernel/scall32-o32.S | 1 +
arch/mips/kernel/scall64-64.S | 1 +
arch/mips/kernel/scall64-n32.S | 1 +
arch/mips/kernel/scall64-o32.S | 1 +
arch/x86/syscalls/syscall_32.tbl | 1 +
arch/x86/syscalls/syscall_64.tbl | 1 +
fs/exec.c | 6 +-
include/linux/sched.h | 18 +-
include/linux/seccomp.h | 8 +-
include/linux/syscalls.h | 2 +
include/uapi/asm-generic/unistd.h | 4 +-
include/uapi/linux/seccomp.h | 7 +
kernel/fork.c | 49 ++++-
kernel/seccomp.c | 412 ++++++++++++++++++++++++++++++-----
kernel/sys.c | 4 +-
kernel/sys_ni.c | 3 +
security/apparmor/domain.c | 4 +-
22 files changed, 471 insertions(+), 80 deletions(-)
--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists