lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <alpine.LRH.2.11.1504150955480.14302@namei.org>
Date:	Wed, 15 Apr 2015 10:03:36 +1000 (AEST)
From:	James Morris <jmorris@...ei.org>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
cc:	linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [GIT PULL] Security subsystem update for 4.1

Hi Linus,

Highlights for this window:

o Improved AVC hashing for SELinux by John Brooks and Stephen Smalley
o Addition of an unconfined label to Smack
o Smack documentation update
o TPM driver updates

Please pull.

---

The following changes since commit 80dcc31fbe55932ac9204daee5f2ebc0c49b6da3:

  Merge tag 'gfs2-merge-window' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2 (2015-04-14 16:09:18 -0700)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next

Casey Schaufler (2):
      Smack: Allow an unconfined label in bringup mode
      Smack: Updates for Smack documentation

Christophe Ricard (6):
      tpm/tpm_i2c_stm_st33: Replace access to io_lpcpd from struct st33zp24_platform_data to tpm_stm_dev
      tpm/tpm_i2c_stm_st33: Split tpm_i2c_tpm_st33 in 2 layers (core + phy)
      tpm/st33zp24/spi: Add st33zp24 spi phy
      tpm/st33zp24/dts/st33zp24-spi: Add dts documentation for st33zp24 spi phy
      tpm/st33zp24: Add proper wait for ordinal duration in case of irq mode
      tpm/st33zp24/spi: Add missing device table for spi phy.

James Morris (3):
      Merge tag 'yama-4.0' of git://git.kernel.org/.../kees/linux into next
      Merge branch 'smack-for-4.1' of git://github.com/cschaufler/smack-next into next
      Merge branch 'tomoyo-cleanup' of git://git.kernel.org/.../mmarek/kbuild into next

Jarkko Sakkinen (2):
      tpm: fix call order in tpm-chip.c
      tpm: fix: sanitized code paths in tpm_chip_register()

Jeff Vander Stoep (1):
      selinux: remove unnecessary pointer reassignment

John Brooks (1):
      selinux: Use a better hash function for avtab

José Bollo (1):
      Smack: getting the Smack security context of keys

Kees Cook (1):
      Yama: do not modify global sysctl table entry

Marcin Lis (1):
      Smack: Assign smack_known_web as default smk_in label for kernel thread's socket

Michal Marek (3):
      tomoyo: Use bin2c to generate builtin-policy.h
      tomoyo: Use if_changed when generating builtin-policy.h
      tomoyo: Do not generate empty policy files

Paul Gortmaker (1):
      smack: Fix gcc warning from unused smack_syslog_lock mutex in smackfs.c

Paul Moore (1):
      selinux: reconcile security_netlbl_secattr_to_sid() and mls_import_netlbl_cat()

Peter Huewe (3):
      tpm: Update KConfig text to include TPM2.0 FIFO chips
      MAINTAINERS: Add Jason as designated reviewer for TPM
      tpm/tpm_infineon: Use struct dev_pm_ops for power management

Richard Guy Briggs (1):
      lsm: copy comm before calling audit_log to avoid race in string printing

Stephen Smalley (3):
      security/yama: Remove unnecessary selects from Kconfig.
      selinux: convert avtab hash table to flex_array
      selinux: increase avtab max buckets

jmlatten@...ux.vnet.ibm.com (1):
      tpm/ibmvtpm: Additional LE support for tpm_ibmvtpm_send

 .../bindings/security/tpm/st33zp24-spi.txt         |   34 +
 Documentation/security/Smack.txt                   |  129 ++--
 MAINTAINERS                                        |    1 +
 drivers/char/tpm/Kconfig                           |   20 +-
 drivers/char/tpm/Makefile                          |    2 +-
 drivers/char/tpm/st33zp24/Kconfig                  |   30 +
 drivers/char/tpm/st33zp24/Makefile                 |   12 +
 drivers/char/tpm/st33zp24/i2c.c                    |  276 ++++++
 drivers/char/tpm/st33zp24/spi.c                    |  399 +++++++++
 drivers/char/tpm/st33zp24/st33zp24.c               |  698 +++++++++++++++
 drivers/char/tpm/st33zp24/st33zp24.h               |   37 +
 drivers/char/tpm/tpm-chip.c                        |   92 ++-
 drivers/char/tpm/tpm_i2c_stm_st33.c                |  911 --------------------
 drivers/char/tpm/tpm_ibmvtpm.c                     |   10 +-
 drivers/char/tpm/tpm_ibmvtpm.h                     |    6 +-
 drivers/char/tpm/tpm_infineon.c                    |   34 +-
 .../platform_data/{tpm_stm_st33.h => st33zp24.h}   |   21 +-
 security/lsm_audit.c                               |   15 +-
 security/selinux/avc.c                             |    6 +-
 security/selinux/ss/avtab.c                        |   72 ++-
 security/selinux/ss/avtab.h                        |    8 +-
 security/selinux/ss/mls.c                          |   10 +-
 security/selinux/ss/services.c                     |    6 +-
 security/smack/smack.h                             |    8 +
 security/smack/smack_access.c                      |   43 +-
 security/smack/smack_lsm.c                         |   99 ++-
 security/smack/smackfs.c                           |   97 ++-
 security/tomoyo/.gitignore                         |    2 +-
 security/tomoyo/Kconfig                            |    1 +
 security/tomoyo/Makefile                           |   55 +-
 .../tomoyo/policy/exception_policy.conf.default    |    2 +
 security/yama/Kconfig                              |    2 -
 security/yama/yama_lsm.c                           |   13 +-
 33 files changed, 1971 insertions(+), 1180 deletions(-)
 create mode 100644 Documentation/devicetree/bindings/security/tpm/st33zp24-spi.txt
 create mode 100644 drivers/char/tpm/st33zp24/Kconfig
 create mode 100644 drivers/char/tpm/st33zp24/Makefile
 create mode 100644 drivers/char/tpm/st33zp24/i2c.c
 create mode 100644 drivers/char/tpm/st33zp24/spi.c
 create mode 100644 drivers/char/tpm/st33zp24/st33zp24.c
 create mode 100644 drivers/char/tpm/st33zp24/st33zp24.h
 delete mode 100644 drivers/char/tpm/tpm_i2c_stm_st33.c
 rename include/linux/platform_data/{tpm_stm_st33.h => st33zp24.h} (60%)
 create mode 100644 security/tomoyo/policy/exception_policy.conf.default

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ