lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <alpine.LRH.2.20.1605191352260.7551@namei.org>
Date:	Thu, 19 May 2016 14:06:39 +1000 (AEST)
From:	James Morris <jmorris@...ei.org>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
cc:	linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: [GIT PULL] security subsystem updates for 4.7

Please pull these updates for the 4.7 kernel.

Highlights:

1. A new LSM, "LoadPin", from Kees Cook is added, which allows forcing of 
   modules and firmware to be loaded from a specific device (this is from 
   ChromeOS, where the device as a whole is verified cryptographically via 
   dm-verity).  This is disabled by default but can be configured to be 
   enabled by default (don't do this if you don't know what you're doing).

2. Keys: allow authentication data to be stored in an asymmetric key. Lots 
   of general fixes and updates.

3. SELinux: add restrictions for loading of kernel modules via 
   finit_module().  Distinguish non-init user namespace capability checks. 
   Apply execstack check on thread stacks.



The following changes since commit 9735a22799b9214d17d3c231fe377fc852f042e9:

  Linux 4.6-rc2 (2016-04-03 09:09:40 -0500)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next

for you to fetch changes up to b937190c40de0f6f07f592042e3097b16c6b0130:

  LSM: LoadPin: provide enablement CONFIG (2016-05-17 20:10:30 +1000)

----------------------------------------------------------------
Andreas Ziegler (1):
      security: integrity: Remove select to deleted option PUBLIC_KEY_ALGO_RSA

David Howells (23):
      X.509: Whitespace cleanup
      KEYS: Allow authentication data to be stored in an asymmetric key
      KEYS: Add identifier pointers to public_key_signature struct
      X.509: Retain the key verification data
      PKCS#7: Make the signature a pointer rather than embedding it
      X.509: Extract signature digest and make self-signed cert checks earlier
      X.509: Fix self-signed determination
      KEYS: Generalise system_verify_data() to provide access to internal content
      PKCS#7: Make trust determination dependent on contents of trust keyring
      KEYS: Add a facility to restrict new links into a keyring
      KEYS: Move x509_request_asymmetric_key() to asymmetric_type.c
      KEYS: Generalise x509_request_asymmetric_key()
      X.509: Use verify_signature() if we have a struct key * to use
      X.509: Move the trust validation code out to its own file
      KEYS: Make the system trusted keyring depend on the asymmetric key type
      KEYS: Move the point of trust determination to __key_link()
      KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTED
      certs: Add a secondary system keyring that can be added to dynamically
      IMA: Use the the system trusted keyrings instead of .ima_mok
      KEYS: user_update should use copy of payload made during preparsing
      Merge branch 'keys-misc' into keys-next
      Merge branch 'keys-sig' into keys-next
      Merge branch 'keys-trust' into keys-next

Dmitry Kasatkin (1):
      vfs: forbid write access when reading a file into memory

James Morris (2):
      Merge tag 'keys-next-20160505' of git://git.kernel.org/.../dhowells/linux-fs into next
      Merge branch 'stable-4.7' of git://git.infradead.org/users/pcmoore/selinux into next

Janak Desai (1):
      netlabel: fix a problem with netlbl_secattr_catmap_setrng()

Jeff Vander Stoep (1):
      selinux: restrict kernel module loading

Kees Cook (7):
      string_helpers: add kstrdup_quotable
      string_helpers: add kstrdup_quotable_cmdline
      string_helpers: add kstrdup_quotable_file
      Yama: consolidate error reporting
      LSM: LoadPin for kernel file loading restrictions
      fs: fix over-zealous use of "const"
      LSM: LoadPin: provide enablement CONFIG

Kirill Marinushkin (1):
      Security: Keys: Big keys stored encrypted

Mat Martineau (1):
      KEYS: Add KEYCTL_DH_COMPUTE command

Mickaël Salaün (1):
      seccomp: Fix comment typo

Mimi Zohar (3):
      fs: define a string representation of the kernel_read_file_id enumeration
      ima: fix ima_inode_post_setattr
      ima: add support for creating files using the mknodat syscall

Paolo Abeni (1):
      security: drop the unused hook skb_owned_by

Paul Moore (6):
      selinux: don't revalidate inodes in selinux_socket_getpeersec_dgram()
      selinux: simply inode label states to INVALID and INITIALIZED
      selinux: consolidate the ptrace parent lookup code
      selinux: don't revalidate an inode's label when explicitly setting it
      selinux: delay inode label lookup as long as possible
      selinux: check ss_initialized before revalidating an inode label

Prarit Bhargava (1):
      selinux: Change bool variable name to index.

Sasha Levin (1):
      Yama: use atomic allocations when reporting

Stephen Smalley (2):
      selinux: distinguish non-init user namespace capability checks
      selinux: apply execstack check on thread stacks

 Documentation/security/LoadPin.txt        |  17 ++
 Documentation/security/keys.txt           |  52 ++++++
 MAINTAINERS                               |   6 +
 arch/x86/kernel/kexec-bzimage64.c         |  18 +-
 certs/Kconfig                             |   9 +
 certs/system_keyring.c                    | 139 +++++++++++---
 crypto/asymmetric_keys/Kconfig            |   6 +-
 crypto/asymmetric_keys/Makefile           |   5 +-
 crypto/asymmetric_keys/asymmetric_keys.h  |   2 +
 crypto/asymmetric_keys/asymmetric_type.c  |  96 +++++++++-
 crypto/asymmetric_keys/mscode_parser.c    |  21 +--
 crypto/asymmetric_keys/pkcs7_key_type.c   |  72 +++-----
 crypto/asymmetric_keys/pkcs7_parser.c     |  59 +++---
 crypto/asymmetric_keys/pkcs7_parser.h     |  11 +-
 crypto/asymmetric_keys/pkcs7_trust.c      |  43 ++---
 crypto/asymmetric_keys/pkcs7_verify.c     | 107 +++++------
 crypto/asymmetric_keys/public_key.c       |  20 +-
 crypto/asymmetric_keys/restrict.c         | 108 +++++++++++
 crypto/asymmetric_keys/signature.c        |  18 ++
 crypto/asymmetric_keys/verify_pefile.c    |  40 +---
 crypto/asymmetric_keys/verify_pefile.h    |   5 +-
 crypto/asymmetric_keys/x509_cert_parser.c |  52 +++---
 crypto/asymmetric_keys/x509_parser.h      |  12 +-
 crypto/asymmetric_keys/x509_public_key.c  | 297 +++++++++---------------------
 fs/cifs/cifsacl.c                         |   2 +-
 fs/exec.c                                 |  29 ++-
 fs/namei.c                                |   2 +
 fs/nfs/nfs4idmap.c                        |   2 +-
 include/crypto/pkcs7.h                    |   6 +-
 include/crypto/public_key.h               |  33 ++--
 include/keys/asymmetric-subtype.h         |   2 +-
 include/keys/asymmetric-type.h            |  13 +-
 include/keys/system_keyring.h             |  41 ++---
 include/linux/fs.h                        |  31 +++-
 include/linux/ima.h                       |   6 +
 include/linux/key-type.h                  |   1 -
 include/linux/key.h                       |  44 +++--
 include/linux/lsm_hooks.h                 |   6 +-
 include/linux/string_helpers.h            |   6 +
 include/linux/verification.h              |  49 +++++
 include/linux/verify_pefile.h             |  22 ---
 include/uapi/linux/keyctl.h               |  10 +
 kernel/module_signing.c                   |   7 +-
 kernel/seccomp.c                          |   2 +-
 lib/string_helpers.c                      |  92 +++++++++
 net/dns_resolver/dns_key.c                |   2 +-
 net/netlabel/netlabel_kapi.c              |   2 +-
 net/rxrpc/ar-key.c                        |   4 +-
 security/Kconfig                          |   1 +
 security/Makefile                         |   2 +
 security/integrity/Kconfig                |   1 -
 security/integrity/digsig.c               |  15 +-
 security/integrity/ima/Kconfig            |  36 ++--
 security/integrity/ima/Makefile           |   2 +-
 security/integrity/ima/ima_appraise.c     |   7 +-
 security/integrity/ima/ima_main.c         |  25 ++-
 security/integrity/ima/ima_mok.c          |  23 +--
 security/integrity/integrity.h            |   1 +
 security/keys/Kconfig                     |  15 ++
 security/keys/Makefile                    |   1 +
 security/keys/big_key.c                   | 198 ++++++++++++++++++--
 security/keys/compat.c                    |   4 +
 security/keys/dh.c                        | 160 ++++++++++++++++
 security/keys/internal.h                  |  12 ++
 security/keys/key.c                       |  42 ++++-
 security/keys/keyctl.c                    |   5 +
 security/keys/keyring.c                   |  46 ++++-
 security/keys/persistent.c                |   4 +-
 security/keys/process_keys.c              |  16 +-
 security/keys/request_key.c               |   4 +-
 security/keys/request_key_auth.c          |   2 +-
 security/keys/user_defined.c              |  42 ++---
 security/loadpin/Kconfig                  |  19 ++
 security/loadpin/Makefile                 |   1 +
 security/loadpin/loadpin.c                | 190 +++++++++++++++++++
 security/security.c                       |   2 +-
 security/selinux/hooks.c                  | 144 ++++++++++-----
 security/selinux/include/classmap.h       |  30 +--
 security/selinux/include/conditional.h    |   2 +-
 security/selinux/include/objsec.h         |   5 +-
 security/selinux/ss/services.c            |   6 +-
 security/yama/yama_lsm.c                  |  31 +++-
 82 files changed, 1916 insertions(+), 807 deletions(-)
 create mode 100644 Documentation/security/LoadPin.txt
 create mode 100644 crypto/asymmetric_keys/restrict.c
 create mode 100644 include/linux/verification.h
 delete mode 100644 include/linux/verify_pefile.h
 create mode 100644 security/keys/dh.c
 create mode 100644 security/loadpin/Kconfig
 create mode 100644 security/loadpin/Makefile
 create mode 100644 security/loadpin/loadpin.c

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ