lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <alpine.LRH.2.21.1806060415150.9942@namei.org>
Date:   Wed, 6 Jun 2018 04:21:25 +1000 (AEST)
From:   James Morris <jmorris@...ei.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
cc:     linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: [GIT PULL] Security subsystem: general updates for v4.18

Please pull these general security subsystem updates for v4.18.

Summary:

- Incorporate new socketpair() hook into LSM and wire up the SELinux and 
  Smack modules.  From David Herrmann:

   "The idea is to allow SO_PEERSEC to be called on AF_UNIX sockets 
    created via socketpair(2), and return the same information as if you 
    emulated socketpair(2) via a temporary listener socket. Right now 
    SO_PEERSEC will return the unlabeled credentials for a socketpair, 
    rather than the actual credentials of the creating process."

- Sargun Dhillon removed the unused security_settime LSM hook.

- Tycho Andersen removed some stack allocated arrays from the keys code.

---

The following changes since commit 6da6c0db5316275015e8cc2959f12a17584aeb64:

  Linux v4.17-rc3 (2018-04-29 14:17:42 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-general

for you to fetch changes up to 890e2abe1028c39e5399101a2c277219cd637aaa:

  dh key: get rid of stack allocated array for zeroes (2018-05-11 13:07:49 -0700)

----------------------------------------------------------------
David Herrmann (3):
      security: add hook for socketpair()
      net: hook socketpair() into LSM
      selinux: provide socketpair callback

James Morris (2):
      Merge tag 'v4.17-rc2' into next-general
      Merge tag 'v4.17-rc3' into next-general

Sargun Dhillon (1):
      security: remove security_settime

Tom Gundersen (1):
      smack: provide socketpair callback

Tycho Andersen (3):
      big key: get rid of stack array allocation
      dh key: get rid of stack allocated array
      dh key: get rid of stack allocated array for zeroes

 include/linux/lsm_hooks.h  |  7 +++++++
 include/linux/security.h   | 21 +++++++--------------
 net/socket.c               |  7 +++++++
 security/keys/big_key.c    | 11 ++++++++++-
 security/keys/dh.c         | 35 +++++++++++++----------------------
 security/security.c        |  6 ++++++
 security/selinux/hooks.c   | 13 +++++++++++++
 security/smack/smack_lsm.c | 22 ++++++++++++++++++++++
 8 files changed, 85 insertions(+), 37 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ