lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 12 Oct 2020 11:13:01 -0700
From:   Casey Schaufler <casey@...aufler-ca.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        Linux Security Module list 
        <linux-security-module@...r.kernel.org>,
        Casey Schaufler <casey@...aufler-ca.com>
Subject: [GIT PULL] Smack patches for v5.10

Hello Linus

Here are two minor fixes and one performance enhancement to Smack
for the v5.10 release. The netlabel cache changes have been in linux-next
for several weeks. The performance improvement is significant and the
new code is more like its counterpart in SELinux.


--
The following changes since commit d012a7190fc1fd72ed48911e77ca97ba4521bccd:

  Linux 5.9-rc2 (2020-08-23 14:08:43 -0700)

are available in the Git repository at:

  https://github.com/cschaufler/smack-next tags/Smack-for-5.10

for you to fetch changes up to edd615371b668404d06699c04f5f90c4f438814a:

  Smack: Remove unnecessary variable initialization (2020-10-05 14:20:51 -0700)

----------------------------------------------------------------
Smack LSM changes for Linux 5.10

Two kernel test robot suggested clean-ups.
Teach Smack to use the IPv4 netlabel cache.
This results in a 12-14% improvement on TCP benchmarks.

----------------------------------------------------------------
Casey Schaufler (5):
      Smack: Consolidate uses of secmark into a function
      Smack: Set socket labels only once
      Smack: Use the netlabel cache
      Smack: Fix build when NETWORK_SECMARK is not set
      Smack: Remove unnecessary variable initialization

 security/smack/smack.h        |  19 +---
 security/smack/smack_access.c |  55 ++++++---
 security/smack/smack_lsm.c    | 252 +++++++++++++++++++++++++-----------------
 security/smack/smackfs.c      |  23 ++--
 4 files changed, 200 insertions(+), 149 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ