[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHC9VhSu=ZWymS3RHa7jakQOU8gujGQ=PKO1BTcrNAM9-P4bmQ@mail.gmail.com>
Date: Wed, 22 Sep 2021 13:57:31 -0400
From: Paul Moore <paul@...l-moore.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: selinux@...r.kernel.org, linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] SELinux fixes for v5.15 (#1)
On Thu, Sep 16, 2021 at 9:14 PM Paul Moore <paul@...l-moore.com> wrote:
>
> Hi Linus,
>
> A single patch to address some issues with the incorrect subject being
> used in some of the SELinux lockdown access controls. You saw, and
> joined the discussion, earlier versions of this patch that included
> the related BPF changes; the BPF changes have already been merged,
> this patch has all the remainders. Beyond that, the commit
> description is pretty good so if you are interested in more detail I
> would suggest reading that first.
>
> Please merge for the next v5.15-rcX release, thank you.
> -Paul
I wanted to check in on this PR to see if you were planning on merging
it for v5.15-rcX, kicking it back for -next instead, or simply glaring
at it with quiet disgust?
> --
> The following changes since commit 6880fa6c56601bb8ed59df6c30fd390cc5f6dd8f:
>
> Linux 5.15-rc1 (2021-09-12 16:28:37 -0700)
>
> are available in the Git repository at:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
> tags/selinux-pr-20210916
>
> for you to fetch changes up to fdc9cbff7a764513a5e72a03b796087fcadb2fa3:
>
> lockdown,selinux: fix wrong subject in some SELinux lockdown checks
> (2021-09-16 21:04:44 -0400)
>
> ----------------------------------------------------------------
> selinux/stable-5.15 PR 20210916
>
> ----------------------------------------------------------------
> Ondrej Mosnacek (1):
> lockdown,selinux: fix wrong subject in some SELinux lockdown checks
>
> arch/powerpc/xmon/xmon.c | 4 ++--
> arch/x86/kernel/ioport.c | 4 ++--
> arch/x86/kernel/msr.c | 4 ++--
> arch/x86/mm/testmmiotrace.c | 2 +-
> drivers/acpi/acpi_configfs.c | 2 +-
> drivers/acpi/custom_method.c | 2 +-
> drivers/acpi/osl.c | 3 ++-
> drivers/acpi/tables.c | 2 +-
> drivers/char/mem.c | 2 +-
> drivers/cxl/pci.c | 2 +-
> drivers/firmware/efi/efi.c | 2 +-
> drivers/firmware/efi/test/efi_test.c | 2 +-
> drivers/pci/pci-sysfs.c | 6 +++---
> drivers/pci/proc.c | 6 +++---
> drivers/pci/syscall.c | 2 +-
> drivers/pcmcia/cistpl.c | 2 +-
> drivers/tty/serial/serial_core.c | 2 +-
> fs/debugfs/file.c | 2 +-
> fs/debugfs/inode.c | 2 +-
> fs/proc/kcore.c | 2 +-
> fs/tracefs/inode.c | 2 +-
> include/linux/lsm_hook_defs.h | 2 +-
> include/linux/lsm_hooks.h | 1 +
> include/linux/security.h | 5 +++--
> kernel/bpf/helpers.c | 10 ++++++----
> kernel/events/core.c | 2 +-
> kernel/kexec.c | 2 +-
> kernel/kexec_file.c | 2 +-
> kernel/module.c | 2 +-
> kernel/params.c | 2 +-
> kernel/power/hibernate.c | 2 +-
> kernel/trace/bpf_trace.c | 25 +++++++++++++++----------
> kernel/trace/ftrace.c | 4 ++--
> kernel/trace/ring_buffer.c | 2 +-
> kernel/trace/trace.c | 10 +++++-----
> kernel/trace/trace_events.c | 2 +-
> kernel/trace/trace_events_hist.c | 4 ++--
> kernel/trace/trace_events_synth.c | 2 +-
> kernel/trace/trace_events_trigger.c | 2 +-
> kernel/trace/trace_kprobe.c | 6 +++---
> kernel/trace/trace_printk.c | 2 +-
> kernel/trace/trace_stack.c | 2 +-
> kernel/trace/trace_stat.c | 2 +-
> kernel/trace/trace_uprobe.c | 4 ++--
> net/xfrm/xfrm_user.c | 11 +++++++++--
> security/lockdown/lockdown.c | 3 ++-
> security/security.c | 4 ++--
> security/selinux/hooks.c | 7 +++++--
> 48 files changed, 100 insertions(+), 79 deletions(-)
--
paul moore
www.paul-moore.com
Powered by blists - more mailing lists