lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 1 Aug 2022 15:45:59 -0400
From:   Paul Moore <paul@...l-moore.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     selinux@...r.kernel.org, linux-security-module@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: [GIT PULL] SELinux patches for v6.0

Linus,

A relatively small set of patches for SELinux this time, eight patches
in total with really only one significant change.  The highlights are
below:

- Add support for proper labeling of memfd_secret anonymous inodes.
This will allow LSMs that implement the anonymous inode hooks to apply
security policy to memfd_secret() fds.

- Various small improvements to memory management: fixed leaks, freed
memory when needed, boundary checks.

- Hardened the selinux_audit_data struct with __randomize_layout.

- A minor documentation tweak to fix a formatting/style issue.

Everything applies cleanly to your tree as of a few minutes ago,
please merge for v6.0.
-Paul

--
The following changes since commit f2906aa863381afb0015a9eb7fefad885d4e5a56:

 Linux 5.19-rc1 (2022-06-05 17:18:54 -0700)

are available in the Git repository at:

 git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
   tags/selinux-pr-20220801

for you to fetch changes up to ef54ccb61616d8293bc68220d88a8e74271141b5:

 selinux: selinux_add_opt() callers free memory
   (2022-06-20 21:05:40 -0400)

----------------------------------------------------------------
selinux/stable-6.0 PR 20220801

----------------------------------------------------------------
Christian Göttsche (2):
     selinux: drop unnecessary NULL check
     mm: create security context for memfd_secret inodes

GONG, Ruiqi (1):
     selinux: add __randomize_layout to selinux_audit_data

Jonas Lindner (1):
     selinux: fix typos in comments

Randy Dunlap (1):
     docs: selinux: add '=' signs to kernel boot options

Xiu Jianfeng (3):
     selinux: fix memleak in security_read_state_kernel()
     selinux: Add boundary check in put_entry()
     selinux: selinux_add_opt() callers free memory

Documentation/admin-guide/kernel-parameters.txt |  4 ++--
mm/secretmem.c                                  |  9 +++++++++
security/selinux/hooks.c                        | 17 +++++++----------
security/selinux/include/audit.h                |  2 +-
security/selinux/include/avc.h                  |  2 +-
security/selinux/ss/policydb.h                  |  2 ++
security/selinux/ss/services.c                  |  9 ++++++++-
7 files changed, 30 insertions(+), 15 deletions(-)

-- 
paul-moore.com

Powered by blists - more mailing lists