lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <6e344a8bd7d60522825222628e949a14@paul-moore.com>
Date: Fri, 25 Jul 2025 16:49:27 -0400
From: Paul Moore <paul@...l-moore.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: selinux@...r.kernel.org, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [GIT PULL] selinux/selinux-pr-20250725

Linus,

Six SELinux patches for the upcoming merge window, the highlights are
below, but I also wanted to mention that this pull request isn't based
on the usual -rc1 tag, but rather on a VFS merge that happened shortly
after -rc2 so we could pick up an important xattr/LSM fix.

- Introduce the concept of a SELinux "neveraudit" type which prevents
  all auditing of the given type/domain.
  
  Taken by itself, the benefit of marking a SELinux domain with the
  "neveraudit" tag is likely not very interesting, especially given
  the significant overlap with the "dontaudit" tag.  However, given
  that the "neveraudit" tag applies to *all* auditing of the tagged
  domain, we can do some fairly interesting optimizations when a
  SELinux domain is marked as both "permissive" and "dontaudit" (think
  of the unconfined_t domain).  While this pull request includes
  optimized inode permission and getattr hooks, these optimizations
  require SELinux policy changes, therefore the improvements may not be
  visible on standard downstream Linux distos for a period of time.

- Continue the deprecation process of /sys/fs/selinux/user.

  After removing the associated userspace code in 2020, we marked the
  /sys/fs/selinux/user interface as deprecated in Linux v6.13 with
  pr_warn() and the usual documention update.  This pull request adds
  a five second sleep after the pr_warn(), following a previous
  deprecation process pattern that has worked well for us in the past
  in helping identify any existing users that we haven't yet reached.

- Add a __GFP_NOWARN flag to our initial hash table allocation.

  Fuzzers such a syzbot often attempt abnormally large SELinux policy
  loads, which the SELinux code gracefully handles by checking for
  allocation failures, but not before the allocator emits a warning
  which causes the automated fuzzing to flag this as an error and
  report it to the list.  While we want to continue to support the
  work done by the fuzzing teams, we want to focus on proper issues
  and not an error case that is already handled safely.  Add a NOWARN
  flag to quiet the allocator and prevent syzbot from tripping on this
  again.

- Remove some unnecessary selinuxfs cleanup code, courtesy of Al.

- Update the SELinux in-kernel documentation with pointers to additional
  information.

Paul

--
The following changes since commit fe78e02600f83d81e55f6fc352d82c4f264a2901:

  Merge tag 'vfs-6.16-rc3.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
    (2025-06-16 08:18:43 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
    tags/selinux-pr-20250725

for you to fetch changes up to ee79ba39b3d6fdcfa53de6519d7e259e284e78f7:

  selinux: don't bother with selinuxfs_info_free() on failures
    (2025-06-24 19:39:28 -0400)

----------------------------------------------------------------
selinux/stable-6.17 PR 20250725
----------------------------------------------------------------

Al Viro (1):
      selinux: don't bother with selinuxfs_info_free() on failures

Paul Moore (2):
      selinux: add a 5 second sleep to /sys/fs/selinux/user
      selinux: add __GFP_NOWARN to hashtab_init() allocations

Stephen Smalley (3):
      documentation: add links to SELinux resources
      selinux: introduce neveraudit types
      selinux: optimize selinux_inode_getattr/permission() based on
         neveraudit|permissive

 Documentation/admin-guide/LSM/SELinux.rst |   11 +++++++++++
 security/selinux/hooks.c                  |   14 +++++++++++++-
 security/selinux/include/avc.h            |    4 ++++
 security/selinux/include/objsec.h         |    8 ++++++++
 security/selinux/include/security.h       |    4 +++-
 security/selinux/selinuxfs.c              |    3 +--
 security/selinux/ss/hashtab.c             |    3 ++-
 security/selinux/ss/policydb.c            |   19 +++++++++++++++++++
 security/selinux/ss/policydb.h            |    2 ++
 security/selinux/ss/services.c            |   20 ++++++++++++++++++++
 10 files changed, 83 insertions(+), 5 deletions(-)

--
paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ