linux-toradex.git/security/security.c, branch v3.2.73 Linux kernel for Apalis and Colibri modules security: Fix security_old_inode_init_security() when CONFIG_SECURITY is not set 2012-01-04T00:12:19+00:00 Jan Kara jack@suse.cz 2012-01-03T12:14:29+00:00 30e053248da178cf6154bb7e950dc8713567e3fa Commit 1e39f384bb01 ("evm: fix build problems") makes the stub version of security_old_inode_init_security() return 0 when CONFIG_SECURITY is not set. But that makes callers such as reiserfs_security_init() assume that security_old_inode_init_security() has set name, value, and len arguments properly - but security_old_inode_init_security() left them uninitialized which then results in interesting failures. Revert security_old_inode_init_security() to the old behavior of returning EOPNOTSUPP since both callers (reiserfs and ocfs2) handle this just fine. [ Also fixed the S_PRIVATE(inode) case of the actual non-stub security_old_inode_init_security() function to return EOPNOTSUPP for the same reason, as pointed out by Mimi Zohar. It got incorrectly changed to match the new function in commit fb88c2b6cbb1: "evm: fix security/security_old_init_security return code". - Linus ] Reported-by: Jorge Bastos <mysql.jorge@decimal.pt> Acked-by: James Morris <jmorris@namei.org> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Commit 1e39f384bb01 ("evm: fix build problems") makes the stub version
of security_old_inode_init_security() return 0 when CONFIG_SECURITY is
not set.

But that makes callers such as reiserfs_security_init() assume that
security_old_inode_init_security() has set name, value, and len
arguments properly - but security_old_inode_init_security() left them
uninitialized which then results in interesting failures.

Revert security_old_inode_init_security() to the old behavior of
returning EOPNOTSUPP since both callers (reiserfs and ocfs2) handle this
just fine.

[ Also fixed the S_PRIVATE(inode) case of the actual non-stub
  security_old_inode_init_security() function to return EOPNOTSUPP
  for the same reason, as pointed out by Mimi Zohar.

  It got incorrectly changed to match the new function in commit
  fb88c2b6cbb1: "evm: fix security/security_old_init_security return
  code".   - Linus ]

Reported-by: Jorge Bastos <mysql.jorge@decimal.pt>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Merge branch 'next' of git://selinuxproject.org/~jmorris/linux-security 2011-10-25T07:45:31+00:00 Linus Torvalds torvalds@linux-foundation.org 2011-10-25T07:45:31+00:00 36b8d186e6cc8e32cb5227f5645a58e1bc0af190 * 'next' of git://selinuxproject.org/~jmorris/linux-security: (95 commits) TOMOYO: Fix incomplete read after seek. Smack: allow to access /smack/access as normal user TOMOYO: Fix unused kernel config option. Smack: fix: invalid length set for the result of /smack/access Smack: compilation fix Smack: fix for /smack/access output, use string instead of byte Smack: domain transition protections (v3) Smack: Provide information for UDS getsockopt(SO_PEERCRED) Smack: Clean up comments Smack: Repair processing of fcntl Smack: Rule list lookup performance Smack: check permissions from user space (v2) TOMOYO: Fix quota and garbage collector. TOMOYO: Remove redundant tasklist_lock. TOMOYO: Fix domain transition failure warning. TOMOYO: Remove tomoyo_policy_memory_lock spinlock. TOMOYO: Simplify garbage collector. TOMOYO: Fix make namespacecheck warnings. target: check hex2bin result encrypted-keys: check hex2bin result ... 
* 'next' of git://selinuxproject.org/~jmorris/linux-security: (95 commits)
  TOMOYO: Fix incomplete read after seek.
  Smack: allow to access /smack/access as normal user
  TOMOYO: Fix unused kernel config option.
  Smack: fix: invalid length set for the result of /smack/access
  Smack: compilation fix
  Smack: fix for /smack/access output, use string instead of byte
  Smack: domain transition protections (v3)
  Smack: Provide information for UDS getsockopt(SO_PEERCRED)
  Smack: Clean up comments
  Smack: Repair processing of fcntl
  Smack: Rule list lookup performance
  Smack: check permissions from user space (v2)
  TOMOYO: Fix quota and garbage collector.
  TOMOYO: Remove redundant tasklist_lock.
  TOMOYO: Fix domain transition failure warning.
  TOMOYO: Remove tomoyo_policy_memory_lock spinlock.
  TOMOYO: Simplify garbage collector.
  TOMOYO: Fix make namespacecheck warnings.
  target: check hex2bin result
  encrypted-keys: check hex2bin result
  ...
bluetooth: Properly clone LSM attributes to newly created child connections 2011-10-19T03:36:43+00:00 Paul Moore pmoore@redhat.com 2011-10-07T09:40:59+00:00 6230c9b4f8957c8938ee4cf2d03166d3c2dc89de The Bluetooth stack has internal connection handlers for all of the various Bluetooth protocols, and unfortunately, they are currently lacking the LSM hooks found in the core network stack's connection handlers. I say unfortunately, because this can cause problems for users who have have an LSM enabled and are using certain Bluetooth devices. See one problem report below: * http://bugzilla.redhat.com/show_bug.cgi?id=741703 In order to keep things simple at this point in time, this patch fixes the problem by cloning the parent socket's LSM attributes to the newly created child socket. If we decide we need a more elaborate LSM marking mechanism for Bluetooth (I somewhat doubt this) we can always revisit this decision in the future. Reported-by: James M. Cape <jcape@ignore-your.tv> Signed-off-by: Paul Moore <pmoore@redhat.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net> 
The Bluetooth stack has internal connection handlers for all of the various
Bluetooth protocols, and unfortunately, they are currently lacking the LSM
hooks found in the core network stack's connection handlers.  I say
unfortunately, because this can cause problems for users who have have an
LSM enabled and are using certain Bluetooth devices.  See one problem
report below:

 * http://bugzilla.redhat.com/show_bug.cgi?id=741703

In order to keep things simple at this point in time, this patch fixes the
problem by cloning the parent socket's LSM attributes to the newly created
child socket.  If we decide we need a more elaborate LSM marking mechanism
for Bluetooth (I somewhat doubt this) we can always revisit this decision
in the future.

Reported-by: James M. Cape <jcape@ignore-your.tv>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
evm: fix security/security_old_init_security return code 2011-09-14T19:24:50+00:00 Mimi Zohar zohar@linux.vnet.ibm.com 2011-08-15T14:13:18+00:00 fb88c2b6cbb1265a8bef60694699b37f5cd4ba76 security_inode_init_security previously returned -EOPNOTSUPP, for S_PRIVATE inodes, and relied on the callers to change it to 0. As the callers do not change the return code anymore, return 0, intead of -EOPNOTSUPP. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> 
security_inode_init_security previously returned -EOPNOTSUPP, for S_PRIVATE
inodes, and relied on the callers to change it to 0.  As the callers do not
change the return code anymore, return 0, intead of -EOPNOTSUPP.

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
security: sparse fix: Move security_fixup_op to security.h 2011-09-09T23:56:33+00:00 James Morris jmorris@namei.org 2011-08-30T03:48:53+00:00 5dbe3040c74eef18e66951347eda05b153e69328 Fix sparse warning by moving declaraion to global header. Signed-off-by: James Morris <jmorris@namei.org> 
Fix sparse warning by moving declaraion to global header.

Signed-off-by: James Morris <jmorris@namei.org>
Merge branch 'next-evm' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/ima-2.6 into next 2011-08-09T00:31:03+00:00 James Morris jmorris@namei.org 2011-08-09T00:31:03+00:00 5a2f3a02aea164f4f59c0c3497772090a411b462 Conflicts: fs/attr.c Resolve conflict manually. Signed-off-by: James Morris <jmorris@namei.org> 
Conflicts:
	fs/attr.c

Resolve conflict manually.

Signed-off-by: James Morris <jmorris@namei.org>
->permission() sanitizing: don't pass flags to exec_permission() 2011-07-20T05:43:29+00:00 Al Viro viro@zeniv.linux.org.uk 2011-06-20T23:48:41+00:00 eecdd358b467405a084d400d5ec571bbdbfe97a3 pass mask instead; kill security_inode_exec_permission() since we can use security_inode_permission() instead. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
pass mask instead; kill security_inode_exec_permission() since we can use
security_inode_permission() instead.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
->permission() sanitizing: don't pass flags to ->inode_permission() 2011-07-20T05:43:26+00:00 Al Viro viro@zeniv.linux.org.uk 2011-06-20T23:38:15+00:00 e74f71eb78a4a8b9eaf1bc65f20f761648e85f76 pass that via mask instead. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
pass that via mask instead.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
evm: add evm_inode_setattr to prevent updating an invalid security.evm 2011-07-18T16:29:50+00:00 Mimi Zohar zohar@linux.vnet.ibm.com 2011-05-13T16:53:38+00:00 817b54aa45db03437c6d09a7693fc6926eb8e822 Permit changing of security.evm only when valid, unless in fixmode. Reported-by: Roberto Sassu <roberto.sassu@polito.it> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> 
Permit changing of security.evm only when valid, unless in fixmode.

Reported-by: Roberto Sassu <roberto.sassu@polito.it>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
evm: call evm_inode_init_security from security_inode_init_security 2011-07-18T16:29:45+00:00 Mimi Zohar zohar@linux.vnet.ibm.com 2011-06-16T01:19:10+00:00 823eb1ccd0b310449e99c822412ea8208334d14c Changelog v7: - moved the initialization call to security_inode_init_security, renaming evm_inode_post_init_security to evm_inode_init_security - increase size of xattr array for EVM xattr Signed-off-by: Mimi Zohar <zohar@us.ibm.com> 
Changelog v7:
- moved the initialization call to security_inode_init_security,
  renaming evm_inode_post_init_security to evm_inode_init_security
- increase size of xattr array for EVM xattr

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>