linux-toradex.git/security, branch v2.6.33.2 Linux kernel for Apalis and Colibri modules security: fix error return path in ima_inode_alloc 2010-03-15T16:05:50+00:00 Xiaotian Feng dfeng@redhat.com 2010-02-24T10:39:02+00:00 58ec4abc2202c36a4d12fd95f7030b977cc7b91d commit baac35c4155a8aa826c70acee6553368ca5243a2 upstream. If radix_tree_preload is failed in ima_inode_alloc, we don't need radix_tree_preload_end because kernel is alread preempt enabled Signed-off-by: Xiaotian Feng <dfeng@redhat.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
commit baac35c4155a8aa826c70acee6553368ca5243a2 upstream.

If radix_tree_preload is failed in ima_inode_alloc, we don't need
radix_tree_preload_end because kernel is alread preempt enabled

Signed-off-by: Xiaotian Feng <dfeng@redhat.com>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
netlabel: fix export of SELinux categories > 127 2010-03-15T16:05:47+00:00 Joshua Roys joshua.roys@gtri.gatech.edu 2010-02-24T23:52:44+00:00 a0fac0acdd368e8450cda2c75b4a8d86f1151ad4 commit c36f74e67fa12202dbcb4ad92c5ac844f9d36b98 upstream. This fixes corrupted CIPSO packets when SELinux categories greater than 127 are used. The bug occured on the second (and later) loops through the while; the inner for loop through the ebitmap->maps array used the same index as the NetLabel catmap->bitmap array, even though the NetLabel bitmap is twice as long as the SELinux bitmap. Signed-off-by: Joshua Roys <joshua.roys@gtri.gatech.edu> Acked-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
commit c36f74e67fa12202dbcb4ad92c5ac844f9d36b98 upstream.

This fixes corrupted CIPSO packets when SELinux categories greater than 127
are used.  The bug occured on the second (and later) loops through the
while; the inner for loop through the ebitmap->maps array used the same
index as the NetLabel catmap->bitmap array, even though the NetLabel bitmap
is twice as long as the SELinux bitmap.

Signed-off-by: Joshua Roys <joshua.roys@gtri.gatech.edu>
Acked-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Take ima_file_free() to proper place. 2010-02-07T08:07:29+00:00 Al Viro viro@zeniv.linux.org.uk 2010-02-07T08:07:29+00:00 89068c576bf324ef6fbd50dfc745148f7def202c Hooks: Just Say No. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
Hooks: Just Say No.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
ima: rename PATH_CHECK to FILE_CHECK 2010-02-07T08:06:23+00:00 Mimi Zohar zohar@linux.vnet.ibm.com 2010-01-26T22:02:41+00:00 1e93d0052d9a6b3d0b382eedceb18b519d603baf With the movement of the ima hooks functions were renamed from *path* to *file* since they always deal with struct file. This patch renames some of the ima internal flags to make them consistent with the rest of the code. Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
With the movement of the ima hooks functions were renamed from *path* to
*file* since they always deal with struct file.  This patch renames some of
the ima internal flags to make them consistent with the rest of the code.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
ima: rename ima_path_check to ima_file_check 2010-02-07T08:06:22+00:00 Mimi Zohar zohar@linux.vnet.ibm.com 2010-01-26T22:02:40+00:00 9bbb6cad0173e6220f3ac609e26beb48dab3b7cd ima_path_check actually deals with files! call it ima_file_check instead. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
ima_path_check actually deals with files!  call it ima_file_check instead.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
ima: initialize ima before inodes can be allocated 2010-02-07T08:06:22+00:00 Eric Paris eparis@redhat.com 2009-12-09T20:29:01+00:00 54bb6552bd9405dc7685653157a4ec260c77a71c ima wants to create an inode information struct (iint) when inodes are allocated. This means that at least the part of ima which does this allocation (the allocation is filled with information later) should before any inodes are created. To accomplish this we split the ima initialization routine placing the kmem cache allocator inside a security_initcall() function. Since this makes use of radix trees we also need to make sure that is initialized before security_initcall(). Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
ima wants to create an inode information struct (iint) when inodes are
allocated.  This means that at least the part of ima which does this
allocation (the allocation is filled with information later) should
before any inodes are created.  To accomplish this we split the ima
initialization routine placing the kmem cache allocator inside a
security_initcall() function.  Since this makes use of radix trees we also
need to make sure that is initialized before security_initcall().

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
fix ima breakage 2010-02-07T08:06:22+00:00 Mimi Zohar zohar@linux.vnet.ibm.com 2010-01-20T20:35:41+00:00 8eb988c70e7709b7bd1a69f0ec53d19ac20dea84 The "Untangling ima mess, part 2 with counters" patch messed up the counters. Based on conversations with Al Viro, this patch streamlines ima_path_check() by removing the counter maintaince. The counters are now updated independently, from measuring the file, in __dentry_open() and alloc_file() by calling ima_counts_get(). ima_path_check() is called from nfsd and do_filp_open(). It also did not measure all files that should have been measured. Reason: ima_path_check() got bogus value passed as mask. [AV: mea culpa] [AV: add missing nfsd bits] Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
The "Untangling ima mess, part 2 with counters" patch messed
up the counters.  Based on conversations with Al Viro, this patch
streamlines ima_path_check() by removing the counter maintaince.
The counters are now updated independently, from measuring the file,
in __dentry_open() and alloc_file() by calling ima_counts_get().
ima_path_check() is called from nfsd and do_filp_open().
It also did not measure all files that should have been measured.
Reason: ima_path_check() got bogus value passed as mask.
[AV: mea culpa]
[AV: add missing nfsd bits]

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
get rid of pointless checks after simple_pin_fs() 2010-01-27T03:22:26+00:00 Al Viro viro@zeniv.linux.org.uk 2010-01-25T09:50:43+00:00 ef52c75e4b1603f6e6102967ad90118205168eae if we'd just got success from it, vfsmount won't be NULL Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
if we'd just got success from it, vfsmount won't be NULL

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Fix ACC_MODE() for real 2010-01-14T14:05:26+00:00 Al Viro viro@zeniv.linux.org.uk 2009-12-24T11:58:56+00:00 6d125529c6cbfe570ce3bf9a0728548f087499da commit 5300990c0370e804e49d9a59d928c5d53fb73487 had stepped on a rather nasty mess: definitions of ACC_MODE used to be different. Fixed the resulting breakage, converting them to variant that takes O_... value; all callers have that and it actually simplifies life (see tomoyo part of changes). Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
commit 5300990c0370e804e49d9a59d928c5d53fb73487 had stepped on a rather
nasty mess: definitions of ACC_MODE used to be different.  Fixed the
resulting breakage, converting them to variant that takes O_... value;
all callers have that and it actually simplifies life (see tomoyo part
of changes).

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
SECURITY: selinux, fix update_rlimit_cpu parameter 2010-01-04T10:27:18+00:00 Jiri Slaby jirislaby@gmail.com 2009-08-28T08:47:16+00:00 17740d89785aeb4143770923d67c293849414710 Don't pass current RLIMIT_RTTIME to update_rlimit_cpu() in selinux_bprm_committing_creds, since update_rlimit_cpu expects RLIMIT_CPU limit. Use proper rlim[RLIMIT_CPU].rlim_cur instead to fix that. Signed-off-by: Jiri Slaby <jirislaby@gmail.com> Acked-by: James Morris <jmorris@namei.org> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: Eric Paris <eparis@parisplace.org> Cc: David Howells <dhowells@redhat.com> 
Don't pass current RLIMIT_RTTIME to update_rlimit_cpu() in
selinux_bprm_committing_creds, since update_rlimit_cpu expects
RLIMIT_CPU limit.

Use proper rlim[RLIMIT_CPU].rlim_cur instead to fix that.

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Eric Paris <eparis@parisplace.org>
Cc: David Howells <dhowells@redhat.com>