Linux kernel source tree https://git.amat.us/linux/atom/Documentation/security?h=v3.4 2012-04-25T16:46:50Z 2012-04-25T16:46:50Z Jeff Layton jlayton@redhat.com 2012-04-25T16:46:50Z urn:sha1:a05a4830a32ef9f89e7bd372a7bae9b96b1ac266 Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> 2012-03-21T20:25:04Z Linus Torvalds torvalds@linux-foundation.org 2012-03-21T20:25:04Z urn:sha1:3556485f1595e3964ba539e39ea682acbb835cee Pull security subsystem updates for 3.4 from James Morris: "The main addition here is the new Yama security module from Kees Cook, which was discussed at the Linux Security Summit last year. Its purpose is to collect miscellaneous DAC security enhancements in one place. This also marks a departure in policy for LSM modules, which were previously limited to being standalone access control systems. Chromium OS is using Yama, and I believe there are plans for Ubuntu, at least. This patchset also includes maintenance updates for AppArmor, TOMOYO and others." Fix trivial conflict in <net/sock.h> due to the jumo_label->static_key rename. * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (38 commits) AppArmor: Fix location of const qualifier on generated string tables TOMOYO: Return error if fails to delete a domain AppArmor: add const qualifiers to string arrays AppArmor: Add ability to load extended policy TOMOYO: Return appropriate value to poll(). AppArmor: Move path failure information into aa_get_name and rename AppArmor: Update dfa matching routines. AppArmor: Minor cleanup of d_namespace_path to consolidate error handling AppArmor: Retrieve the dentry_path for error reporting when path lookup fails AppArmor: Add const qualifiers to generated string tables AppArmor: Fix oops in policy unpack auditing AppArmor: Fix error returned when a path lookup is disconnected KEYS: testing wrong bit for KEY_FLAG_REVOKED TOMOYO: Fix mount flags checking order. security: fix ima kconfig warning AppArmor: Fix the error case for chroot relative path name lookup AppArmor: fix mapping of META_READ to audit and quiet flags AppArmor: Fix underflow in xindex calculation AppArmor: Fix dropping of allowed operations that are force audited AppArmor: Add mising end of structure test to caps unpacking ... 2012-03-07T15:08:24Z Masanari Iida standby24x7@gmail.com 2012-03-04T14:16:11Z urn:sha1:40e47125e6c5110383b0176d7b9d530f2936b1ae Signed-off-by: Masanari Iida <standby24x7@gmail.com> Acked-by: Randy Dunlap <rdunlap@xenotime.net> Signed-off-by: Jiri Kosina <jkosina@suse.cz> 2012-02-15T23:25:18Z Kees Cook keescook@chromium.org 2012-02-15T00:48:09Z urn:sha1:bf06189e4d14641c0148bea16e9dd24943862215 For a process to entirely disable Yama ptrace restrictions, it can use the special PR_SET_PTRACER_ANY pid to indicate that any otherwise allowed process may ptrace it. This is stronger than calling PR_SET_PTRACER with pid "1" because it includes processes in external pid namespaces. This is currently needed by the Chrome renderer, since its crash handler (Breakpad) runs external to the renderer's pid namespace. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <jmorris@namei.org> 2012-02-09T22:18:52Z Kees Cook keescook@chromium.org 2011-12-21T20:17:04Z urn:sha1:2d514487faf188938a4ee4fb3464eeecfbdcf8eb This adds the Yama Linux Security Module to collect DAC security improvements (specifically just ptrace restrictions for now) that have existed in various forms over the years and have been carried outside the mainline kernel by other Linux distributions like Openwall and grsecurity. Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <jmorris@namei.org> 2012-01-19T03:38:51Z David Howells dhowells@redhat.com 2012-01-18T15:31:45Z urn:sha1:700920eb5ba4de5417b446c9a8bb008df2b973e0 The kernel contains some special internal keyrings, for instance the DNS resolver keyring : 2a93faf1 I----- 1 perm 1f030000 0 0 keyring .dns_resolver: empty It would occasionally be useful to allow the contents of such keyrings to be flushed by root (cache invalidation). Allow a flag to be set on a keyring to mark that someone possessing the sysadmin capability can clear the keyring, even without normal write access to the keyring. Set this flag on the special keyrings created by the DNS resolver, the NFS identity mapper and the CIFS identity mapper. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Jeff Layton <jlayton@redhat.com> Acked-by: Steve Dickson <steved@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> 2011-11-16T01:39:48Z James Morris jmorris@namei.org 2011-11-16T01:39:48Z urn:sha1:24942c8e5cc8696064ee207ff29d4cf21f70dafc 2011-11-16T01:37:27Z Kees Cook kees@outflux.net 2011-11-02T00:20:01Z urn:sha1:e163bc8e4a0cd1cdffadb58253f7651201722d56 Clarify the purpose of the LSM interface with some brief examples and pointers to additional documentation. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <jmorris@namei.org> 2011-09-27T16:08:04Z Paul Bolle pebolle@tiscali.nl 2011-08-15T00:02:26Z urn:sha1:395cf9691d72173d8cdaa613c5f0255f993af94b There are numerous broken references to Documentation files (in other Documentation files, in comments, etc.). These broken references are caused by typo's in the references, and by renames or removals of the Documentation files. Some broken references are simply odd. Fix these broken references, sometimes by dropping the irrelevant text they were part of. Signed-off-by: Paul Bolle <pebolle@tiscali.nl> Signed-off-by: Jiri Kosina <jkosina@suse.cz> 2011-06-30T09:08:14Z Mimi Zohar zohar@linux.vnet.ibm.com 2011-06-29T18:53:56Z urn:sha1:ad599f9cf0187e823bc92bc83f3867a38fa266b9 Move keys-ecryptfs.txt to Documentation/security. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>