Linux kernel source tree https://git.amat.us/linux/atom/security/Makefile?h=v3.13 2013-09-24T01:26:28Z 2013-09-24T01:26:28Z Eric Paris eparis@redhat.com 2013-09-10T13:51:50Z urn:sha1:a3c9e45d18ace44d02574518144742a00c7a94ec Back when we had half ass LSM stacking we had to link capabilities.o after bigger LSMs so that on initialization the bigger LSM would register first and the capabilities module would be the one stacked as the 'seconday'. Somewhere around 6f0f0fd496333777d53 (back in 2008) we finally removed the last of the kinda module stacking code but this comment in the makefile still lives today. Reported-by: Valdis Kletnieks <Valdis.Kletnieks@vt.edu> Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com> 2012-02-09T22:18:52Z Kees Cook keescook@chromium.org 2011-12-21T20:17:04Z urn:sha1:2d514487faf188938a4ee4fb3464eeecfbdcf8eb This adds the Yama Linux Security Module to collect DAC security improvements (specifically just ptrace restrictions for now) that have existed in various forms over the years and have been carried outside the mainline kernel by other Linux distributions like Openwall and grsecurity. Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <jmorris@namei.org> 2011-07-18T16:29:38Z Mimi Zohar zohar@linux.vnet.ibm.com 2011-03-09T19:13:22Z urn:sha1:f381c272224f5f158f5cff64f8f3481fa0eee8b3 Move the inode integrity data(iint) management up to the integrity directory in order to share the iint among the different integrity models. Changelog: - don't define MAX_DIGEST_SIZE - rename several globally visible 'ima_' prefixed functions, structs, locks, etc to 'integrity_' - replace '20' with SHA1_DIGEST_SIZE - reflect location change in appropriate Kconfig and Makefiles - remove unnecessary initialization of iint_initialized to 0 - rebased on current ima_iint.c - define integrity_iint_store/lock as static There should be no other functional changes. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com> 2010-08-02T05:38:34Z John Johansen john.johansen@canonical.com 2010-07-29T21:48:08Z urn:sha1:f9ad1af53d5232a89a1ff1827102843999975dfa Kconfig and Makefiles to enable configuration and building of AppArmor. Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <jmorris@namei.org> 2009-12-16T22:25:19Z David Howells dhowells@redhat.com 2009-12-15T19:27:45Z urn:sha1:6e1415467614e854fee660ff6648bd10fa976e95 In NOMMU mode clamp dac_mmap_min_addr to zero to cause the tests on it to be skipped by the compiler. We do this as the minimum mmap address doesn't make any sense in NOMMU mode. mmap_min_addr and round_hint_to_min() can be discarded entirely in NOMMU mode. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> 2009-10-20T05:26:16Z James Morris jmorris@namei.org 2009-10-20T04:48:33Z urn:sha1:3e1c2515acf70448cad1ae3ab835ca80be043d33 Remove the root_plug example LSM code. It's unmaintained and increasingly broken in various ways. Made at the 2009 Kernel Summit in Tokyo! Acked-by: Greg Kroah-Hartman <gregkh@suse.de> Signed-off-by: James Morris <jmorris@namei.org> 2009-08-16T22:37:18Z Thomas Liu tliu@redhat.com 2009-07-14T16:14:09Z urn:sha1:2bf49690325b62480a42f7afed5e9f164173c570 Convert avc_audit in security/selinux/avc.c to use lsm_audit.h, for better maintainability. - changed selinux to use common_audit_data instead of avc_audit_data - eliminated code in avc.c and used code from lsm_audit.h instead. Had to add a LSM_AUDIT_NO_AUDIT to lsm_audit.h so that avc_audit can call common_lsm_audit and do the pre and post callbacks without doing the actual dump. This makes it so that the patched version behaves the same way as the unpatched version. Also added a denied field to the selinux_audit_data private space, once again to make it so that the patched version behaves like the unpatched. I've tested and confirmed that AVCs look the same before and after this patch. Signed-off-by: Thomas Liu <tliu@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org> 2009-08-05T23:02:23Z Eric Paris eparis@redhat.com 2009-07-31T16:54:11Z urn:sha1:a2551df7ec568d87793d2eea4ca744e86318f205 Currently SELinux enforcement of controls on the ability to map low memory is determined by the mmap_min_addr tunable. This patch causes SELinux to ignore the tunable and instead use a seperate Kconfig option specific to how much space the LSM should protect. The tunable will now only control the need for CAP_SYS_RAWIO and SELinux permissions will always protect the amount of low memory designated by CONFIG_LSM_MMAP_MIN_ADDR. This allows users who need to disable the mmap_min_addr controls (usual reason being they run WINE as a non-root user) to do so and still have SELinux controls preventing confined domains (like a web server) from being able to map some area of low memory. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> 2009-07-13T00:39:36Z James Morris jmorris@namei.org 2009-07-13T00:39:36Z urn:sha1:be940d6279c30a2d7c4e8d1d5435f957f594d66d This reverts commit 8113a8d80f4c6a3dc3724b39b470f3fee9c426b6. The patch causes a stack overflow on my system during boot. Signed-off-by: James Morris <jmorris@namei.org> 2009-07-12T21:54:48Z Thomas Liu tliu@redhat.com 2009-07-10T14:31:04Z urn:sha1:8113a8d80f4c6a3dc3724b39b470f3fee9c426b6 Convert avc_audit in security/selinux/avc.c to use lsm_audit.h, for better maintainability and for less code duplication. - changed selinux to use common_audit_data instead of avc_audit_data - eliminated code in avc.c and used code from lsm_audit.h instead. I have tested to make sure that the avcs look the same before and after this patch. Signed-off-by: Thomas Liu <tliu@redhat.com> Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>