Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753873AbbBLAGx (ORCPT <rfc822;w@1wt.eu>);
	Wed, 11 Feb 2015 19:06:53 -0500
Received: from tundra.namei.org ([65.99.196.166]:45665 "EHLO namei.org"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751782AbbBLAGu (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Wed, 11 Feb 2015 19:06:50 -0500
Date: Thu, 12 Feb 2015 11:06:45 +1100 (AEDT)
From: James Morris <jmorris@namei.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [GIT PULL] Security subsystem changes for 3.20
Message-ID: <alpine.LRH.2.11.1502121056160.11564@namei.org>
User-Agent: Alpine 2.11 (LRH 23 2013-08-11)
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; BOUNDARY="1665246916-1416247691-1423699605=:11564"
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 9060
Lines: 202

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--1665246916-1416247691-1423699605=:11564
Content-Type: TEXT/PLAIN; charset=ISO-8859-2
Content-Transfer-Encoding: 8BIT

Highlights:

* Smack adds secmark support for Netfilter
* /proc/keys is now mandatory if CONFIG_KEYS=y
* TPM gets its own devide class
* Added TPM 2.0 support
* Smack file hook rework (all Smack users should review this!)

Please pull for 3.20.


The following changes since commit 73b4f63aebd6d57db4ca1d31fa6f8516651207b0:

  Merge tag 'docs-for-linus' of git://git.lwn.net/linux-2.6 (2015-02-11 13:03:11 -0800)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next

Andrey Ryabinin (1):
      smack: fix possible use after frees in task_security() callers

Arnd Bergmann (2):
      X.509: shut up about included cert for silent build
      X.509: silence asn1 compiler debug output

Ashley Lai (1):
      tpm_ibmvtpm: Update email address in maintainers list and ibmvtpm driver

Bruno E O Meneguele (1):
      char/tpm: fixed white spaces coding style issues

Casey Schaufler (3):
      Smack: Rework file hooks
      Smack: secmark support for netfilter
      Smack: Repair netfilter dependency

Christophe Ricard (22):
      tpm/tpm_i2c_stm_st33: Fix potential bug in tpm_stm_i2c_send
      tpm/tpm_i2c_stm_st33: Update Kconfig in order to be inline to other similar product
      tpm/tpm_i2c_stm_st33: Change License header to have up to date address information
      tpm/tpm_i2c_stm_st33: Fix few coding style error reported by scripts/checkpatch.pl
      tpm/tpm_i2c_stm_st33: Move tpm registers to tpm_i2c_stm_st33.c
      tpm/tpm_i2c_stm_st33: Add new tpm_stm_dev structure and remove tpm_i2c_buffer[0], [1] buffer.
      tpm/tpm_i2c_stm_st33: Remove reference to io_serirq
      tpm/tpm_i2c_stm_st33: Replace err/rc/ret by ret for a function return code
      tpm/tpm_i2c_stm_st33: Replace tpm_st33_* function with tpm_stm_*
      tpm/tpm_i2c_stm_st33: Add devicetree structure
      tpm/tpm_i2c_stm_st33/dts/st33zp24_i2c: Add DTS Documentation
      tpm/tpm_i2c_stm_st33: Few code cleanup
      tpm/tpm_i2c_stm_st33: Interrupt management improvement
      tpm/tpm_i2c_stm_st33: Remove useless i2c read on interrupt registers
      tpm/tpm_i2c_stm_st33: Increment driver version to 1.2.1.
      tpm/tpm_i2c_stm_st33: Fix coccinelle warnings. Possible NULL pointer dereference
      tpm/tpm_i2c_stm_st33: Add status check when reading data on the FIFO
      tpm/tpm_i2c_stm_st33: Remove sparse spaces
      tpm/tpm_i2c_stm_st33: Sanity cleanup
      tpm/tpm_i2c_stm_st33: Replace remaining r by ret
      tpm/tpm_i2c_stm_st33: Change tpm_i2c_stm_st33.h to tpm_stm_st33.h
      tpm/tpm_i2c_stm_st33/dts/st33zp24-i2c: Rename st33zp24 dts documentation

Dan Carpenter (1):
      SELinux: fix error code in policydb_init()

David Howells (3):
      TPM: Add new TPMs to the tail of the list to prevent inadvertent change of dev
      KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y
      ima: /proc/keys is now mandatory

Dmitry Kasatkin (1):
      MAINTAINERS: email update

Fabian Frederick (1):
      tpm: remove unnecessary sizeof(u8)

Hon Ching (Vicky) Lo (1):
      tpm: Fix NULL return in tpm_ibmvtpm_get_desired_dma

James Morris (4):
      Merge tag 'keys-next-fixes-20150114' of git://git.kernel.org/.../dhowells/linux-fs into next
      Merge branch 'smack-for-3.20-rebased' of git://git.gitorious.org/smack-next/kernel into next
      Merge branch 'smack-for-3.20-rebased' of git://git.gitorious.org/smack-next/kernel into next
      Merge tag 'keys-next-20150123' of git://git.kernel.org/.../dhowells/linux-fs into next

Jarkko Sakkinen (10):
      tpm: merge duplicate transmit_cmd() functions
      tpm: two-phase chip management functions
      tpm: fix raciness of PPI interface lookup
      tpm: rename chip->dev to chip->pdev
      tpm: device class for tpm
      tpm: TPM 2.0 baseline support
      tpm: TPM 2.0 CRB Interface
      tpm: TPM 2.0 FIFO Interface
      char/tpm/tpm_crb: fix build error
      tpm: fix format string error in tpm-chip.c

Kiran Padwal (1):
      char: tpm: Add missing error check for devm_kzalloc

Lukasz Pawelczyk (2):
      smack: miscellaneous small fixes in function comments
      smack: fix logic in smack_inode_init_security function

Mark Salyzyn (1):
      selinux: add security in-core xattr support for pstore and debugfs

Markus Elfring (1):
      char: tpm: Deletion of unnecessary checks before the function call "tpm_dev_vendor_release"

Paul Moore (2):
      selinux: quiet the filesystem labeling behavior message
      cipso: don't use IPCB() to locate the CIPSO IP option

Peter Huewe (2):
      MAINTAINERS: Add Patchwork and Git URL for TPMDD
      tpm/tpm_tis: Add missing ifdef CONFIG_ACPI for pnp_acpi_device

Rafal Krypa (1):
      smack: Add missing logging in bidirectional UDS connect check

Rasmus Villemoes (3):
      MPILIB: Deobfuscate mpi_cmp
      MPILIB: Fix obvious but harmless typo
      MPILIB: Fix comparison of negative MPIs

Rickard Strandqvist (1):
      selinux: Remove unused function avc_sidcmp()

Scot Doyle (1):
      tpm_tis: verify interrupt during init

Zbigniew Jasinski (1):
      smack: Fix a bidirectional UDS connect check typo

?ukasz Stelmach (1):
      smack: introduce a special case for tmpfs in smack_d_instantiate()

 Documentation/ABI/stable/sysfs-class-tpm           |   22 +-
 .../bindings/security/tpm/st33zp24-i2c.txt         |   36 ++
 Documentation/security/keys.txt                    |    2 -
 MAINTAINERS                                        |   12 +-
 drivers/char/tpm/Kconfig                           |   15 +-
 drivers/char/tpm/Makefile                          |    5 +-
 drivers/char/tpm/tpm-chip.c                        |  256 ++++++++
 drivers/char/tpm/tpm-dev.c                         |   42 +--
 drivers/char/tpm/tpm-interface.c                   |  263 +++------
 drivers/char/tpm/tpm-sysfs.c                       |   29 +-
 drivers/char/tpm/tpm.h                             |  124 +++-
 drivers/char/tpm/tpm2-cmd.c                        |  617 ++++++++++++++++++
 drivers/char/tpm/tpm_atmel.c                       |   25 +-
 drivers/char/tpm/tpm_crb.c                         |  354 +++++++++++
 drivers/char/tpm/tpm_i2c_atmel.c                   |   52 +-
 drivers/char/tpm/tpm_i2c_infineon.c                |   43 +-
 drivers/char/tpm/tpm_i2c_nuvoton.c                 |   69 +--
 drivers/char/tpm/tpm_i2c_stm_st33.c                |  666 +++++++++++---------
 drivers/char/tpm/tpm_ibmvtpm.c                     |   27 +-
 drivers/char/tpm/tpm_ibmvtpm.h                     |    2 +-
 drivers/char/tpm/tpm_infineon.c                    |   51 +-
 drivers/char/tpm/tpm_nsc.c                         |   34 +-
 drivers/char/tpm/tpm_of.c                          |    2 +-
 drivers/char/tpm/tpm_ppi.c                         |  141 +++--
 drivers/char/tpm/tpm_tis.c                         |  276 ++++++---
 drivers/char/tpm/xen-tpmfront.c                    |   14 +-
 .../linux/platform_data/tpm_stm_st33.h             |   38 +-
 include/net/cipso_ipv4.h                           |   25 +-
 kernel/Makefile                                    |    2 +-
 lib/mpi/mpi-cmp.c                                  |   10 +-
 lib/mpi/mpi-internal.h                             |    2 +-
 net/ipv4/cipso_ipv4.c                              |   51 +-
 net/netlabel/netlabel_kapi.c                       |   15 +-
 scripts/asn1_compiler.c                            |   30 +-
 security/integrity/ima/Kconfig                     |    1 -
 security/keys/Kconfig                              |   18 -
 security/keys/proc.c                               |    8 -
 security/selinux/avc.c                             |    5 -
 security/selinux/hooks.c                           |   29 +-
 security/selinux/ss/policydb.c                     |    8 +-
 security/smack/Kconfig                             |   12 +
 security/smack/Makefile                            |    1 +
 security/smack/smack.h                             |   11 +
 security/smack/smack_lsm.c                         |  199 +++++--
 security/smack/smack_netfilter.c                   |   96 +++
 45 files changed, 2658 insertions(+), 1082 deletions(-)
 create mode 100644 Documentation/devicetree/bindings/security/tpm/st33zp24-i2c.txt
 create mode 100644 drivers/char/tpm/tpm-chip.c
 create mode 100644 drivers/char/tpm/tpm2-cmd.c
 create mode 100644 drivers/char/tpm/tpm_crb.c
 rename drivers/char/tpm/tpm_i2c_stm_st33.h => include/linux/platform_data/tpm_stm_st33.h (53%)
 create mode 100644 security/smack/smack_netfilter.c
--1665246916-1416247691-1423699605=:11564--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/