Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755335AbbDOADq (ORCPT ); Tue, 14 Apr 2015 20:03:46 -0400 Received: from tundra.namei.org ([65.99.196.166]:32940 "EHLO namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751930AbbDOADi (ORCPT ); Tue, 14 Apr 2015 20:03:38 -0400 Date: Wed, 15 Apr 2015 10:03:36 +1000 (AEST) From: James Morris To: Linus Torvalds cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [GIT PULL] Security subsystem update for 4.1 Message-ID: User-Agent: Alpine 2.11 (LRH 23 2013-08-11) MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="1665246916-1752666240-1429056216=:14302" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 6213 Lines: 141 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --1665246916-1752666240-1429056216=:14302 Content-Type: TEXT/PLAIN; charset=ISO-8859-15 Content-Transfer-Encoding: 8BIT Hi Linus, Highlights for this window: o Improved AVC hashing for SELinux by John Brooks and Stephen Smalley o Addition of an unconfined label to Smack o Smack documentation update o TPM driver updates Please pull. --- The following changes since commit 80dcc31fbe55932ac9204daee5f2ebc0c49b6da3: Merge tag 'gfs2-merge-window' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2 (2015-04-14 16:09:18 -0700) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next Casey Schaufler (2): Smack: Allow an unconfined label in bringup mode Smack: Updates for Smack documentation Christophe Ricard (6): tpm/tpm_i2c_stm_st33: Replace access to io_lpcpd from struct st33zp24_platform_data to tpm_stm_dev tpm/tpm_i2c_stm_st33: Split tpm_i2c_tpm_st33 in 2 layers (core + phy) tpm/st33zp24/spi: Add st33zp24 spi phy tpm/st33zp24/dts/st33zp24-spi: Add dts documentation for st33zp24 spi phy tpm/st33zp24: Add proper wait for ordinal duration in case of irq mode tpm/st33zp24/spi: Add missing device table for spi phy. James Morris (3): Merge tag 'yama-4.0' of git://git.kernel.org/.../kees/linux into next Merge branch 'smack-for-4.1' of git://github.com/cschaufler/smack-next into next Merge branch 'tomoyo-cleanup' of git://git.kernel.org/.../mmarek/kbuild into next Jarkko Sakkinen (2): tpm: fix call order in tpm-chip.c tpm: fix: sanitized code paths in tpm_chip_register() Jeff Vander Stoep (1): selinux: remove unnecessary pointer reassignment John Brooks (1): selinux: Use a better hash function for avtab Jos? Bollo (1): Smack: getting the Smack security context of keys Kees Cook (1): Yama: do not modify global sysctl table entry Marcin Lis (1): Smack: Assign smack_known_web as default smk_in label for kernel thread's socket Michal Marek (3): tomoyo: Use bin2c to generate builtin-policy.h tomoyo: Use if_changed when generating builtin-policy.h tomoyo: Do not generate empty policy files Paul Gortmaker (1): smack: Fix gcc warning from unused smack_syslog_lock mutex in smackfs.c Paul Moore (1): selinux: reconcile security_netlbl_secattr_to_sid() and mls_import_netlbl_cat() Peter Huewe (3): tpm: Update KConfig text to include TPM2.0 FIFO chips MAINTAINERS: Add Jason as designated reviewer for TPM tpm/tpm_infineon: Use struct dev_pm_ops for power management Richard Guy Briggs (1): lsm: copy comm before calling audit_log to avoid race in string printing Stephen Smalley (3): security/yama: Remove unnecessary selects from Kconfig. selinux: convert avtab hash table to flex_array selinux: increase avtab max buckets jmlatten@linux.vnet.ibm.com (1): tpm/ibmvtpm: Additional LE support for tpm_ibmvtpm_send .../bindings/security/tpm/st33zp24-spi.txt | 34 + Documentation/security/Smack.txt | 129 ++-- MAINTAINERS | 1 + drivers/char/tpm/Kconfig | 20 +- drivers/char/tpm/Makefile | 2 +- drivers/char/tpm/st33zp24/Kconfig | 30 + drivers/char/tpm/st33zp24/Makefile | 12 + drivers/char/tpm/st33zp24/i2c.c | 276 ++++++ drivers/char/tpm/st33zp24/spi.c | 399 +++++++++ drivers/char/tpm/st33zp24/st33zp24.c | 698 +++++++++++++++ drivers/char/tpm/st33zp24/st33zp24.h | 37 + drivers/char/tpm/tpm-chip.c | 92 ++- drivers/char/tpm/tpm_i2c_stm_st33.c | 911 -------------------- drivers/char/tpm/tpm_ibmvtpm.c | 10 +- drivers/char/tpm/tpm_ibmvtpm.h | 6 +- drivers/char/tpm/tpm_infineon.c | 34 +- .../platform_data/{tpm_stm_st33.h => st33zp24.h} | 21 +- security/lsm_audit.c | 15 +- security/selinux/avc.c | 6 +- security/selinux/ss/avtab.c | 72 ++- security/selinux/ss/avtab.h | 8 +- security/selinux/ss/mls.c | 10 +- security/selinux/ss/services.c | 6 +- security/smack/smack.h | 8 + security/smack/smack_access.c | 43 +- security/smack/smack_lsm.c | 99 ++- security/smack/smackfs.c | 97 ++- security/tomoyo/.gitignore | 2 +- security/tomoyo/Kconfig | 1 + security/tomoyo/Makefile | 55 +- .../tomoyo/policy/exception_policy.conf.default | 2 + security/yama/Kconfig | 2 - security/yama/yama_lsm.c | 13 +- 33 files changed, 1971 insertions(+), 1180 deletions(-) create mode 100644 Documentation/devicetree/bindings/security/tpm/st33zp24-spi.txt create mode 100644 drivers/char/tpm/st33zp24/Kconfig create mode 100644 drivers/char/tpm/st33zp24/Makefile create mode 100644 drivers/char/tpm/st33zp24/i2c.c create mode 100644 drivers/char/tpm/st33zp24/spi.c create mode 100644 drivers/char/tpm/st33zp24/st33zp24.c create mode 100644 drivers/char/tpm/st33zp24/st33zp24.h delete mode 100644 drivers/char/tpm/tpm_i2c_stm_st33.c rename include/linux/platform_data/{tpm_stm_st33.h => st33zp24.h} (60%) create mode 100644 security/tomoyo/policy/exception_policy.conf.default --1665246916-1752666240-1429056216=:14302-- -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/