Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934958AbcCPHsp (ORCPT ); Wed, 16 Mar 2016 03:48:45 -0400 Received: from tundra.namei.org ([65.99.196.166]:38766 "EHLO namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932950AbcCPHsm (ORCPT ); Wed, 16 Mar 2016 03:48:42 -0400 Date: Wed, 16 Mar 2016 18:48:36 +1100 (AEDT) From: James Morris To: Linus Torvalds cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [GIT PULL] Security subsystem updates for 4.6 Message-ID: User-Agent: Alpine 2.20 (LRH 67 2015-01-07) MIME-Version: 1.0 Content-Type: multipart/mixed; BOUNDARY="1665246916-1674022992-1458114516=:15694" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 10912 Lines: 233 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --1665246916-1674022992-1458114516=:15694 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 8BIT Please pull these changes for 4.6. There are a bunch of fixes to the TPM, IMA, and Keys code, with minor fixes scattered across the subsystem. IMA now requires signed policy, and that policy is also now measured and appraised. -- The following changes since commit 9256d5a308c95a50c6e85d682492ae1f86a70f9b: Merge tag 'leds_for_4.6' of git://git.kernel.org/pub/scm/linux/kernel/git/j.anaszewski/linux-leds (2016-03-15 22:04:53 -0700) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next Andy Shevchenko (1): selinux: use absolute path to include directory Arnd Bergmann (1): modsign: hide openssl output in silent builds Casey Schaufler (1): Smack: Remove pointless hooks Codarren Velvindron (1): v2 linux-next scripts/sign-file.c Fix LibreSSL support Colin Ian King (2): IMA: fix non-ANSI declaration of ima_check_policy() PKCS#7: fix unitialized boolean 'want' David Howells (10): KEYS: Add an alloc flag to convey the builtinness of a key KEYS: CONFIG_KEYS_DEBUG_PROC_KEYS is no longer an option X.509: Fix leap year handling again Handle ISO 8601 leap seconds and encodings of midnight in mktime64() X.509: Support leap seconds X.509: Handle midnight alternative notation in GeneralizedTime certs: Fix misaligned data in extra certificate list MODSIGN: linux/string.h should be #included to get memcpy() akcipher: Move the RSA DER encoding check to the crypto layer X.509: Make algo identifiers text instead of enum Dmitry Kasatkin (3): ima: separate 'security.ima' reading functionality from collect ima: provide buffer hash calculation function ima: load policy using path Harald Hoyer (1): tpm_eventlog.c: fix binary_bios_measurements James Morris (4): Merge branch 'smack-for-4.6' of https://github.com/cschaufler/smack-next into next Merge branch 'next' of git://git.kernel.org/.../zohar/linux-integrity into next Merge branch 'stable-4.6' of git://git.infradead.org/users/pcmoore/selinux into next Merge tag 'keys-next-20160303' of git://git.kernel.org/.../dhowells/linux-fs into next Jarkko Sakkinen (9): tpm: fix checks for policy digest existence in tpm2_seal_trusted() tpm: fix the rollback in tpm_chip_register() tpm: fix the cleanup of struct tpm_chip tpm: fix: set continueSession attribute for the unseal operation tpm: fix: return rc when devm_add_action() fails tpm_crb/tis: fix: use dev_name() for /proc/iomem tpm_crb: tpm2_shutdown() must be called before tpm_chip_unregister() tpm_tis: fix build warning with tpm_tis_resume MAINTAINERS: update tpmdd urls Jason Gunthorpe (7): tpm_crb: Use the common ACPI definition of struct acpi_tpm2 tpm_tis: Disable interrupt auto probing on a per-device basis tpm_tis: Do not fall back to a hardcoded address for TPM2 tpm_tis: Use devm_ioremap_resource tpm_tis: Clean up the force=1 module parameter tpm_crb: Drop le32_to_cpu(ioread32(..)) tpm_crb: Use devm_ioremap_resource Jerry Snitselaar (1): tpm: remove unneeded include of actbl2.h Jos? Bollo (1): smack: fix cache of access labels Juerg Haefliger (1): scripts/sign-file.c: Add support for signing with a raw signature Kees Cook (1): firmware: clean up filesystem load exit path Luis R. Rodriguez (3): firmware: simplify dev_*() print messages for generic helpers firmware: move completing fw into a helper firmware: change kernel read fail to dev_dbg() Marc-Antoine Perennou (1): sign-file: fix build with CMS support disabled Mehmet Kayaalp (2): KEYS: Reserve an extra certificate symbol for inserting without recompiling KEYS: Use the symbol value for list size, updated by scripts/insert-sys-cert Mimi Zohar (16): ima: refactor ima_policy_show() to display "ima_hooks" rules ima: use "ima_hooks" enum as function argument vfs: define a generic function to read a file from the kernel vfs: define kernel_read_file_id enumeration ima: calculate the hash of a buffer using aynchronous hash(ahash) ima: define a new hook to measure and appraise a file already in memory vfs: define kernel_read_file_from_path firmware: replace call to fw_read_file_contents() with kernel version security: define kernel_read_file hook vfs: define kernel_copy_file_from_fd() module: replace copy_module_from_fd with kernel version ima: remove firmware and module specific cached status info kexec: replace call to copy_file_from_fd() with kernel version ima: support for kexec image and initramfs ima: measure and appraise the IMA policy itself ima: require signed IMA policy Paul Gortmaker (1): security/keys: make big_key.c explicitly non-modular Tadeusz Struk (4): crypto: KEYS: convert public key and digsig asym to the akcipher api integrity: convert digsig to akcipher api crypto: public_key: remove MPIs from public_key_signature struct crypto: Add hash param to pkcs1pad Documentation/ABI/testing/ima_policy | 1 + MAINTAINERS | 4 +- arch/arm/configs/colibri_pxa270_defconfig | 1 - arch/arm/configs/iop13xx_defconfig | 1 - arch/arm/configs/iop32x_defconfig | 1 - arch/arm/configs/trizeps4_defconfig | 1 - arch/microblaze/configs/mmu_defconfig | 1 - arch/microblaze/configs/nommu_defconfig | 1 - arch/mips/configs/bigsur_defconfig | 1 - arch/mips/configs/ip22_defconfig | 1 - arch/mips/configs/ip27_defconfig | 1 - arch/mips/configs/ip32_defconfig | 1 - arch/mips/configs/jazz_defconfig | 1 - arch/mips/configs/lemote2f_defconfig | 1 - arch/mips/configs/rm200_defconfig | 1 - arch/mips/configs/sb1250_swarm_defconfig | 1 - arch/parisc/configs/712_defconfig | 1 - arch/parisc/configs/a500_defconfig | 1 - arch/parisc/configs/default_defconfig | 1 - arch/parisc/configs/generic-32bit_defconfig | 1 - arch/powerpc/configs/c2k_defconfig | 1 - arch/powerpc/configs/ppc6xx_defconfig | 1 - arch/score/configs/spct6600_defconfig | 1 - arch/tile/configs/tilegx_defconfig | 1 - arch/tile/configs/tilepro_defconfig | 1 - arch/x86/configs/i386_defconfig | 1 - arch/x86/configs/x86_64_defconfig | 1 - certs/Kconfig | 16 + certs/Makefile | 33 ++- certs/system_certificates.S | 13 + certs/system_keyring.c | 4 +- crypto/asymmetric_keys/Kconfig | 7 - crypto/asymmetric_keys/Makefile | 8 +- crypto/asymmetric_keys/mscode_parser.c | 14 +- crypto/asymmetric_keys/pkcs7_parser.c | 32 +-- crypto/asymmetric_keys/pkcs7_trust.c | 2 +- crypto/asymmetric_keys/pkcs7_verify.c | 10 +- crypto/asymmetric_keys/public_key.c | 154 +++++++---- crypto/asymmetric_keys/public_key.h | 36 --- crypto/asymmetric_keys/rsa.c | 278 ------------------ crypto/asymmetric_keys/verify_pefile.c | 4 +- crypto/asymmetric_keys/verify_pefile.h | 2 +- crypto/asymmetric_keys/x509_cert_parser.c | 75 ++---- crypto/asymmetric_keys/x509_public_key.c | 34 +-- crypto/asymmetric_keys/x509_rsakey.asn1 | 4 - crypto/rsa-pkcs1pad.c | 182 ++++++++++-- drivers/base/firmware_class.c | 78 ++---- drivers/char/tpm/tpm-chip.c | 19 +- drivers/char/tpm/tpm.h | 7 - drivers/char/tpm/tpm2-cmd.c | 22 +- drivers/char/tpm/tpm_crb.c | 196 ++++++++----- drivers/char/tpm/tpm_eventlog.c | 14 +- drivers/char/tpm/tpm_tis.c | 253 ++++++++++------- fs/exec.c | 92 ++++++ include/crypto/public_key.h | 76 +---- include/keys/trusted-type.h | 2 +- include/linux/fs.h | 15 + include/linux/ima.h | 10 +- include/linux/key.h | 1 + include/linux/lsm_hooks.h | 35 ++-- include/linux/security.h | 16 +- init/Kconfig | 2 +- kernel/kexec_file.c | 73 +----- kernel/module.c | 68 +---- kernel/module_signing.c | 7 + kernel/time/time.c | 9 +- scripts/.gitignore | 1 + scripts/Makefile | 1 + scripts/extract-sys-certs.pl | 29 ++- scripts/insert-sys-cert.c | 410 +++++++++++++++++++++++++++ scripts/sign-file.c | 238 ++++++++++------ security/integrity/Kconfig | 2 +- security/integrity/digsig_asymmetric.c | 16 +- security/integrity/iint.c | 4 +- security/integrity/ima/ima.h | 49 +++- security/integrity/ima/ima_api.c | 25 +- security/integrity/ima/ima_appraise.c | 69 +++--- security/integrity/ima/ima_crypto.c | 120 ++++++++- security/integrity/ima/ima_fs.c | 53 ++++- security/integrity/ima/ima_init.c | 2 +- security/integrity/ima/ima_main.c | 92 +++++-- security/integrity/ima/ima_policy.c | 115 +++++--- security/integrity/ima/ima_template.c | 2 - security/integrity/ima/ima_template_lib.c | 1 - security/integrity/integrity.h | 17 +- security/keys/big_key.c | 15 +- security/keys/key.c | 2 + security/keys/trusted.c | 11 +- security/security.c | 34 ++- security/selinux/Makefile | 2 +- security/smack/smack_lsm.c | 46 +-- 91 files changed, 1924 insertions(+), 1365 deletions(-) delete mode 100644 crypto/asymmetric_keys/public_key.h delete mode 100644 crypto/asymmetric_keys/rsa.c delete mode 100644 crypto/asymmetric_keys/x509_rsakey.asn1 create mode 100644 scripts/insert-sys-cert.c --1665246916-1674022992-1458114516=:15694--