Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753983AbcLKWVk (ORCPT ); Sun, 11 Dec 2016 17:21:40 -0500 Received: from [65.99.196.166] ([65.99.196.166]:50232 "EHLO namei.org" rhost-flags-FAIL-FAIL-OK-OK) by vger.kernel.org with ESMTP id S1753872AbcLKWVi (ORCPT ); Sun, 11 Dec 2016 17:21:38 -0500 Date: Mon, 12 Dec 2016 09:21:34 +1100 (AEDT) From: James Morris To: Linus Torvalds cc: linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [GIT PULL] Security subsystem updates for 4.10 Message-ID: User-Agent: Alpine 2.20 (LRH 67 2015-01-07) MIME-Version: 1.0 Content-Type: multipart/mixed; BOUNDARY="1665246916-1909516456-1481494649=:8385" Content-ID: Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 8152 Lines: 197 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --1665246916-1909516456-1481494649=:8385 Content-Type: text/plain; CHARSET=ISO-8859-15 Content-Transfer-Encoding: 8BIT Content-ID: Generally pretty quiet for this release. Highlights: - Yama: - allow ptrace access for original parent after re-parenting - TPM: - add documentation - many bugfixes & cleanups - define a generic open() method for ascii & bios measurements - Integrity: - Harden against malformed xattrs - SELinux: - bugfixes & cleanups - Smack: - Remove unnecessary smack_known_invalid label - Do not apply star label in smack_setprocattr hook - parse mnt opts after privileges check (fixes unpriv DoS vuln) Please pull. --- The following changes since commit 69973b830859bc6529a7a0468ba0d80ee5117826: Linux 4.9 (2016-12-11 11:17:54 -0800) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next Andreas Gruenbacher (4): selinux: Minor cleanups proc: Pass file mode to proc_pid_make_inode selinux: Clean up initialization of isec->sclass selinux: Convert isec->lock into a spinlock Baruch Siach (2): Doc: security: keys-trusted: drop duplicate blobauth entry char: tpm: fix kerneldoc tpm2_unseal_trusted name typo Casey Schaufler (2): Smack: ipv6 label match fix Smack: Remove unnecessary smack_known_invalid Colin Ian King (1): tpm: return -ENODEV if np is not set Ed Swierk (1): tpm: Clean up reading of timeout and duration capabilities Eric Richter (1): ima: fix memory leak in ima_release_policy Himanshu Shukla (3): smack: parse mnt opts after privileges check SMACK: Do not apply star label in smack_setprocattr hook SMACK: Fix the memory leak in smack_cred_prepare() hook James Morris (5): Merge tag 'seccomp-v4.9-rc4' of git://git.kernel.org/.../kees/linux into ra-next Merge commit 'v4.9-rc5' into next Merge remote branch 'smack/smack-for-4.10' into next Merge branch 'next' of git://git.kernel.org/.../zohar/linux-integrity into next Merge branch 'stable-4.10' of git://git.infradead.org/users/pcmoore/selinux into next Jarkko Sakkinen (4): tpm: sanitize constant expressions tpm, tpm_vtpm_proxy: add kdoc comments for VTPM_PROXY_IOC_NEW_DEV tpm: replace dynamically allocated bios_dir with a static array tpm: drop tpm1_chip_register(/unregister) Jason Gunthorpe (7): tpm tis: Do not print timeout messages twice tpm xen: Remove bogus tpm_chip_unregister tpm: Get rid of TPM_CHIP_FLAG_REGISTERED tpm_tis: Allow tpm_tis to be bound using DT tpm: Fix handling of missing event log tpm: vtpm_proxy: conditionally call tpm_chip_unregister tpm: adjust return value of tpm_read_log Josh Stone (1): Yama: allow access for the current ptrace parent Josh Zimmerman (1): tpm_tis: Check return values from get_burstcount. Micka?l Sala?n (1): seccomp: Fix documentation Mimi Zohar (2): Revert "ima: limit file hash setting by user to fix and log modes" ima: include the reason for TPM-bypass mode Nayna Jain (9): Documentation: tpm: add the IBM Virtual TPM device tree binding documentation Documentation: tpm: add the Physical TPM device tree binding documentation tpm: define a generic open() method for ascii & bios measurements tpm: replace symbolic permission with octal for securityfs files tpm: have event log use the tpm_chip tpm: fix the missing .owner in tpm_bios_measurements_ops tpm: redefine read_log() to handle ACPI/OF at runtime tpm: replace of_find_node_by_name() with dev of_node property tpm: cleanup of printk error messages Peter Huewe (1): char/tpm: Check return code of wait_for_tpm_stat Ricky Zhou (3): samples/seccomp: Fix hostprogs variable samples/seccomp: Enable PR_SET_NO_NEW_PRIVS in dropper samples/seccomp: Support programs with >256 instructions Seth Forshee (1): security/integrity: Harden against malformed xattrs Stefan Berger (2): tpm: Only call pm_runtime_get_sync if device has a parent tpm: Check the bios_dir entry for NULL before accessing it Stephen Smalley (2): selinux: normalize input to /sys/fs/selinux/enforce selinux: keep SELinux in sync with new capability definitions Tetsuo Handa (2): SELinux: Use GFP_KERNEL for selinux_parse_opts_str(). Smack: Use GFP_KERNEL for smack_parse_opts_str(). Winkler, Tomas (5): tpm/tpm_crb: implement tpm crb idle state tmp/tpm_crb: fix Intel PTT hw bug during idle state tpm/tpm_crb: open code the crb_init into acpi_add tmp/tpm_crb: implement runtime pm for tpm_crb tpm: place kdoc just above tpm_pcr_extend jooseong lee (1): Smack: Assign smack_known_web label for kernel thread's .../devicetree/bindings/security/tpm/ibmvtpm.txt | 41 ++++ .../devicetree/bindings/security/tpm/tpm-i2c.txt | 21 ++ .../bindings/security/tpm/tpm_tis_mmio.txt | 25 ++ Documentation/security/keys-trusted-encrypted.txt | 2 - drivers/char/tpm/Kconfig | 2 +- drivers/char/tpm/Makefile | 14 +- drivers/char/tpm/tpm-chip.c | 38 +--- drivers/char/tpm/tpm-interface.c | 110 ++++------ drivers/char/tpm/tpm-sysfs.c | 7 +- drivers/char/tpm/tpm.h | 41 +++-- drivers/char/tpm/tpm2-cmd.c | 2 +- drivers/char/tpm/tpm_acpi.c | 46 ++-- drivers/char/tpm/tpm_crb.c | 173 +++++++++++++-- drivers/char/tpm/tpm_eventlog.c | 230 ++++++++++---------- drivers/char/tpm/tpm_eventlog.h | 22 +- drivers/char/tpm/tpm_of.c | 48 ++--- drivers/char/tpm/tpm_tis.c | 11 + drivers/char/tpm/tpm_tis_core.c | 64 ++++-- drivers/char/tpm/tpm_vtpm_proxy.c | 85 +++++--- drivers/char/tpm/xen-tpmfront.c | 1 - fs/proc/base.c | 23 +-- fs/proc/fd.c | 6 +- fs/proc/internal.h | 2 +- fs/proc/namespaces.c | 3 +- include/uapi/linux/vtpm_proxy.h | 23 ++- kernel/seccomp.c | 7 +- samples/seccomp/Makefile | 4 +- samples/seccomp/bpf-helper.c | 38 ++-- samples/seccomp/dropper.c | 7 +- security/integrity/digsig.c | 2 +- security/integrity/evm/evm_main.c | 4 + security/integrity/ima/ima_appraise.c | 13 +- security/integrity/ima/ima_fs.c | 2 +- security/integrity/ima/ima_init.c | 3 +- security/selinux/hooks.c | 120 ++++++---- security/selinux/include/classmap.h | 4 + security/selinux/include/objsec.h | 5 +- security/selinux/selinuxfs.c | 6 +- security/smack/smack.h | 1 - security/smack/smack_access.c | 7 +- security/smack/smack_lsm.c | 117 +++++------ security/smack/smackfs.c | 3 - security/yama/yama_lsm.c | 16 ++- 43 files changed, 832 insertions(+), 567 deletions(-) create mode 100644 Documentation/devicetree/bindings/security/tpm/ibmvtpm.txt create mode 100644 Documentation/devicetree/bindings/security/tpm/tpm-i2c.txt create mode 100644 Documentation/devicetree/bindings/security/tpm/tpm_tis_mmio.txt --1665246916-1909516456-1481494649=:8385--