Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp1251931imm;
        Tue, 5 Jun 2018 11:23:57 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKL2KjwkI+tiOTfW4a51988elzTDWMrFJw4wHwQzWfDskAoPuV35Z0gh+O2HYBqmnFqZ84aH
X-Received: by 2002:a63:7056:: with SMTP id a22-v6mr2214392pgn.22.1528223037476;
        Tue, 05 Jun 2018 11:23:57 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1528223037; cv=none;
        d=google.com; s=arc-20160816;
        b=tlXC7JzQSqXdNpthm70v01kFguHxQQWyEgigDJ8ZGYbF1Z3ns9xvvb8IBx4KWSVIxK
         RJryMQpTTQk8lxn6mpBVwdfz2PAeKcdahnTUYp8/eGg2Aa/7c/1KPzgDYN+dyEjRsjff
         odChkG1UV9SqhZfpxEoVb+EryhMlNPBl+wZgo7HPFApply6sukEHq9rFSbcufzX2zG72
         LtTbkoyfy/slZ9HIcfpByd0idxrJsIzU0dwcDOJOi8pthUkE/9KVcvrXqdMu1arataFj
         4JuJXGkKnUlropfTULRteA6eOml+jVJMEwANOi80BzdrPswquP6S6xYDQFuAKwoWnBrQ
         eY/A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:message-id
         :subject:cc:to:from:date:arc-authentication-results;
        bh=GEKvE8sqyLW3ZZukf2wBCVXCFo4lfS8CG17ftFLPCWA=;
        b=p0SVvkhV/c2cdyME1PuoMQwr/TgvzCUmtkOwQU3/D9b7Y17OOXAUC8jKwYoPQsXh52
         NwqUBN9pUgmat2h3AIg/2s1sGRkib0B/nV7yL69DmyjlaCduDpxLTxeqkMtfDTeGUeBi
         O+eVDks1UM73+LJq1OpGcg63xQgcqIVDWtxnPor0QIoGv7m/wlGO0LPb2KocRh40l0KG
         iDVcrtn9xKJeNacFMw3sMFwga15m+kFHEZZ2Kj7k6rHQOO5PNW9iGaGY+ZYJfwIBVPgC
         1NvDTOdnCDfu/vJ9alTxzUGbuZ/LUQcKqyv96GstzUnH1WD6eVgzWtBzsjpsAKGU9uC1
         HmBg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id p67-v6si47549283pfp.72.2018.06.05.11.23.43;
        Tue, 05 Jun 2018 11:23:57 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751879AbeFESV3 (ORCPT <rfc822;kkdevenda@gmail.com> + 99 others);
        Tue, 5 Jun 2018 14:21:29 -0400
Received: from namei.org ([65.99.196.166]:58330 "EHLO namei.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751786AbeFESV2 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 5 Jun 2018 14:21:28 -0400
Received: from localhost (localhost [127.0.0.1])
        by namei.org (8.14.4/8.14.4) with ESMTP id w55ILPol010394;
        Tue, 5 Jun 2018 18:21:25 GMT
Date:   Wed, 6 Jun 2018 04:21:25 +1000 (AEST)
From:   James Morris <jmorris@namei.org>
To:     Linus Torvalds <torvalds@linux-foundation.org>
cc:     linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org
Subject: [GIT PULL] Security subsystem: general updates for v4.18
Message-ID: <alpine.LRH.2.21.1806060415150.9942@namei.org>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Please pull these general security subsystem updates for v4.18.

Summary:

- Incorporate new socketpair() hook into LSM and wire up the SELinux and 
  Smack modules.  From David Herrmann:

   "The idea is to allow SO_PEERSEC to be called on AF_UNIX sockets 
    created via socketpair(2), and return the same information as if you 
    emulated socketpair(2) via a temporary listener socket. Right now 
    SO_PEERSEC will return the unlabeled credentials for a socketpair, 
    rather than the actual credentials of the creating process."

- Sargun Dhillon removed the unused security_settime LSM hook.

- Tycho Andersen removed some stack allocated arrays from the keys code.

---

The following changes since commit 6da6c0db5316275015e8cc2959f12a17584aeb64:

  Linux v4.17-rc3 (2018-04-29 14:17:42 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-general

for you to fetch changes up to 890e2abe1028c39e5399101a2c277219cd637aaa:

  dh key: get rid of stack allocated array for zeroes (2018-05-11 13:07:49 -0700)

----------------------------------------------------------------
David Herrmann (3):
      security: add hook for socketpair()
      net: hook socketpair() into LSM
      selinux: provide socketpair callback

James Morris (2):
      Merge tag 'v4.17-rc2' into next-general
      Merge tag 'v4.17-rc3' into next-general

Sargun Dhillon (1):
      security: remove security_settime

Tom Gundersen (1):
      smack: provide socketpair callback

Tycho Andersen (3):
      big key: get rid of stack array allocation
      dh key: get rid of stack allocated array
      dh key: get rid of stack allocated array for zeroes

 include/linux/lsm_hooks.h  |  7 +++++++
 include/linux/security.h   | 21 +++++++--------------
 net/socket.c               |  7 +++++++
 security/keys/big_key.c    | 11 ++++++++++-
 security/keys/dh.c         | 35 +++++++++++++----------------------
 security/security.c        |  6 ++++++
 security/selinux/hooks.c   | 13 +++++++++++++
 security/smack/smack_lsm.c | 22 ++++++++++++++++++++++
 8 files changed, 85 insertions(+), 37 deletions(-)