Received: by 2002:ac0:aa62:0:0:0:0:0 with SMTP id w31-v6csp3225700ima; Tue, 23 Oct 2018 02:23:56 -0700 (PDT) X-Google-Smtp-Source: AJdET5cZSl2ZLOHGQQbHvjslh3SYZ/JF4OSYY6GPULrkfkoDsR9wqTxo0oxkGvkLFrtP6h2cKQDH X-Received: by 2002:a63:dc0c:: with SMTP id s12mr2488828pgg.398.1540286636763; Tue, 23 Oct 2018 02:23:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1540286636; cv=none; d=google.com; s=arc-20160816; b=cS2Qkc4aysf+bb+5Y3wdKmdYj0iGXVGt7eHdVbqQGOIbOtExOQWYV6L8ejB43oSIoZ CbvsTn5pcms7larortu1xCoksCkjoh7oqIXJIUXBelIEAfC5yOhcfgYJ6mF8+JBU930f LaHNkkGsFcnBwJwhCIhI77fmNHBL+1znmkUIcIQEMvTP/6Rw3ue//XuJXdmbJnvykX0D AIKhDXKH1oSaqxHlru1Bl5uC7LtTpH9MnBJcZlRnwHo2HmHl9i7jmQbrCPu+KfcVq2tg sGINmHHP4Jorc5kjs5kAdH4mHGAjbpFGsAxoyjKVXXBJsb0IDTp9twgnhjU2ec6JUpNG GqFA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:message-id :subject:cc:to:from:date; bh=2RHeL7nU3hbRPBd/SbRzfxoIcR0qith/7A+Etcq3vSQ=; b=A4xFhOzWtj5qBIs2HqBqz/T//GldmrQ2+/b5rCQVZTD5Uaf7hZUyGuQ1GFqv8xVaIp vlaJDgeA6M85kWCCQrygrCJEYZNJNpllpfH1hlcqxvMJq783dBiFmIyvMabJvHPLloBL KOQnGsZLCTRsad/06iDNutJDQX/G5/v2Ah1BDOge1hENz8xW4U/GtC+HVcrEHRlf6uoV wq2Eii+BZp5k/SiockDIZOq+cCSyXqEJ1GsNh8Gr0/qsEJWBajoQxS5ZOHQY/90Ldcww 5h2XRjW4Q656phK1w6ClDNRs1Xb3QZ0MnKhcIVXGT+StJERCnGSemJ4wNOP/WWpkaruG 2sQQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o131-v6si718579pgo.591.2018.10.23.02.23.41; Tue, 23 Oct 2018 02:23:56 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728546AbeJWRpK (ORCPT + 99 others); Tue, 23 Oct 2018 13:45:10 -0400 Received: from namei.org ([65.99.196.166]:47806 "EHLO namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727714AbeJWRpK (ORCPT ); Tue, 23 Oct 2018 13:45:10 -0400 Received: from localhost (localhost [127.0.0.1]) by namei.org (8.14.4/8.14.4) with ESMTP id w9N9MaIE019327; Tue, 23 Oct 2018 09:22:36 GMT Date: Tue, 23 Oct 2018 20:22:36 +1100 (AEDT) From: James Morris To: Linus Torvalds cc: linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [GIT PULL] security: general updates for 4.20 Message-ID: User-Agent: Alpine 2.21 (LRH 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Linus, Please pull these general updates for the security subsystem. In this patchset, there are a couple of minor updates, as well as some reworking of the LSM initialization code from Kees Cook (these prepare the way for ordered stackable LSMs, but are a valuable cleanup on their own). --- The following changes since commit 57361846b52bc686112da6ca5368d11210796804: Linux 4.19-rc2 (2018-09-02 14:37:30 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-general for you to fetch changes up to 3f6caaf5ff33073ca1a3a0b82edacab3c57c38f9: LSM: Don't ignore initialization failures (2018-10-10 20:40:22 -0700) ---------------------------------------------------------------- Christian Brauner (1): security/capabilities: remove check for -EINVAL David Howells (1): keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h Ding Xiang (1): security: tomoyo: Fix obsolete function Igor Stoppa (1): seccomp: remove unnecessary unlikely() James Morris (1): Merge tag 'v4.19-rc2' into next-general Kees Cook (10): LSM: Correctly announce start of LSM initialization vmlinux.lds.h: Avoid copy/paste of security_init section LSM: Rename .security_initcall section to .lsm_info LSM: Remove initcall tracing LSM: Convert from initcall to struct lsm_info vmlinux.lds.h: Move LSM_TABLE into INIT_DATA LSM: Convert security_initcall() into DEFINE_LSM() LSM: Record LSM name in struct lsm_info LSM: Provide init debugging infrastructure LSM: Don't ignore initialization failures Randy Dunlap (1): security: fix LSM description location Documentation/admin-guide/kernel-parameters.txt | 2 ++ Documentation/security/LSM.rst | 2 +- arch/arc/kernel/vmlinux.lds.S | 1 - arch/arm/kernel/vmlinux-xip.lds.S | 1 - arch/arm64/kernel/vmlinux.lds.S | 1 - arch/h8300/kernel/vmlinux.lds.S | 1 - arch/microblaze/kernel/vmlinux.lds.S | 2 -- arch/powerpc/kernel/vmlinux.lds.S | 2 -- arch/um/include/asm/common.lds.S | 2 -- arch/xtensa/kernel/vmlinux.lds.S | 1 - include/asm-generic/vmlinux.lds.h | 25 +++++++------- include/linux/init.h | 2 -- include/linux/lsm_hooks.h | 12 +++++++ include/linux/module.h | 1 - include/uapi/linux/keyctl.h | 7 +++- kernel/seccomp.c | 4 +-- security/apparmor/lsm.c | 5 ++- security/commoncap.c | 3 -- security/integrity/iint.c | 6 +++- security/security.c | 43 ++++++++++++++++--------- security/selinux/hooks.c | 5 ++- security/smack/smack_lsm.c | 5 ++- security/tomoyo/common.c | 3 +- security/tomoyo/tomoyo.c | 5 ++- 24 files changed, 84 insertions(+), 57 deletions(-)