• Linus Torvalds's avatar
    Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security · e24dd9ee
    Linus Torvalds authored
    Pull security layer updates from James Morris:
    
     - a major update for AppArmor. From JJ:
    
         * several bug fixes and cleanups
    
         * the patch to add symlink support to securityfs that was floated
           on the list earlier and the apparmorfs changes that make use of
           securityfs symlinks
    
         * it introduces the domain labeling base code that Ubuntu has been
           carrying for several years, with several cleanups applied. And it
           converts the current mediation over to using the domain labeling
           base, which brings domain stacking support with it. This finally
           will bring the base upstream code in line with Ubuntu and provide
           a base to upstream the new feature work that Ubuntu carries.
    
         * This does _not_ contain any of the newer apparmor mediation
           features/controls (mount, signals, network, keys, ...) that
           Ubuntu is currently carrying, all of which will be RFC'd on top
           of this.
    
     - Notable also is the Infiniband work in SELinux, and the new file:map
       permission. From Paul:
    
          "While we're down to 21 patches for v4.13 (it was 31 for v4.12),
           the diffstat jumps up tremendously with over 2k of line changes.
    
           Almost all of these changes are the SELinux/IB work done by
           Daniel Jurgens; some other noteworthy changes include a NFS v4.2
           labeling fix, a new file:map permission, and reporting of policy
           capabilities on policy load"
    
       There's also now genfscon labeling support for tracefs, which was
       lost in v4.1 with the separation from debugfs.
    
     - Smack incorporates a safer socket check in file_receive, and adds a
       cap_capable call in privilege check.
    
     - TPM as usual has a bunch of fixes and enhancements.
    
     - Multiple calls to security_add_hooks() can now be made for the same
       LSM, to allow LSMs to have hook declarations across multiple files.
    
     - IMA now supports different "ima_appraise=" modes (eg. log, fix) from
       the boot command line.
    
    * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (126 commits)
      apparmor: put back designators in struct initialisers
      seccomp: Switch from atomic_t to recount_t
      seccomp: Adjust selftests to avoid double-join
      seccomp: Clean up core dump logic
      IMA: update IMA policy documentation to include pcr= option
      ima: Log the same audit cause whenever a file has no signature
      ima: Simplify policy_func_show.
      integrity: Small code improvements
      ima: fix get_binary_runtime_size()
      ima: use ima_parse_buf() to parse template data
      ima: use ima_parse_buf() to parse measurements headers
      ima: introduce ima_parse_buf()
      ima: Add cgroups2 to the defaults list
      ima: use memdup_user_nul
      ima: fix up #endif comments
      IMA: Correct Kconfig dependencies for hash selection
      ima: define is_ima_appraise_enabled()
      ima: define Kconfig IMA_APPRAISE_BOOTPARAM option
      ima: define a set of appraisal rules requiring file signatures
      ima: extend the "ima_policy" boot command line to support multiple policies
      ...
    e24dd9ee
ima_policy.c 30.6 KB