From: Paul Moore <pmoore@redhat.com>
To: James Morris <jmorris@namei.org>
Cc: selinux@tycho.nsa.gov, linux-security-module@vger.kernel.org
Subject: [GIT PULL] SELinux patches for 4.5
Date: Thu, 24 Dec 2015 11:25:01 -0500 [thread overview]
Message-ID: <1964478.KPgA55cFSS@sifl> (raw)
Hi James,
Nine patches for v4.5; there are a handful of minor fixes (constify
parameters, warning rate-limits, etc.) but there are a couple of significant
patches that invalidate/revalidate inode labels (needed for gfs2) and make
validate_trans decisions visible via selinuxfs. All the patches pass the
selinux-testsuite and have been included in the pcmoore/kernel-secnext Fedora
COPR repository[1] for some time now, all looks good.
As of about five minutes ago, selinux#upstream applied cleanly on top of
linux-security#next so I don't expect you should have any problems merging the
code.
Happy holidays and merry merging,
-Paul
[1] https://copr.fedoraproject.org/coprs/pcmoore/kernel-secnext
---
The following changes since commit ebd68df3f24b318d391d15c458d6f43f340ba36a:
Sync to Linus v4.4-rc2 for LSM developers. (2015-11-23 22:46:28 +1100)
are available in the git repository at:
git://git.infradead.org/users/pcmoore/selinux upstream
for you to fetch changes up to 76319946f321e30872dd72af7de867cb26e7a373:
selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()
(2015-12-24 11:09:41 -0500)
----------------------------------------------------------------
Andreas Gruenbacher (7):
selinux: Remove unused variable in selinux_inode_init_security
security: Make inode argument of inode_getsecurity non-const
security: Make inode argument of inode_getsecid non-const
selinux: Add accessor functions for inode->i_security
security: Add hook to invalidate inode security labels
selinux: Revalidate invalid inode security labels
gfs2: Invalid security labels of inodes when they go invalid
Andrew Perepechko (1):
selinux: export validatetrans decisions
Vladis Dronov (1):
selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()
fs/gfs2/glops.c | 2 +
include/linux/audit.h | 8 +-
include/linux/lsm_hooks.h | 10 +-
include/linux/security.h | 13 ++-
kernel/audit.c | 2 +-
kernel/audit.h | 2 +-
kernel/auditsc.c | 6 +-
security/security.c | 12 ++-
security/selinux/hooks.c | 206 ++++++++++++++++++++++++----------
security/selinux/include/classmap.h | 2 +-
security/selinux/include/objsec.h | 6 ++
security/selinux/include/security.h | 3 +
security/selinux/selinuxfs.c | 80 ++++++++++++++
security/selinux/ss/services.c | 34 ++++--
security/smack/smack_lsm.c | 4 +-
15 files changed, 302 insertions(+), 88 deletions(-)
--
paul moore
security @ redhat
next reply other threads:[~2015-12-24 16:25 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-24 16:25 Paul Moore [this message]
2015-12-26 9:19 ` [GIT PULL] SELinux patches for 4.5 James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1964478.KPgA55cFSS@sifl \
--to=pmoore@redhat.com \
--cc=jmorris@namei.org \
--cc=linux-security-module@vger.kernel.org \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.