* [GIT PULL] SELinux patches for 3.16
@ 2014-05-22 15:25 Paul Moore
2014-05-26 12:38 ` James Morris
0 siblings, 1 reply; 2+ messages in thread
From: Paul Moore @ 2014-05-22 15:25 UTC (permalink / raw)
To: James Morris; +Cc: linux-security-module, selinux
Hi James,
Here are the SELinux patches for 3.16. A total of four patches: two to fix a
problem when loading policy on slow machines, one to make it easier to
determine permissive mode in the AVC audit messages, and one to block cause
setexeccon() to fail on filesystems mounted with nosuid. None of the patches
are very substantial (see the diffstat below), all pass the SELinux testsuite,
and the branch applied cleanly on top of your current #next.
Enjoy,
-Paul
---
The following changes since commit 6d32c850621b0be75777b9102b14f6268bbd9f0f:
Merge tag 'v3.14' into next (2014-03-31 09:49:07 -0400)
are available in the git repository at:
git://git.infradead.org/users/pcmoore/selinux next
for you to fetch changes up to 47dd0b76ace953bd2c0479076db0d3e3b9594003:
selinux: conditionally reschedule in hashtab_insert while loading selinux
policy (2014-05-15 17:07:55 -0400)
----------------------------------------------------------------
Dave Jones (2):
selinux: conditionally reschedule in mls_convert_context while loading
selinux policy
selinux: conditionally reschedule in hashtab_insert while loading
selinux policy
Paul Moore (1):
selinux: reject setexeccon() on MNT_NOSUID applications with -EACCES
Stephen Smalley (1):
selinux: Report permissive mode in avc: denied messages.
security/selinux/avc.c | 7 ++++++-
security/selinux/hooks.c | 11 +++++++----
security/selinux/include/avc.h | 4 ++--
security/selinux/ss/hashtab.c | 3 +++
security/selinux/ss/mls.c | 2 ++
5 files changed, 20 insertions(+), 7 deletions(-)
--
paul moore
security and virtualization @ redhat
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [GIT PULL] SELinux patches for 3.16
2014-05-22 15:25 [GIT PULL] SELinux patches for 3.16 Paul Moore
@ 2014-05-26 12:38 ` James Morris
0 siblings, 0 replies; 2+ messages in thread
From: James Morris @ 2014-05-26 12:38 UTC (permalink / raw)
To: Paul Moore; +Cc: linux-security-module, selinux
On Thu, 22 May 2014, Paul Moore wrote:
> Hi James,
>
> Here are the SELinux patches for 3.16. A total of four patches: two to fix a
> problem when loading policy on slow machines, one to make it easier to
> determine permissive mode in the AVC audit messages, and one to block cause
> setexeccon() to fail on filesystems mounted with nosuid. None of the patches
> are very substantial (see the diffstat below), all pass the SELinux testsuite,
> and the branch applied cleanly on top of your current #next.
>
> Enjoy,
> -Paul
>
> ---
> The following changes since commit 6d32c850621b0be75777b9102b14f6268bbd9f0f:
>
> Merge tag 'v3.14' into next (2014-03-31 09:49:07 -0400)
>
> are available in the git repository at:
>
> git://git.infradead.org/users/pcmoore/selinux next
Thanks, pulled.
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-05-26 12:38 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-22 15:25 [GIT PULL] SELinux patches for 3.16 Paul Moore
2014-05-26 12:38 ` James Morris
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.