From mboxrd@z Thu Jan 1 00:00:00 1970 From: Casey Schaufler Subject: Re: Security testing tree patch review for 2.6.26 Date: Fri, 18 Apr 2008 11:11:14 -0700 (PDT) Message-ID: <834491.21069.qm@web36602.mail.mud.yahoo.com> References: <1208430369-23156-1-git-send-email-jmorris@namei.org> Reply-To: casey@schaufler-ca.com Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Return-path: Received: from mx3.redhat.com (mx3.redhat.com [172.16.48.32]) by int-mx1.corp.redhat.com (8.13.1/8.13.1) with ESMTP id m3IIBaW4019339 for ; Fri, 18 Apr 2008 14:11:36 -0400 Received: from web36602.mail.mud.yahoo.com (web36602.mail.mud.yahoo.com [209.191.85.19]) by mx3.redhat.com (8.13.8/8.13.8) with SMTP id m3IIBKDa007433 for ; Fri, 18 Apr 2008 14:11:24 -0400 In-Reply-To: <1208430369-23156-1-git-send-email-jmorris@namei.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: James Morris , linux-security-module@vger.kernel.org Cc: linux-audit@redhat.com, linux-kernel@vger.kernel.org List-Id: linux-audit@redhat.com --- James Morris wrote: >=20 > Please review the following security patches for 2.6.26, which have > been undergoing testing in the "next" tree and affect multiple LSMs. I have done basic testing on this patchset and have not encountered any problems from the Smack side. I have not tested without Smack nor by implication with SELinux. >=20 > The following changes since commit 4b119e21d0c66c22e8ca03df05d9de623d0e= b50f: > Linus Torvalds (1): > Linux 2.6.25 >=20 > are available in the git repository at: >=20 > =20 > git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.= 6.git > for-linus >=20 > Ahmed S. Darwish (10): > LSM: Introduce inode_getsecid and ipc_getsecid hooks > SELinux: setup new inode/ipc getsecid hooks > Audit: use new LSM hooks instead of SELinux exports > Netlink: Use generic LSM hook > SELinux: remove redundant exports > LSM/Audit: Introduce generic Audit LSM hooks > Audit: internally use the new LSM audit hooks > SELinux: use new audit hooks, remove redundant exports > Audit: Final renamings and cleanup > Security: Introduce security=3D boot parameter >=20 > James Morris (2): > Tell git about security/selinux/include/audit.h > security: fix up documentation for security_module_enable >=20 > Documentation/kernel-parameters.txt | 6 ++ > include/linux/audit.h | 29 ++++++++ > include/linux/security.h | 114 +++++++++++++++++++++++++++= ++- > include/linux/selinux.h | 134 > ----------------------------------- > kernel/audit.c | 24 +++---- > kernel/audit.h | 25 ------- > kernel/auditfilter.c | 99 ++++++++++---------------- > kernel/auditsc.c | 74 ++++++++++--------- > net/netlink/af_netlink.c | 3 +- > security/dummy.c | 51 +++++++++++++- > security/security.c | 73 +++++++++++++++++++- > security/selinux/exports.c | 42 ----------- > security/selinux/hooks.c | 34 ++++++++- > security/selinux/include/audit.h | 65 +++++++++++++++++ > security/selinux/ss/services.c | 45 +++++++++--- > security/smack/smack.h | 2 + > security/smack/smack_lsm.c | 7 ++- > security/smack/smackfs.c | 11 +++- > 18 files changed, 503 insertions(+), 335 deletions(-) > create mode 100644 security/selinux/include/audit.h > -- > To unsubscribe from this list: send the line "unsubscribe > linux-security-module" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html >=20 >=20 >=20 Casey Schaufler casey@schaufler-ca.com