FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 03-21-2012, 07:38 PM
Tim Gardner
 
Default Fwd: Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

John - is there anything in this pile we should cherry-pick ? Or perhaps
replace some "UBUNTU: SAUCE:" patches with cherry-picks ?

rtg

-------- Original Message --------
Subject: Merge branch 'next' of
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Date: Wed, 21 Mar 2012 20:31:52 +0000 (UTC)
From: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
To: git-commits-head@vger.kernel.org

Gitweb:
http://git.kernel.org/linus/;a=commit;h=3556485f1595e3964ba539e39ea682acbb835c ee
Commit: 3556485f1595e3964ba539e39ea682acbb835cee
Parent: 31f6765266417c0d99f0e922fe82848a7c9c2ae9
Merge: b871661 09f61cd
Author: Linus Torvalds <torvalds@linux-foundation.org>
AuthorDate: Wed Mar 21 13:25:04 2012 -0700
Committer: Linus Torvalds <torvalds@linux-foundation.org>
CommitDate: Wed Mar 21 13:25:04 2012 -0700

Merge branch 'next' of
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull security subsystem updates for 3.4 from James Morris:
"The main addition here is the new Yama security module from Kees Cook,
which was discussed at the Linux Security Summit last year. Its
purpose is to collect miscellaneous DAC security enhancements in one
place. This also marks a departure in policy for LSM modules, which
were previously limited to being standalone access control systems.
Chromium OS is using Yama, and I believe there are plans for Ubuntu,
at least.

This patchset also includes maintenance updates for AppArmor, TOMOYO
and others."

Fix trivial conflict in <net/sock.h> due to the jumo_label->static_key
rename.

* 'next' of
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
(38 commits)
AppArmor: Fix location of const qualifier on generated string tables
TOMOYO: Return error if fails to delete a domain
AppArmor: add const qualifiers to string arrays
AppArmor: Add ability to load extended policy
TOMOYO: Return appropriate value to poll().
AppArmor: Move path failure information into aa_get_name and rename
AppArmor: Update dfa matching routines.
AppArmor: Minor cleanup of d_namespace_path to consolidate error
handling
AppArmor: Retrieve the dentry_path for error reporting when path
lookup fails
AppArmor: Add const qualifiers to generated string tables
AppArmor: Fix oops in policy unpack auditing
AppArmor: Fix error returned when a path lookup is disconnected
KEYS: testing wrong bit for KEY_FLAG_REVOKED
TOMOYO: Fix mount flags checking order.
security: fix ima kconfig warning
AppArmor: Fix the error case for chroot relative path name lookup
AppArmor: fix mapping of META_READ to audit and quiet flags
AppArmor: Fix underflow in xindex calculation
AppArmor: Fix dropping of allowed operations that are force audited
AppArmor: Add mising end of structure test to caps unpacking
...

Documentation/networking/dns_resolver.txt | 4 +
Documentation/security/00-INDEX | 2 +
Documentation/security/Yama.txt | 65 ++++++
Documentation/security/keys.txt | 4 +
drivers/char/tpm/Kconfig | 1 -
drivers/char/tpm/tpm.c | 3 +-
drivers/char/tpm/tpm.h | 2 +
drivers/char/tpm/tpm_tis.c | 17 +-
drivers/net/macvtap.c | 1 +
drivers/target/iscsi/iscsi_target.c | 1 +
drivers/target/iscsi/iscsi_target_login.c | 1 +
fs/cifs/cifsacl.c | 1 +
fs/nfs/client.c | 1 +
fs/nfs/idmap.c | 1 +
fs/proc/proc_sysctl.c | 2 +
fs/quota/dquot.c | 1 +
fs/super.c | 1 +
include/linux/key.h | 1 +
include/linux/prctl.h | 7 +
include/linux/security.h | 80 ++++----
include/net/sock.h | 2 +
ipc/msgutil.c | 2 +
kernel/cred.c | 1 +
kernel/exit.c | 1 +
kernel/fork.c | 3 +-
kernel/sched/core.c | 1 +
kernel/sysctl.c | 1 +
mm/mmap.c | 17 ++-
mm/mprotect.c | 2 +-
mm/mremap.c | 2 +-
mm/shmem.c | 4 +-
mm/swapfile.c | 4 +-
net/dns_resolver/dns_key.c | 1 +
security/Kconfig | 6 +
security/Makefile | 2 +
security/apparmor/Makefile | 27 ++-
security/apparmor/apparmorfs.c | 195 ++++++++++++++----
security/apparmor/audit.c | 7 +-
security/apparmor/domain.c | 5 +-
security/apparmor/file.c | 21 +--
security/apparmor/include/apparmor.h | 15 ++-
security/apparmor/include/apparmorfs.h | 44 ++++
security/apparmor/include/audit.h | 9 +-
security/apparmor/include/file.h | 2 +-
security/apparmor/include/match.h | 3 +
security/apparmor/include/path.h | 3 +-
security/apparmor/include/policy.h | 15 ++-
security/apparmor/include/resource.h | 4 +
security/apparmor/match.c | 80 +++++++-
security/apparmor/path.c | 56 +++--
security/apparmor/policy.c | 3 +-
security/apparmor/policy_unpack.c | 31 +++-
security/apparmor/resource.c | 5 +
security/capability.c | 5 +
security/commoncap.c | 1 +
security/integrity/ima/Kconfig | 4 +-
security/integrity/ima/ima_audit.c | 2 +-
security/integrity/ima/ima_policy.c | 3 +-
security/keys/keyctl.c | 15 ++-
security/keys/process_keys.c | 3 +-
security/security.c | 21 +--
security/selinux/hooks.c | 2 +
security/smack/smack_lsm.c | 3 +
security/tomoyo/audit.c | 4 +-
security/tomoyo/common.c | 63 ++----
security/tomoyo/common.h | 6 +-
security/tomoyo/mount.c | 38 ++--
security/tomoyo/securityfs_if.c | 5 +-
security/yama/Kconfig | 13 ++
security/yama/Makefile | 3 +
security/yama/yama_lsm.c | 323
+++++++++++++++++++++++++++++
71 files changed, 1034 insertions(+), 250 deletions(-)

diff --cc include/net/sock.h
index f84be9e,27508f0..04bc0b3
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@@ -55,7 -55,9 +55,9 @@@
#include <linux/uaccess.h>
#include <linux/memcontrol.h>
#include <linux/res_counter.h>
-#include <linux/jump_label.h>
+#include <linux/static_key.h>
+ #include <linux/aio.h>
+ #include <linux/sched.h>

#include <linux/filter.h>
#include <linux/rculist_nulls.h>
--
To unsubscribe from this list: send the line "unsubscribe
git-commits-head" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 03-21-2012, 07:46 PM
John Johansen
 
Default Fwd: Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

On 03/21/2012 01:38 PM, Tim Gardner wrote:
> John - is there anything in this pile we should cherry-pick ? Or perhaps
> replace some "UBUNTU: SAUCE:" patches with cherry-picks ?
>
yes, I am putting together a pull request together for you. It will
let us rebase away all but the last 3 sauce patches.

> rtg
>
> -------- Original Message --------
> Subject: Merge branch 'next' of
> git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
> Date: Wed, 21 Mar 2012 20:31:52 +0000 (UTC)
> From: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
> To: git-commits-head@vger.kernel.org
>
> Gitweb:
> http://git.kernel.org/linus/;a=commit;h=3556485f1595e3964ba539e39ea682acbb835c ee
> Commit: 3556485f1595e3964ba539e39ea682acbb835cee
> Parent: 31f6765266417c0d99f0e922fe82848a7c9c2ae9
> Merge: b871661 09f61cd
> Author: Linus Torvalds <torvalds@linux-foundation.org>
> AuthorDate: Wed Mar 21 13:25:04 2012 -0700
> Committer: Linus Torvalds <torvalds@linux-foundation.org>
> CommitDate: Wed Mar 21 13:25:04 2012 -0700
>
> Merge branch 'next' of
> git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
>
> Pull security subsystem updates for 3.4 from James Morris:
> "The main addition here is the new Yama security module from Kees Cook,
> which was discussed at the Linux Security Summit last year. Its
> purpose is to collect miscellaneous DAC security enhancements in one
> place. This also marks a departure in policy for LSM modules, which
> were previously limited to being standalone access control systems.
> Chromium OS is using Yama, and I believe there are plans for Ubuntu,
> at least.
>
> This patchset also includes maintenance updates for AppArmor, TOMOYO
> and others."
>
> Fix trivial conflict in <net/sock.h> due to the jumo_label->static_key
> rename.
>
> * 'next' of
> git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
> (38 commits)
> AppArmor: Fix location of const qualifier on generated string tables
> TOMOYO: Return error if fails to delete a domain
> AppArmor: add const qualifiers to string arrays
> AppArmor: Add ability to load extended policy
> TOMOYO: Return appropriate value to poll().
> AppArmor: Move path failure information into aa_get_name and rename
> AppArmor: Update dfa matching routines.
> AppArmor: Minor cleanup of d_namespace_path to consolidate error
> handling
> AppArmor: Retrieve the dentry_path for error reporting when path
> lookup fails
> AppArmor: Add const qualifiers to generated string tables
> AppArmor: Fix oops in policy unpack auditing
> AppArmor: Fix error returned when a path lookup is disconnected
> KEYS: testing wrong bit for KEY_FLAG_REVOKED
> TOMOYO: Fix mount flags checking order.
> security: fix ima kconfig warning
> AppArmor: Fix the error case for chroot relative path name lookup
> AppArmor: fix mapping of META_READ to audit and quiet flags
> AppArmor: Fix underflow in xindex calculation
> AppArmor: Fix dropping of allowed operations that are force audited
> AppArmor: Add mising end of structure test to caps unpacking
> ...
>
> Documentation/networking/dns_resolver.txt | 4 +
> Documentation/security/00-INDEX | 2 +
> Documentation/security/Yama.txt | 65 ++++++
> Documentation/security/keys.txt | 4 +
> drivers/char/tpm/Kconfig | 1 -
> drivers/char/tpm/tpm.c | 3 +-
> drivers/char/tpm/tpm.h | 2 +
> drivers/char/tpm/tpm_tis.c | 17 +-
> drivers/net/macvtap.c | 1 +
> drivers/target/iscsi/iscsi_target.c | 1 +
> drivers/target/iscsi/iscsi_target_login.c | 1 +
> fs/cifs/cifsacl.c | 1 +
> fs/nfs/client.c | 1 +
> fs/nfs/idmap.c | 1 +
> fs/proc/proc_sysctl.c | 2 +
> fs/quota/dquot.c | 1 +
> fs/super.c | 1 +
> include/linux/key.h | 1 +
> include/linux/prctl.h | 7 +
> include/linux/security.h | 80 ++++----
> include/net/sock.h | 2 +
> ipc/msgutil.c | 2 +
> kernel/cred.c | 1 +
> kernel/exit.c | 1 +
> kernel/fork.c | 3 +-
> kernel/sched/core.c | 1 +
> kernel/sysctl.c | 1 +
> mm/mmap.c | 17 ++-
> mm/mprotect.c | 2 +-
> mm/mremap.c | 2 +-
> mm/shmem.c | 4 +-
> mm/swapfile.c | 4 +-
> net/dns_resolver/dns_key.c | 1 +
> security/Kconfig | 6 +
> security/Makefile | 2 +
> security/apparmor/Makefile | 27 ++-
> security/apparmor/apparmorfs.c | 195 ++++++++++++++----
> security/apparmor/audit.c | 7 +-
> security/apparmor/domain.c | 5 +-
> security/apparmor/file.c | 21 +--
> security/apparmor/include/apparmor.h | 15 ++-
> security/apparmor/include/apparmorfs.h | 44 ++++
> security/apparmor/include/audit.h | 9 +-
> security/apparmor/include/file.h | 2 +-
> security/apparmor/include/match.h | 3 +
> security/apparmor/include/path.h | 3 +-
> security/apparmor/include/policy.h | 15 ++-
> security/apparmor/include/resource.h | 4 +
> security/apparmor/match.c | 80 +++++++-
> security/apparmor/path.c | 56 +++--
> security/apparmor/policy.c | 3 +-
> security/apparmor/policy_unpack.c | 31 +++-
> security/apparmor/resource.c | 5 +
> security/capability.c | 5 +
> security/commoncap.c | 1 +
> security/integrity/ima/Kconfig | 4 +-
> security/integrity/ima/ima_audit.c | 2 +-
> security/integrity/ima/ima_policy.c | 3 +-
> security/keys/keyctl.c | 15 ++-
> security/keys/process_keys.c | 3 +-
> security/security.c | 21 +--
> security/selinux/hooks.c | 2 +
> security/smack/smack_lsm.c | 3 +
> security/tomoyo/audit.c | 4 +-
> security/tomoyo/common.c | 63 ++----
> security/tomoyo/common.h | 6 +-
> security/tomoyo/mount.c | 38 ++--
> security/tomoyo/securityfs_if.c | 5 +-
> security/yama/Kconfig | 13 ++
> security/yama/Makefile | 3 +
> security/yama/yama_lsm.c | 323
> +++++++++++++++++++++++++++++
> 71 files changed, 1034 insertions(+), 250 deletions(-)
>
> diff --cc include/net/sock.h
> index f84be9e,27508f0..04bc0b3
> --- a/include/net/sock.h
> +++ b/include/net/sock.h
> @@@ -55,7 -55,9 +55,9 @@@
> #include <linux/uaccess.h>
> #include <linux/memcontrol.h>
> #include <linux/res_counter.h>
> -#include <linux/jump_label.h>
> +#include <linux/static_key.h>
> + #include <linux/aio.h>
> + #include <linux/sched.h>
>
> #include <linux/filter.h>
> #include <linux/rculist_nulls.h>
> --
> To unsubscribe from this list: send the line "unsubscribe
> git-commits-head" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html


--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 03:28 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org