FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 08-15-2012, 07:37 PM
Kees Cook
 
Default Quantal 3.5.2 Yama conflicts

On Wed, Aug 15, 2012 at 12:23 PM, Tim Gardner <tim.gardner@canonical.com> wrote:
> Kees - rather then me hacking on these 2 patches, would you mind
> refactoring them against linux-next or current upstream ? I suspect you must
> already have them sitting on a branch somewhere ready for upstream
> submission.
>
> UBUNTU: SAUCE: security: unconditionally chain to Yama LSM
> UBUNTU: SAUCE: Yama: add link restrictions
>
> I've dropped these for now in favour of a clean vanilla 3.5.2 stable update.

Yeah, I'm keeping this tree up to date:
http://git.kernel.org/?p=linux/kernel/git/kees/linux.git;a=shortlog;h=refs/heads/yama-extras
(Though it looks like kernel.org is slow to update at the moment.)

They're in a separate tree from the main Yama work because those two
patches will never go upstream. The link restrictions patch is in the
core VFS for 3.6, so that will get dropped. The unconditional chaining
will continue to live outside mainline until there is sensible LSM
composing. Hopefully we'll make progress on that during the up-coming
Linux Security Summit.

-Kees

--
Kees Cook
Chrome OS Security

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 08-16-2012, 03:42 PM
Tim Gardner
 
Default Quantal 3.5.2 Yama conflicts

On 08/15/2012 01:37 PM, Kees Cook wrote:
> On Wed, Aug 15, 2012 at 12:23 PM, Tim Gardner <tim.gardner@canonical.com> wrote:
>> Kees - rather then me hacking on these 2 patches, would you mind
>> refactoring them against linux-next or current upstream ? I suspect you must
>> already have them sitting on a branch somewhere ready for upstream
>> submission.
>>
>> UBUNTU: SAUCE: security: unconditionally chain to Yama LSM
>> UBUNTU: SAUCE: Yama: add link restrictions
>>
>> I've dropped these for now in favour of a clean vanilla 3.5.2 stable update.
>
> Yeah, I'm keeping this tree up to date:
> http://git.kernel.org/?p=linux/kernel/git/kees/linux.git;a=shortlog;h=refs/heads/yama-extras
> (Though it looks like kernel.org is slow to update at the moment.)
>
> They're in a separate tree from the main Yama work because those two
> patches will never go upstream. The link restrictions patch is in the
> core VFS for 3.6, so that will get dropped. The unconditional chaining
> will continue to live outside mainline until there is sensible LSM
> composing. Hopefully we'll make progress on that during the up-coming
> Linux Security Summit.
>
> -Kees
>

applied:

security: unconditionally chain to Yama LSM
Yama: add link restrictions
Yama: access task_struct->comm directly

rtg
--
Tim Gardner tim.gardner@canonical.com

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 11:48 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org