Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
"Highlights:
- A new LSM, "LoadPin", from Kees Cook is added, which allows forcing
of modules and firmware to be loaded from a specific device (this
is from ChromeOS, where the device as a whole is verified
cryptographically via dm-verity).
This is disabled by default but can be configured to be enabled by
default (don't do this if you don't know what you're doing).
- Keys: allow authentication data to be stored in an asymmetric key.
Lots of general fixes and updates.
- SELinux: add restrictions for loading of kernel modules via
finit_module(). Distinguish non-init user namespace capability
checks. Apply execstack check on thread stacks"
* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (48 commits)
LSM: LoadPin: provide enablement CONFIG
Yama: use atomic allocations when reporting
seccomp: Fix comment typo
ima: add support for creating files using the mknodat syscall
ima: fix ima_inode_post_setattr
vfs: forbid write access when reading a file into memory
fs: fix over-zealous use of "const"
selinux: apply execstack check on thread stacks
selinux: distinguish non-init user namespace capability checks
LSM: LoadPin for kernel file loading restrictions
fs: define a string representation of the kernel_read_file_id enumeration
Yama: consolidate error reporting
string_helpers: add kstrdup_quotable_file
string_helpers: add kstrdup_quotable_cmdline
string_helpers: add kstrdup_quotable
selinux: check ss_initialized before revalidating an inode label
selinux: delay inode label lookup as long as possible
selinux: don't revalidate an inode's label when explicitly setting it
selinux: Change bool variable name to index.
KEYS: Add KEYCTL_DH_COMPUTE command
...
This commit is contained in:
Linus Torvalds
@@ -2634,15 +2634,34 @@ static inline void i_readcount_inc(struct inode *inode)
|
||||
#endif
|
||||
extern int do_pipe_flags(int *, int);
|
||||
|
||||
#define __kernel_read_file_id(id) \
|
||||
id(UNKNOWN, unknown) \
|
||||
id(FIRMWARE, firmware) \
|
||||
id(MODULE, kernel-module) \
|
||||
id(KEXEC_IMAGE, kexec-image) \
|
||||
id(KEXEC_INITRAMFS, kexec-initramfs) \
|
||||
id(POLICY, security-policy) \
|
||||
id(MAX_ID, )
|
||||
|
||||
#define __fid_enumify(ENUM, dummy) READING_ ## ENUM,
|
||||
#define __fid_stringify(dummy, str) #str,
|
||||
|
||||
enum kernel_read_file_id {
|
||||
READING_FIRMWARE = 1,
|
||||
READING_MODULE,
|
||||
READING_KEXEC_IMAGE,
|
||||
READING_KEXEC_INITRAMFS,
|
||||
READING_POLICY,
|
||||
READING_MAX_ID
|
||||
__kernel_read_file_id(__fid_enumify)
|
||||
};
|
||||
|
||||
static const char * const kernel_read_file_str[] = {
|
||||
__kernel_read_file_id(__fid_stringify)
|
||||
};
|
||||
|
||||
static inline const char *kernel_read_file_id_str(enum kernel_read_file_id id)
|
||||
{
|
||||
if (id < 0 || id >= READING_MAX_ID)
|
||||
return kernel_read_file_str[READING_UNKNOWN];
|
||||
|
||||
return kernel_read_file_str[id];
|
||||
}
|
||||
|
||||
extern int kernel_read(struct file *, loff_t, char *, unsigned long);
|
||||
extern int kernel_read_file(struct file *, void **, loff_t *, loff_t,
|
||||
enum kernel_read_file_id);
|
||||
|
||||
Reference in New Issue
Block a user