- 08 3月, 2014 9 次提交
-
-
由 Dmitry Kasatkin 提交于
Between checkpatch changes (eg. sizeof) and inconsistencies between Lindent and checkpatch, unfixed checkpatch errors make it difficult to see new errors. This patch fixes them. Some lines with over 80 chars remained unchanged to improve code readability. The "extern" keyword is removed from internal evm.h to make it consistent with internal ima.h. Signed-off-by: NDmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
-
由 Dmitry Kasatkin 提交于
ima_inode_post_setattr() calls ima_must_appraise() to check if the file needs to be appraised. If it does not then it removes security.ima xattr. With original policy matching code it might happen that even file needs to be appraised with FILE_CHECK hook, it might not be for POST_SETATTR hook. 'security.ima' might be erronously removed. This patch treats POST_SETATTR as special wildcard function and will cause ima_must_appraise() to be true if any of the hooks rules matches. security.ima will not be removed if any of the hooks would require appraisal. Signed-off-by: NDmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
-
由 Joe Perches 提交于
Convert printks to pr_<level>. Add pr_fmt. Remove embedded prefixes. Signed-off-by: NJoe Perches <joe@perches.com> Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
-
由 Mimi Zohar 提交于
Changes for Trusted/Encrypted keys, EVM, and IMA. Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
-
由 Roberto Sassu 提交于
Before this change, to correctly calculate the template digest for the 'ima' template, the event name field (id: 'n') length was set to the fixed size of 256 bytes. This patch reduces the length of the event name field to the string length incremented of one (to make room for the termination character '\0') and handles the specific case of the digest calculation for the 'ima' template directly in ima_calc_field_array_hash_tfm(). Signed-off-by: NRoberto Sassu <roberto.sassu@polito.it> Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
-
由 Roberto Sassu 提交于
With the new template mechanism introduced in IMA since kernel 3.13, the format of data sent through the binary_runtime_measurements interface is slightly changed. Now, for a generic measurement, the format of template data (after the template name) is: template_len | field1_len | field1 | ... | fieldN_len | fieldN In addition, fields containing a string now include the '\0' termination character. Instead, the format for the 'ima' template should be: SHA1 digest | event name length | event name It must be noted that while in the IMA 3.13 code 'event name length' is 'IMA_EVENT_NAME_LEN_MAX + 1' (256 bytes), so that the template digest is calculated correctly, and 'event name' contains '\0', in the pre 3.13 code 'event name length' is exactly the string length and 'event name' does not contain the termination character. The patch restores the behavior of the IMA code pre 3.13 for the 'ima' template so that legacy userspace tools obtain a consistent behavior when receiving data from the binary_runtime_measurements interface regardless of which kernel version is used. Signed-off-by: NRoberto Sassu <roberto.sassu@polito.it> Cc: <stable@vger.kernel.org> # 3.3.13: 3ce1217d ima: define template fields library Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
-
由 Tetsuo Handa 提交于
When we pass task->comm to audit_log_untrustedstring(), we need to pass it via get_task_comm() because task->comm can be changed to contain untrusted string by other threads after audit_log_untrustedstring() confirmed that task->comm does not contain untrusted string. Signed-off-by: NTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
-
由 Mimi Zohar 提交于
On a 64-bit system, a hole exists in the 'inode' structure after i_writecount. This patch moves i_readcount to fill this hole. Reported-by: NDavid Howells <dhowells@redhat.com> Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com> Acked-by: NDavid Howells <dhowells@redhat.com>
-
由 Mimi Zohar 提交于
A const char pointer allocates memory for a pointer as well as for a string, This patch replaces a number of the const char pointers throughout IMA, with a static const char array. Suggested-by: NDavid Howells <dhowells@redhat.com> Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com> Acked-by: NDavid Howells <dhowells@redhat.com>
-
- 05 3月, 2014 1 次提交
-
-
由 Libo Chen 提交于
Replace "file->f_dentry->d_inode" with the new file_inode() helper function. Signed-off-by: NLibo Chen <clbchenlibo.chen@huawei.com> Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
-
- 28 2月, 2014 1 次提交
-
-
由 Rashika Kheria 提交于
Mark function as static in kernel/seccomp.c because it is not used outside this file. This eliminates the following warning in kernel/seccomp.c: kernel/seccomp.c:296:6: warning: no previous prototype for ?seccomp_attach_user_filter? [-Wmissing-prototypes] Signed-off-by: NRashika Kheria <rashika.kheria@gmail.com> Reviewed-by: NJosh Triplett <josh@joshtriplett.org> Acked-by: NKees Cook <keescook@chromium.org> Acked-by: NWill Drewry <wad@chromium.org> Signed-off-by: NJames Morris <james.l.morris@oracle.com>
-
- 24 2月, 2014 1 次提交
-
-
由 Joe Perches 提交于
Prefix logging output with "capability: " via pr_fmt. Convert printks to pr_<level>. Use pr_<level>_once instead of guard flags. Coalesce formats. Signed-off-by: NJoe Perches <joe@perches.com> Acked-by: NSerge E. Hallyn <serge.hallyn@ubuntu.com> Signed-off-by: NJames Morris <james.l.morris@oracle.com>
-
- 17 2月, 2014 1 次提交
-
-
由 Sam Ravnborg 提交于
The Makefiles in security/ uses a non-standard way to specify sub-directories for building. Fix it up so the normal (and documented) approach is used. Signed-off-by: NSam Ravnborg <sam@ravnborg.org> Cc: Michal Marek <mmarek@suse.cz> Signed-off-by: NJames Morris <james.l.morris@oracle.com>
-
- 07 2月, 2014 1 次提交
-
-
由 Paul Moore 提交于
Correctly tag the SELinux mailing list as moderated for non-subscribers and do some shuffling of the SELinux maintainers to try and make things more clear when the scripts/get_maintainer.pl script is used. # ./scripts/get_maintainer.pl -f security/selinux Paul Moore <paul@paul-moore.com> (supporter:SELINUX SECURITY...) Stephen Smalley <sds@tycho.nsa.gov> (supporter:SELINUX SECURITY...) Eric Paris <eparis@parisplace.org> (supporter:SELINUX SECURITY...) James Morris <james.l.morris@oracle.com> (supporter:SECURITY SUBSYSTEM) selinux@tycho.nsa.gov (moderated list:SELINUX SECURITY...) linux-security-module@vger.kernel.org (open list:SECURITY SUBSYSTEM) linux-kernel@vger.kernel.org (open list) Cc: Eric Paris <eparis@parisplace.org> Acked-by: NStephen Smalley <sds@tycho.nsa.gov> Signed-off-by: NPaul Moore <pmoore@redhat.com> Signed-off-by: NJames Morris <james.l.morris@oracle.com>
-
- 06 2月, 2014 1 次提交
-
-
由 Jingoo Han 提交于
The usage of strict_strto*() is not preferred, because strict_strto*() is obsolete. Thus, kstrto*() should be used. Signed-off-by: NJingoo Han <jg1.han@samsung.com> Signed-off-by: NJames Morris <james.l.morris@oracle.com>
-
- 08 1月, 2014 1 次提交
-
-
- 07 1月, 2014 1 次提交
-
-
由 Tetsuo Handa 提交于
Hello. I got below leak with linux-3.10.0-54.0.1.el7.x86_64 . [ 681.903890] kmemleak: 5538 new suspected memory leaks (see /sys/kernel/debug/kmemleak) Below is a patch, but I don't know whether we need special handing for undoing ebitmap_set_bit() call. ---------- >>From fe97527a90fe95e2239dfbaa7558f0ed559c0992 Mon Sep 17 00:00:00 2001 From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Date: Mon, 6 Jan 2014 16:30:21 +0900 Subject: [PATCH] SELinux: Fix memory leak upon loading policy Commit 2463c26d "SELinux: put name based create rules in a hashtable" did not check return value from hashtab_insert() in filename_trans_read(). It leaks memory if hashtab_insert() returns error. unreferenced object 0xffff88005c9160d0 (size 8): comm "systemd", pid 1, jiffies 4294688674 (age 235.265s) hex dump (first 8 bytes): 57 0b 00 00 6b 6b 6b a5 W...kkk. backtrace: [<ffffffff816604ae>] kmemleak_alloc+0x4e/0xb0 [<ffffffff811cba5e>] kmem_cache_alloc_trace+0x12e/0x360 [<ffffffff812aec5d>] policydb_read+0xd1d/0xf70 [<ffffffff812b345c>] security_load_policy+0x6c/0x500 [<ffffffff812a623c>] sel_write_load+0xac/0x750 [<ffffffff811eb680>] vfs_write+0xc0/0x1f0 [<ffffffff811ec08c>] SyS_write+0x4c/0xa0 [<ffffffff81690419>] system_call_fastpath+0x16/0x1b [<ffffffffffffffff>] 0xffffffffffffffff However, we should not return EEXIST error to the caller, or the systemd will show below message and the boot sequence freezes. systemd[1]: Failed to load SELinux policy. Freezing. Signed-off-by: NTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: NEric Paris <eparis@redhat.com> Cc: stable@vger.kernel.org Signed-off-by: NPaul Moore <pmoore@redhat.com>
-
- 06 1月, 2014 17 次提交
-
-
git://git.infradead.org/users/pcmoore/selinux由 James Morris 提交于
Conflicts: security/selinux/hooks.c Resolved using request struct. Signed-off-by: NJames Morris <james.l.morris@oracle.com>
-
由 Fengguang Wu 提交于
so we make it static CC: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> CC: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: NFengguang Wu <fengguang.wu@intel.com> Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Jason Gunthorpe 提交于
If CONFIG_PM_SLEEP=n, CONFIG_PNP=y we get this warning: drivers/char/tpm/tpm_tis.c:706:13: warning: 'tpm_tis_reenable_interrupts' defined but not used [-Wunused-function] This seems to have been introduced in a2fa3fb0 'tpm: convert tpm_tis driver to use dev_pm_ops from legacy pm_ops' Also, unpon reviewing, the #ifdefs around tpm_tis_pm are not right, the first reference is protected, the second is not. tpm_tis_pm is always defined so we can drop the #ifdef. Signed-off-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Jason Gunthorpe 提交于
This consolidates everything that is only used within tpm-dev.c into tpm-dev.c and out of the publicly visible struct tpm_chip. The per-file allocation lays the ground work for someday fixing the strange forced O_EXCL behaviour of the current code. Signed-off-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: NJoel Schopp <jschopp@linux.vnet.ibm.com> Reviewed-by: NAshley Lai <adlai@linux.vnet.ibm.com> Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Jason Gunthorpe 提交于
This builds on the last commit to use the ops structure in the core and reduce the size of tpm_vendor_specific. Signed-off-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: NJoel Schopp <jschopp@linux.vnet.ibm.com> Reviewed-by: NAshley Lai <adlai@linux.vnet.ibm.com> Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Jason Gunthorpe 提交于
This replaces the static initialization of a tpm_vendor_specific structure in the drivers with the standard Linux idiom of providing a const structure of function pointers. Signed-off-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: NJoel Schopp <jschopp@linux.vnet.ibm.com> Reviewed-by: NAshley Lai <adlai@linux.vnet.ibm.com> [phuewe: did apply manually due to commit 191ffc6bde3 tpm/tpm_i2c_atmel: fix coccinelle warnings] Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Jason Gunthorpe 提交于
The tpm core now sets up and controls all sysfs attributes, instead of having each driver have a unique take on it. All drivers now now have a uniform set of attributes, and no sysfs related entry points are exported from the tpm core module. This also uses the new method used to declare sysfs attributes with DEVICE_ATTR_RO and 'struct attribute *' Signed-off-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com> [phuewe: had to apply the tpm_i2c_atmel part manually due to commit 191ffc6bde3fc tpm/tpm_i2c_atmel: fix coccinelle warnings] Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Jason Gunthorpe 提交于
CLASS-sysfs.c is a common idiom for linux subsystems. This is the first step to pulling all the sysfs support code from the drivers into tpm-sysfs. This is a plain text copy from tpm-interface with support changes to make it compile. _tpm_pcr_read is made non-static and is called tpm_pcr_read_dev. Signed-off-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Jason Gunthorpe 提交于
CLASS-dev.c is a common idiom for Linux subsystems This pulls all the code related to the miscdev into tpm-dev.c and makes it static. The identical file_operation structs in the drivers are purged and the tpm common code unconditionally creates the miscdev. Signed-off-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: NJoel Schopp <jschopp@linux.vnet.ibm.com> Reviewed-by: NAshley Lai <adlai@linux.vnet.ibm.com> [phuewe: tpm_dev_release is now used only in this file, thus the EXPORT_SYMBOL can be dropped and the function be marked as static. It has no other in-kernel users] Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Michal Nazarewicz 提交于
“wait” wait queue is defined but never used in the function, thus it can be removed. Signed-off-by: NMichal Nazarewicz <mina86@mina86.com> Acked-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Peter Huewe 提交于
- removing stale/inactive maintainers - removing stale/outdated website - regrouped maintainers Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Fengguang Wu 提交于
drivers/char/tpm/tpm_i2c_atmel.c:178:8-9: WARNING: return of 0/1 in function 'i2c_atmel_req_canceled' with return type bool Return statements in functions returning bool should use true/false instead of 1/0. Generated by: coccinelle/misc/boolreturn.cocci CC: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> CC: Peter Huewe <peterhuewe@gmx.de> Acked-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: NFengguang Wu <fengguang.wu@intel.com> Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Peter Huewe 提交于
smatch complains: drivers/char/tpm/tpm_ibmvtpm.c:510 ibmvtpm_crq_process() info: ignoring unreachable code. -> The return is not necessary here, remove it Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Peter Huewe 提交于
The 'get_burstcount' function can in some circumstances 'return -EBUSY' which in tpm_stm_i2c_send is stored in an 'u32 burstcnt' thus converting the signed value into an unsigned value, resulting in 'burstcnt' being huge. Changing the type to u32 only does not solve the problem as the signed value is converted to an unsigned in I2C_WRITE_DATA, resulting in the same effect. Thus -> Change type of burstcnt to u32 (the return type of get_burstcount) -> Add a check for the return value of 'get_burstcount' and propagate a potential error. This makes also sense in the 'I2C_READ_DATA' case, where the there is no signed/unsigned conversion. found by coverity Cc: stable@vger.kernel.org Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Peter Huewe 提交于
If status = acpi_get_name(handle, ACPI_FULL_PATHNAME, &buffer); fails for whatever reason and does not return AE_OK if (strstr(buffer.pointer, context) != NULL) { does dereference a null pointer. -> Check the return value and return the status to the caller Found by coverity Cc: stable@vger.kernel.org Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 Peter Huewe 提交于
Depending on the implementation strcmp might return the difference between two strings not only -1,0,1 consequently if (strcmp (a,b) == -1) might lead to taking the wrong branch -> compare with < 0 instead, which in any case is more canonical. Cc: stable@vger.kernel.org Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
-
由 James Morris 提交于
-
- 05 1月, 2014 1 次提交
-
-
由 Linus Torvalds 提交于
-
- 04 1月, 2014 2 次提交
-
-
git://git.infradead.org/battery-2.6由 Linus Torvalds 提交于
Pull battery fixes from Anton Vorontsov: "Two fixes: - fix build error caused by max17042_battery conversion to the regmap API. - fix kernel oops when booting with wakeup_source_activate enabled" * tag 'for-v3.13-fixes' of git://git.infradead.org/battery-2.6: max17042_battery: Fix build errors caused by missing REGMAP_I2C config power_supply: Fix Oops from NULL pointer dereference from wakeup_source_activate
-
git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm由 Linus Torvalds 提交于
Pull ACPI and PM fixes and new device IDs from Rafael Wysocki: "These commits, except for one, are regression fixes and the remaining one fixes a divide error leading to a kernel panic. The majority of the regressions fixed here were introduced during the 3.12 cycle, one of them is from this cycle and one is older. Specifics: - VGA switcheroo was broken for some users as a result of the ACPI-based PCI hotplug (ACPIPHP) changes in 3.12, because some previously ignored hotplug events started to be handled. The fix causes them to be ignored again. - There are two more issues related to cpufreq's suspend/resume handling changes from the 3.12 cycle addressed by Viresh Kumar's fixes. - intel_pstate triggers a divide error in a timer function if the P-state information it needs is missing during initialization. This leads to kernel panics on nested KVM clients and is fixed by failing the initialization cleanly in those cases. - PCI initalization code changes during the 3.9 cycle uncovered BIOS issues related to ACPI wakeup notifications (some BIOSes send them for devices that aren't supposed to support ACPI wakeup). Work around them by installing an ACPI wakeup notify handler for all PCI devices with ACPI support. - The Calxeda cpuilde driver's probe function is tagged as __init, which is incorrect and causes a section mismatch to occur during build. Fix from Andre Przywara removes the __init tag from there. - During the 3.12 cycle ACPIPHP started to print warnings about missing _ADR for devices that legitimately don't have it. Fix from Toshi Kani makes it only print the warnings where they make sense" * tag 'pm+acpi-3.13-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: ACPIPHP / radeon / nouveau: Fix VGA switcheroo problem related to hotplug intel_pstate: Fail initialization if P-state information is missing ARM/cpuidle: remove __init tag from Calxeda cpuidle probe function PCI / ACPI: Install wakeup notify handlers for all PCI devs with ACPI cpufreq: preserve user_policy across suspend/resume cpufreq: Clean up after a failing light-weight initialization ACPI / PCI / hotplug: Avoid warning when _ADR not present
-
- 03 1月, 2014 3 次提交
-
-
由 Roberto Sassu 提交于
This patch removes the 'size_limit' argument from ima_eventdigest_init_common(). Since the 'd' field will never include the hash algorithm as prefix and the 'd-ng' will always have it, we can use the hash algorithm to differentiate the two cases in the modified function (it is equal to HASH_ALGO__LAST in the first case, the opposite in the second). Signed-off-by: NRoberto Sassu <roberto.sassu@polito.it> Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
-
由 Mimi Zohar 提交于
Patch "ima: extend the measurement list to include the file signature" defined a new field called 'sig' and a new template called 'ima-sig'. This patch updates the Documentation/security/IMA-templates.txt. Changelog: - fixed formatting issues (Roberto Sassu) Reported-by: NRoberto Sassu <roberto.sassu@polito.it> Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: NRoberto Sassu <roberto.sassu@polito.it>
-
由 Roberto Sassu 提交于
Replace the '-1' value with HASH_ALGO__LAST in ima_eventdigest_init() as the called function ima_eventdigest_init_common() expects an unsigned char. Fix commit: 4d7aeee7 ima: define new template ima-ng and template fields d-ng and n-ng Signed-off-by: NRoberto Sassu <roberto.sassu@polito.it> Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
-