Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v5.8 2020-06-08T15:30:19Z 2020-06-08T15:30:19Z Alexander A. Klimov grandmaster@al2klimov.de 2020-05-26T06:05:44Z urn:sha1:93431e0607e58a3c997a134adc0fad4fdc147dab Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Deterministic algorithm: For each file: For each line: If doesn't contain `\bxmlns\b`: For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: If both the HTTP and HTTPS versions return 200 OK and serve the same content: Replace HTTP with HTTPS. Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de> Link: https://lore.kernel.org/r/20200526060544.25127-1-grandmaster@al2klimov.de Signed-off-by: Jonathan Corbet <corbet@lwn.net> 2019-10-11T15:58:38Z Christian Kujau lists@nerdbynature.de 2019-10-11T03:36:16Z urn:sha1:0e3901891ab66dce0a51579035594c9b685650dd It appears that some smart quotes were changed to "???" by even smarter software; change them to the dumb but legible variety. Signed-off-by: Christian Kujau <lists@nerdbynature.de> Signed-off-by: Jonathan Corbet <corbet@lwn.net> 2019-05-31T20:57:40Z Ke Wu mikewu@google.com 2019-05-30T19:22:08Z urn:sha1:0ff9848067b7b950a4ed70de7f5028600a2157e3 Linux kernel already provide MODULE_SIG and KEXEC_VERIFY_SIG to make sure loaded kernel module and kernel image are trusted. This patch adds a kernel command line option "loadpin.exclude" which allows to exclude specific file types from LoadPin. This is useful when people want to use different mechanisms to verify module and kernel image while still use LoadPin to protect the integrity of other files kernel loads. Signed-off-by: Ke Wu <mikewu@google.com> Reviewed-by: James Morris <jamorris@linux.microsoft.com> [kees: fix array size issue reported by Coverity via Colin Ian King] Signed-off-by: Kees Cook <keescook@chromium.org> 2019-01-25T19:22:45Z Micah Morton mortonm@chromium.org 2019-01-16T15:46:06Z urn:sha1:aeca4e2ca65c1aeacfbe520684e6421719d99417 SafeSetID gates the setid family of syscalls to restrict UID/GID transitions from a given UID/GID to only those approved by a system-wide whitelist. These restrictions also prohibit the given UIDs/GIDs from obtaining auxiliary privileges associated with CAP_SET{U/G}ID, such as allowing a user to set up user namespace UID mappings. For now, only gating the set*uid family of syscalls is supported, with support for set*gid coming in a future patch set. Signed-off-by: Micah Morton <mortonm@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.morris@microsoft.com> 2019-01-08T21:18:44Z Casey Schaufler casey@schaufler-ca.com 2018-09-22T00:16:59Z urn:sha1:6d9c939dbe4d0bcea09cd4b410f624cde1acb678 Back in 2007 I made what turned out to be a rather serious mistake in the implementation of the Smack security module. The SELinux module used an interface in /proc to manipulate the security context on processes. Rather than use a similar interface, I used the same interface. The AppArmor team did likewise. Now /proc/.../attr/current will tell you the security "context" of the process, but it will be different depending on the security module you're using. This patch provides a subdirectory in /proc/.../attr for Smack. Smack user space can use the "current" file in this subdirectory and never have to worry about getting SELinux attributes by mistake. Programs that use the old interface will continue to work (or fail, as the case may be) as before. The proposed S.A.R.A security module is dependent on the mechanism to create its own attr subdirectory. The original implementation is by Kees Cook. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> 2019-01-02T18:56:09Z Linus Torvalds torvalds@linux-foundation.org 2019-01-02T18:56:09Z urn:sha1:19f2e267a5d0d26282a64f8f788c482852c95324 Pull smack updates from James Morris: "Two Smack patches for 4.21. Jose's patch adds missing documentation and Zoran's fleshes out the access checks on keyrings" * 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: Smack: Improve Documentation smack: fix access permissions for keyring 2018-12-13T21:31:01Z José Bollo jobol@nonadev.net 2018-12-13T21:31:01Z urn:sha1:55b078f031f556ea18963bd808e79a1dfaa4be44 Add some words about the mount option "smackfstransmute=label". Signed-off-by: José Bollo <jobol@nonadev.net> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> 2018-11-19T17:40:48Z Petr Vorel pvorel@suse.cz 2018-11-17T06:25:55Z urn:sha1:0427612cddef07568ba80596a02089181092783d Signed-off-by: Petr Vorel <pvorel@suse.cz> Signed-off-by: Paul Moore <paul@paul-moore.com> 2018-10-07T15:16:38Z Yves-Alexis Perez corsac@corsac.net 2018-10-02T20:47:23Z urn:sha1:31527da5d673ed16255869b6d0f209285b8b0981 Current phrasing is ambiguous since it's unclear if attaching to a children through PTRACE_TRACEME requires CAP_SYS_PTRACE. Rephrase the sentence to make that clear. Signed-off-by: Yves-Alexis Perez <corsac@corsac.net> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Jonathan Corbet <corbet@lwn.net> 2018-06-07T08:50:47Z Jordan Glover Golden_Miller83@protonmail.ch 2018-05-05T12:22:16Z urn:sha1:b896c54e8d7bbf6d5d48f9296b26c9d3f10ec795 The apparmor information in the apparmor.rst file is out of date. Update it to the correct git reference for the master apparmor tree. Update the wiki location to use apparmor.net which forwards to the current wiki location on gitlab.com. Update user space tools address to gitlab.com. Signed-off-by: Jordan Glover <Golden_Miller83@protonmail.ch> Signed-off-by: John Johansen <john.johansen@canonical.com>