linux/security/apparmor/include, branch v4.11

Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

2017-02-21T20:49:56Z

Pull security layer updates from James Morris: "Highlights: - major AppArmor update: policy namespaces & lots of fixes - add /sys/kernel/security/lsm node for easy detection of loaded LSMs - SELinux cgroupfs labeling support - SELinux context mounts on tmpfs, ramfs, devpts within user namespaces - improved TPM 2.0 support" * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (117 commits) tpm: declare tpm2_get_pcr_allocation() as static tpm: Fix expected number of response bytes of TPM1.2 PCR Extend tpm xen: drop unneeded chip variable tpm: fix misspelled "facilitate" in module parameter description tpm_tis: fix the error handling of init_tis() KEYS: Use memzero_explicit() for secret data KEYS: Fix an error code in request_master_key() sign-file: fix build error in sign-file.c with libressl selinux: allow changing labels for cgroupfs selinux: fix off-by-one in setprocattr tpm: silence an array overflow warning tpm: fix the type of owned field in cap_t tpm: add securityfs support for TPM 2.0 firmware event log tpm: enhance read_log_of() to support Physical TPM event log tpm: enhance TPM 2.0 PCR extend to support multiple banks tpm: implement TPM 2.0 capability to get active PCR banks tpm: fix RC value check in tpm2_seal_trusted tpm_tis: fix iTPM probe via probe_itpm() function tpm: Begin the process to deprecate user_read_timer tpm: remove tpm_read_index and tpm_write_index from tpm.h ...

apparmor: fix restricted endian type warnings for dfa unpack

2017-01-16T09:18:54Z

Signed-off-by: John Johansen

apparmor: add per cpu work buffers to avoid allocating buffers at every hook

2017-01-16T09:18:53Z

Signed-off-by: John Johansen

apparmor: support querying extended trusted helper extra data

2017-01-16T09:18:51Z

Allow a profile to carry extra data that can be queried via userspace. This provides a means to store extra data in a profile that a trusted helper can extract and use from live policy. Signed-off-by: William Hua Signed-off-by: John Johansen

apparmor: convert change_profile to use fqname later to give better control

2017-01-16T09:18:49Z

Moving the use of fqname to later allows learning profiles to be based on the fqname request instead of just the hname. It also allows cleaning up some of the name parsing and lookup by allowing the use of the fqlookupn_profile() lib fn. Signed-off-by: John Johansen

apparmor: change aad apparmor_audit_data macro to a fn macro

2017-01-16T09:18:47Z

The aad macro can replace aad strings when it is not intended to. Switch to a fn macro so it is only applied when intended. Also at the same time cleanup audit_data initialization by putting common boiler plate behind a macro, and dropping the gfp_t parameter which will become useless. Signed-off-by: John Johansen

apparmor: change op from int to const char *

2017-01-16T09:18:46Z

Having ops be an integer that is an index into an op name table is awkward and brittle. Every op change requires an edit for both the op constant and a string in the table. Instead switch to using const strings directly, eliminating the need for the table that needs to be kept in sync. Signed-off-by: John Johansen

apparmor: rename context abreviation cxt to the more standard ctx

2017-01-16T09:18:45Z

Signed-off-by: John Johansen

apparmor: add per policy ns .load, .replace, .remove interface files

2017-01-16T09:18:44Z

Having per policy ns interface files helps with containers restoring policy. Signed-off-by: John Johansen

apparmor: pass the subject profile into profile replace/remove

2017-01-16T09:18:43Z

This is just setup for new ns specific .load, .replace, .remove interface files. Signed-off-by: John Johansen