Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v5.0 2019-01-30T14:19:56Z 2019-01-30T14:19:56Z Christian Brauner christian@brauner.io 2019-01-17T11:48:54Z urn:sha1:75abec73de65a86a23019ee7a3569220ee344f37 This adds the promised selftest for binderfs. It will verify the following things: - binderfs mounting works - binder device allocation works - performing a binder ioctl() request through a binderfs device works - binder device removal works - binder-control removal fails - binderfs unmounting works The tests are performed both privileged and unprivileged. The latter verifies that binderfs behaves correctly in user namespaces. Cc: Todd Kjos <tkjos@google.com> Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> Acked-by: Shuah Khan <shuah@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-01-02T17:43:14Z Linus Torvalds torvalds@linux-foundation.org 2019-01-02T17:43:14Z urn:sha1:f218a29c25ad8abdb961435d6b8139f462061364 Pull integrity updates from James Morris: "In Linux 4.19, a new LSM hook named security_kernel_load_data was upstreamed, allowing LSMs and IMA to prevent the kexec_load syscall. Different signature verification methods exist for verifying the kexec'ed kernel image. This adds additional support in IMA to prevent loading unsigned kernel images via the kexec_load syscall, independently of the IMA policy rules, based on the runtime "secure boot" flag. An initial IMA kselftest is included. In addition, this pull request defines a new, separate keyring named ".platform" for storing the preboot/firmware keys needed for verifying the kexec'ed kernel image's signature and includes the associated IMA kexec usage of the ".platform" keyring. (David Howell's and Josh Boyer's patches for reading the preboot/firmware keys, which were previously posted for a different use case scenario, are included here)" * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: integrity: Remove references to module keyring ima: Use inode_is_open_for_write ima: Support platform keyring for kernel appraisal efi: Allow the "db" UEFI variable to be suppressed efi: Import certificates from UEFI Secure Boot efi: Add an EFI signature blob parser efi: Add EFI signature data types integrity: Load certs to the platform keyring integrity: Define a trusted platform keyring selftests/ima: kexec_load syscall test ima: don't measure/appraise files on efivarfs x86/ima: retry detecting secure boot mode docs: Extend trusted keys documentation for TPM 2.0 x86/ima: define arch_get_ima_policy() for x86 ima: add support for arch specific policies ima: refactor ima_init_policy() ima: prevent kexec_load syscall based on runtime secureboot flag x86/ima: define arch_ima_get_secureboot integrity: support new struct public_key_signature encoding field 2018-12-29T05:27:13Z Linus Torvalds torvalds@linux-foundation.org 2018-12-29T05:27:13Z urn:sha1:903b77c631673eeec9e9114e9524171cdf9a2646 Pull Kselftest updates from Shuah Khan: - fixes and improvements to the framework, and individual tests - a new media test for IR encoders from Sean Young - a new watchdog test option to find time left on a timer * tag 'linux-kselftest-4.21-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: selftests: Fix test errors related to lib.mk khdr target fix dma-buf/udmabuf selftest selftests: watchdog: fix spelling mistake "experies" -> "expires" selftests: watchdog: Add gettimeleft command line arg selftests: do not macro-expand failed assertion expressions selftests/ftrace: Fix invalid SPDX identifiers selftests: gpio: Find libmount with pkg-config if available selftests: firmware: add CONFIG_FW_LOADER_USER_HELPER_FALLBACK to config selftests: firmware: remove use of non-standard diff -Z option media: rc: self test for IR encoders and decoders 2018-12-21T01:01:17Z Willem de Bruijn willemb@google.com 2018-12-20T21:22:54Z urn:sha1:cda261f421ba2682e25f46beb229172706fc7fcd Run the transmit timestamp tests as part of kselftests. Add a txtimestamp.sh test script that runs most variants: ipv4/ipv6, tcp/udp/raw/raw_ipproto/pf_packet, data/nodata, setsockopt/cmsg. The script runs tests with netem delays. Refine txtimestamp.c to validate results. Take expected netem delays as input and compare against real timestamps. To run without dependencies, add a listener socket to be able to connect in the case of TCP. Add the timestamping directory to the kselftests Makefile. Build all the binaries. Only run verified txtimestamp.sh. Signed-off-by: Willem de Bruijn <willemb@google.com> Acked-by: Soheil Hassas Yeganeh <soheil@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2018-12-17T19:26:46Z James Morris james.morris@microsoft.com 2018-12-17T19:26:46Z urn:sha1:5580b4a1a8ca85c53bd5b94c5d302e47dca3e5cb From Mimi: In Linux 4.19, a new LSM hook named security_kernel_load_data was upstreamed, allowing LSMs and IMA to prevent the kexec_load syscall.  Different signature verification methods exist for verifying the kexec'ed kernel image.  This pull request adds additional support in IMA to prevent loading unsigned kernel images via the kexec_load syscall, independently of the IMA policy rules, based on the runtime "secure boot" flag.  An initial IMA kselftest is included. In addition, this pull request defines a new, separate keyring named ".platform" for storing the preboot/firmware keys needed for verifying the kexec'ed kernel image's signature and includes the associated IMA kexec usage of the ".platform" keyring. (David Howell's and Josh Boyer's patches for reading the preboot/firmware keys, which were previously posted for a different use case scenario, are included here.) 2018-12-13T20:03:48Z Tom Murphy murphyt7@tcd.ie 2018-11-27T10:33:08Z urn:sha1:6edf2e3710f4ef2555ad7a2681dbeb4a69092b2d This patch fixes the udmabuf selftest. Currently the selftest is broken. I fixed the selftest by setting the F_SEAL_SHRINK seal on the memfd file descriptor which is required by udmabuf and added the test to the selftest Makefile. Signed-off-by: Tom Murphy <murphyt7@tcd.ie> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Shuah Khan <shuah@kernel.org> 2018-12-11T12:19:47Z Mimi Zohar zohar@linux.ibm.com 2018-11-14T17:30:19Z urn:sha1:a802ed0dd9c2607cc219574e881062d43ea3b7e0 The kernel CONFIG_KEXEC_VERIFY_SIG option is limited to verifying a kernel image's signature, when loaded via the kexec_file_load syscall. There is no method for verifying a kernel image's signature loaded via the kexec_load syscall. This test verifies loading the kernel image via the kexec_load syscall fails when the kernel CONFIG_KEXEC_VERIFY_SIG option is enabled on systems with secureboot enabled[1]. [1] Detecting secureboot enabled is architecture specific. Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> 2018-11-12T15:13:35Z Florian Westphal fw@strlen.de 2018-10-31T17:26:21Z urn:sha1:25d8bcedbf4329895dbaf9dd67baa6f18dad918c Start flood ping for each cpu while loading/flushing rulesets to make sure we do not access already-free'd rules from nf_tables evaluation loop. Also add this to TARGETS so 'make run_tests' in selftest dir runs it automatically. This would have caught the bug fixed in previous change ("netfilter: nf_tables: do not skip inactive chains during generation update") sooner. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> 2018-11-06T16:27:17Z Sean Young sean@mess.org 2018-10-16T14:09:31Z urn:sha1:e55c884ea5c66a29a713d41ed0819fee8038762b ir-loopback can transmit IR on one rc device and check the correct scancode and protocol is decoded on a different rc device. This can be used to check IR transmission between two rc devices. Using rc-loopback, we use it to check the IR encoders and decoders themselves. No hardware is required for this test. Signed-off-by: Sean Young <sean@mess.org> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Shuah Khan <shuah@kernel.org> 2018-06-10T17:17:09Z Linus Torvalds torvalds@linux-foundation.org 2018-06-10T17:17:09Z urn:sha1:d82991a8688ad128b46db1b42d5d84396487a508 Pull restartable sequence support from Thomas Gleixner: "The restartable sequences syscall (finally): After a lot of back and forth discussion and massive delays caused by the speculative distraction of maintainers, the core set of restartable sequences has finally reached a consensus. It comes with the basic non disputed core implementation along with support for arm, powerpc and x86 and a full set of selftests It was exposed to linux-next earlier this week, so it does not fully comply with the merge window requirements, but there is really no point to drag it out for yet another cycle" * 'core-rseq-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: rseq/selftests: Provide Makefile, scripts, gitignore rseq/selftests: Provide parametrized tests rseq/selftests: Provide basic percpu ops test rseq/selftests: Provide basic test rseq/selftests: Provide rseq library selftests/lib.mk: Introduce OVERRIDE_TARGETS powerpc: Wire up restartable sequences system call powerpc: Add syscall detection for restartable sequences powerpc: Add support for restartable sequences x86: Wire up restartable sequence system call x86: Add support for restartable sequences arm: Wire up restartable sequences system call arm: Add syscall detection for restartable sequences arm: Add restartable sequences support rseq: Introduce restartable sequences system call uapi/headers: Provide types_32_64.h