kernel/linux.git/security/selinux/include/objsec.h, branch v6.12.80Linux kernel stable tree (mirror)https://git.radix-linux.su/kernel/linux.git/atom?h=v6.12.802024-07-29T20:54:52+00:00lsm: infrastructure management of the perf_event security blob2024-07-29T20:54:52+00:00Casey Schauflercasey@schaufler-ca.com2024-07-10T21:32:30+00:00urn:sha1:61a1dcdceb44d79e5ab511295791b88ea178c045
Move management of the perf_event->security blob out of the individual
security modules and into the security infrastructure. Instead of
allocating the blobs from within the modules the modules tell the
infrastructure how much space is required, and the space is allocated
there. There are no longer any modules that require the perf_event_free()
hook. The hook definition has been removed.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
[PM: subject tweak]
Signed-off-by: Paul Moore <paul@paul-moore.com>
lsm: infrastructure management of the infiniband blob2024-07-29T20:54:52+00:00Casey Schauflercasey@schaufler-ca.com2024-07-10T21:32:29+00:00urn:sha1:66de33a0bbb59ef3909d2c65dbbb7fc503d573bd
Move management of the infiniband security blob out of the individual
security modules and into the LSM infrastructure. The security modules
tell the infrastructure how much space they require at initialization.
There are no longer any modules that require the ib_free() hook.
The hook definition has been removed.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
[PM: subject tweak, selinux style fixes]
Signed-off-by: Paul Moore <paul@paul-moore.com>
lsm: infrastructure management of the dev_tun blob2024-07-29T20:54:51+00:00Casey Schauflercasey@schaufler-ca.com2024-07-10T21:32:28+00:00urn:sha1:a39c0f77dbbe083f3eec6c3b32d90f168f7575eb
Move management of the dev_tun security blob out of the individual
security modules and into the LSM infrastructure. The security modules
tell the infrastructure how much space they require at initialization.
There are no longer any modules that require the dev_tun_free hook.
The hook definition has been removed.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
[PM: subject tweak, selinux style fixes]
Signed-off-by: Paul Moore <paul@paul-moore.com>
lsm: infrastructure management of the key security blob2024-07-29T20:54:51+00:00Casey Schauflercasey@schaufler-ca.com2024-07-10T21:32:26+00:00urn:sha1:5f8d28f6d7d568dbbc8c5bce94894474c07afd4f
Move management of the key->security blob out of the individual security
modules and into the security infrastructure. Instead of allocating the
blobs from within the modules the modules tell the infrastructure how
much space is required, and the space is allocated there. There are
no existing modules that require a key_free hook, so the call to it and
the definition for it have been removed.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
[PM: subject tweak]
Signed-off-by: Paul Moore <paul@paul-moore.com>
lsm: infrastructure management of the sock security2024-07-29T20:54:50+00:00Casey Schauflercasey@schaufler-ca.com2024-07-10T21:32:25+00:00urn:sha1:2aff9d20d50ac45dd13a013ef5231f4fb8912356
Move management of the sock->sk_security blob out
of the individual security modules and into the security
infrastructure. Instead of allocating the blobs from within
the modules the modules tell the infrastructure how much
space is required, and the space is allocated there.
Acked-by: Paul Moore <paul@paul-moore.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: John Johansen <john.johansen@canonical.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
[PM: subject tweak]
Signed-off-by: Paul Moore <paul@paul-moore.com>
selinux: fix style issues in security/selinux/include/objsec.h2023-12-22T23:09:29+00:00Paul Moorepaul@paul-moore.com2023-12-21T22:18:53+00:00urn:sha1:c787022036663c538b14df6c5edcc2ab93a16eee
As part of on ongoing effort to perform more automated testing and
provide more tools for individual developers to validate their
patches before submitting, we are trying to make our code
"clang-format clean". My hope is that once we have fixed all of our
style "quirks", developers will be able to run clang-format on their
patches to help avoid silly formatting problems and ensure their
changes fit in well with the rest of the SELinux kernel code.
Signed-off-by: Paul Moore <paul@paul-moore.com>
selinux: update my email address2023-07-19T15:27:02+00:00Stephen Smalleystephen.smalley.work@gmail.com2023-07-19T15:12:50+00:00urn:sha1:0fe53224bf5be183d263f262212c06ff00c69ca4
Update my email address; MAINTAINERS was updated some time ago.
Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
selinux: de-brand SELinux2023-07-18T22:42:57+00:00Stephen Smalleystephen.smalley.work@gmail.com2023-07-18T17:13:35+00:00urn:sha1:90aa4f5e92f2797c3c86e05f588ab277b0e0ba39
Change "NSA SELinux" to just "SELinux" in Kconfig help text and
comments. While NSA was the original primary developer and continues to
help maintain SELinux, SELinux has long since transitioned to a wide
community of developers and maintainers. SELinux has been part of the
mainline Linux kernel for nearly 20 years now [1] and has received
contributions from many individuals and organizations.
[1] https://lore.kernel.org/lkml/Pine.LNX.4.44.0308082228470.1852-100000@home.osdl.org/
Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
LSM: Infrastructure management of the superblock2021-04-22T19:22:10+00:00Casey Schauflercasey@schaufler-ca.com2021-04-22T15:41:15+00:00urn:sha1:1aea7808372eee4ad01f98e064c88c57f1e94855
Move management of the superblock->sb_security blob out of the
individual security modules and into the security infrastructure.
Instead of allocating the blobs from within the modules, the modules
tell the infrastructure how much space is required, and the space is
allocated there.
Cc: John Johansen <john.johansen@canonical.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
Reviewed-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Acked-by: Serge Hallyn <serge@hallyn.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20210422154123.13086-6-mic@digikod.net
Signed-off-by: James Morris <jamorris@linux.microsoft.com>
selinux: drop super_block backpointer from superblock_security_struct2020-11-13T00:52:21+00:00Ondrej Mosnacekomosnace@redhat.com2020-11-04T12:01:10+00:00urn:sha1:b159e86b5a2ab826b3a292756072f4cc523675ab
It appears to have been needed for selinux_complete_init() in the past,
but today it's useless.
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>