Merge tag 'selinux-pr-20190507' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux

Pull selinux updates from Paul Moore: "We've got a few SELinux patches for the v5.2 merge window, the highlights are below: - Add LSM hooks, and the SELinux implementation, for proper labeling of kernfs. While we are only including the SELinux implementation here, the rest of the LSM folks have given the hooks a thumbs-up. - Update the SELinux mdp (Make Dummy Policy) script to actually work on a modern system. - Disallow userspace to change the LSM credentials via /proc/self/attr when the task's credentials are already overridden. The change was made in procfs because all the LSM folks agreed this was the Right Thing To Do and duplicating it across each LSM was going to be annoying" * tag 'selinux-pr-20190507' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: proc: prevent changes to overridden credentials selinux: Check address length before reading address family kernfs: fix xattr name handling in LSM helpers MAINTAINERS: update SELinux file patterns selinux: avoid uninitialized variable warning selinux: remove useless assignments LSM: lsm_hooks.h - fix missing colon in docstring selinux: Make selinux_kernfs_init_security static kernfs: initialize security of newly created nodes selinux: implement the kernfs_init_security hook LSM: add new hook for kernfs node initialization kernfs: use simple_xattrs for security attributes selinux: try security xattr after genfs for kernfs filesystems kernfs: do not alloc iattrs in kernfs_xattr_get kernfs: clean up struct kernfs_iattrs scripts/selinux: fix build selinux: use kernel linux/socket.h for genheaders and mdp scripts/selinux: modernize mdp
author: Linus Torvalds <torvalds@linux-foundation.org> 2019-05-07 21:48:09 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2019-05-07 21:48:09 -0400
commit: f72dae20891d7bcc43e9263ab206960b6ae5209f (patch)
tree: 59a5b8c026adad15855d3824d1a7014468033274 /include/linux/kernfs.h
parent: 498e8631f27ed649bd3e31998a00b2b9b288cf3a (diff)
parent: 35a196bef449b5824033865b963ed9a43fb8c730 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/include/linux/kernfs.h b/include/linux/kernfs.h
index e446ab97ee0c..2bf477f86eb1 100644
--- a/include/linux/kernfs.h
+++ b/include/linux/kernfs.h
@@ -371,6 +371,11 @@ __poll_t kernfs_generic_poll(struct kernfs_open_file *of,
                             struct poll_table_struct *pt);
 void kernfs_notify(struct kernfs_node *kn);
+int kernfs_xattr_get(struct kernfs_node *kn, const char *name,
+                     void *value, size_t size);
+int kernfs_xattr_set(struct kernfs_node *kn, const char *name,
+                     const void *value, size_t size, int flags);
 const void *kernfs_super_ns(struct super_block *sb);
 int kernfs_get_tree(struct fs_context *fc);
 void kernfs_free_fs_context(struct fs_context *fc);
@@ -473,6 +478,14 @@ static inline int kernfs_setattr(struct kernfs_node *kn,
 static inline void kernfs_notify(struct kernfs_node *kn) { }
+static inline int kernfs_xattr_get(struct kernfs_node *kn, const char *name,
+                                   void *value, size_t size)
+{ return -ENOSYS; }
+static inline int kernfs_xattr_set(struct kernfs_node *kn, const char *name,
+                                   const void *value, size_t size, int flags)
+{ return -ENOSYS; }
 static inline const void *kernfs_super_ns(struct super_block *sb)
 { return NULL; }
author	Linus Torvalds <torvalds@linux-foundation.org>	2019-05-07 21:48:09 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2019-05-07 21:48:09 -0400
commit	f72dae20891d7bcc43e9263ab206960b6ae5209f (patch)
tree	59a5b8c026adad15855d3824d1a7014468033274 /include/linux/kernfs.h
parent	498e8631f27ed649bd3e31998a00b2b9b288cf3a (diff)
parent	35a196bef449b5824033865b963ed9a43fb8c730 (diff)

diff --git a/include/linux/kernfs.h b/include/linux/kernfs.h index e446ab97ee0c..2bf477f86eb1 100644 --- a/include/linux/kernfs.h +++ b/include/linux/kernfs.h
@@ -371,6 +371,11 @@ __poll_t kernfs_generic_poll(struct kernfs_open_file *of,
371	struct poll_table_struct *pt);	371	struct poll_table_struct *pt);
372	void kernfs_notify(struct kernfs_node *kn);	372	void kernfs_notify(struct kernfs_node *kn);
373		373
		374	int kernfs_xattr_get(struct kernfs_node kn, const char name,
		375	void *value, size_t size);
		376	int kernfs_xattr_set(struct kernfs_node kn, const char name,
		377	const void *value, size_t size, int flags);
		378
374	const void kernfs_super_ns(struct super_block sb);	379	const void kernfs_super_ns(struct super_block sb);
375	int kernfs_get_tree(struct fs_context *fc);	380	int kernfs_get_tree(struct fs_context *fc);
376	void kernfs_free_fs_context(struct fs_context *fc);	381	void kernfs_free_fs_context(struct fs_context *fc);
@@ -473,6 +478,14 @@ static inline int kernfs_setattr(struct kernfs_node *kn,
473		478
474	static inline void kernfs_notify(struct kernfs_node *kn) { }	479	static inline void kernfs_notify(struct kernfs_node *kn) { }
475		480
		481	static inline int kernfs_xattr_get(struct kernfs_node kn, const char name,
		482	void *value, size_t size)
		483	{ return -ENOSYS; }
		484
		485	static inline int kernfs_xattr_set(struct kernfs_node kn, const char name,
		486	const void *value, size_t size, int flags)
		487	{ return -ENOSYS; }
		488
476	static inline const void kernfs_super_ns(struct super_block sb)	489	static inline const void kernfs_super_ns(struct super_block sb)
477	{ return NULL; }	490	{ return NULL; }
478		491