Merge tag 'selinux-pr-20190507' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux

Pull selinux updates from Paul Moore: "We've got a few SELinux patches for the v5.2 merge window, the highlights are below: - Add LSM hooks, and the SELinux implementation, for proper labeling of kernfs. While we are only including the SELinux implementation here, the rest of the LSM folks have given the hooks a thumbs-up. - Update the SELinux mdp (Make Dummy Policy) script to actually work on a modern system. - Disallow userspace to change the LSM credentials via /proc/self/attr when the task's credentials are already overridden. The change was made in procfs because all the LSM folks agreed this was the Right Thing To Do and duplicating it across each LSM was going to be annoying" * tag 'selinux-pr-20190507' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: proc: prevent changes to overridden credentials selinux: Check address length before reading address family kernfs: fix xattr name handling in LSM helpers MAINTAINERS: update SELinux file patterns selinux: avoid uninitialized variable warning selinux: remove useless assignments LSM: lsm_hooks.h - fix missing colon in docstring selinux: Make selinux_kernfs_init_security static kernfs: initialize security of newly created nodes selinux: implement the kernfs_init_security hook LSM: add new hook for kernfs node initialization kernfs: use simple_xattrs for security attributes selinux: try security xattr after genfs for kernfs filesystems kernfs: do not alloc iattrs in kernfs_xattr_get kernfs: clean up struct kernfs_iattrs scripts/selinux: fix build selinux: use kernel linux/socket.h for genheaders and mdp scripts/selinux: modernize mdp
author: Linus Torvalds <torvalds@linux-foundation.org> 2019-05-07 21:48:09 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2019-05-07 21:48:09 -0400
commit: f72dae20891d7bcc43e9263ab206960b6ae5209f (patch)
tree: 59a5b8c026adad15855d3824d1a7014468033274 /include/linux/security.h
parent: 498e8631f27ed649bd3e31998a00b2b9b288cf3a (diff)
parent: 35a196bef449b5824033865b963ed9a43fb8c730 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index 49f2685324b0..d543293216b9 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -51,6 +51,7 @@ struct fown_struct;
 struct file_operations;
 struct msg_msg;
 struct xattr;
+struct kernfs_node;
 struct xfrm_sec_ctx;
 struct mm_struct;
 struct fs_context;
@@ -299,6 +300,8 @@ int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer
 void security_inode_getsecid(struct inode *inode, u32 *secid);
 int security_inode_copy_up(struct dentry *src, struct cred **new);
 int security_inode_copy_up_xattr(const char *name);
+int security_kernfs_init_security(struct kernfs_node *kn_dir,
+                                  struct kernfs_node *kn);
 int security_file_permission(struct file *file, int mask);
 int security_file_alloc(struct file *file);
 void security_file_free(struct file *file);
@@ -801,6 +804,12 @@ static inline int security_inode_copy_up(struct dentry *src, struct cred **new)
        return 0;
 }
+static inline int security_kernfs_init_security(struct kernfs_node *kn_dir,
+                                                struct kernfs_node *kn)
+{
+        return 0;
+}
 static inline int security_inode_copy_up_xattr(const char *name)
 {
        return -EOPNOTSUPP;
author	Linus Torvalds <torvalds@linux-foundation.org>	2019-05-07 21:48:09 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2019-05-07 21:48:09 -0400
commit	f72dae20891d7bcc43e9263ab206960b6ae5209f (patch)
tree	59a5b8c026adad15855d3824d1a7014468033274 /include/linux/security.h
parent	498e8631f27ed649bd3e31998a00b2b9b288cf3a (diff)
parent	35a196bef449b5824033865b963ed9a43fb8c730 (diff)