Merge branch 'serge-next-1' of git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux-security

Pull security layer updates from Serge Hallyn:
 "This is a merge of James Morris' security-next tree from 3.14 to
  yesterday's master, plus four patches from Paul Moore which are in
  linux-next, plus one patch from Mimi"

* 'serge-next-1' of git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux-security:
  ima: audit log files opened with O_DIRECT flag
  selinux: conditionally reschedule in hashtab_insert while loading selinux policy
  selinux: conditionally reschedule in mls_convert_context while loading selinux policy
  selinux: reject setexeccon() on MNT_NOSUID applications with -EACCES
  selinux:  Report permissive mode in avc: denied messages.
  Warning in scanf string typing
  Smack: Label cgroup files for systemd
  Smack: Verify read access on file open - v3
  security: Convert use of typedef ctl_table to struct ctl_table
  Smack: bidirectional UDS connect check
  Smack: Correctly remove SMACK64TRANSMUTE attribute
  SMACK: Fix handling value==NULL in post setxattr
  bugfix patch for SMACK
  Smack: adds smackfs/ptrace interface
  Smack: unify all ptrace accesses in the smack
  Smack: fix the subject/object order in smack_ptrace_traceme()
  Minor improvement of 'smack_sb_kern_mount'
  smack: fix key permission verification
  KEYS: Move the flags representing required permission to linux/key.h

1 files changed, 8 insertions, 5 deletions

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 2c7341dbc5d6..83d06db34d03 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2123,11 +2123,13 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm)
                 new_tsec->exec_sid = 0;
 
                 /*
-                 * Minimize confusion: if no_new_privs and a transition is
-                 * explicitly requested, then fail the exec.
+                 * Minimize confusion: if no_new_privs or nosuid and a
+                 * transition is explicitly requested, then fail the exec.
                  */
                 if (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS)
                         return -EPERM;
+                if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)
+                        return -EACCES;
         } else {
                 /* Check for a default transition on this program. */
                 rc = security_transition_sid(old_tsec->sid, isec->sid,
@@ -2770,6 +2772,7 @@ static int selinux_inode_follow_link(struct dentry *dentry, struct nameidata *na
 
 static noinline int audit_inode_permission(struct inode *inode,
                                            u32 perms, u32 audited, u32 denied,
+                                           int result,
                                            unsigned flags)
 {
         struct common_audit_data ad;
@@ -2780,7 +2783,7 @@ static noinline int audit_inode_permission(struct inode *inode,
         ad.u.inode = inode;
 
         rc = slow_avc_audit(current_sid(), isec->sid, isec->sclass, perms,
-                            audited, denied, &ad, flags);
+                            audited, denied, result, &ad, flags);
         if (rc)
                 return rc;
         return 0;
@@ -2822,7 +2825,7 @@ static int selinux_inode_permission(struct inode *inode, int mask)
         if (likely(!audited))
                 return rc;
 
-        rc2 = audit_inode_permission(inode, perms, audited, denied, flags);
+        rc2 = audit_inode_permission(inode, perms, audited, denied, rc, flags);
         if (rc2)
                 return rc2;
         return rc;
@@ -5722,7 +5725,7 @@ static void selinux_key_free(struct key *k)
 
 static int selinux_key_permission(key_ref_t key_ref,
                                   const struct cred *cred,
-                                  key_perm_t perm)
+                                  unsigned perm)
 {
         struct key *key;
         struct key_security_struct *ksec;