summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2020-01-27 15:38:15 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2020-01-27 15:38:15 -0800
commitb1dba2473114588be3df916bf629a61bdcc83737 (patch)
tree6f204c8250630ffe86c499987d752392018d060b /include
parent07e309a972cae9de1807f48968f4673f6868e211 (diff)
parent98aa00345de54b8340dc2ddcd87f446d33387b5e (diff)
Merge tag 'selinux-pr-20200127' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Pull SELinux update from Paul Moore: "This is one of the bigger SELinux pull requests in recent years with 28 patches. Everything is passing our test suite and the highlights are below: - Mark CONFIG_SECURITY_SELINUX_DISABLE as deprecated. We're some time away from actually attempting to remove this in the kernel, but the only distro we know that still uses it (Fedora) is working on moving away from this so we want to at least let people know we are planning to remove it. - Reorder the SELinux hooks to help prevent bad things when SELinux is disabled at runtime. The proper fix is to remove the CONFIG_SECURITY_SELINUX_DISABLE functionality (see above) and just take care of it at boot time (e.g. "selinux=0"). - Add SELinux controls for the kernel lockdown functionality, introducing a new SELinux class/permissions: "lockdown { integrity confidentiality }". - Add a SELinux control for move_mount(2) that reuses the "file { mounton }" permission. - Improvements to the SELinux security label data store lookup functions to speed up translations between our internal label representations and the visible string labels (both directions). - Revisit a previous fix related to SELinux inode auditing and permission caching and do it correctly this time. - Fix the SELinux access decision cache to cleanup properly on error. In some extreme cases this could limit the cache size and result in a decrease in performance. - Enable SELinux per-file labeling for binderfs. - The SELinux initialized and disabled flags were wrapped with accessors to ensure they are accessed correctly. - Mark several key SELinux structures with __randomize_layout. - Changes to the LSM build configuration to only build security/lsm_audit.c when needed. - Changes to the SELinux build configuration to only build the IB object cache when CONFIG_SECURITY_INFINIBAND is enabled. - Move a number of single-caller functions into their callers. - Documentation fixes (/selinux -> /sys/fs/selinux). - A handful of cleanup patches that aren't worth mentioning on their own, the individual descriptions have plenty of detail" * tag 'selinux-pr-20200127' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: (28 commits) selinux: fix regression introduced by move_mount(2) syscall selinux: do not allocate ancillary buffer on first load selinux: remove redundant allocation and helper functions selinux: remove redundant selinux_nlmsg_perm selinux: fix wrong buffer types in policydb.c selinux: reorder hooks to make runtime disable less broken selinux: treat atomic flags more carefully selinux: make default_noexec read-only after init selinux: move ibpkeys code under CONFIG_SECURITY_INFINIBAND. selinux: remove redundant msg_msg_alloc_security Documentation,selinux: fix references to old selinuxfs mount point selinux: deprecate disabling SELinux and runtime selinux: allow per-file labelling for binderfs selinuxfs: use scnprintf to get real length for inode selinux: remove set but not used variable 'sidtab' selinux: ensure the policy has been loaded before reading the sidtab stats selinux: ensure we cleanup the internal AVC counters on error in avc_update() selinux: randomize layout of key structures selinux: clean up selinux_enabled/disabled/enforcing_boot selinux: remove unnecessary selinux cred request ...
Diffstat (limited to 'include')
-rw-r--r--include/linux/lsm_audit.h2
-rw-r--r--include/linux/security.h2
2 files changed, 4 insertions, 0 deletions
diff --git a/include/linux/lsm_audit.h b/include/linux/lsm_audit.h
index 915330abf6e5..99d629fd9944 100644
--- a/include/linux/lsm_audit.h
+++ b/include/linux/lsm_audit.h
@@ -74,6 +74,7 @@ struct common_audit_data {
#define LSM_AUDIT_DATA_FILE 12
#define LSM_AUDIT_DATA_IBPKEY 13
#define LSM_AUDIT_DATA_IBENDPORT 14
+#define LSM_AUDIT_DATA_LOCKDOWN 15
union {
struct path path;
struct dentry *dentry;
@@ -93,6 +94,7 @@ struct common_audit_data {
struct file *file;
struct lsm_ibpkey_audit *ibpkey;
struct lsm_ibendport_audit *ibendport;
+ int reason;
} u;
/* this union contains LSM specific data */
union {
diff --git a/include/linux/security.h b/include/linux/security.h
index 3e8d4bacd59d..64b19f050343 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -128,6 +128,8 @@ enum lockdown_reason {
LOCKDOWN_CONFIDENTIALITY_MAX,
};
+extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1];
+
/* These functions are in security/commoncap.c */
extern int cap_capable(const struct cred *cred, struct user_namespace *ns,
int cap, unsigned int opts);