Message ID | 1468088355-18484-1-git-send-email-mic@digikod.net (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On Sat, Jul 9, 2016 at 2:19 PM, Mickaël Salaün <mic@digikod.net> wrote: > Fixes: a1db74209483 ("module: replace copy_module_from_fd with kernel version") Oh, hrm, was that still in there? Thanks for the catch! Acked-by: Kees Cook <keescook@chromium.org> -Kees > > Signed-off-by: Mickaël Salaün <mic@digikod.net> > Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> > Cc: Kees Cook <keescook@chromium.org> > Cc: Luis R. Rodriguez <mcgrof@kernel.org> > Cc: Rusty Russell <rusty@rustcorp.com.au> > Cc: Linus Torvalds <torvalds@linux-foundation.org> > Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> > --- > include/linux/lsm_hooks.h | 1 - > include/linux/security.h | 1 - > 2 files changed, 2 deletions(-) > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index 7ae397669d8b..58c777ec8bcf 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -1455,7 +1455,6 @@ union security_list_options { > int (*kernel_act_as)(struct cred *new, u32 secid); > int (*kernel_create_files_as)(struct cred *new, struct inode *inode); > int (*kernel_module_request)(char *kmod_name); > - int (*kernel_module_from_file)(struct file *file); > int (*kernel_read_file)(struct file *file, enum kernel_read_file_id id); > int (*kernel_post_read_file)(struct file *file, char *buf, loff_t size, > enum kernel_read_file_id id); > diff --git a/include/linux/security.h b/include/linux/security.h > index 14df373ff2ca..2b8c7d2a3fd8 100644 > --- a/include/linux/security.h > +++ b/include/linux/security.h > @@ -307,7 +307,6 @@ void security_transfer_creds(struct cred *new, const struct cred *old); > int security_kernel_act_as(struct cred *new, u32 secid); > int security_kernel_create_files_as(struct cred *new, struct inode *inode); > int security_kernel_module_request(char *kmod_name); > -int security_kernel_module_from_file(struct file *file); > int security_kernel_read_file(struct file *file, enum kernel_read_file_id id); > int security_kernel_post_read_file(struct file *file, char *buf, loff_t size, > enum kernel_read_file_id id); > -- > 2.8.1 >
On Sat, Jul 09, 2016 at 08:19:15PM +0200, Mickaël Salaün wrote:
> Fixes: a1db74209483 ("module: replace copy_module_from_fd with kernel version")
It's not a "fix", it's a "cleanup remaining bits"
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sat, 9 Jul 2016, Mickaël Salaün wrote: > Fixes: a1db74209483 ("module: replace copy_module_from_fd with kernel version") > > Signed-off-by: Mickaël Salaün <mic@digikod.net> > Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> > Cc: Kees Cook <keescook@chromium.org> > Cc: Luis R. Rodriguez <mcgrof@kernel.org> > Cc: Rusty Russell <rusty@rustcorp.com.au> > Cc: Linus Torvalds <torvalds@linux-foundation.org> > Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Acked-by: James Morris <james.l.morris@oracle.com>
On Tue, Jul 12, 2016 at 5:48 AM, James Morris <jmorris@namei.org> wrote: > On Sat, 9 Jul 2016, Mickaël Salaün wrote: > >> Fixes: a1db74209483 ("module: replace copy_module_from_fd with kernel version") >> >> Signed-off-by: Mickaël Salaün <mic@digikod.net> >> Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> >> Cc: Kees Cook <keescook@chromium.org> >> Cc: Luis R. Rodriguez <mcgrof@kernel.org> >> Cc: Rusty Russell <rusty@rustcorp.com.au> >> Cc: Linus Torvalds <torvalds@linux-foundation.org> >> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> > > > Acked-by: James Morris <james.l.morris@oracle.com> James, can you take this via the security-next tree? Thanks! -Kees
On Do, 2016-07-28 at 11:30 -0700, Kees Cook wrote: > On Tue, Jul 12, 2016 at 5:48 AM, James Morris <jmorris@namei.org> wrote: > > On Sat, 9 Jul 2016, Mickaël Salaün wrote: > > > >> Fixes: a1db74209483 ("module: replace copy_module_from_fd with kernel version") > >> > >> Signed-off-by: Mickaël Salaün <mic@digikod.net> > >> Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> > >> Cc: Kees Cook <keescook@chromium.org> > >> Cc: Luis R. Rodriguez <mcgrof@kernel.org> > >> Cc: Rusty Russell <rusty@rustcorp.com.au> > >> Cc: Linus Torvalds <torvalds@linux-foundation.org> > >> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> > > > > > > Acked-by: James Morris <james.l.morris@oracle.com> > > James, can you take this via the security-next tree? Kees, thank you for staying on top of this. James, did you want a pull request for this patch? Mimi -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sun, 31 Jul 2016, Mimi Zohar wrote: > On Do, 2016-07-28 at 11:30 -0700, Kees Cook wrote: > > On Tue, Jul 12, 2016 at 5:48 AM, James Morris <jmorris@namei.org> wrote: > > > On Sat, 9 Jul 2016, Mickaël Salaün wrote: > > > > > >> Fixes: a1db74209483 ("module: replace copy_module_from_fd with kernel version") > > >> > > >> Signed-off-by: Mickaël Salaün <mic@digikod.net> > > >> Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> > > >> Cc: Kees Cook <keescook@chromium.org> > > >> Cc: Luis R. Rodriguez <mcgrof@kernel.org> > > >> Cc: Rusty Russell <rusty@rustcorp.com.au> > > >> Cc: Linus Torvalds <torvalds@linux-foundation.org> > > >> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> > > > > > > > > > Acked-by: James Morris <james.l.morris@oracle.com> > > > > James, can you take this via the security-next tree? > > Kees, thank you for staying on top of this. James, did you want a pull > request for this patch? Nope, just a copy of the patch.
On Di, 2016-08-02 at 11:12 +1000, James Morris wrote: > On Sun, 31 Jul 2016, Mimi Zohar wrote: > > > James, can you take this via the security-next tree? > > > > Kees, thank you for staying on top of this. James, did you want a pull > > request for this patch? > > Nope, just a copy of the patch. Ok, I cleaned up the patch description, added Kees' ack, and pushed the patch to git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next. Please pick up the one commit - 56078b5 "module: Fully remove the kernel_module_from_file hook". Thanks, Mimi -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, 2 Aug 2016, Mimi Zohar wrote: > On Di, 2016-08-02 at 11:12 +1000, James Morris wrote: > > On Sun, 31 Jul 2016, Mimi Zohar wrote: > > > > > James, can you take this via the security-next tree? > > > > > > Kees, thank you for staying on top of this. James, did you want a pull > > > request for this patch? > > > > Nope, just a copy of the patch. > > Ok, I cleaned up the patch description, added Kees' ack, and pushed the > patch to > git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git > next. Please pick up the one commit - 56078b5 "module: Fully remove the > kernel_module_from_file hook". Thanks, applied.
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 7ae397669d8b..58c777ec8bcf 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1455,7 +1455,6 @@ union security_list_options { int (*kernel_act_as)(struct cred *new, u32 secid); int (*kernel_create_files_as)(struct cred *new, struct inode *inode); int (*kernel_module_request)(char *kmod_name); - int (*kernel_module_from_file)(struct file *file); int (*kernel_read_file)(struct file *file, enum kernel_read_file_id id); int (*kernel_post_read_file)(struct file *file, char *buf, loff_t size, enum kernel_read_file_id id); diff --git a/include/linux/security.h b/include/linux/security.h index 14df373ff2ca..2b8c7d2a3fd8 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -307,7 +307,6 @@ void security_transfer_creds(struct cred *new, const struct cred *old); int security_kernel_act_as(struct cred *new, u32 secid); int security_kernel_create_files_as(struct cred *new, struct inode *inode); int security_kernel_module_request(char *kmod_name); -int security_kernel_module_from_file(struct file *file); int security_kernel_read_file(struct file *file, enum kernel_read_file_id id); int security_kernel_post_read_file(struct file *file, char *buf, loff_t size, enum kernel_read_file_id id);
Fixes: a1db74209483 ("module: replace copy_module_from_fd with kernel version") Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> Cc: Kees Cook <keescook@chromium.org> Cc: Luis R. Rodriguez <mcgrof@kernel.org> Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> --- include/linux/lsm_hooks.h | 1 - include/linux/security.h | 1 - 2 files changed, 2 deletions(-)