Hi Linus,
Like the audit PR this is a little early due to some upcoming vacation
plans and uncertain network access while I'm away. Also like the
audit PR, the list of patches here is pretty minor, the highlights
include:
- Explicitly use __le variables to make sure "sparse" can verify
proper byte endian handling.
- Remove some BUG_ON()s that are no longer needed.
- Allow zero-byte writes to the "keycreate" procfs attribute without
requiring key:create to make it easier for userspace to reset the
keycreate label.
- Consistently log the "invalid_context" field as an untrusted string
in the AUDIT_SELINUX_ERR audit records.
Please pull this once the merge window opens,
-Paul
--
The following changes since commit a188339ca5a396acc588e5851ed7e19f66b0ebd9:
Linux 5.2-rc1 (2019-05-19 15:47:09 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
tags/selinux-pr-20190702
for you to fetch changes up to ea74a685ad819aeed316a9bae3d2a5bf762da82d:
selinux: format all invalid context as untrusted
(2019-07-01 16:29:05 -0400)
----------------------------------------------------------------
selinux/stable-5.3 PR 20190702
----------------------------------------------------------------
Nicholas Mc Guire (1):
selinux: provide __le variables explicitly
Ondrej Mosnacek (2):
selinux: remove some no-op BUG_ONs
selinux: fix empty write to keycreate file
Richard Guy Briggs (1):
selinux: format all invalid context as untrusted
security/selinux/hooks.c | 11 ++++++-----
security/selinux/ss/ebitmap.c | 10 ++++++----
security/selinux/ss/services.c | 33 +++++++++++++++++++--------------
3 files changed, 31 insertions(+), 23 deletions(-)
--
paul moore
www.paul-moore.com
