Linus,
Nothing too significant, but five SELinux patches for v5.17 that do
the following:
- Hardened the code through additional use of the struct_size() macro.
- Plugged some memory leaks.
- Cleaned up the code via removal of the security_add_mnt_opt() LSM
hook and minor tweaks to selinux_add_opt().
- Renamed security_task_getsecid_subj() to
security_current_getsecid_subj() to better reflect its actual
behavior/use.
Please merge.
-Paul
--
The following changes since commit fa55b7dcdc43c1aa1ba12bca9d2dd4318c2a0dbf:
Linux 5.16-rc1 (2021-11-14 13:56:52 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
tags/selinux-pr-20220110
for you to fetch changes up to 6cd9d4b97891560b61681cad9cc4307ce0719abc:
selinux: minor tweaks to selinux_add_opt() (2021-12-21 15:14:45 -0500)
----------------------------------------------------------------
selinux/stable-5.17 PR 20220110
----------------------------------------------------------------
Bernard Zhao (1):
selinux: fix potential memleak in selinux_add_opt()
Ondrej Mosnacek (1):
security,selinux: remove security_add_mnt_opt()
Paul Moore (2):
lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
selinux: minor tweaks to selinux_add_opt()
Xiu Jianfeng (1):
selinux: Use struct_size() helper in kmalloc()
include/linux/lsm_hook_defs.h | 5 +--
include/linux/lsm_hooks.h | 10 ++---
include/linux/security.h | 12 +----
kernel/audit.c | 4 +-
kernel/auditfilter.c | 3 +-
kernel/auditsc.c | 11 ++++-
net/netlabel/netlabel_unlabeled.c | 2 +-
net/netlabel/netlabel_user.h | 2 +-
security/apparmor/lsm.c | 13 ++++--
security/integrity/ima/ima_appraise.c | 2 +-
security/integrity/ima/ima_main.c | 14 +++---
security/security.c | 14 ++----
security/selinux/hooks.c | 84 +++++++------------------------
security/selinux/ss/sidtab.c | 2 +-
security/selinux/xfrm.c | 4 +-
security/smack/smack.h | 16 -------
security/smack/smack_lsm.c | 9 ++--
17 files changed, 70 insertions(+), 137 deletions(-)
--
paul moore
www.paul-moore.com
