From: Casey Schaufler <casey@schaufler-ca.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: LSM List <linux-security-module@vger.kernel.org>,
Linux kernel mailing list <linux-kernel@vger.kernel.org>,
Casey Schaufler <casey@schaufler-ca.com>,
roberto Sassu <roberto.sassu@huaweicloud.com>
Subject: [GIT PULL] Smack patches for 6.9
Date: Mon, 11 Mar 2024 13:47:16 -0700 [thread overview]
Message-ID: <5f321246-e0ba-4882-a42d-fe174d593aaf@schaufler-ca.com> (raw)
In-Reply-To: 5f321246-e0ba-4882-a42d-fe174d593aaf.ref@schaufler-ca.com
Hello Linus,
Here is the Smack pull request for v6.9.
There are 6 patches. One is a simple refactoring to remove
code duplication. The other five, from Roberto Sassu, correct
the in-memory inode initialization path used by ramfs in Smack.
This is necessary for ramfs to correctly handle directory label
transmutation.
All has been in the next branch and pass all tests.
The following changes since commit 6613476e225e090cc9aad49be7fa504e290dd33d:
Linux 6.8-rc1 (2024-01-21 14:11:32 -0800)
are available in the Git repository at:
https://github.com/cschaufler/smack-next tags/Smack-for-6.9
for you to fetch changes up to 69b6d71052b54fb10feba68564ccb41c0f0ce1e9:
Smack: use init_task_smack() in smack_cred_transfer() (2024-02-14 10:47:06 -0800)
----------------------------------------------------------------
Smack updates for v6.9.
Improvements to the initialization of in-memory inodes.
A fix in ramfs to propery ensure the initialization of
in-memory inodes.
Removal of duplicated code in smack_cred_transfer().
----------------------------------------------------------------
Casey Schaufler (1):
Smack: use init_task_smack() in smack_cred_transfer()
Roberto Sassu (5):
smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()
smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()
smack: Always determine inode labels in smack_inode_init_security()
smack: Initialize the in-memory inode in smack_inode_init_security()
ramfs: Initialize security of in-memory inodes
fs/ramfs/inode.c | 32 +++++++++++++-
security/smack/smack_lsm.c | 102 +++++++++++++++++++++++++--------------------
2 files changed, 87 insertions(+), 47 deletions(-)
next parent reply other threads:[~2024-03-11 20:47 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <5f321246-e0ba-4882-a42d-fe174d593aaf.ref@schaufler-ca.com>
2024-03-11 20:47 ` Casey Schaufler [this message]
2024-03-12 22:24 ` [GIT PULL] Smack patches for 6.9 pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5f321246-e0ba-4882-a42d-fe174d593aaf@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=roberto.sassu@huaweicloud.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).