[GIT PULL] SELinux patches for v5.1
Paul Moore
paul at paul-moore.com
Tue Mar 5 22:17:30 UTC 2019
Hi Linus,
Nine SELinux patches for v5.1, all bug fixes. As far as I'm
concerned, nothing really jumps out as risky or special to me, but
each commit has a decent description so you can judge for yourself.
As usual, everything passes the selinux-testsuite; please merge for
v5.1.
Thanks,
-Paul
--
The following changes since commit bfeffd155283772bbe78c6a05dec7c0128ee500c:
Linux 5.0-rc1 (2019-01-06 17:08:20 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
tags/selinux-pr-20190305
for you to fetch changes up to 45189a1998e00f6375ebd49d1e18161acddd73de:
selinux: fix avc audit messages (2019-02-05 12:34:33 -0500)
----------------------------------------------------------------
selinux/stable-5.1 PR 20190305
----------------------------------------------------------------
Ondrej Mosnacek (6):
selinux: never allow relabeling on context mounts
selinux: do not override context on context mounts
selinux: inline some AVC functions used only once
selinux: replace some BUG_ON()s with a WARN_ON()
selinux: log invalid contexts in AVCs
selinux: replace BUG_ONs with WARN_ONs in avc.c
Stephen Smalley (3):
selinux: avoid silent denials in permissive mode under RCU walk
selinux: stop passing MAY_NOT_BLOCK to the AVC upon follow_link
selinux: fix avc audit messages
security/selinux/avc.c | 199 +++++++++++++++++-------------------
security/selinux/hooks.c | 58 ++++++++---
security/selinux/include/avc.h | 6 +-
security/selinux/include/security.h | 3 +
security/selinux/ss/services.c | 37 ++++++-
5 files changed, 176 insertions(+), 127 deletions(-)
--
paul moore
www.paul-moore.com
More information about the Linux-security-module-archive
mailing list