From patchwork Thu Nov 29 16:48:40 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 10704905 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 78D0013AD for ; Thu, 29 Nov 2018 16:48:57 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6639B2F02F for ; Thu, 29 Nov 2018 16:48:57 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 57CEC2F0A7; Thu, 29 Nov 2018 16:48:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 416F82F02F for ; Thu, 29 Nov 2018 16:48:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729398AbeK3Dyx (ORCPT ); Thu, 29 Nov 2018 22:54:53 -0500 Received: from mail-lj1-f194.google.com ([209.85.208.194]:44853 "EHLO mail-lj1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729515AbeK3Dyx (ORCPT ); Thu, 29 Nov 2018 22:54:53 -0500 Received: by mail-lj1-f194.google.com with SMTP id k19-v6so2341733lji.11 for ; Thu, 29 Nov 2018 08:48:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to:cc; bh=Z7NkhbXTc1ivPOR52lD0OcjTo+PnwVcSBCzvDEYdl4k=; b=pXD3e70UTsvoSco1d3tPG1O0u9HOW/rlQ5xL2Qm7vIohQKsmZknTZaIwZ7zrGxROZj O0Ul0IC7kzW9ITtxBh03YsvZsAYG6cIYtr2M7KrqeSGKY+s8xlnQSpT7NFfLrKViw4bh D/tHxiVzMkJZd+Xw27WiVtOBCiGhxfs09OJuKtq7cTdWMjfauWWe3smsdyJYkl1MrnlL OfYkpVn5Udh96djRo0LCTWHeCTcSJPQcRv9qebYu0TN9GDgnbaZpZzs9f7IBGkN+N8v0 KZiPbmbXiKrl/wEFNDHyeOX9SkGGNwPXti9Q+sZvDXQVOPGdinJssKm5kBVtbHJmxw1n E3WQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=Z7NkhbXTc1ivPOR52lD0OcjTo+PnwVcSBCzvDEYdl4k=; b=gcPhUFY6tr+AA4toMf+4C8tiZSYG5u4wv+Uo6ytZWMfEHuF8ZuDrDlEF4Kb/A3G0oZ CsP3wBa0rzN7+S0gEN06ymqEbhNeURrjB9bhO6A1/LrWObF3iN9CECmW4eLtLWuaamO+ /gYhb1UAIBQbV38O+KL8VG8Eq8JSpJe16cQhULaSYSoipqHCj/DfvMfgAfBhnHnwsKBg 6DVhWz0JX25Jc+29WZ8FkgI5r0/pYbJDj9GOVQsp5ud7nQXwkUTOofP3ctycCP9l54wp ohQsvYbpQbLcuVyCSj6txP+h+THf1ShlEVbmk2cYcc1TiOWeXvPaprwVWp44jVgJDdkY OUeg== X-Gm-Message-State: AA+aEWb1OQo6BDqQkbz15QDkd+k8bLqJOonM0YFDRH2CA7FLx/h8UdIu 7ivur9gzpBvRMlTrQDwnbfTttujh/cJpHxxwI7GH X-Google-Smtp-Source: AFSGD/VUlzMJ5prSH+4ApZtG6Ylphq8/4yQay+0tXQwJLJAvysv1Qw4uLTGr97JPMFmWtgtZkJtBciEI1I0I8RXyr+s= X-Received: by 2002:a2e:93ce:: with SMTP id p14-v6mr1578379ljh.42.1543510131933; Thu, 29 Nov 2018 08:48:51 -0800 (PST) MIME-Version: 1.0 From: Paul Moore Date: Thu, 29 Nov 2018 11:48:40 -0500 Message-ID: Subject: [GIT PULL] SELinux fixes for v4.20 (#2) To: Linus Torvalds Cc: selinux@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Hi Linus, One more SELinux fix for v4.20: add some missing netlink message to SELinux permission mappings. The netlink messages were added in v4.19, but unfortunately we didn't catch it then because the mechanism to catch these things was bypassed. In addition to adding the mappings, we're adding some comments to the code to hopefully prevent bypasses in the future. Please merge for the next v4.20-rc release, thanks. -Paul --- The following changes since commit 877181a8d9dc663f7a73f77f50af714d7888ec3b: selinux: fix non-MLS handling in mls_context_to_sid() (2018-11-13 21:44:33 -0500) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git tags/selinux-pr-20181129 for you to fetch changes up to 598e1a42e9626213565d3b22ea948ce78556512a: selinux: add support for RTM_NEWCHAIN, RTM_DELCHAIN, and RTM_GETCHAIN (2018-11-29 11:32:02 -0500) ---------------------------------------------------------------- selinux/stable-4.20 PR 20181129 ---------------------------------------------------------------- Paul Moore (1): selinux: add support for RTM_NEWCHAIN, RTM_DELCHAIN, and RTM_GETCHAIN security/selinux/nlmsgtab.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-)