diff options
author | James Morris <jmorris@namei.org> | 2011-11-16 12:39:48 +1100 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-11-16 12:39:48 +1100 |
commit | 24942c8e5cc8696064ee207ff29d4cf21f70dafc (patch) | |
tree | 08a8221eb72ec3da7746d7d76f6f5915ce77cde7 /security | |
parent | e163bc8e4a0cd1cdffadb58253f7651201722d56 (diff) | |
parent | ff0ff78068dd8a962358dbbdafa9d6f24540d3e5 (diff) | |
download | op-kernel-dev-24942c8e5cc8696064ee207ff29d4cf21f70dafc.zip op-kernel-dev-24942c8e5cc8696064ee207ff29d4cf21f70dafc.tar.gz |
Merge branch 'master'; commit 'v3.2-rc2' into next
Diffstat (limited to 'security')
-rw-r--r-- | security/integrity/ima/Kconfig | 2 | ||||
-rw-r--r-- | security/keys/compat.c | 2 | ||||
-rw-r--r-- | security/keys/encrypted-keys/encrypted.c | 2 | ||||
-rw-r--r-- | security/keys/keyctl.c | 2 | ||||
-rw-r--r-- | security/keys/trusted.c | 2 | ||||
-rw-r--r-- | security/keys/user_defined.c | 3 | ||||
-rw-r--r-- | security/security.c | 1 | ||||
-rw-r--r-- | security/selinux/hooks.c | 1 | ||||
-rw-r--r-- | security/selinux/netlink.c | 1 | ||||
-rw-r--r-- | security/tomoyo/common.c | 5 |
10 files changed, 14 insertions, 7 deletions
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig index 19c053b..4f554f20 100644 --- a/security/integrity/ima/Kconfig +++ b/security/integrity/ima/Kconfig @@ -9,7 +9,7 @@ config IMA select CRYPTO_HMAC select CRYPTO_MD5 select CRYPTO_SHA1 - select TCG_TPM if !S390 + select TCG_TPM if !S390 && !UML select TCG_TIS if TCG_TPM help The Trusted Computing Group(TCG) runtime Integrity diff --git a/security/keys/compat.c b/security/keys/compat.c index 338b510..4c48e13 100644 --- a/security/keys/compat.c +++ b/security/keys/compat.c @@ -38,7 +38,7 @@ long compat_keyctl_instantiate_key_iov( ret = compat_rw_copy_check_uvector(WRITE, _payload_iov, ioc, ARRAY_SIZE(iovstack), - iovstack, &iov); + iovstack, &iov, 1); if (ret < 0) return ret; if (ret == 0) diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c index f33804c..dcc843c 100644 --- a/security/keys/encrypted-keys/encrypted.c +++ b/security/keys/encrypted-keys/encrypted.c @@ -293,7 +293,7 @@ static char *datablob_format(struct encrypted_key_payload *epayload, /* convert the hex encoded iv, encrypted-data and HMAC to ascii */ bufp = &ascii_buf[len]; for (i = 0; i < (asciiblob_len - len) / 2; i++) - bufp = pack_hex_byte(bufp, iv[i]); + bufp = hex_byte_pack(bufp, iv[i]); out: return ascii_buf; } diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index eca5191..0b3f5d7 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c @@ -1065,7 +1065,7 @@ long keyctl_instantiate_key_iov(key_serial_t id, goto no_payload; ret = rw_copy_check_uvector(WRITE, _payload_iov, ioc, - ARRAY_SIZE(iovstack), iovstack, &iov); + ARRAY_SIZE(iovstack), iovstack, &iov, 1); if (ret < 0) return ret; if (ret == 0) diff --git a/security/keys/trusted.c b/security/keys/trusted.c index 0964fc2..0ed5fdf 100644 --- a/security/keys/trusted.c +++ b/security/keys/trusted.c @@ -1098,7 +1098,7 @@ static long trusted_read(const struct key *key, char __user *buffer, bufp = ascii_buf; for (i = 0; i < p->blob_len; i++) - bufp = pack_hex_byte(bufp, p->blob[i]); + bufp = hex_byte_pack(bufp, p->blob[i]); if ((copy_to_user(buffer, ascii_buf, 2 * p->blob_len)) != 0) { kfree(ascii_buf); return -EFAULT; diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c index 5b366d7..69ff52c 100644 --- a/security/keys/user_defined.c +++ b/security/keys/user_defined.c @@ -102,7 +102,8 @@ int user_update(struct key *key, const void *data, size_t datalen) key->expiry = 0; } - kfree_rcu(zap, rcu); + if (zap) + kfree_rcu(zap, rcu); error: return ret; diff --git a/security/security.c b/security/security.c index c1d6987..0c6cc69 100644 --- a/security/security.c +++ b/security/security.c @@ -1151,6 +1151,7 @@ void security_sk_clone(const struct sock *sk, struct sock *newsk) { security_ops->sk_clone_security(sk, newsk); } +EXPORT_SYMBOL(security_sk_clone); void security_sk_classify_flow(struct sock *sk, struct flowi *fl) { diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index e545b9f..1126c10 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -80,6 +80,7 @@ #include <linux/posix-timers.h> #include <linux/syslog.h> #include <linux/user_namespace.h> +#include <linux/export.h> #include "avc.h" #include "objsec.h" diff --git a/security/selinux/netlink.c b/security/selinux/netlink.c index ce3f481..161e01a 100644 --- a/security/selinux/netlink.c +++ b/security/selinux/netlink.c @@ -14,6 +14,7 @@ #include <linux/slab.h> #include <linux/stddef.h> #include <linux/kernel.h> +#include <linux/export.h> #include <linux/skbuff.h> #include <linux/netlink.h> #include <linux/selinux_netlink.h> diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 610b535..c47d3ce 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c @@ -748,8 +748,10 @@ static void tomoyo_read_profile(struct tomoyo_io_buffer *head) head->r.index++) if (ns->profile_ptr[head->r.index]) break; - if (head->r.index == TOMOYO_MAX_PROFILES) + if (head->r.index == TOMOYO_MAX_PROFILES) { + head->r.eof = true; return; + } head->r.step++; break; case 2: @@ -761,6 +763,7 @@ static void tomoyo_read_profile(struct tomoyo_io_buffer *head) tomoyo_io_printf(head, "%u-COMMENT=", index); tomoyo_set_string(head, comment ? comment->name : ""); tomoyo_set_lf(head); + tomoyo_print_namespace(head); tomoyo_io_printf(head, "%u-PREFERENCE={ ", index); for (i = 0; i < TOMOYO_MAX_PREF; i++) tomoyo_io_printf(head, "%s=%u ", |