Web lists-archives.com

[GIT PULL] SELinux patches for v4.15

Hi Linus,

Seven SELinux patches for v4.15, although five of the seven are small
build fixes and cleanups.  Of the remaining two patches, the only one
worth really calling out is Eric's fix for the SELinux filesystem
xattr set/remove code; the other patch simply converts the SELinux
hash table implementation to use kmem_cache.  Eric's
setxattr/removexattr tweak converts SELinux back to calling the
commoncap implementations when the xattr is not SELinux related.  The
immediate win is to fixup filesystem capabilities in user namespaces,
but it makes things a bit saner overall; more information in the
commit description.

Please merge for v4.15.


The following changes since commit 2bd6bf03f4c1c59381d62c61d03f6cc3fe71f66e:

 Linux 4.14-rc1 (2017-09-16 15:47:51 -0700)

are available in the Git repository at:


for you to fetch changes up to 5794ed762ac2125299644494766704da94168ec0:

 selinux: remove extraneous initialization of slots_used and max_chain_len
  (2017-10-16 18:40:09 -0400)

selinux/stable-4.15 PR 20171113

Colin Ian King (3):
     selinux: remove redundant assignment to str
     selinux: remove redundant assignment to len
     selinux: remove extraneous initialization of slots_used and max_chain_len

Corentin LABBE (2):
     selinux: fix build warning by removing the unused sid variable
     selinux: fix build warning

Eric W. Biederman (1):
     selinux: Perform both commoncap and selinux xattr checks

Kyeongdon Kim (1):
     selinux: Use kmem_cache for hashtab_node

security/selinux/hooks.c          | 55 ++++++++++++++---------------------
security/selinux/ss/conditional.c |  1 -
security/selinux/ss/hashtab.c     | 19 +++++++++++---
security/selinux/ss/hashtab.h     |  4 +++
security/selinux/ss/services.c    |  4 +++
5 files changed, 47 insertions(+), 36 deletions(-)

paul moore