Linux kernel development work - see feature branches https://git.zx2c4.com/linux-dev/atom/Documentation/security?h=master 2022-09-29T16:43:04Z 2022-09-29T16:43:04Z Mickaël Salaün mic@digikod.net 2022-09-23T15:42:07Z urn:sha1:2fff00c81d4c37a037cf704d2d219fbcb45aea3c It seems that all code should use double backquotes, which is also used to convert "%" defines. Let's use an homogeneous style and remove all use of simple backquotes (which should only be used for emphasis). Cc: Günther Noack <gnoack3000@gmail.com> Cc: Paul Moore <paul@paul-moore.com> Signed-off-by: Mickaël Salaün <mic@digikod.net> Link: https://lore.kernel.org/r/20220923154207.3311629-4-mic@digikod.net 2022-09-29T16:43:03Z Mickaël Salaün mic@digikod.net 2022-09-23T15:42:06Z urn:sha1:16023b05f0832f5bc14e6e0d1e7be4d00e01e1bb Now that we have more than one ABI version, make limitation explanation more consistent by replacing "ABI 1" with "ABI < 2". This also indicates which ABIs support such past limitation. Improve documentation consistency by not using contractions. Fix spelling in fs.c . Cc: Paul Moore <paul@paul-moore.com> Signed-off-by: Mickaël Salaün <mic@digikod.net> Reviewed-by: Günther Noack <gnoack3000@gmail.com> Link: https://lore.kernel.org/r/20220923154207.3311629-3-mic@digikod.net 2022-07-13T20:01:22Z Dov Murik dovmurik@linux.ibm.com 2022-07-12T10:44:55Z urn:sha1:12fe434314c8572c8043c6eee6799d2ccac99f26 The siphash documentation misspelled "offsetendof" instead of "offsetofend". Fixes: 2c956a60778cbb ("siphash: add cryptographically secure PRF") Signed-off-by: Dov Murik <dovmurik@linux.ibm.com> Acked-by: Jason A. Donenfeld <Jason@zx2c4.com> Link: https://lore.kernel.org/r/20220712104455.1408150-1-dovmurik@linux.ibm.com Signed-off-by: Jonathan Corbet <corbet@lwn.net> 2022-07-07T19:09:59Z Mauro Carvalho Chehab mchehab@kernel.org 2022-06-26T09:10:58Z urn:sha1:7ac3945d8e22cfa4f32ec5b7f81a68d2afe4e38e Changeset daec8d408308 ("Documentation: KVM: add separate directories for architecture-specific documentation") renamed: Documentation/virt/kvm/amd-memory-encryption.rst to: Documentation/virt/kvm/x86/amd-memory-encryption.rst. Update the cross-references accordingly. Fixes: daec8d408308 ("Documentation: KVM: add separate directories for architecture-specific documentation") Signed-off-by: Mauro Carvalho Chehab <mchehab@kernel.org> Link: https://lore.kernel.org/r/fd80db889e34aae87a4ca88cad94f650723668f4.1656234456.git.mchehab@kernel.org Signed-off-by: Jonathan Corbet <corbet@lwn.net> 2022-07-07T19:09:59Z Mauro Carvalho Chehab mchehab@kernel.org 2022-06-26T09:10:56Z urn:sha1:c02b872a7ca7842e4cdbbf621f77607d0a655f83 Changeset f5461124d59b ("Documentation: move watch_queue to core-api") renamed: Documentation/watch_queue.rst to: Documentation/core-api/watch_queue.rst. Update the cross-references accordingly. Fixes: f5461124d59b ("Documentation: move watch_queue to core-api") Reviewed-by: Randy Dunlap <rdunlap@infradead.org> Signed-off-by: Mauro Carvalho Chehab <mchehab@kernel.org> Link: https://lore.kernel.org/r/1c220de9c58f35e815a3df9458ac2bea323c8bfb.1656234456.git.mchehab@kernel.org Signed-off-by: Jonathan Corbet <corbet@lwn.net> 2022-05-24T20:50:39Z Linus Torvalds torvalds@linux-foundation.org 2022-05-24T20:50:39Z urn:sha1:0350785b0a092c99c5ddd2ace0260dbe7b3f919f Pull IMA updates from Mimi Zohar: "New is IMA support for including fs-verity file digests and signatures in the IMA measurement list as well as verifying the fs-verity file digest based signatures, both based on policy. In addition, are two bug fixes: - avoid reading UEFI variables, which cause a page fault, on Apple Macs with T2 chips. - remove the original "ima" template Kconfig option to address a boot command line ordering issue. The rest is a mixture of code/documentation cleanup" * tag 'integrity-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: integrity: Fix sparse warnings in keyring_handler evm: Clean up some variables evm: Return INTEGRITY_PASS for enum integrity_status value '0' efi: Do not import certificates from UEFI Secure Boot for T2 Macs fsverity: update the documentation ima: support fs-verity file digest based version 3 signatures ima: permit fsverity's file digests in the IMA measurement list ima: define a new template field named 'd-ngv2' and templates fs-verity: define a function to return the integrity protected file digest ima: use IMA default hash algorithm for integrity violations ima: fix 'd-ng' comments and documentation ima: remove the IMA_TEMPLATE Kconfig option ima: remove redundant initialization of pointer 'file'. 2022-05-24T20:16:50Z Linus Torvalds torvalds@linux-foundation.org 2022-05-24T20:16:50Z urn:sha1:7cf6a8a17f5b134b7e783c2d45c53298faef82a7 Pull tpm updates from Jarkko Sakkinen: - Tightened validation of key hashes for SYSTEM_BLACKLIST_HASH_LIST. An invalid hash format causes a compilation error. Previously, they got included to the kernel binary but were silently ignored at run-time. - Allow root user to append new hashes to the blacklist keyring. - Trusted keys backed with Cryptographic Acceleration and Assurance Module (CAAM), which part of some of the new NXP's SoC's. Now there is total three hardware backends for trusted keys: TPM, ARM TEE and CAAM. - A scattered set of fixes and small improvements for the TPM driver. * tag 'tpmdd-next-v5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd: MAINTAINERS: add KEYS-TRUSTED-CAAM doc: trusted-encrypted: describe new CAAM trust source KEYS: trusted: Introduce support for NXP CAAM-based trusted keys crypto: caam - add in-kernel interface for blob generator crypto: caam - determine whether CAAM supports blob encap/decap KEYS: trusted: allow use of kernel RNG for key material KEYS: trusted: allow use of TEE as backend without TCG_TPM support tpm: Add field upgrade mode support for Infineon TPM2 modules tpm: Fix buffer access in tpm2_get_tpm_pt() char: tpm: cr50_i2c: Suppress duplicated error message in .remove() tpm: cr50: Add new device/vendor ID 0x504a6666 tpm: Remove read16/read32/write32 calls from tpm_tis_phy_ops tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() tpm/tpm_ftpm_tee: Return true/false (not 1/0) from bool functions certs: Explain the rationale to call panic() certs: Allow root user to append signed hashes to the blacklist keyring certs: Check that builtin blacklist hashes are valid certs: Make blacklist_vet_description() more strict certs: Factor out the blacklist hash creation tools/certs: Add print-cert-tbs-hash.sh 2022-05-24T20:09:13Z Linus Torvalds torvalds@linux-foundation.org 2022-05-24T20:09:13Z urn:sha1:cb44e4f061e16be65b8a16505e121490c66d30d0 Pull Landlock updates from Mickaël Salaün: - improve the path_rename LSM hook implementations for RENAME_EXCHANGE; - fix a too-restrictive filesystem control for a rare corner case; - set the nested sandbox limitation to 16 layers; - add a new LANDLOCK_ACCESS_FS_REFER access right to properly handle file reparenting (i.e. full rename and link support); - add new tests and documentation; - format code with clang-format to make it easier to maintain and contribute. * tag 'landlock-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux: (30 commits) landlock: Explain how to support Landlock landlock: Add design choices documentation for filesystem access rights landlock: Document good practices about filesystem policies landlock: Document LANDLOCK_ACCESS_FS_REFER and ABI versioning samples/landlock: Add support for file reparenting selftests/landlock: Add 11 new test suites dedicated to file reparenting landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER LSM: Remove double path_rename hook calls for RENAME_EXCHANGE landlock: Move filesystem helpers and add a new one landlock: Fix same-layer rule unions landlock: Create find_rule() from unmask_layers() landlock: Reduce the maximum number of layers to 16 landlock: Define access_mask_t to enforce a consistent access mask size selftests/landlock: Test landlock_create_ruleset(2) argument check ordering landlock: Change landlock_restrict_self(2) check ordering landlock: Change landlock_add_rule(2) argument check ordering selftests/landlock: Add tests for O_PATH selftests/landlock: Fully test file rename with "remove" access selftests/landlock: Extend access right tests to directories selftests/landlock: Add tests for unknown access rights ... 2022-05-23T18:27:24Z Linus Torvalds torvalds@linux-foundation.org 2022-05-23T18:27:24Z urn:sha1:bf2431021c8cfe52c866d7bf640ced03a35ebe91 Pull EFI updates from Ard Biesheuvel: - Allow runtime services to be re-enabled at boot on RT kernels. - Provide access to secrets injected into the boot image by CoCo hypervisors (COnfidential COmputing) - Use DXE services on x86 to make the boot image executable after relocation, if needed. - Prefer mirrored memory for randomized allocations. - Only randomize the placement of the kernel image on arm64 if the loader has not already done so. - Add support for obtaining the boot hartid from EFI on RISC-V. * tag 'efi-next-for-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi: riscv/efi_stub: Add support for RISCV_EFI_BOOT_PROTOCOL efi: stub: prefer mirrored memory for randomized allocations efi/arm64: libstub: run image in place if randomized by the loader efi: libstub: pass image handle to handle_kernel_image() efi: x86: Set the NX-compatibility flag in the PE header efi: libstub: ensure allocated memory to be executable efi: libstub: declare DXE services table efi: Add missing prototype for efi_capsule_setup_info docs: security: Add secrets/coco documentation efi: Register efi_secret platform device if EFI secret area is declared virt: Add efi_secret module to expose confidential computing secrets efi: Save location of EFI confidential computing area efi: Allow to enable EFI runtime services by default on RT 2022-05-23T15:47:50Z Ahmad Fatoum a.fatoum@pengutronix.de 2022-05-13T14:57:04Z urn:sha1:5002426e426166f57e1636b936666b275e6b3d2f Update documentation for trusted key use with the Cryptographic Acceleration and Assurance Module (CAAM), an IP on NXP SoCs. Reviewed-by: Pankaj Gupta <pankaj.gupta@nxp.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>