linux-dev/security/tomoyo/common.c, branch linus/master

tomoyo: Use str_yes_no()

2022-02-07T21:04:44Z

Remove the local yesno() implementation and adopt the str_yes_no() from linux/string_helpers.h. Signed-off-by: Lucas De Marchi Reviewed-by: Sakari Ailus Link: https://patchwork.freedesktop.org/patch/msgid/20220126093951.1470898-11-lucas.demarchi@intel.com

tomoyo: Fix typo in comments.

2020-12-06T04:44:57Z

Spotted by developers and codespell program. Co-developed-by: Xiaoming Ni Signed-off-by: Xiaoming Ni Co-developed-by: Souptick Joarder Signed-off-by: Souptick Joarder Signed-off-by: Tetsuo Handa

tomoyo: Fix null pointer check

2020-11-27T10:36:11Z

Since tomoyo_memory_ok() will check for null pointer returned by kzalloc() in tomoyo_assign_profile(), tomoyo_assign_namespace(), tomoyo_get_name() and tomoyo_commit_ok(), then emit OOM warnings if needed. And this is the expected behavior as informed by Tetsuo Handa. Let's add __GFP_NOWARN to kzalloc() in those related functions. Besides, to achieve this goal, remove the null check for entry right after kzalloc() in tomoyo_assign_namespace(). Reported-by: Hulk Robot Suggested-by: Tetsuo Handa Signed-off-by: Zheng Zengkai Signed-off-by: Tetsuo Handa

treewide: Use fallthrough pseudo-keyword

2020-08-23T22:36:59Z

Replace the existing /* fall through */ comments and its variants with the new pseudo-keyword macro fallthrough[1]. Also, remove unnecessary fall-through markings when it is the case. [1] https://www.kernel.org/doc/html/v5.7/process/deprecated.html?highlight=fallthrough#implicit-switch-case-fall-through Signed-off-by: Gustavo A. R. Silva

Merge tag 'tomoyo-pr-20200601' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1

2020-06-03T00:12:07Z

Pull tomoyo update from Tetsuo Handa: "One patch for suppressing coccicheck's warning" * tag 'tomoyo-pr-20200601' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1: tomoyo: use true for bool variable

tomoyo_write_control(): get rid of pointless access_ok()

2020-05-29T15:02:29Z

address is passed only to get_user() Signed-off-by: Al Viro

tomoyo: use true for bool variable

2020-05-11T23:39:53Z

Fixes coccicheck warning: security/tomoyo/common.c:1028:2-13: WARNING: Assignment of 0/1 to bool variable Reported-by: Hulk Robot Signed-off-by: Zou Wei Signed-off-by: Tetsuo Handa

tomoyo: Use atomic_t for statistics counter

2020-01-02T03:53:49Z

syzbot is reporting that there is a race at tomoyo_stat_update() [1]. Although it is acceptable to fail to track exact number of times policy was updated, convert to atomic_t because this is not a hot path. [1] https://syzkaller.appspot.com/bug?id=a4d7b973972eeed410596e6604580e0133b0fc04 Reported-by: syzbot Signed-off-by: Tetsuo Handa

tomoyo: Suppress RCU warning at list_for_each_entry_rcu().

2019-12-16T14:02:27Z

John Garry has reported that allmodconfig kernel on arm64 causes flood of "RCU-list traversed in non-reader section!!" warning. I don't know what change caused this warning, but this warning is safe because TOMOYO uses SRCU lock instead. Let's suppress this warning by explicitly telling that the caller is holding SRCU lock. Reported-and-tested-by: John Garry Signed-off-by: Tetsuo Handa

tomoyo: Add a kernel config option for fuzzing testing.

2019-05-10T21:58:11Z

syzbot is reporting kernel panic triggered by memory allocation fault injection before loading TOMOYO's policy [1]. To make the fuzzing tests useful, we need to assign a profile other than "disabled" (no-op) mode. Therefore, let's allow syzbot to load TOMOYO's built-in policy for "learning" mode using a kernel config option. This option must not be enabled for kernels built for production system, for this option also disables domain/program checks when modifying policy configuration via /sys/kernel/security/tomoyo/ interface. [1] https://syzkaller.appspot.com/bug?extid=29569ed06425fcf67a95 Reported-by: syzbot Reported-by: syzbot Reported-by: syzbot Signed-off-by: Tetsuo Handa Signed-off-by: James Morris