diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2015-09-08 12:41:25 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2015-09-08 12:41:25 -0700 |
commit | b793c005ceabf6db0b17494b0ec67ade6796bb34 (patch) | |
tree | 080c884f04254403ec9564742f591a9fd9b7e95a /MAINTAINERS | |
parent | 6f0a2fc1feb19bd142961a39dc118e7e55418b3f (diff) | |
parent | 07f081fb5057b2ea98baeca3a47bf0eb33e94aa1 (diff) | |
download | linux-b793c005ceabf6db0b17494b0ec67ade6796bb34.tar.gz |
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris: "Highlights: - PKCS#7 support added to support signed kexec, also utilized for module signing. See comments in 3f1e1bea. ** NOTE: this requires linking against the OpenSSL library, which must be installed, e.g. the openssl-devel on Fedora ** - Smack - add IPv6 host labeling; ignore labels on kernel threads - support smack labeling mounts which use binary mount data - SELinux: - add ioctl whitelisting (see http://kernsec.org/files/lss2015/vanderstoep.pdf) - fix mprotect PROT_EXEC regression caused by mm change - Seccomp: - add ptrace options for suspend/resume" * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (57 commits) PKCS#7: Add OIDs for sha224, sha284 and sha512 hash algos and use them Documentation/Changes: Now need OpenSSL devel packages for module signing scripts: add extract-cert and sign-file to .gitignore modsign: Handle signing key in source tree modsign: Use if_changed rule for extracting cert from module signing key Move certificate handling to its own directory sign-file: Fix warning about BIO_reset() return value PKCS#7: Add MODULE_LICENSE() to test module Smack - Fix build error with bringup unconfigured sign-file: Document dependency on OpenSSL devel libraries PKCS#7: Appropriately restrict authenticated attributes and content type KEYS: Add a name for PKEY_ID_PKCS7 PKCS#7: Improve and export the X.509 ASN.1 time object decoder modsign: Use extract-cert to process CONFIG_SYSTEM_TRUSTED_KEYS extract-cert: Cope with multiple X.509 certificates in a single file sign-file: Generate CMS message as signature instead of PKCS#7 PKCS#7: Support CMS messages also [RFC5652] X.509: Change recorded SKID & AKID to not include Subject or Issuer PKCS#7: Check content type and versions MAINTAINERS: The keyrings mailing list has moved ...
Diffstat (limited to 'MAINTAINERS')
-rw-r--r-- | MAINTAINERS | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/MAINTAINERS b/MAINTAINERS index 4d8c8e10fb39..6dfc2242715d 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -2621,6 +2621,15 @@ S: Supported F: Documentation/filesystems/ceph.txt F: fs/ceph/ +CERTIFICATE HANDLING: +M: David Howells <dhowells@redhat.com> +M: David Woodhouse <dwmw2@infradead.org> +L: keyrings@linux-nfs.org +S: Maintained +F: Documentation/module-signing.txt +F: certs/ +F: scripts/extract-cert.c + CERTIFIED WIRELESS USB (WUSB) SUBSYSTEM: L: linux-usb@vger.kernel.org S: Orphan @@ -5994,7 +6003,7 @@ F: kernel/kexec.c KEYS/KEYRINGS: M: David Howells <dhowells@redhat.com> -L: keyrings@linux-nfs.org +L: keyrings@vger.kernel.org S: Maintained F: Documentation/security/keys.txt F: include/linux/key.h @@ -6006,7 +6015,7 @@ KEYS-TRUSTED M: David Safford <safford@us.ibm.com> M: Mimi Zohar <zohar@linux.vnet.ibm.com> L: linux-security-module@vger.kernel.org -L: keyrings@linux-nfs.org +L: keyrings@vger.kernel.org S: Supported F: Documentation/security/keys-trusted-encrypted.txt F: include/keys/trusted-type.h @@ -6017,7 +6026,7 @@ KEYS-ENCRYPTED M: Mimi Zohar <zohar@linux.vnet.ibm.com> M: David Safford <safford@us.ibm.com> L: linux-security-module@vger.kernel.org -L: keyrings@linux-nfs.org +L: keyrings@vger.kernel.org S: Supported F: Documentation/security/keys-trusted-encrypted.txt F: include/keys/encrypted-type.h @@ -9264,6 +9273,12 @@ T: git git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev.git S: Supported F: security/apparmor/ +YAMA SECURITY MODULE +M: Kees Cook <keescook@chromium.org> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git yama/tip +S: Supported +F: security/yama/ + SENSABLE PHANTOM M: Jiri Slaby <jirislaby@gmail.com> S: Maintained |