linux/drivers
Daniel Jurgens 47a2b338fe IB/core: Enforce security on management datagrams
Allocate and free a security context when creating and destroying a MAD
agent.  This context is used for controlling access to PKeys and sending
and receiving SMPs.

When sending or receiving a MAD check that the agent has permission to
access the PKey for the Subnet Prefix of the port.

During MAD and snoop agent registration for SMI QPs check that the
calling process has permission to access the manage the subnet  and
register a callback with the LSM to be notified of policy changes. When
notificaiton of a policy change occurs recheck permission and set a flag
indicating sending and receiving SMPs is allowed.

When sending and receiving MADs check that the agent has access to the
SMI if it's on an SMI QP.  Because security policy can change it's
possible permission was allowed when creating the agent, but no longer
is.

Signed-off-by: Daniel Jurgens <danielj@mellanox.com>
Acked-by: Doug Ledford <dledford@redhat.com>
[PM: remove the LSM hook init code]
Signed-off-by: Paul Moore <paul@paul-moore.com>
2017-05-23 12:27:21 -04:00
..
accessibility
acpi More ACPI updates for v4.12-rc1 2017-05-10 09:35:42 -07:00
amba
android
ata ARM: SoC driver updates 2017-05-09 10:01:15 -07:00
atm
auxdisplay
base More power management updates for v4.12-rc1 2017-05-10 09:12:30 -07:00
bcma
block Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2017-05-20 16:12:30 -07:00
bluetooth Bluetooth: hci_ldisc: Add protocol check to hci_uart_tx_wakeup() 2017-04-30 12:22:14 +02:00
bus
cdrom
char drivers: char: mem: Check for address space wraparound with mmap() 2017-05-18 16:53:55 +02:00
clk Sort of on the quieter side this time, which is probably due more 2017-05-10 13:38:18 -07:00
clocksource Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-05-12 10:43:25 -07:00
connector
cpufreq Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2017-05-12 09:56:30 -07:00
cpuidle Merge branches 'pm-domains', 'pm-cpuidle', 'pm-sleep' and 'powercap' 2017-05-09 23:21:46 +02:00
crypto virtio: fixes, cleanups, performance 2017-05-10 11:33:08 -07:00
dax dax: fix false CONFIG_BLOCK dependency 2017-05-13 16:18:21 -07:00
dca
devfreq
dio
dma dmaengine updates for 4.12-rc1 2017-05-09 15:40:28 -07:00
dma-buf
edac EDAC, amd64: Fix reporting of Chip Select sizes on Fam17h 2017-05-03 16:27:36 +02:00
eisa
extcon
firewire
firmware Char/Misc driver fixes for 4.12-rc2 2017-05-20 08:44:22 -07:00
fmc
fpga fpga fr br: update supported version numbers 2017-04-26 11:38:56 +02:00
fsi
gpio Annotation of module parameters that specify device settings 2017-05-10 19:13:03 -07:00
gpu Merge branch 'for-upstream/hdlcd' of git://linux-arm.org/linux-ld into drm-fixes 2017-05-20 06:00:49 +10:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2017-05-02 19:09:35 -07:00
hsi
hv char/misc patches for 4.12-rc1 2017-05-04 19:15:35 -07:00
hwmon hwmon: (coretemp) Handle frozen hotplug state correctly 2017-05-14 07:49:32 -07:00
hwspinlock
hwtracing drivers/hwtracing/intel_th/msu.c: use set_memory.h header 2017-05-08 17:15:14 -07:00
i2c i2c: designware: don't infer timings described by ACPI from clock rate 2017-05-19 14:36:24 +02:00
ide ide: don't call memcpy with the same source and destination 2017-05-08 17:36:39 -04:00
idle x86/intel_idle: add Gemini Lake support 2017-05-01 23:17:37 +02:00
iio Annotation of module parameters that specify device settings 2017-05-10 19:13:03 -07:00
infiniband IB/core: Enforce security on management datagrams 2017-05-23 12:27:21 -04:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2017-05-13 10:25:05 -07:00
iommu iommu/mediatek: Include linux/dma-mapping.h 2017-05-17 14:51:54 +02:00
ipack
irqchip Merge branch 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-05-21 11:45:26 -07:00
isdn Annotation of module parameters that specify device settings 2017-05-10 19:13:03 -07:00
leds scripts/spelling.txt: add "memory" pattern and fix typos 2017-05-08 17:15:13 -07:00
lguest
lightnvm lightnvm: fix bad back free on error path 2017-05-04 07:53:04 -06:00
macintosh DeviceTree for 4.12: 2017-05-05 19:33:07 -07:00
mailbox mailbox: handle empty message in tx_tick 2017-04-27 16:20:04 +05:30
mcb
md Merge tag 'md/4.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md 2017-05-18 12:04:41 -07:00
media Annotation of module parameters that specify device settings 2017-05-10 19:13:03 -07:00
memory memory: omap-gpmc: Fix debug output for access width 2017-05-16 08:12:47 -07:00
memstick
message
mfd mfd: axp20x: Support AXP803 variant 2017-04-27 11:54:49 +01:00
misc misc: pci_endpoint_test: select CRC32 2017-05-16 23:05:40 +02:00
mmc Annotation of module parameters that specify device settings 2017-05-10 19:13:03 -07:00
mtd This pull request contains updates for both UBI and UBIFS: 2017-05-13 10:23:12 -07:00
net mlxsw: spectrum: Avoid possible NULL pointer dereference 2017-05-18 11:27:21 -04:00
nfc
ntb
nubus
nvdimm Merge branch 'libnvdimm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm 2017-05-12 15:43:10 -07:00
nvme Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2017-05-20 16:12:30 -07:00
nvmem ARM: SoC driver updates 2017-05-09 10:01:15 -07:00
of DeviceTree fixes for 4.12-rc: 2017-05-19 15:03:24 -07:00
oprofile
parisc
parport
pci Annotation of module parameters that specify device settings 2017-05-10 19:13:03 -07:00
pcmcia Annotation of module parameters that specify device settings 2017-05-10 19:13:03 -07:00
perf
phy
pinctrl Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2017-05-02 19:09:35 -07:00
platform char/misc patches for 4.12-rc1 2017-05-04 19:15:35 -07:00
pnp
power power supply and reset changes for the v4.12 series (part 2) 2017-05-12 12:02:21 -07:00
powercap powercap: intel_rapl: Add support for Gemini Lake 2017-04-28 23:56:16 +02:00
pps
ps3
ptp Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-05-01 16:15:18 -07:00
pwm
rapidio char/misc patches for 4.12-rc1 2017-05-04 19:15:35 -07:00
ras
regulator Merge remote-tracking branch 'regulator/topic/vctrl' into regulator-next 2017-04-30 22:17:44 +09:00
remoteproc virtio: fixes, cleanups, performance 2017-05-10 11:33:08 -07:00
reset ARM: SoC driver updates 2017-05-09 10:01:15 -07:00
rpmsg virtio: fixes, cleanups, performance 2017-05-10 11:33:08 -07:00
rtc RTC for 4.12 2017-05-10 19:37:14 -07:00
s390 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux 2017-05-16 09:24:44 -07:00
sbus
scsi Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2017-05-20 16:12:30 -07:00
sfi
sh
sn
soc ARM: SoC fixes (and a cross-arch dt-include fix) 2017-05-19 13:36:56 -07:00
spi Merge remote-tracking branches 'spi/topic/ti-qspi' and 'spi/topic/xlp' into spi-next 2017-04-26 15:58:22 +01:00
spmi
ssb
staging staging: fsl-dpaa2/eth: add ETHERNET dependency 2017-05-16 14:23:31 +02:00
target Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2017-05-12 11:44:13 -07:00
tc
tee Linux 4.12-rc1 2017-05-18 23:54:47 -07:00
thermal Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2017-05-12 11:58:45 -07:00
thunderbolt
tty Annotation of module parameters that specify device settings 2017-05-10 19:13:03 -07:00
uio uio: fix incorrect memory leak cleanup 2017-05-16 23:06:41 +02:00
usb USB-serial fixes for v4.12-rc2 2017-05-19 10:10:07 +02:00
uwb uwb: fix device quirk on big-endian hosts 2017-05-17 11:27:41 +02:00
vfio powerpc updates for 4.12 part 1. 2017-05-05 11:36:44 -07:00
vhost mm: support __GFP_REPEAT in kvmalloc_node for >32kB 2017-05-08 17:15:12 -07:00
video fbdev changes for v4.12: 2017-05-11 11:12:26 -07:00
virt drivers/virt/fsl_hypervisor.c: use get_user_pages_unlocked() 2017-05-08 17:15:10 -07:00
virtio virtio: allow extra context per descriptor 2017-05-02 23:41:43 +03:00
vlynq
vme
w1
watchdog watchdog: bcm281xx: Fix use of uninitialized spinlock. 2017-05-19 10:42:25 +02:00
xen Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-05-09 09:12:53 -07:00
zorro
Kconfig
Makefile Merge branch 'tee/initial-merge' into fixes 2017-05-10 21:03:31 +02:00