Picture of Paul Moore

Paul Moore

© 2025 Licensed under CC BY-NC-SA 4.0

Libseccomp 2.3.1 Released

20 Apr 2016 tags: seccomp

We’ve just released a new version of libseccomp, libseccomp version 2.3.1. The libseccomp library provides an easy to use, platform independent interface to the Linux enhanced syscall filtering mechanism.

This new version of libseccomp builds upon the previous release and should be a drop-in replacement for the 2.x releases. All users are encouraged to upgrade to the new version at their earliest convenience.

Changes in the 2.3.1 release include:

  • Fixed a problem with 32-bit x86 socket syscalls on some systems
  • Fixed problems with ipc syscalls on 32-bit x86
  • Fixed problems with socket and ipc syscalls on s390 and s390x

Finally, thank you to everyone who has submitted suggestions, provided testing help, and contributed patches to the project.

The 2016 Linux Security Summit CFP

28 Mar 2016 tags: announcement

As was posted to various mailing lists last week, the Linux Security Summit Call for Participation:

ANNOUNCEMENT AND CALL FOR PARTICIPATION

LINUX SECURITY SUMMIT 2016
25-26 AUGUST
TORONTO, CANADA

DESCRIPTION

The Linux Security Summit (LSS) is a technical forum for collaboration between Linux developers, researchers, and end users. Its primary aim is to foster community efforts in analyzing and solving Linux security challenges.

The format of the summit will be:

  • Refereed presentations
  • Discussion topics
  • Subsystem reports
  • Breakout development sessions

WEB SITE

http://events.linuxfoundation.org/events/linux-security-summit

TWITTER

For event updates and announcements, follow: @LinuxSecSummit

DATES / LOCATION

The Linux Security Summit for 2016 will be held August 25th and 26th in Toronto, Canada. It will be co-located with LinuxCon.

The Linux Security Summit CFP is now open, and will close on June 10th.

Accepted speakers will be notified by June 17th.

WHO SHOULD ATTEND

We’re seeking a diverse range of attendees, and welcome participation by people involved in Linux security development, operations, and research.

The LSS is a unique global event which provides the opportunity to present and discuss your work or research with key Linux security community members and maintainers. It’s also useful for those who wish to keep up with the latest in Linux security development, and to provide input to the development process.

CALL FOR PARTICIPATION

The program committee currently seeks proposals for:

  • Refereed Presentations: 45 minutes in length, including at least 10 minutes of discussion. One-page abstracts are encouraged.

  • Discussion Topics: 30 minutes in length.

Topic areas include, but are not limited to:

  • Kernel self-protection
  • Access control
  • Cryptography and key management
  • Integrity control
  • Hardware security
  • Trust systems
  • Storage and file systems
  • Virtualization and containers
  • Case studies
  • Identity management
  • Code analysis
  • Security analytics
  • Secure development and operational practices
  • Emerging technologies, threats & techniques

Proposals should be submitted via the event web site:

http://events.linuxfoundation.org/events/linux-security-summit

PROGRAM COMMITTEE

The Linux Security Summit for 2016 is organized by:

  • James Morris, Oracle
  • Serge Hallyn, Canonical
  • Paul Moore, Red Hat
  • Stephen Smalley, NSA
  • Elena Reshetova, Intel
  • Herbert Xu, Red Hat
  • John Johansen, Canonical
  • Kees Cook, Google
  • Casey Schaufler, Intel
  • Mimi Zohar, IBM

The program committee may be contacted as a group via email:

lss-pc@lists.linuxfoundation.org

Linux 4.5 Released

15 Mar 2016 tags: audit selinux

Linux 4.5 was released this past weekend, here are the SELinux and audit release notes.

SELinux

  • New LSM hooks and SELinux code to invalidate and revalidate inode security labels. This is important functionality for GFS2 and potentially other distributed filesystems.

  • New functionality to make the validatetrans policy decisions available to userspace via the selinuxfs mount, “/sys/fs/selinux” on most systems. Writing “$oldcontext $newcontext $tclass $taskcontext” to “/sys/fs/selinux/validatetrans” will return 0 if the transition is allowed and -EPERM otherwise.

Audit

  • A number of small improvements were made to help make the kernel/auditd connection more robust and fix some corner cases relating to audit queue backlog handling.

  • Auditing of seccomp events now honors the “audit_enabled” flag; when “audit_enabled=0” then seccomp events will not be audited.

  • Make selection of CONFIG_AUDITSYSCALL automatic on systems that have auditing enabled and support syscall auditing.