archives/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-03-13 23:46:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/security
History
Linus Torvalds de5817bbfb Landlock updates for v6.14-rc1 
-----BEGIN PGP SIGNATURE-----
 
 iIYEABYKAC4WIQSVyBthFV4iTW/VU1/l49DojIL20gUCZ5EMhBAcbWljQGRpZ2lr
 b2QubmV0AAoJEOXj0OiMgvbSMv0BAMOG2TFwq+UhbtxtL6pM7qzxfdWg6GR/t4t8
 MFasAcCaAQDtTnW0HymHge8k7JFgWHHp0JBu7V7dhFrdJoS+718aDA==
 =1Hfr
 -----END PGP SIGNATURE-----

Merge tag 'landlock-6.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux

Pull landlock updates from Mickaël Salaün:
 "This mostly factors out some Landlock code and prepares for upcoming
  audit support.

  Because files with invalid modes might be visible after filesystem
  corruption, Landlock now handles those weird files too.

  A few sample and test issues are also fixed"

* tag 'landlock-6.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux:
  selftests/landlock: Add layout1.umount_sandboxer tests
  selftests/landlock: Add wrappers.h
  selftests/landlock: Fix error message
  landlock: Optimize file path walks and prepare for audit support
  selftests/landlock: Add test to check partial access in a mount tree
  landlock: Align partial refer access checks with final ones
  landlock: Simplify initially denied access rights
  landlock: Move access types
  landlock: Factor out check_access_path()
  selftests/landlock: Fix build with non-default pthread linking
  landlock: Use scoped guards for ruleset in landlock_add_rule()
  landlock: Use scoped guards for ruleset
  landlock: Constify get_mode_access()
  landlock: Handle weird files
  samples/landlock: Fix possible NULL dereference in parse_path()
  selftests/landlock: Remove unused macros in ptrace_test.c
2025-01-22 20:20:55 -08:00
..
apparmor lsm/stable-6.14 PR 20250121 2025-01-21 20:03:04 -08:00
bpf bpf: lsm: Set bpf_lsm_blob_sizes.lbs_task to 0 2024-09-11 10:11:36 -07:00
integrity ima: ignore suffixed policy rule comments 2025-01-03 10:18:43 -05:00
ipe ipe: fallback to platform keyring also if key in trusted keyring is rejected 2024-10-18 12:14:53 -07:00
keys KEYS: trusted: dcp: fix improper sg use with CONFIG_VMAP_STACK=y 2025-01-21 11:25:23 +02:00
landlock landlock: Optimize file path walks and prepare for audit support 2025-01-17 19:05:37 +01:00
loadpin fdget(), more trivial conversions 2024-11-03 01:28:06 -05:00
lockdown lockdown: initialize local array before use to quiet static analysis 2025-01-05 12:48:43 -05:00
safesetid safesetid: check size of policy writes 2025-01-04 22:46:09 -05:00
selinux selinux/stable-6.14 PR 20250121 2025-01-21 20:09:14 -08:00
smack lsm/stable-6.14 PR 20250121 2025-01-21 20:03:04 -08:00
tomoyo tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support 2024-10-04 11:41:22 -04:00
yama sysctl: treewide: constify the ctl_table argument of proc_handlers 2024-07-24 20:59:29 +02:00
commoncap.c lsm: Refactor return value of LSM hook vm_enough_memory 2024-07-31 14:46:51 -04:00
device_cgroup.c device_cgroup: Fix kernel-doc warnings in device_cgroup 2023-06-21 09:30:49 -04:00
inode.c lsm: Use IS_ERR_OR_NULL() helper function 2024-08-29 11:12:13 -04:00
Kconfig lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set 2025-01-04 11:50:44 -05:00
Kconfig.hardening hardening: Adjust dependencies in selection of MODVERSIONS 2024-09-28 13:56:03 -07:00
lsm_audit.c selinux/stable-6.14 PR 20250121 2025-01-21 20:09:14 -08:00
lsm_syscalls.c lsm: use 32-bit compatible data types in LSM syscalls 2024-03-14 11:31:26 -04:00
Makefile lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set 2025-01-04 11:50:44 -05:00
min_addr.c sysctl: treewide: constify the ctl_table argument of proc_handlers 2024-07-24 20:59:29 +02:00
security.c security: remove redundant assignment to return variable 2025-01-04 21:52:13 -05:00