Kees Cook 13752fe2d7 security: introduce kernel_fw_from_file hook ... In order to validate the contents of firmware being loaded, there must be a hook to evaluate any loaded firmware that wasn't built into the kernel itself. Without this, there is a risk that a root user could load malicious firmware designed to mount an attack against kernel memory (e.g. via DMA). Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Takashi Iwai <tiwai@suse.de>		2014-07-25 11:47:45 -07:00
..
apparmor	sched: move no_new_privs into new atomic flags	2014-07-18 12:13:38 -07:00
integrity	ima: define '.ima' as a builtin 'trusted' keyring	2014-07-17 09:35:17 -04:00
keys	Merge branch 'keys-fixes' into keys-next	2014-07-22 21:55:45 +01:00
selinux	Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into next	2014-07-19 17:39:19 +10:00
smack	Merge branch 'smack-for-3.16' of git://git.gitorious.org/smack-next/kernel into next	2014-05-20 14:50:09 +10:00
tomoyo	get rid of pointless checks for NULL ->i_op	2014-04-01 23:19:16 -04:00
yama	yama: Better permission check for ptraceme	2013-03-26 13:17:58 -07:00
capability.c	security: introduce kernel_fw_from_file hook	2014-07-25 11:47:45 -07:00
commoncap.c	CAPABILITIES: remove undefined caps from all processes	2014-07-24 21:53:47 +10:00
device_cgroup.c	device_cgroup: use css_has_online_children() instead of has_children()	2014-05-16 13:22:52 -04:00
inode.c	securityfs: fix object creation races	2012-01-10 10:20:35 -05:00
Kconfig	security: select correct default LSM_MMAP_MIN_ADDR on arm on arm64	2014-02-05 14:59:14 +00:00
lsm_audit.c	audit: anchor all pid references in the initial pid namespace	2014-03-20 10:11:55 -04:00
Makefile	security: cleanup Makefiles to use standard syntax for specifying sub-directories	2014-02-17 11:08:04 +11:00
min_addr.c	mmap_min_addr check CAP_SYS_RAWIO only for write	2010-04-23 08:56:31 +10:00
security.c	security: introduce kernel_fw_from_file hook	2014-07-25 11:47:45 -07:00